Save Time and Demonstrate Your Security Edge
- Service Providers in StateRAMP can leverage verified IaaS, PaaS, and SaaS solutions across multiple government and education contracts.
- StateRAMP allows small businesses to compete equally with larger organizations for government and education contracts.
- Access to the complete Member Directory and a public product profile on the Authorized Product List helps private and public sector organizations connect.
Already FedRAMP Authorized or Pursuing Authorization? Get on the Fast Track!
If a provider has a product, service, or offering with a federal authorization or is pursuing a federal authorization, that offering is eligible for the StateRAMP Fast Track process.
Providers will work with the StateRAMP Program Management Office (PMO) to provide and authenticate the necessary security documentation they’ve already completed for federal authorization.
Learn more about StateRAMP Fast Track.
Getting Started with StateRAMP
Download the Free Guide for Service Providers
Program Offerings
Single Security Snapshot
Progressing Security Snapshot Program
A subscription-based program combining trust-but-verify principles and a mentoring approach to improving cybersecurity maturity, Progressing Security Snapshot includes quarterly assessments and monthly consultative calls with the StateRAMP PMO team.
StateRAMP Ready
StateRAMP Ready is a verified security status attained by meeting the StateRAMP minimum mandatory requirements, demonstrated by a readiness assessment report conducted by a 3PAO.
No contract or government sponsor is required for Ready status. StateRAMP Ready indicates a product is likely well positioned to comply with the full authorization requirements.
StateRAMP Authorized/Provisionally Authorized
StateRAMP Authorized/Provisionally Authorized is a verified security status that indicates the product meets all the required security controls by impact level.
Authorized/Provisionally Authorized Status requires a 3PAO attestation, StateRAMP PMO verification, and acceptance by a government sponsor or the StateRAMP Approvals Committee.
StateRAMP Service Provider Membership Tiers
StateRAMP Service Provider Memberships are designed specifically for cloud service providers and other IT vendors that wish to demonstrate compliance with StateRAMP’s security standards. As part of our commitment to continuous improvement and better service delivery, we’ve recently implemented a significant operational change. The membership renewal date will be June 1st every year instead of rolling renewals based on individual joining dates beginning June 1, 2024.
Basic
- Standardized approach to cloud security for government
- Guided path through StateRAMP Security Snapshot Program
- Product listing on the Authorized Product List
- Transferrable credentials
- Access to the complete Member Directory
- Access to RAMPxchange (Additional fees may apply)
- One (1) Member Rate for Annual Summit
- And much more
Prime
Basic Membership benefits, plus:
- Two (2) Member Rates for Annual Summit
- Access to RAMPxchange (No additional fees)
- Bi-Annual Call with StateRAMP Executive Staff
Premier
Basic and Prime Membership benefits, plus:
- Four (4) Member Rates for Annual Summit
- Social Media Spotlight / Blog Panelist Feature
- Invitation to Special Roundtable Available for Government Members and Premier and Champion-level Provider Members
- Receive First-Right-of-Refusal for Event Sponsorships
- Special Listing on Website
- Limited to 25 active memberships
Champion
Basic, Prime, and Premier Membership benefits, plus:
- Six (6) Member Rates for Annual Summit
- Guest Speaker, as part of a Bi-Annual Virtual Education Series
- 1:1 Monthly Call with StateRAMP Executive Director
- Limited to five active memberships
StateRAMP for Small Business
Small business partners are critical for the public sector. StateRAMP understands, however, that developing and maintaining a strong cybersecurity posture can be difficult as a small business. With StateRAMP, small business leaders have an ally in the work to advance more secure public-private partnerships at the state and local levels.
Frequently Asked Questions
To become a StateRAMP service provider member, visit the Service Provider Membership page. There, you can find detailed information about the benefits of membership and the registration process. Simply follow the instructions to complete your membership application and join our community of cybersecurity professionals dedicated to enhancing security and compliance in the public and private sector.
- StateRAMP Single Security Snapshot
- Applicable for products that have not yet achieved StateRAMP Verified Status.
- $1,000 for providers with less than $1 million annual revenue.
- $1,500 for providers with annual revenue between $1-5 million.
- $2,500 for providers with annual revenue greater than $5 million.
- Applicable for products that have not yet achieved StateRAMP Verified Status.
- Progressing Security Snapshot Program (Subscription Option)
- Applicable for Products that have not yet achieved a StateRAMP Verified Status; Includes Monthly Advisory Calls and Updated Quarterly Snapshots.
- $750 monthly for providers with less than $1 million annual revenue.
- $1,000 for providers with annual revenue between $1-5 million.
- $1,600 for providers with annual revenue greater than $5 million.
- Applicable for Products that have not yet achieved a StateRAMP Verified Status; Includes Monthly Advisory Calls and Updated Quarterly Snapshots.
- Annual Ready Review for StateRAMP Ready Status
- Applicable for products that have had a Third Party Assessing Organization (3PAO) conduct a Readiness Assessment Review (RAR).
- $500 for providers with less than $1 million annual revenue.
- $2,500 for providers with annual revenue between $1-5 million.
- $3,750 for providers with annual revenue greater than $5 million.
- Applicable for products that have had a Third Party Assessing Organization (3PAO) conduct a Readiness Assessment Review (RAR).
- Annual Authorized Review for StateRAMP Authorized or Provisionally Authorized Status
- Applicable for products that have had a Third Party Assessing Organization (3PAO) conduct a Security Assessment Review (SAR).
- $1,000 for providers with less than $1 million annual revenue.
- $5,000 for providers with annual revenue between $1-5 million.
- $7,500 for providers with annual revenue greater than $5 million.
- Applicable for products that have had a Third Party Assessing Organization (3PAO) conduct a Security Assessment Review (SAR).
- Monthly Continuous Monitoring
- Applicable for Products with a StateRAMP Ready, Authorized, or Provisionally Authorized Status.
- $250 monthly for providers with less than $1 million annual revenue.
- $500 for providers with annual revenue between $1-5 million.
- $1,000 for providers with annual revenue greater than $5 million.
- Applicable for Products with a StateRAMP Ready, Authorized, or Provisionally Authorized Status.