Modernizing and Applying FedRAMP Security Standards to Accelerate Safe AI

The Federal Risk and Authorization Management Program (FedRAMP) provides a standardized approach to security for cloud products and services. To do business with the US government, companies must be FedRAMP compliant. The emergence of AI technologies has highlighted the need for such standards, leading to mandates like the recent Office of Management and Budget’s Memo M-24-10. The memo states that government agencies must meet and implement mandatory AI safeguards by December 1, 2024. Compliance with such standards can be sped up by implementing an authority-to-operate system.