What is FedRAMP?

The Federal Risk and Authorization Management Program (FedRAMP) is a U.S. government initiative that standardizes security assessments, authorizations, and continuous monitoring for cloud services used by federal agencies. It is designed to ensure cloud service providers (CSPs) meet rigorous cybersecurity requirements before they can work with federal agencies.

Introduced in 2011, FedRAMP was enacted into law in December 2022 as part of the US National Defense Authorization Act. FedRAMP 20x, announced on March 24, 2025, is an initiative designed to have industry stakeholders work together to create a new framework for authorization and assessment of cloud services for the federal government.