FedRAMP is currently operating mission-essential functions only; that includes receiving packages, responding to critical messages, processing FedRAMP Marketplace updates, working with Prioritized AI services, and handling emergency situations.
Activities Continuing During a Government Shutdown
For the duration of a government shutdown, FedRAMP will:
Continue to intake In Process requests and Agency Authorizations
Process FedRAMP Marketplace update requests
Respond to urgent security-related messages sent to info@fedramp.gov from the public
Respond to all reasonable agency messages sent to info@fedramp.gov
Support Prioritized AI service activity, including package assessment and review
Work behind-the-scenes to improve the 20x and Rev5 assessment processes
Activities Halted During a Government Shutdown
For the duration of a government shutdown or unless otherwise shifted, FedRAMP will NOT:
Perform final review or authorization of any security packages without mission-essential impact to agency operations demonstrated by the authorizing agency; most security package reviews will halt.
Respond to general non-urgent messages; this means general questions, requests for updates, brand review, etc. will be deferred until the government shutdown ends.
Host any public or large scale meetings; this means canceling (possibly without notification) and pausing all planning for hosting Community Working Groups, Agency Liaison meetings, FedRAMP Board meetings, Technical Advisory Group meetings, and Federal Secure Cloud Advisory Committee meetings.
Publish any new RFCs or close existing RFCs; any existing public comment periods will remain open until the government shutdown ends.
Attend or make plans to attend any public events.
Make improvements to the website or the FedRAMP Marketplace.
Open the public submission window for 20x Phase Two.
Begin or transition phases for any Rev5 Balance Improvement Release.
The Government Shutdown’s Impact on 20x and the FedRAMP Roadmap
It is impossible to predict the impact of a government shutdown on 20x and the FedRAMP Roadmap in detail. In general, it is reasonable to expect that each week FedRAMP is focused only on mission-essential activities, the result will be up to two weeks of delay in any non-essential plans. This extended delay accounts for both the direct interruption and the time needed to regain momentum and address backlogged tasks once the shutdown concludes.