What is FedRAMP

The Federal Risk and Authorization Management Program, or FedRAMP, is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. 

All U.S. federal agencies are required by Federal Information Security Management Act (FISMA) to procure information systems and services only from organizations that adhere to FISMA requirements. For cloud services, Federal agencies adhere by authorizing services that demonstrate their compliance with one of the FedRAMP security baselines. 

To achieve a FedRAMP authorization, cloud service providers must undergo an independent security assessment conducted by a third-party assessment organization (3PAO) to ensure authorizations are compliant with FISMA and must maintain continuous monitoring requirements of FedRAMP. 

Why is FedRAMP Important

• Under FISMA, the U.S. Office of Management and Budget now requires all federal agencies to use FedRAMP to validate the security of cloud services. 
• Some U.S. state and local governments may also leverage FedRAMP for comparable needs at the local level.
• The FedRAMP authorization certifies that the cloud products and services meet NIST and FISMA defined standards.

What is Axon's current status

Axon has achieved a FedRAMP Joint Authorization Board (JAB) Provisional Authority To Operate (P-ATO) at the Moderate Impact Level. The authorization confirms that Axon Evidence has been reviewed and approved by the Departments of Defense and Homeland Security, and the General Services Administration. This enables the US Federal community to streamline their own authorization processes of Axon Evidence.

View Axon's FedRAMP authorization status on the FedRAMP Marketplace 

Which Axon products are In-Scope

The following service and products are included in the Axon's FedRAMP authorization package: 

Additional Resources

FedRAMP Website
FedRAMP Agency Authorization Playbook