Ready Minimum Mandatory Requirements for Low Impact Levels
To achieve Ready Status for Low Impact levels, a service provider must meet the minimum mandatory requirements outlined in this document. (Rev. 4 – Retired Oct. 1, 2024)
Baseline Controls
This document provides the security control baselines. All of the security controls listed in the table are outlined in NIST 800-53 Rev. 4. (Retired October 1, 2024)
Data Classification Tool
This document helps service providers and governments determine what StateRAMP security category requirements to use to ensure their data is protected.
Continuous Monitoring Escalation Process
This document explains the actions taken when a service provider fails to maintain an adequate continuous monitoring program.
Ready Minimum Mandatory Requirements for Moderate and High Impact Levels
To achieve Ready Status for Moderate/High Impact levels, a service provider must meet the minimum mandatory requirements outlined in this document. (Rev. 4 – Retired Oct. 1, 2024)