🏳️How to Become FedRAMP Authorized | FedRAMP.gov
fedramp.gov
authorization process; federal agencies; cloud service providers; Joint Authorization Board; JAB; continuous monitoring; partnership establishment; readiness assessment; FedRAMP Connect; security deliverables; full security assessment; JAB authorization process; agency authorization process
[Skip to main content](#main)
Securing Cloud Services
=======================
For the Federal Government
--------------------------
The Federal Risk and Authorization Management Program (FedRAMP®) provides a standardized approach to security authorizations for Cloud Service Offerings.
[Learn Program Basics](/program-basics/)
[Meet The Process](#auth-process)
Information for Our Partners
----------------------------
### Cloud Service Providers
Provide your Cloud Service Offering to the federal government
[Start Process](/cloud-service-providers/)
* * *
### Federal Agencies
Adopt innovative cloud services to meet your agency’s mission needs
[Learn How](/federal-agencies/)
* * *
### Assessors
Act as a third party to perform initial and periodic security assessments
[Review Steps](/assessors/)
FedRAMP Authorization Process
-----------------------------
[](/agency-authorization/)[](/agency-authorization/)[](/agency-authorization/#agency-readiness-assessment)[](/agency-authorization/#agency-pre-authorization)[](/agency-authorization/#agency-full-security-assessment)[](/agency-authorization/#agency-authorization-process)[](/agency-authorization/#agency-readiness-assessment)[](/agency-authorization/#agency-pre-authorization)[](/agency-authorization/#agency-full-security-assessment)[](/agency-authorization/#agency-authorization-process)
[Readiness Assessment](/agency-authorization/#agency-readiness-assessment)
[Pre-Authorization](/agency-authorization/#agency-pre-authorization)
[Full Security Assessment](/agency-authorization/#agency-full-security-assessment)
[Agency Authorization Process](/agency-authorization/#agency-authorization-process)
The first step of the process is for a Cloud Service Provider (CSP) to find a federal agency to partner with. Once an agency is identified and has agreed to partnership the CSP and agency begin working together towards an authorization starting with a full security assessment and finishing with an authorization process. Once the authorization process is complete, a CSP must engage in continuous monitoring to ensure that the risk accepted at the time of authorization remains acceptable. An agency ATO signifies the agency partner reviewed the security package and deemed the risk acceptable for their use. Upon completion of the agency ATO, the package is then reviewed by FedRAMP and when deemed acceptable for government-wide reuse it is granted FedRAMP Authorization on the marketplace.
FedRAMP at a Glance
-------------------
* Ready
41
* In Process
105
* Authorized
386
[](https://www.gsa.gov/)
FedRAMP.gov
An official website of the GSA’s [Technology Transformation Services](https://www.gsa.gov/about-us/organization/federal-acquisition-service/technology-transformation-services)
Looking for U.S. government information and services?
[Visit USA.gov](https://www.usa.gov/)
You consent to our cookies by clicking “I Accept” or by continuing to use our website. See [cookies policy](https://www.gsa.gov/website-information/website-policies).
I Accept