GSA’s FedRAMP Issues Second Authorization


Furthering GSA’s mission to better serve our partners and deliver better value and savings, yesterday the Federal Risk and Authorization Management Program (FedRAMP) granted the second Joint Authorization Board (JAB) provisional cloud security authorization to CGI Federal.  The JAB provisional authorization covers CGI’s infrastructure as a service (IaaS) offerings including virtual machines and web-hosting capabilities, available for agencies to acquire from the GSA IaaS Blanket Purchase Agreement.  This second authorization will further accelerate federal adoption of secure cloud solutions by providing a consistent, efficient security authorization process that can be leveraged by agencies across government.

FedRamp provides an innovative, standardized approach to cyber-security for federal agencies.

FedRAMP provides an innovative, standardized approach to cloud security assessments, authorization, and monitoring through baseline requirements.  Federal agencies using FedRAMP provisionally authorized cloud service providers (CSP) save time, money, and resources by eliminating redundant agency security assessments.  By increasing access to secure cloud solutions, FedRAMP is paving the way for agencies to realize the cost savings, agility, and performance enhancements offered by cloud computing.

CGI is the world’s fifth largest independent IT and business process services company and they join the previously approved small business Autonomic Resources on the list of FedRAMP-provisionally authorized CSPs. CGI worked with SecureInfo, a Kratos Company, as their FedRAMP accredited Third Party Assessment Organization (3PAO) to independently audit their security implementations.  Having a small and large business now authorized demonstrates how FedRAMP works for all CSPs.

While still in its initial operating capability phase, FedRAMP continues to grow as it plans to reach full operating capability this spring. FedRAMP recently appointed Maria Roat as the new FedRAMP Director. Maria comes to FedRAMP from her position at FEMA as a Deputy CIO with a long history of excellence in the Federal cybersecurity space.

FedRAMP expects a steady stream of provisional authorizations to continue throughout 2013 across a range of cloud services.  As of the end of January, over 80 cloud service providers have applied to receive a FedRAMP provisional authorization and over 50 applicants have applied for 3PAO accreditation, of which sixteen have been accredited to date.

For more information about FedRAMP, visit

Last Reviewed: 2018-03-12