Skip to form
StateRAMP JAB Attestation Form
First Name
*
Last Name
*
Email
*
Phone Number
*
Please format as XXX-XXX-XXX ext. XXXX
Position or Title
*
Ex: Chief Information Security Officer
Company Name
*
Is your organization a StateRAMP member?
*
Yes
No
I don't know
What is the name of the product, service, or offering being assessed?
*
Please provide a brief description to be included in your product's Authorized Product List profile.
*
Select your product's FedRAMP status.
*
Please Select
FedRAMP Ready
FedRAMP Authorized
In-Process
Please provide your product's FedRAMP Package ID number.
*
Select your product's FedRAMP authorization type.
*
Please Select
Agency
JAB
Please select the categories that best match your product.
*
Please select at least 2 of the options below. If you would like to include an extra category for your product, please select "Other" and specify your preference in the free text field.
Access Management
Application Security
Audit Management
Automation
Business & Communications Systems
Capital Planning & Construction Management
Case Management
Cloud Security
Cloud Services
Communications Systems
Content Collaboration
Customer Engagement
Customer Management and Experience Solutions
Cyber Training and Awareness
Data Loss Prevention
Data Management
Disaster Recovery
Document Management
E-Discovery
Encryption and Decryption Services
E-Procurement & Compliance
General Support System
GRC Management
Identity and Access Management
Incident Response and Management
Infrastructure
Learning Management System
Legal & Compliance Software
Mobile Device Management
Network Security
Networking
Risk Management
Security Information and Event Management
Vendor Management
Vulnerability Assessment
Workforce Management
Other
Please provide the name of your third party assessment organization (3PAO).
*
Please Select
A-Lign
Booz Allen Hamilton
Burke Consortium
Coalfire
Control Case
DataLock
Deloitte
Earthling Security
EmagineIT
EmeSec
Excentium
First Information Technology Services (FITS)
Fortreum
Ignyte
Information Technology Company
InfusionPoints
Kompleye
Kratos Defense
Lazarus Alliance
Linford & Co
Lunarline
MBL Technologies
MegaPlanIT
MindPoint Group
NCC Group
RSM
Schellman & Company
SecureIT
Securisea
Sentar
Sera-Brynn
Talatek
Tevora
The Cadence Group
Vaultes
Provide the first and last name of your 3PAO primary point of contact.
*
Provide the email address of your 3PAO primary point of contact.
*
Product Architecture
*
Please Select
Software as a Service (SaaS)
Platform as a Service (PaaS)
Infrastructure as a Service (IaaS)
Other
Deployment Model
*
Public: Cloud services and infrastructure support multiple organizations and government clients.
Private: Cloud services and infrastructure are dedicated to a specific organization or government.
Government Only Community: Cloud services and infrastructure are shared by several organizations or governments with the same policies and compliance considerations.
Hybrid: Cloud services and infrastructure are used for secured applications and data where required, and a public cloud for other applications and data.
Please Select
Government Only Community
Public
Private
Hybrid
What is your organization's legal name (if different from above)?
What is your organization's address?
*
Please provide the first and last name of the point of contact responsible for receiving the StateRAMP PMO Federal JAB Review Invoice.
*
Please provide an email address for the invoice recipient.
*
Please provide a Purchase Order (PO) Number for invoicing if necessary.
By checking the box to the left, you agree to the following terms of use (“Terms”):
You attest that you represent a service provider offering IaaS, PaaS, and/or SaaS solutions that process, store, and/or transmit state and local government data including, but not limited to, PII, PHI, and PCI and that all information provided through this site (“Site”) is complete and accurate. You agree to pay the appropriate fees to the StateRAMP PMO before any review or assessment is done on any submitted documents. You understand all submitted documents must be in the correct templates and that review and/or assessment can be suspended until such time as the submitted documents are provided in the correct format. You understand the 3PAO who completed the security assessment for your product, service, or offering is the only entity who can attest to your product's FedRAMP JAB status.
You agree to upload all requested information (“Information”) into the StateRAMP PMO Site. By accessing or using this Site, you acknowledge that you have read, understood, and agree to be bound by these Terms and all applicable laws and regulations. The Terms govern your use of the Site and any Content that StateRAMP may make available through the Site. StateRAMP may change the Terms from time to time in its sole discretion without notice. StateRAMP reserves the right to terminate or modify the Site including any of its content, in whole or in part, in any manner in StateRAMP’s sole discretion, without notice. Access to the Site is granted at StateRAMP’s sole discretion and may be revoked at any time. As a condition of your use of this Site, you will not use the Site for any purpose that is unlawful or prohibited by these terms, conditions, and notices. You may not use the Site in any manner that could damage, disable, overburden, or interfere with any other party’s use and enjoyment of the Site.
Content on the Site is not promised or guaranteed to be correct, current, or complete and the Site may contain technical inaccuracies or other errors. StateRAMP assumes no responsibility for updating the Site to keep information current or to ensure the accuracy or completeness of any posted information. You should confirm the accuracy and completeness of all posted information before making any decision related to any services, products or other matters described in the Site.
*
The letter of attestation must be written on your 3PAO's letterhead and signed by your 3PAO. The letter must, at a minimum, contain the following language.
<3PAO> attests that the <RAR/SAR> from the <system name> annual assessment testing provides a complete assessment of the applicable FedRAMP controls as stipulated in the SAP. Evidence to validate the successful implementation of the various security controls has been collected and validated. Based on the remaining risks and the continuous improvement of security related processes and controls, <3PAO> attests to the <system name> <Ready/Authorized> status issued by the FedRAMP JAB and recommends <system name> be granted a Federal JAB status by StateRAMP.
*
Submit