Work together to provide a simple standardized approach to cybersecurity verification and validation.

A 501(c)6 nonprofit, StateRAMP (dba GovRAMP) levels the playing field for private-sector organizations serving the public sector and reduces hassles for public institutions with strict cybersecurity requirements.

Governments Can Procure and Secure More Efficiently and Confidently with GovRAMP

Diverse government standards and significant data sprawl through cloud service providers complicate today’s security environment, leaving governments less secure than ever amidst increasing cyber threats. GovRAMP lets governments trust but verify service provider products, making procurement more efficient and data more secure.

Service Providers Can Improve Security and Simplify Compliance with GovRAMP

Meeting the complex security standards and supplying (and resupplying) documentation required by various government partners can be confusing, time consuming, and costly. GovRAMP offers transferable credentials through standardized cybersecurity verification, allowing providers to verify once and serve many.

GovRAMP Working Group: Advancing Cloud Security

Join us on April 14, 2025, at 11:00 AM EST for an engaging session with GovRAMP and PMO Leadership. This event will explore key insights from FedRAMP’s Working Groups and provide a platform for discussing how GovRAMP can continue to advance cloud security and risk management.

GovRAMP Working Group: Advancing Cloud Security

Learn, Connect, and Engage

April 2 at 2:30 pm - 3:00 pm

StateRAMP Office Hours

Please join StateRAMP staff on the first Wednesday of every month from 2:30 pm – 3:00 pm Eastern for Office Hours! This is an open forum for Service Providers, 3PAOs, State and local governments, and higher education institutions to ask que

Please join StateRAMP staff on the first Wednesday of every month from 2:30 pm – 3:00 pm Eastern for Office Hours! This is an open forum for Service Providers, 3PAOs, State and local governments, and higher education institutions to ask questions to StateRAMP staff.

Questions may be submitted ahead of time at https://stateramp.org/office-hours-questions/.

Click here to join the meeting.

April 14 at 11:00 am - 12:00 pm

GovRAMP Working Group: Advancing Cloud Security

Join us on April 14, 2025, at 11:00 AM EST for an engaging session with GovRAMP and PMO Leadership. This event will explore key insights from FedRAMP’s Working Groups and provide a platform for discussing how GovRAMP can continue to advance

Join us on April 14, 2025, at 11:00 AM EST for an engaging session with GovRAMP and PMO Leadership. This event will explore key insights from FedRAMP’s Working Groups and provide a platform for discussing how GovRAMP can continue to advance cloud security and risk management.

 

Register Here!

October 2 - October 3

2025 GovRAMP Cyber Summit with presenting sponsor Carahsoft

Join us for the 2nd annual GovRAMP Cyber Summit with presenting sponsor Carahsoft, taking place October 2-3, 2025 at the J.W. Marriott Chicago. More details to come soon!

Join us for the 2nd annual GovRAMP Cyber Summit with presenting sponsor Carahsoft, taking place October 2-3, 2025 at the J.W. Marriott Chicago. More details to come soon!

Rev. 5 Updates – StateRAMP Office Hours

StateRAMP staff discusses the NIST 800-53 Rev 5 updates. This special Office Hours was an open forum for Service Providers, 3PAOs, State and local governments, and higher education institutions to ask questions to StateRAMP staff.

Rev. 5 Updates – StateRAMP Office Hours

This panel discussion explores the landscape of cybersecurity and third-party risk management.

Understanding StateRAMP’s Rev 5 Baseline Controls

Explore the latest updates to the StateRAMP Baseline Controls, incorporating NIST 800-53 Rev. 5. Learn how StateRAMP will align with the most current and comprehensive security guidelines for cloud cybersecurity.

Who We Are

As a 501(c)6 nonprofit, our mission is to promote cybersecurity best practices through education and policy development and improve the cyber posture of public institutions and the citizens they serve. We support the shared interests of state and local government entities, their prospective cloud service provider partners, and accredited third-party assessment organizations (3PAOs).