What is FedRAMP?
FedRAMP stands for the “Federal Risk and Authorization Management Program.” FedRAMP standardizes security assessment and authorization for cloud products and services used by U.S. federal agencies. The goal of FedRAMP is to make sure federal data is consistently protected at a high level in the cloud.
The level of security required is mandated by law. There are 14 applicable laws and regulations, along with 19 standards and guidance documents. It’s one of the most rigorous software-as-a-service (SaaS) certifications in the world.
FedRAMP was established in 2012, when cloud technologies really began to replace tethered software solutions. It was born from the U.S. government’s “Cloud First” strategy, which required agencies to look at cloud-based solutions as a first choice.
View Drata Glossary
Learn more about other compliance and cybersecurity concepts in our glossary.