FedRAMP

This page provides an overview of the Federal Risk and Authorization Management Program (FedRAMP).

Grey Matter complies with FedRAMP.

The Federal Risk and Authorization Management Program (FedRAMP) is an accreditation process for cloud computing and cloud services to ensure security for use by the federal government. It is overseen by CIOs from DoD, DHS, and GSA, which make up the Joint Authorization Board for FedRAMP. Before FedRAMP, individual organizations had to do their own accreditation.

The process consists of a preselected subset of NIST 800-53 controls for Low- and Medium-impact (according to FIPS 199 class) cloud services. Under this process, cloud services are evaluated for impact on existing systems, and then appropriate preselected controls are tested by a third-party accreditation organization to certify the product.

Questions?

Want to learn more about our compliance standards? Contact us at info@greymatter.io.