Browse Definitions:
Definition

FedRAMP (Federal Risk and Authorization Management Program)

This definition is part of our Essential Guide: Breaking down what's in your cloud SLA

The Federal Risk and Authorization Management Program (FedRAMP) is a risk management program that provides a standardized approach for assessing and monitoring the security of cloud products and services.

FedRAMP was created to support the government’s cloud computing plan.The program is intended to facilitate the adoption of cloud computing services among federal agencies by providing cloud service providers (CSPs) with a single accreditation that could be used by all agencies. The goal of FedRAMP is to reduce the time and money that individual agencies would otherwise have to spend on assessing a cloud provider's security. Certifications are based on a unified risk management process that includes security requirements agreed upon by the federal departments and agencies.

Although the FedRAMP certification process is quite intensive, qualified CSPs are eligible to work with government agencies, and non-government customers may be more confident in a certified CSP’s approach to security.

See also: FedRAMP 3PAO, Federal Cloud Computing Initiative,  FISMA, NIST 800 Series

This was last updated in May 2014

Continue Reading About FedRAMP (Federal Risk and Authorization Management Program)

Join the conversation

2 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

I really like your whatis word of the day articles. Please remember you have an international audience. This is prompted by today's article on FedRAMP. While not a serious leap of imagination was required, I had to make my own assumption that you were talking about the US government when you say 'the government'. It's not that hard to internationalise the articles, I think. Just a thought.
Cancel
The callout you use for FedRAMP is wrong: it is actually Federal Risk and Authorization Management Program. The management aspect is a key function.
Cancel

-ADS BY GOOGLE

File Extensions and File Formats

SearchCompliance

  • smart contract

    A smart contract, also known as a cryptocontract, is a computer program that directly controls the transfer of digital currencies...

  • risk map (risk heat map)

    A risk map, also known as a risk heat map, is a data visualization tool for communicating specific risks an organization faces. A...

  • internal audit (IA)

    An internal audit (IA) is an organizational initiative to monitor and analyze its own business operations in order to determine ...

SearchSecurity

SearchHealthIT

SearchDisasterRecovery

  • incident management plan (IMP)

    An incident management plan (IMP), sometimes called an incident response plan or emergency management plan, is a document that ...

  • crisis communication

    Crisis communication is a method of corresponding with people and organizations during a disruptive event to provide them with ...

  • Zerto

    Zerto is a storage software vendor that specializes in enterprise-class business continuity and disaster recovery in virtual and ...

SearchStorage

  • network-attached storage (NAS)

    Network-attached storage (NAS) is dedicated file storage that enables multiple users and heterogeneous client devices to retrieve...

  • SSD write cycle

    An SSD write cycle is the process of programming data to a NAND flash memory chip in a solid-state storage device.

  • data storage

    Data storage is the collective methods and technologies that capture and retain digital information on electromagnetic, optical ...

Close