Skip to main content
undefined
undefined

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

undefined

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Release of cloud.gov Pages Customer Responsibility Matrix (CRM)

November 15, 2022

Our website publishing platform, cloud.gov
Pages
, is now fully authorized by
FedRAMP® at the Moderate impact level, and
is replacing the Federalist offering, formerly at
https://federalist.18f.gov. As part of that migration, we are
publishing the Control Implementation Summary (CIS) + Customer Responsibility Matrix (CRM) + Control-by-Control Inheritance (.xlsx).
The CRM is a summary of each Low security control and whether it
is handled by cloud.gov, a shared responsibility, or a customer
responsibility. It includes guidance on which controls a customer
system can fully or partially inherit from cloud.gov Pages.

We will release a CRM for the cloud.gov Pages Moderate impact controls in the near future. Updates to the cloud.gov Pages CRM will
be reflected on our FedRAMP Tracker page