FedRAMP on Salesforce

white paper

Understanding The Regulatory Roadmap for FedRAMP on Salesforce

FedRAMP on Salesforce

The Federal Risk and Authorization Management Program (FedRAMP) provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. This cloud security program and approach provides a “do once, use many times” framework that saves the U.S. government redundant assessment costs, internal time, and money, and in many cases, provides an equal and/or better security posture than current in-house IT infrastructure options.

FedRAMP is a government-wide program involving numerous departments, agencies, and government groups. The program's primary decision-making body is the Joint Authorization Board (JAB), comprising the CIOs from the Department of Defense (DoD), Department of Homeland Security (DHS), and General Services Administration (GSA). In addition to the JAB, the Office of Management and Budget (OMB), the Federal CIO Council, National Institute of Standards and Technology (NIST), DHS, and GSA’s FedRAMP Program Management Office (PMO) all play key roles in effectively running FedRAMP.

This document provides general FedRAMP-related information as it pertains to Salesforce SaaS and PaaS (native and composite) ecosystem partners.

This white paper requires registration. Please fill out the form to receive access.