processLevel 1

Authorization Process

The Authorization Process in FedRAMP defines the steps a cloud service provider must follow to obtain a provisional or final authorization to operate from a federal agency. It includes preparing a security package, undergoing a third-party assessment, reviewing the assessment report, and achieving a joint authorization decision. The process ensures consistent security controls and continuous monitoring across government cloud services.

GET/api/v1/systems/reg_fedramp/nodes/process

Manual TranscriptionPublic DomainSource

Hierarchy Explorer

Hierarchy ExplorerChevron to expand - click title to open

agency_authAgency Authorization (ATO)

jab_authJAB Provisional Authorization (P-ATO)

poamPlan of Actions and Milestones (POA&M)

readinessFedRAMP Ready Assessment

sapSecurity Assessment Plan (SAP)

sarSecurity Assessment Report (SAR)

sspSystem Security Plan (SSP)

Cross-system equivalences0

No cross-system equivalences mapped for this node.

Report a data issue