FedRAMP High impact level

E1023367

FedRAMP impact level information security categorization

FedRAMP High impact level is the most stringent FedRAMP security categorization, applied to cloud systems whose compromise could severely affect an agency’s operations, assets, or individuals.

Try in SPARQL Jump to: Surface forms Statements Referenced by

Observed surface forms (1)

Surface form	Occurrences
FedRAMP High	1

Statements (48)

Predicate	Object
instanceOf	FedRAMP impact level ⓘ information security categorization ⓘ
alignedWith	NIST Risk Management Framework NERFINISHED ⓘ
appliesTo	Infrastructure-as-a-Service offerings ⓘ Platform-as-a-Service offerings ⓘ Software-as-a-Service offerings ⓘ cloud information systems ⓘ federal information systems hosted in the cloud ⓘ
associatedWith	severe adverse effect on individuals ⓘ severe adverse effect on organizational assets ⓘ severe adverse effect on organizational operations ⓘ
basedOn	FIPS 199 security categorization ⓘ NIST SP 800-60 NERFINISHED ⓘ
definedBy	FedRAMP Program Management Office NERFINISHED ⓘ
governedBy	FedRAMP High Baseline Requirements NERFINISHED ⓘ FedRAMP High Security Controls Baseline document NERFINISHED ⓘ FedRAMP Security Assessment Framework NERFINISHED ⓘ
hasControlBaseline	FedRAMP High security control baseline GENERATED ⓘ
hasHigherStringencyThan	FedRAMP Low impact level NERFINISHED ⓘ FedRAMP Moderate impact level ⓘ
hasImpactLevel	High ⓘ
hasPurpose	to protect highly sensitive federal information in cloud environments ⓘ
hasRiskCategory	High ⓘ
hasStricterControlsThan	FedRAMP Low baseline NERFINISHED ⓘ FedRAMP Moderate baseline NERFINISHED ⓘ
partOf	FedRAMP NERFINISHED ⓘ Federal Risk and Authorization Management Program NERFINISHED ⓘ
requires	authorization by a federal agency or the Joint Authorization Board ⓘ configuration management controls ⓘ continuous monitoring ⓘ documented security policies and procedures ⓘ encryption of data at rest ⓘ encryption of data in transit ⓘ enhanced availability protections ⓘ enhanced confidentiality protections ⓘ enhanced integrity protections ⓘ formal risk assessments ⓘ incident response capabilities ⓘ independent third-party assessment ⓘ multi-factor authentication ⓘ strong access control measures ⓘ vulnerability scanning ⓘ
usedBy	U.S. federal agencies NERFINISHED ⓘ
usedFor	systems where loss of availability could have severe or catastrophic adverse effect ⓘ systems where loss of confidentiality could have severe or catastrophic adverse effect ⓘ systems where loss of integrity could have severe or catastrophic adverse effect ⓘ
usedInContextOf	U.S. federal cloud authorizations ⓘ
usesControlBaselineFrom	NIST SP 800-53 NERFINISHED ⓘ

Referenced by (2)

Full triples — surface form annotated when it differs from this entity's canonical label.

FedRAMP Joint Authorization Board Provisional ATO → mayCover → FedRAMP High impact level ⓘ

FedRAMP Moderate → relatedStandard → FedRAMP High impact level ⓘ

this entity surface form: FedRAMP High