U.S. | Government and public sector

FedRAMP

The U.S. Federal Government established the Federal Risk and Authorization Management Program (FedRAMP), a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. All Federal agency cloud deployments and service models, other than certain on-premises private clouds, must meet FedRAMP requirements at the appropriate risk impact level (Low, Moderate, or High).

Google Cloud maintains a FedRAMP High provisional authority to operate (P-ATO) from the FedRAMP JAB for 18 Google Cloud products in 6 regions. We also maintain a Moderate provisional authority to operate (P-ATO) for 64 Google Cloud Platform (GCP) products in 18 regions and a Moderate authority to operate (ATO) for 27 Google Workspace products.

Google’s FedRAMP status is posted on the government’s website: FedRAMP Marketplace.


Google Cloud services and authorized regions that are covered by FedRAMP

FAQs

NIST 800-53

Learn more

FIPS 140-2 Validated

Learn more

NIST 800-34

Learn more

U.S. Defense Information Systems Agency Provisional Authorization

Learn more