Skip to content

RFC-0022 Leveraging External Frameworks #99

@pete-gov

Description

@pete-gov

This RFC proposes a temporary high speed path to FedRAMP authorization for cloud services with existing security assessments from external security frameworks so that federal agencies and providers can test and pilot these services prior to investing in a full FedRAMP authorization path.

This authorization, part of the FedRAMP 20x path and designated as FedRAMP Validated Level 1, allows providers that meet certain criteria to receive a FedRAMP Validated authorization by meeting only a small portion of 20x Low requirements - without additional independent verification and validation from a FedRAMP recognized independent assessor. This authorization will meet the necessary legal and policy requirements to allow agencies to test or pilot the use of these services based on their own risk determinations.

https://www.fedramp.gov/rfcs/0022/

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    Projects

    Status

    Public Action

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions