StateRAMP Board and Committee Nominations

Nominations have ended on August 1, 2022. 

Thank you for your interest in nominating yourself or another to serve StateRAMP. Nominations have closed for now, but will be open again in the summer of 2023. Make sure you are signed up for StateRAMP updates to be notified for the next round of nominations.

A description of the Board and Committee roles can be found below. Board and Committee positions are two-year terms, beginning February 1, 2023.   

Nominations were open from June 1 – August 1, 2022. The Nominating Committee will review nominations and make recommendations for a slate to the Board. All who have submitted a nomination form will be notified following committee review, no later than November 30, 2022. Nominations not recommended for 2023 will stay on file and active for the Nominating Committee’s reference should a vacancy occur. If you have any questions, please contact our staff at info@stateramp.org.

Click on any of the committee names below to jump to its description.

Board and Committee Descriptions

Board of Directors

The Board of Directors, as established by the by-laws, has responsibility for directing the business and affairs of StateRAMP, working with the Executive Director. The Board also has responsibility for receiving and voting upon the Nominating Committee’s recommendation for Board, Officer and Committee appointments. 

Members: 

  • 3-13 Members 
  • Two-year term, no term limits 
  • Majority of membership shall represent Government 

Officers: 

  • President 
  • Past President  
  • Secretary/Treasurer  

Experience & Qualifications:  

  • StateRAMP Member in good standing 
  • Prior StateRAMP committee experience preferred 
  • Respected in their industry and organization 
  • Understanding of cloud security concepts
  • Support StateRAMP’s mission 

Deliverables: 

  • Adopt non-profit and security policies as recommended by committees 
  • Adopt and manage budget 
  • Provide strategic direction for Executive Director and organization 
  • Be an advocate for StateRAMP  

Expectations: 

  • Actively participate in meetings and discussions 
  • Represent StateRAMP at speaking engagements and among peers
  • Minimize bias to act on best results for StateRAMP and for the state and local government, public education institutions, territories and special districts and the providers who serve them to improve cloud cyber security 
  • Be an advocate for StateRAMP  

 Commitment: 

  • Attend regular quarterly virtual meetings and ad hoc meetings, which may be scheduled as necessary 
  • Serve as a Board Liaison on a committee 
  • Attend bi-monthly Steering Committee meetings 
  • Respond in a timely manner to related correspondence  

Standards & Technical Committee

The Standards and Technical Committee is chartered by the Board as a StateRAMP standing committee comprised of up to 14 members, including voting members and advisory members. Committee members are recommended by the Nominating Committee and appointed by the Board, which strives to include representation from all stakeholders, including at least one member of the Board of Directors. The Standards and Technical Committee conducts regular meetings and may call special ad hoc meetings as needed. The Standards and Technical Committee makes recommendations to the Board regarding security standards, best practices, and assessment processes.  

Members: 

  • 7 – 9 Voting Members; Up to 7 Advisors (No more than 14 total) 
  • Two-year term, no term limits
  • For voting members, our goal is to achieve a near even mix of government, industry professionals, and subject matter experts from all sides of membership, with a slight majority of government representation.
  • For advisory members: The committee strives to have representatives from thought leader subject matter experts representing public and private sectors.

Leadership: 

  • Chair + Vice Chair
  • One-year term, no term limits

Experience & Qualifications:  

  • StateRAMP Member in good standing
  • Understanding of StateRAMP and FedRAMP compliance standards
  • Respected in their industry and organization
  • Represent 10+ years in technical/professional management role
  • Understanding of cloud security concepts
  • Support StateRAMP mission 
  • Attempt to minimize bias on committee decisions – act on best results for StateRAMP

Deliverables: 

  • Conduct annual review of security policy documents and makes recommendations for updates 
  • Provide strategic direction for future StateRAMP goals 
  • Advise staff on best practices for education and outreach 

Expectations: 

  • Actively participate in meetings  
  • Actively help with reviews and “homework assignments”  
  • Minimize bias to act on best results for StateRAMP and for state, local, public education institutions, territories and special districts, and the providers who serve them to improve cloud cyber security. 
  • Be an advocate for StateRAMP  

Commitment: 

  • 5 virtual meetings annually
  • Additional meetings may be scheduled as needed
  • Review meeting materials and documents prior to meetings
  • Respond in a timely manner to related committee correspondence  

Appeals Committee

The Appeals Committee is a standing committee chartered by the Board and is comprised of five to seven members. Committee members are recommended by the Nominating Committee and appointed by the Board. The Appeals Committee serves as the adjudication board for issues related to StateRAMP Ready and Authorization requests. The committee may conduct regular meetings and meet ad hoc as needed. In some cases, the Executive Committee, which includes Board Officers and executive staff, may appoint a subject matter expert to the committee to aid in a claim assessment as needed.   

Members: 

  • 5 – 7 Members 
  • Two-year term, no term limits 
  • Goal for membership to represent a mix of government, industry, and subject matter experts with experience in security compliance and risk management.  
  • Representatives from a Third-Party Assessing Organization (3PAO) may not serve as a voting member but may serve as an advisor.  

Leadership: 

  • Chair + Vice Chair 
  • One-year term, no term limits 

Experience and Qualifications: 

  • StateRAMP Member in good standing 
  • Minimum 3 years experience in information security compliance, audit, and/or risk management
  • Minimum 3 years in information security leadership / supervisory role 

Deliverables: 

  • Review petitions for appeal as they arise and make recommendations for adjudication
  • Provide comments on policy documents to the Standards & Technical Committee during annual review of policy documents
  • Provide recommendations for ongoing continuous improvement  

Expectations: 

  • Actively participate in meetings  
  • Actively help with reviews and “homework assignments”
  • Minimize bias to act on best results for StateRAMP and for the state, local, public education institutions, territories and special districts, and the providers who serve them to improve cloud cyber security.
  • Be an advocate for StateRAMP  

Commitment: 

  • At minimum, 1 virtual meeting annually
  • Additional meetings may be scheduled as needed
  • Up to monthly review of petition requests
  • Respond in a timely manner to related committee correspondence  

Approvals Committee

The StateRAMP Approvals Committee is a standing committee comprised of five members, who are recommended by the Nominating Committee and appointed by the Board, according to the committee charter. The Approvals Committee reviews security requirements for products under review for Authorization to meet the requirement for a Government Sponsor. Committee members regularly review the StateRAMP PMO’s recommendation and executive summary of a product’s security package and associated artifacts to make a determination of a StateRAMP Authorized status.

Membership: 

  • 5 Members representing State, Local, Public Education Institutions, Territories, and/or Special Districts 
  • Two-year term, no term limits 

Leadership:

  • Chair + Vice Chair 
  • One-year term, no term limits 

Experience / Qualifications: 

  • StateRAMP Member in good standing 
  • Be actively serving in State or Local Government (closed to private sector)
  • Be a technical security subject matter expert
  • Be knowledgeable and support the StateRAMP PMO process and objective in achieving sponsorship for Service Providers
  • Be able to provide regular reviews and recommendation
  • A member of the StateRAMP Appeals Committee cannot serve on the Approvals Committee
  • Each SAC Member may designate a technical advisor from his/her staff, to assist with reviews
  • Strong preference for the Approvals Committee member or for his/her technical advisor to have one or more of the following certifications: CISSP, CISM, CRISC, CISA, or other relevant certifications
  • Preferred experience performing audit review and analysis 

Deliverables: 

  • Provide monthly review of security packages and recommendation for authorization status 
  • Provide recommendations for ongoing continuous improvement  

Expectations: 

  • Conduct monthly review in a timely fashion 
  • Actively participate in meetings and discussions  
  • Minimize bias to act on best results for StateRAMP and for the state, local, public education institutions, territories and special districts, and the providers who serve them to improve cloud cyber security. 
  • Be an advocate for StateRAMP

Commitment: 

  • Monthly review of up to 5 security packages for Authorization
  • Virtual meetings scheduled as needed
  • Respond in a timely manner to related committee correspondence

Nominating Committee

The Nominating Committee is a standing committee formed according to our by-laws and is comprised of three to five members. Committee members are recommended by the Nominating Committee and appointed by the Board. The committee will recommend qualified individuals for Board membership, committee membership, and officers. The committee will also make recommendations on best practices for governance. 

Membership: 

  • 3 – 5 Members  
  • Two-year term, no term limits 
  • The goal of this committee is for primary participation to be from members representing government or government non-profit organizations. 

Leadership: 

  • Chair + Vice Chair 
  • One-year term, no term limits

Experience / Qualifications: 

  • StateRAMP Member in good standing 
  • Serving government or government-related non-profit  
  • Prior service on other committees or boards of directors 

Deliverables: 

  • Provide annual slate of candidates to the Board for board, committee, and leadership positions
  • Make recommendations to the board for candidates to fill vacant positions as needed
  • Provide recommendations for governance best practices and committee charters

Expectations: 

  • Actively participate in meetings and discussions  
  • Minimize bias to act on best results for StateRAMP and for the state, local, public education institutions, territories and special districts, and the providers who serve them to improve cloud cyber security. 
  • Be an advocate for StateRAMP

Commitment: 

  • 3-4 virtual meetings annually
  • Additional meetings may be scheduled as needed
  • Respond in a timely manner to related committee correspondence

Receive StateRAMP Updates

Interested in StateRAMP? Sign up below to receive StateRAMP Updates.