Understanding FedRAMP

About FedRAMP

The Federal Risk and Authorization Management Program, or FedRAMP, is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. This approach uses a “do once, use many times” framework that saves an estimated 30-40% of government costs, as well as both time and staff required to conduct redundant agency security assessments. FedRAMP is the result of close collaboration with cybersecurity and cloud experts from the General Services Administration (GSA), National Institute of Standards and Technology (NIST), Department of Homeland Security (DHS), Department of Defense (DOD), National Security Agency (NSA), Office of Management and Budget (OMB), the Federal Chief Information Officer (CIO) Council and its working groups, as well as private industry.

​

“Project Hosts is the first Cloud Service Provider to have demonstrated compliance with the rev4 FedRAMP baseline,” said Matt Goodrich, FedRAMP Director, GSA. “Through the CSP supplied path, Project Hosts’ environment was assessed by a FedRAMP-accredited 3APO confirming the completion of the FedRAMP Security Assessment Framework, paving the way for Project Hosts’ customer to grant their Agency ATOs.”

​