A U.S. government program standardizing security assessment, authorization, and monitoring for cloud services used by federal agencies.
FedRAMP (Federal Risk and Authorization Management Program) requires cloud service providers selling to U.S. federal agencies to get an Authorization to Operate (ATO) based on NIST SP 800-53 controls, assessed by a third-party assessment organization (3PAO). It has Low, Moderate, and High impact levels based on data sensitivity.
Looking for another term or the full list?