The Federal Risk and Authorization Program (FedRAMP) was established to provide the Federal Government with cloud services offerings (CSO) that have been assessed by third party organizations. In the course of a CSO’s assessment, the risks of use are identified and the extent to which security requirements have been met is verified. Successful CSOs are listed on the FedRAMP Marketplace, a database of CSOs that have achieved a FedRAMP designation, such as an Authority to Operate (ATO).
The Marketplace is where the Federal Government and private entities identify CSOs that meet FedRAMP requirements, depending upon a CSOs published status. FedRAMP designated CSOs are used by the Federal Government and its contracts, and in some cases, subcontractors to protect Federal data when such data is stored in a cloud service environment. For more information,
visit FedRAMP.