Skip to main content

Focus on FedRAMP

Introducing the New CSP Authorization Playbook

The FedRAMP PMO is pleased to release the first volume of the Cloud Service Provider (CSP) Authorization Playbook: Getting Started with FedRAMP!

Many CSPs are interested in pursuing a FedRAMP authorization for their cloud offering(s), but often have questions on the process and how to get started. The CSP Authorization Playbook is designed to be a comprehensive guide for CSPs interested or pursuing the FedRAMP process. The playbook will address the end-to-end FedRAMP authorization process, covering everything from developing authorization strategies, the process for gaining authorization from the JAB or Agencies, and the importance of continuous monitoring activity.

Volume I: Getting Started with FedRAMP focuses on understanding the FedRAMP process at a high level and how to initiate an authorization effort. We provide an overview of all of the partners involved in a FedRAMP authorization, things to consider when determining your authorization strategy, the types of authorizations, and important considerations for your offering when working with FedRAMP.

The CSP Authorization Playbook will ultimately be three volumes and resemble the Agency Authorization Playbook - providing a guide for CSPs that covers the entire FedRAMP authorization lifecycle and shares best practices to achieve a successful authorization. The second volume of the CSP Authorization Playbook will cover the authorization process and the third volume will detail post authorization activities, such as continuous monitoring and Agencies leveraging a CSP authorization.

Look out for the second and third volumes of the CSP Authorization Playbook, which will be released this year! If you have any questions about the playbook or how to get started with FedRAMP, please reach out to us at info@fedramp.gov.