Federal Risk and Authorization Management Program (FedRAMP)

What is FedRAMP

The Federal Risk and Authorization Management Program, or FedRAMP, is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. 

All U.S. federal agencies are required by Federal Information Security Management Act (FISMA) to procure information systems and services only from organizations that adhere to FISMA requirements. For cloud services, Federal agencies adhere by authorizing services that demonstrate their compliance with one of the FedRAMP security baselines. 

To achieve a FedRAMP authorization, cloud service providers must undergo an independent security assessment conducted by a third-party assessment organization (3PAO) to ensure authorizations are compliant with FISMA and must maintain continuous monitoring requirements of FedRAMP. 

Why is FedRAMP Important

  • Under FISMA, the U.S. Office of Management and Budget now requires all federal agencies to use FedRAMP to validate the security of cloud services. 
  • Some U.S. state and local governments may also leverage FedRAMP for comparable needs at the local level.
  • The FedRAMP authorization certifies that the cloud products and services meet NIST and FISMA defined standards.

What is Axon's current status

Axon has achieved a FedRAMP Joint Authorization Board (JAB) Provisional Authority To Operate (P-ATO) at the Moderate Impact Level. The authorization confirms that Axon Evidence has been reviewed and approved by the Departments of Defense and Homeland Security, and the General Services Administration. This enables the US Federal community to streamline their own authorization processes of Axon Evidence.

View Axon's FedRAMP authorization status on the FedRAMP Marketplace 

Which Axon products are In-Scope

The following service and products are included in the Axon's FedRAMP authorization package: 

Product In-Scope
US Federal Region of Evidence.com

Yes*

Evidence.com for Prosecutors

Yes**

Evidence.com Lite

Yes**

Evidence.com Transcription

No

Evidence.com CAD/RMS Integration

No

US Region of Evidence.com

No

Non-US Regions of Evidence.com

No

View (iOS and Android)

Yes**

Capture (iOS and Android)

Yes**

Device Manager (Android)

Yes**

Evidence SYNC

Yes**

Citizen

No

Interview Room

No

Commander

No

Fleet Client Applications

No

Fleet Cameras and Devices

Not Applicable***

Axon Dock

Not Applicable***

TASER Smart Weapons, Dock, and Accessories

Not Applicable***

Signal Sidearm

Not Applicable***

* If your agency URL is <youragency>.us.evidence.com, then your agency is deployed in the US Federal Region
** When used with an agency tenant deployed within the US Federal Region of Evidence.com
*** FedRAMP does not authorize hardware or devices

Additional Resources

FedRAMP Website
FedRAMP Agency Authorization Playbook