Standards & Technical Committee Charter
The Standards & Technical Committee makes recommendations for best practices and policies that guide cloud security requirements and verification.
Appeals Committee Charter
The Appeals Committee serves as the adjudication board for the Program Management Office determinations.
Vulnerability Deviation Request Form
When a service provider identifies a vulnerability that potentially warrants different handling than normally required by GovRAMP, they may submit a deviation request to GovRAMP using this form.
Incident Communications Procedures
This document describes the process for GovRAMP stakeholders to use when reporting information concerning information system security incidents or suspected information system security incidents.
Vulnerability Scan Requirements Guide
This guide describes the requirements for all vulnerability scans provided by service providers to GovRAMP for products with a Ready, Provisionally Authorized, or Authorized status.
Continuous Monitoring Guide
Continuous monitoring review procedures outline the process to examine each monthly package.