What are FedRAMP baselines?

FedRAMP baselines are predefined security control requirements that cloud service providers must meet to achieve FedRAMP authorization. These baselines are categorized into three impact levels—Low, Moderate, and High—based on the sensitivity of the data processed. The controls are derived from the National Institute of Standards and Technology (NIST) Special Publication 800-53 and adapted to meet federal security needs.