Templates and Resources
Welcome to the StateRAMP Templates and Resources Page. Security templates are developed based on policies adopted by the Board of Directors and recommended by the Steering Committee and Standards & Technical Committee.
2022 Document Updates Have Been Released!
The Standards and Technical Committee and the Board recently completed their annual review of some of the templates and documents made available in this resource library.
The following documents have been updated and can be accessed in the Security Policies below:
Security Assessment Framework
Data Classification Tool
Baseline Security Controls
Minimum Mandatory Requirements for Ready Status (Low Impact)
Minimum Mandatory Requirements for Ready Status (Moderate + High Impact)
StateRAMP verification relies on independent audits that are conducted by Third Party Assessing Organizations (3PAOs). StateRAMP 3PAOs will use the following templates to report audit findings.
Authorized Product List
The first Authorized Product List (APL) includes a listing of Subscriber Members who are actively pursuing third party verification for their offerings. Follow the steps below to be listed on the Authorized Product List.
Find a StateRAMP 3PAO
Assessors play an important role in conducting independent security audits.
A government sponsor is required for providers wishing to submit a request for authorization.
Submit a Review Request
Do you want your products included on the StateRAMP Authorized Product List? Submit a Security Review Request to begin the process.
Connect with the
StateRAMP is proud to partner with Knowledge Services to serve as the PMO.
Receive StateRAMP Updates
Interested in StateRAMP? Sign up below to receive StateRAMP Updates.