This is archived information. It may contain outdated contact names, telephone numbers, Web links, or other information. For up-to-date information visit pages by topic or contact our Office of Public Affairs at For a list of public affairs officers by beat, visit the GSA Newsroom.

GSA Announces First FedRAMP Provisional Cloud Security Authorizations

FedRAMP Joint Authorization Board’s first provisional authorization gives agencies a  “do once,  use many times” framework that saves cost, time, and staff

Dec. 27, 2012

WASHINGTON -- Today, the U.S. General Services Administration announced that the Federal Risk and Authorization Management Program (FedRAMP) has issued the first Joint Authorization Board (JAB) approved provisional cloud security authorization to Autonomic Resources LLC. The FedRAMP Joint Authorization Board is comprised of the Chief Information Officers from GSA and the Departments of Defense and Homeland Security.  

FedRAMP is a standardized approach to cloud security assessments, authorization, and monitoring that will save the government money, time, and staff by eliminating redundant  agency security assessments. Through FedRAMP’s leveraged security authorizations, federal agencies can also drastically reduce the time it takes to adopt new IT capabilities. 

“The FedRAMP provisional authorization process sets a rigorous certification and accreditation bar for cloud service providers. By using FedRAMP and eliminating redundant security assessments, agencies can save an estimated $200,000 per authorization,” said Dave McClure, Associate Administrator of GSA’s Office of Citizen Services and Innovative Technologies. “This  innovative collaboration with industry will lead to a common and more effective and efficient  security authorization process government-wide.”  

In order to receive this provisional authorization, Autonomic Resources documented and fully implemented the FedRAMP security controls on their cloud services offerings. In addition, they had an independent FedRAMP accredited Third Party Assessment Organization (3PAO) audit these implementations. Now, Autonomic Resources’ system is provisionally authorized to  securely contain Federal information at a moderate Federal Information Security Management Act level of security. Agencies will be able to review the full provisional authorization package as well as the independent assessment conducted by a FedRAMP-accredited 3PAO for their  own agency specific security authorizations. The JAB is expected to issue additional ATOs in early 2013 and announcements will be made as the authorizations are granted. 

Autonomic Resources LLC is a certified 8a small business from Cary, North Carolina offering  Infrastructure as a Service capabilities for federal agencies. Their independent assessment was completed by Veris Group, a FedRAMP accredited 3PAO.



Last Reviewed 2012-12-27