FedRAMP is one of the processes which is used for standardizing the security offered by
Software-as-a-Service (SAAS) Providers. It is an assessment which is done through continuous
monitoring process. This process is directed by Office of Management and Budget. Which is owned by U.S federal agencies
for benchmarking security products and services. FedRAMP was developed as a result of
collaboration of cloud security and cloud experts from National Institute of Standards and
Technology (NIST), General Services Administration (GSA), Department of Defence (DOD),
Department of Homeland Security (DHS), Office of Management and Budget (OMB), the federal
Chief Information Officer (CIO) Council and its working groups as well as private industry. Internal processes are tested by many third party audits. These audits are effective in managing the security within their facilities where data is stored.
The bottom line of Federal Information Management and Security Act (FISMA) points to achieve
most of the cybersecurity and focus lies in "Risk-based policy for cost-effective security."
Security here means protecting the data and information safe from unauthorized access, use,
disrupt, modify. This provides integrity, confidentiality, and availability.