Who We Are
StateRAMP™, an independent not-for-profit organization, provides an efficient and cost-effective solution for verifying cyber security of cloud service providers for state and local government.
The StateRAMP™ model helps state and local governments by creating a level playing field for cloud service providers to take a standardized approach to Cloud security and risk assessment. StateRAMP™ does not recreate the wheel. Rather, StateRAMP™ builds upon the already existing third-party assessment organization (3PAO) ecosystem.
Leveraging proven and consistent security authorizations, following existing State policy baseline standards, which are currently NIST 800-53, StateRAMP™ ensures consistent application of State approved standards.
Our Goals Are Simple
- Enable state and local procurement officials to confidently contract with secure third–party cloud service providers in a manner that won’t jeopardize government and citizen data
- Provide a strong framework that saves state and local governments time, money, and personnel from conducting redundant cloud security assessments
- Make it easier for third–party cloud service providers to work with governments through a clear framework and transferable certification process
- Help State and local government cost effectively avoid unnecessary cyber risks.
Comprised of government, commercial and academic experts in the fields of cyber security, government procurement and public policy, the committee is responsible for establishing procedures and policies for:
- Long-Term Governance and Best Practices
- Internal Controls Ensuring Transparency and Credibility for All Stakeholders
- Partner Engagement Process, including: States, Third Party Cloud Vendors and Third-Party Assessment Organizations (3PAOs)
- Program Management Office (PMO) Process and Administration Functions
- Cost Model Evaluation and Recommendations
Steering Committee Members
President, Knowledge Services
Federal Practice Lead, A-LIGN
Vice President of Strategy and Business Development, Salesforce
CISO, Data Center Architect, Lifeline Data Centers, L.L.C.
State Chief Privacy Officer, State of Indiana/General Counsel for Indiana MPH
Chief Strategist and CSO, Security Mentor
Statewide Procurement Group Manager, State of Arizona
Senior Manager, Cyber Risk Advisory, Coalfire
CIO, State of Mississippi
Cooperative Contract Coordinator ICT, NASPO ValuePoint
Chief Information Security Officer, State of Arizona
Chief Procurement Officer, State of Maine
Chief Information Officer, State of Arizona
Founder and CEO, Geographic Solutions
Chief Information Security Officer, State of Mississippi