About StateRAMP

Transparency. Standardization. Community.​

StateRAMP represents the shared interests of state and local governments, third party assessment organizations, and service providers with IaaS, SaaS, and PaaS solutions. We believe in the values of transparency, standardization, and community. As an advocate for strong but fair cybersecurity standards, StateRAMP works to bring together service providers, policy makers, industry experts, and government officials to drive the future of cybersecurity.

Who We Are

Founded at the beginning of 2020, StateRAMP was born from the clear need for a standardized approach to the cybersecurity standards required from service providers offering solutions to state and local governments.

StateRAMP is a membership organization comprised of service providers offering IaaS, PaaS, and/or SaaS solutions, third party assessment organizations, and government officials. Our members lead, manage, and work in various disciplines across the United States and are all committed to making the digital landscape a safer, more secure place.

Meet Our Leadership Team

StateRAMP’s system of governance and policy making includes the Governing Board, councils and committees, Steering Committee, and StateRAMP leadership and staff. We are committed to a diverse and inclusive leadership with representation from all member categories and a variety of perspectives and experiences.

StateRAMP History & Roadmap

Where We've Been & Where We're Going

February 2020

StateRAMP Idea Sparked

J.R. Sloan (CIO, AZ) and Joe Bielawski (Knowledge Services) developed the idea of StateRAMP to meet the growing need in state and local government to manage third party risk and efficiently verify cloud security.

February 2020

March 2020

StateRAMP Steering Committee Formed

Dozens of current and former state security, procurement and privacy officers joined industry leaders and cyber assessing organizations to form a Steering Committee to charter StateRAMP.

March 2020

April 2020

First Steering Committee Meeting

Amid the beginning days of the COVID-19 pandemic, the Steering Committee convened for the first time, electing Joe Bielawski as chairman and setting a schedule for priority discussions.

April 2020

May 2020

StateRAMP Charter Adopted

At the May meeting, the Steering Committee Charter was adopted outlining a timeline with objectives for discovery and policy decisions.

May 2020

September 2020

Security Assessment Framework Policy

After months of meetings discussions questions around governance, process and security requirements, the committee adopted its first Security Assessment Framework.

September 2020

December 2020

Governing Board Formed

With an adopted framework for bylaws, the committee voted to launch StateRAMP in 2021 and form the inaugural Board of Directors with members: J.R. Sloan, Ted Cotterill and Joe Bielawski.

December 2020

January 2021

StateRAMP Launched

StateRAMP launched under the leadership of Executive Director Leah McGrath with a focus on growing outreach and awareness with key stakeholders.

January 2021

March 2021

Governing Committees Appointed

The Board appointed inaugural members for Standards & Technical, Appeals and Nominating Committees, with Chairs & Vice Chairs: Dan Lohrmann (Security Mentor), Maria Thompson (NC), Owen Zorge (AZ), Rich Banta (Lifelines Data) and Jaime Schorr (ME).

March 2021

April 2021

StateRAMP Membership Opens

In mid-April, StateRAMP opens membership for state and local government officials and for providers.

StateRAMP will provide a shared service model for best practices and standardization in cloud security verification.

April 2021

May 2021

Third Party Assessments & FedRAMP Reciprocity Begin

StateRAMP is publishing templates in April, so that assessments can begin.  For providers with a FedRAMP Authorization, StateRAMP will begin the process for reciprocity in May.

May 2021

June 2021

First Authorized Vendor List Published

StateRAMP plans to publish its first Authorized Vendor List (AVL) in June 2021. The AVL will show a vendor’s security status and progression.

June 2021

Ongoing

Continuous Improvement

StateRAMP strives to shift the culture around cyber security to be one of continuous improvement. As an organization, StateRAMP will continually seek input and opportunities to improve for its members and for the betterment of all.

Ongoing

StateRAMP Member Directory

View a comprehensive list of current StateRAMP members.

Receive StateRAMP Updates

Interested in StateRAMP? Sign up below to receive StateRAMP Updates.