FedRamp (Federal Risk and Authorization Management Program) is a risk assessment program created to help US Federal Agencies select cloud service providers and cloud products.

FedRAMP continuously monitors cloud products and services, to create and manage a core set of processes that the agencies can use to ensure cloud security. This standardizes government agencies approach to security assessment and authorization.

“FedRAMP is mandatory for Federal Agency cloud deployments and service models at the low, moderate, and high-risk impact levels.

Private cloud deployments intended for single organizations and implemented fully within federal facilities are the only exception.” – Fedramp.gov

FedRamp Objectives:

Help accelerate government adoption of cloud, and cloud products.

Increase confidence in cloud solutions through security assessments.

Build and maintain a set of agreed-upon standards for cloud product approval inside or outside of FedRAMP.

FedRamp Governance

FedRamp Governance Structure
FedRAMP Governance Structure

What is the need for FedRamp?

Not just the United States, but governments all over the world have stringent regulations about collecting user data, where (location) they are stored, who stores it (companies based in the homeland vs foreign) and how securely they are stored.

FedRAMP is a US intiative to make sure that US federal agencies and providers of cloud products and services to the agencies have a clear set of guidelines to follow, and keep the data secure. Before FedRamp, individual agencies had their own risk assessment methodologies and approval process based on the Federal Information Security Management Act of 2002.

FedRAMP addressed this crucial gap by standardizing risk assesment and approval process. The do it once and use it many times by different agencies approach helps reduce cost, time and labor hours, while also making life easier for companies building cloud products, as they now have a set of clear, spelled out guidelines to meet.

List of FedRAMP Authorised Cloud Service Providers

Data collected on 3rd February 2019. Please visit Fedramp.gov for up to date information.

118F
21901 Group
34tell Solutions
4Accellion
5Accenture
6Acendre, Inc.
7ACL Services Ltd
8Aconex Limited
9Acquia Inc.
10Adobe
11AINS
12AirWatch
13Akamai
14Amazon
15Appian
16Apptio
17Armedia, LLC
18Asure Software
19Autonomic Resources a wholly-owned subsidiary of CSRA LLC
20Avaya, Inc.
21Avue Technologies
22Axon
23BlackBerry
24Blackboard
25BMC Software
26Box Inc.
27BrightWork
28BroadSoft Inc.
29CA Technologies Inc.
30Centrify
31CFI Group
32CGI Federal
33CircleCI
34Cisco Systems Inc.
35Collab9
36Collibra
37Complete Discovery Source
38Compusearch Software Systems, Inc.
39Contegix
40Coras
41Cornerstone OnDemand
42CoSo Cloud, LLC.
43CrowdStrike, Inc.
44Cylance, Inc.
45Databricks
46Decision Lens Inc.
47Defense Point Security
48Deloitte
49Distributed Solutions, Inc.
50DNAnexus, Inc.
51DocuSign
52DOMA Technologies, LLC
53Druva, Inc. 
54Duo Security
55Economic Systems 
56Edge Hosting, A DataBank Company
57Envisage Technologies, LLC
58EPAY Systems
59Equinix, Inc.
60Esri
61Everbridge
62Ex Libris
63FireEye, Inc.
64Frame, Inc.
65GDC Integration, Inc.
66GDT
67General Dynamics Information Technology (GDIT)
68General Services Administration
69GitHub
70Google
71Gordian
72GPS Insight, Inc.
73Granicus
74HireVue
75Hootsuite
76Huddle US
77Human Resources Technologies, Inc. (HRTec)
78IBM
79IdeaScale
80Infor Public Sector
81Innovative Discovery, LLC
82Innovest Systems, LLC
83IntelliCog, Inc.
84Intelliworx
85iSite LLC
86IT-CNP
87Ivanti
88Knight Point Systems
89Leidos Digital Solutions, Inc.
90Lookout, Inc.
91MAXIMUS Inc.
92Medallia, Inc.
93MicroFocus
94MicroPact
95Microsoft
96MIS Sciences Corporation
97mLINQS
98MobileIron
99MuleSoft, Inc.
100Navman Wireless North America Ltd. 
101NeoSystems LLC
102NetComm
103Netskope
104New Relic
105New York University
106NICE inContact
107Northrop Grumman
108Okta
109OMB
110OneLogin Inc.
111OneStream Software
112OnSolve
113Oracle
114ORock Technologies
115Oversight Systems
116Palo Alto Networks, Inc.
117Pegasystems Inc
118PEO Missiles and Space
119Perspecta
120PowerTrain Inc.
121Project Hosts
122Proofpoint, Inc.
123PTC
124Qualtrics
125Qualys
126QuestionMark
127R&K Solutions, Inc
128Rackspace Government Solutions
129Rave Mobile Safety
130REAN Cloud Inc.
131Recovery Point Systems, Inc.
132Relocation Management Worldwide (RMW)
133Replicon
134Ricoh USA, Inc.
135SAIC
136Salesforce
137SAP National Security Services Inc. (SAP NS2)
138Saviynt Security Manager
139ServiceNow
140Sirsi Corporation (SirsiDynix)
141Skillsoft
142Skyhigh
143Slack Technologies
144Smarsh
145Smartronix, Inc.
146Snowflake Computing, Inc.
147Socrata
148Sorc’d
149Splunk
150SpringCM
151Symantec Corporation
152TalaTek, LLC
153Terida LLC
154The Arcanum Group Inc.
155TIBCO Software Inc.
156TRAPWIRE
157United States Department of Agriculture
158United States Department of the Treasury
159Valimail
160VASCO
161VBrick Systems, Inc.
162Veracode
163Veritone, Inc.
164Virtru
165Virtustream 
166Waggl, Inc.
167Workiva
168Xerox Corporation
169XTec, Incorporated
170Zapproved LLC
171Zendesk Inc.
172Zimperium
173Zoom Video Communications, LLC
174Zscaler