Security Assessment Framework
This document describes a general governance and security framework for StateRAMP.
Security Assessment Framework Read More »
This document describes a general governance and security framework for StateRAMP.
Security Assessment Framework Read More »
This document outlines criteria and scoring for the StateRAMP Security Snapshot, Rev. 4. Note: this will be updated to Rev. 5 in January 2024.
StateRAMP Security Snapshot Criteria and Scoring Read More »
This document is to provide guidance to service providers and 3PAOs for a penetration test.
StateRAMP Penetration Test Guidance Read More »
This document is to provide service providers guidance for developing the authorization boundary for their cloud offering.
StateRAMP Authorization Boundary Guidance Read More »
This document provides the security control baselines. All of the security controls listed in the table are outlined in NIST 800-53 Rev. 4. (Retired October 1, 2024)
This document helps service providers and governments determine what StateRAMP security category requirements to use to ensure their data is protected.
Data Classification Tool Read More »