Compliance with the Federal Risk and Authorization Management Program (FedRAMP) is a must for any cloud-solution provider doing business with the federal government.
The purpose of FedRAMP is to protect government agencies that wish to use modern cloud solutions from cyber attacks.
The program helps cloud solution providers (CSPs) design and implement their overall security procedures using best practices within a risk-based approach.
FedRAMP authorization can be obtained through either an individual agency or the Joint Authorization Board (JAB). Both paths are comprised of three phases: preparation, authorization, and continuous monitoring.
Individual Agency Certification
The process for individual agency certification is: