FedRAMP Low
E1023369
FedRAMP Low is a baseline security authorization level within the U.S. Federal Risk and Authorization Management Program designed for cloud systems handling the least sensitive federal information and requiring minimal security controls.
All labels observed (1)
| Label | Occurrences |
|---|---|
| FedRAMP Low canonical | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T13106418 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: FedRAMP Low Context triple: [FedRAMP Moderate, relatedStandard, FedRAMP Low]
-
A.
FedRAMP Moderate
FedRAMP Moderate is a U.S. federal security authorization level for cloud services that handle sensitive but unclassified data, requiring robust controls to protect confidentiality, integrity, and availability.
-
B.
FedRAMP Joint Authorization Board Provisional ATO
The FedRAMP Joint Authorization Board Provisional ATO is a high-level, government-wide security authorization granted by the FedRAMP JAB that allows cloud services to be used by multiple U.S. federal agencies after meeting rigorous security and compliance standards.
-
C.
FedRAMP Program Management Office
The FedRAMP Program Management Office is the federal team that oversees and manages the government-wide FedRAMP cloud security authorization program for U.S. agencies and cloud service providers.
-
D.
NIST SP 800-171
NIST SP 800-171 is a U.S. National Institute of Standards and Technology publication that specifies security requirements for protecting Controlled Unclassified Information in non-federal information systems and organizations.
-
E.
Federal Risk and Authorization Management Program
The Federal Risk and Authorization Management Program (FedRAMP) is a U.S. government-wide framework that standardizes security assessment, authorization, and continuous monitoring for cloud products and services used by federal agencies.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: FedRAMP Low Target entity description: FedRAMP Low is a baseline security authorization level within the U.S. Federal Risk and Authorization Management Program designed for cloud systems handling the least sensitive federal information and requiring minimal security controls.
-
A.
FedRAMP Moderate
FedRAMP Moderate is a U.S. federal security authorization level for cloud services that handle sensitive but unclassified data, requiring robust controls to protect confidentiality, integrity, and availability.
-
B.
FedRAMP Joint Authorization Board Provisional ATO
The FedRAMP Joint Authorization Board Provisional ATO is a high-level, government-wide security authorization granted by the FedRAMP JAB that allows cloud services to be used by multiple U.S. federal agencies after meeting rigorous security and compliance standards.
-
C.
FedRAMP Program Management Office
The FedRAMP Program Management Office is the federal team that oversees and manages the government-wide FedRAMP cloud security authorization program for U.S. agencies and cloud service providers.
-
D.
NIST SP 800-171
NIST SP 800-171 is a U.S. National Institute of Standards and Technology publication that specifies security requirements for protecting Controlled Unclassified Information in non-federal information systems and organizations.
-
E.
Federal Risk and Authorization Management Program
The Federal Risk and Authorization Management Program (FedRAMP) is a U.S. government-wide framework that standardizes security assessment, authorization, and continuous monitoring for cloud products and services used by federal agencies.
- F. None of above. chosen
Statements (49)
| Predicate | Object |
|---|---|
| instanceOf |
FedRAMP security baseline
ⓘ
information security standard ⓘ |
| appliesTo |
cloud service offerings
ⓘ
federal information systems ⓘ |
| assessmentPerformedBy | Third Party Assessment Organization ⓘ |
| authorizationBoundary | applies to systems categorized as low impact under FIPS 199 ⓘ |
| authorizationType | security authorization baseline ⓘ |
| basedOnStandard |
FIPS 199
NERFINISHED
ⓘ
NIST SP 800-53 NERFINISHED ⓘ |
| controlFamilyCoverage |
access control
ⓘ
audit and accountability ⓘ configuration management ⓘ contingency planning ⓘ identification and authentication ⓘ incident response ⓘ maintenance ⓘ media protection ⓘ physical and environmental protection ⓘ risk assessment ⓘ system and communications protection ⓘ system and information integrity ⓘ |
| countryOfOrigin |
United States of America
ⓘ
surface form:
United States
|
| documentationRequirement |
Plan of Action and Milestones
ⓘ
Security Assessment Plan NERFINISHED ⓘ Security Assessment Report ⓘ System Security Plan ⓘ |
| governingBody | FedRAMP Program Management Office NERFINISHED ⓘ |
| impactCategory |
availability low
ⓘ
confidentiality low ⓘ integrity low ⓘ |
| includes |
management security controls
ⓘ
operational security controls ⓘ technical security controls ⓘ |
| informationSensitivity | least sensitive federal information ⓘ |
| objective | to ensure adequate security for low-impact federal cloud services ⓘ |
| overseenBy |
Joint Authorization Board
NERFINISHED
ⓘ
U.S. General Services Administration NERFINISHED ⓘ |
| partOf | Federal Risk and Authorization Management Program NERFINISHED ⓘ |
| purpose | to define minimum security requirements for low-impact federal cloud systems ⓘ |
| relatedBaseline |
FedRAMP High
GENERATED
ⓘ
FedRAMP Moderate GENERATED ⓘ |
| requires | minimal security controls compared to FedRAMP Moderate and High ⓘ |
| riskLevel |
low impact to individuals
ⓘ
low impact to organizational assets ⓘ low impact to organizational operations ⓘ |
| securityImpactLevel | low ⓘ |
| usedBy |
U.S. federal agencies
NERFINISHED
ⓘ
cloud service providers seeking FedRAMP authorization ⓘ |
| usesControlBaselineFrom | NIST SP 800-53 low baseline NERFINISHED ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: FedRAMP Low Description of subject: FedRAMP Low is a baseline security authorization level within the U.S. Federal Risk and Authorization Management Program designed for cloud systems handling the least sensitive federal information and requiring minimal security controls.
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.