FedRAMP Logo
Rev5
REV. 5 BASELINES HAVE BEEN APPROVED AND RELEASED!
The FedRAMP Joint Authorization Board has approved the FedRAMP Rev. 5 baselines. The FedRAMP baselines were updated to correspond
with the National Institute of Standards and Technology’s (NIST) Special Publication (SP) 800-53 Rev. 5 Catalog of Security and
Privacy Controls for Information Systems and Organizations and SP 800-53B Control Baselines for Information Systems and
Organizations.
Outlined below are the released documents with a supporting high level summary:
CLOUD SERVICE PROVIDER (CSP) TRANSITION PLAN
* Provides guidance to assist Cloud Service Providers (CSP), Third Party Assessment Organizations (3PAOs), Federal Agencies in
transitioning to NIST SP 800-53 Rev. 5, and to the new FedRAMP requirements
* Categorizes CSPs based on their stage in the FedRAMP authorization process and defines date-based transition periods for each
category
* Assists CSPs with identifying the scope of
REV. 5 BASELINES
* Aligns security controls more closely with NIST
* Adds significant guidance for many controls
* Privacy controls, and any other control outside of the FedRAMP baselines, remain at the agency’s discretion
* Program Management (PM) controls remain an agency responsibility and are therefore not included in the baselines
For more details, please visit the blog!
Visit Blog
If you have questions or feedback, please let us know at
[email protected].
Link to FedRAMP Twitter Feed YouTube Icon Link to FedRAMP Offered Trainings
Visit FedRAMP.gov
Contact Us
Manage Subscriptions Help : :: :j %
----------------------------------------------------------------------------------------------------------------------------------
This email was sent to
[email protected] on behalf of General Services Administration · 1800 F St. NW · Washington, DC 20405 ·
866-606-8220