Indianapolis, IN — April 22, 2026 — GovRAMP today announced that five additional accredited third‑party assessment organizations (3PAOs) have joined its recently launched 3PAO Discount Program, further expanding opportunities for service providers to reduce the cost of independent security assessments.
The additional 3PAOs joining the program are:
The expansion builds on GovRAMP’s launch of the program, which offers assessment discounts of up to 30% for service providers that have completed the GovRAMP Progressing Security Snapshot program or achieved GovRAMP Core verification. The program is designed to recognize early security investment and support more efficient, predictable assessment outcomes.
“The strong willingness of accredited 3PAOs to participate in this program validates the effectiveness of GovRAMP’s security pathways,” said Leah McGrath, executive director of GovRAMP. “When providers invest early and align to GovRAMP’s requirements, assessments are more efficient, costs are more predictable and secure solutions reach the public sector faster.”
GovRAMP’s preparatory and On-RAMP programs, including the Progressing Snapshot Security program, are designed to help service providers assess and strengthen their security posture through measurable, evidence‑based approaches before entering formal assessments. Early data and assessor feedback continue to show that providers completing these programs arrive better prepared, with more mature documentation, clearer control implementation and fewer delays caused by rework or false starts.
By expanding participation in the discount program, GovRAMP is increasing assessment options and accessibility—particularly for small and midsize technology service providers seeking to serve federal, state, local, tribal and educational government.
“This expansion reflects the GovRAMP ecosystem working as intended,” McGrath said. “When early security investment is recognized, it creates real incentives for preparedness and supports more consistent, trusted cybersecurity outcomes across the public sector.”
3PAO Discount Program Participants
GovRAMP’s 3PAO Discount Program launched with early participation from leading accredited 3PAOs, including A‑LIGN, Prescient Security, Coalfire, Fortreum and RISCPoint.
These founding participants are joined by six additional accredited 3PAOs announced today—360 Advanced, Data Lock Consulting Group, Lunarline, Schellman and Securisea—further expanding assessment options and increasing accessibility for service providers pursuing GovRAMP verification.
Participating 3PAO Quotes
360 Advanced: “At 360 Advanced, we’ve seen firsthand how strong preparation can significantly improve the assessment experience. Organizations that complete GovRAMP’s Core and Progressing Security Snapshot programs consistently approach their assessments better prepared, enabling our teams to work more efficiently while helping avoid many of the common challenges we often encounter when this level of readiness has not been achieved,” said David Brosi, Federal Practice Director. “Because of the value these programs provide, we are pleased to offer a discount for organizations that have completed them and to support initiatives that promote a more streamlined and successful assessment process.”
Data Lock Consulting Group: “GovRAMP’s Progressing Security Snapshot program and Core verification are not simply improving preparedness—they are giving service providers clear, early insight into their security posture before engaging with an accredited 3PAO,” said Zyad Nabbus, CEO of Data Lock Consulting Group. “That visibility enables organizations to address gaps proactively, safeguard their cybersecurity investments, and approach the assessment process with a much higher likelihood of success. As a result, providers entering through these pathways demonstrate stronger control maturity and significantly reduced rework, enabling faster, more predictable assessment outcomes. At a broader level, this program will accelerate GovRAMP verifications and drive faster adoption of secure, compliant cloud solutions across the ecosystem.”
Lunarline: “We see a clear difference when organizations take advantage of GovRAMP’s Progressing Security Snapshot program or achieve Core verification prior to formal assessment,” said Mike Warren, director of cybersecurity consulting services at Lunarline. “They arrive organized, aligned with the requirements, and are ready to move forward. That readiness shortens timelines and supports a more streamlined authorization experience.”
Securisea:”Our experience as a 3PAO for GovRAMP and FedRAMP gives us a clear view of what separates a smooth assessment from a difficult one,” said Josh Daymont, CEO at Securisea. “Providers coming through GovRAMP’s phased paths (Progressing Security Snapshot, Core-Verified) consistently arrive with more mature security postures – documentation, implemented controls and organizational readiness. That groundwork eliminates the back-and-forth that typically extends assessment timelines, justifying a meaningful assessment discount.”
About GovRAMP
GovRAMP is a nonprofit membership organization dedicated to advancing consistent, trusted cybersecurity practices across state, local, tribal, and educational government. Guided by its mission to make cybersecurity easier to understand, implement, and maintain, GovRAMP provides a standardized framework, independent validation, and community-driven education that help governments adopt secure cloud solutions with confidence while enabling service providers to demonstrate trusted security through clear, evidence-based practices. By bringing together public and private sector partners, GovRAMP supports policy collaboration, strengthens shared assurance, and helps build a more resilient cybersecurity ecosystem that protects government services, data, and the communities they serve. Learn more at GovRAMP.org.