The City of Chandler & GovRAMP

About the Program

In the City of Chandler, safeguarding sensitive and critical information is a collective responsibility. Cybersecurity teams are constantly on alert, defending against ever-evolving threats. To effectively counter these threats, organizations must take proactive measures to reinforce their networks and systems. One crucial step is ensuring that any provider or product dealing with critical data adheres to stringent cybersecurity standards

This is where GovRAMP steps in. By collaborating with the City of Chandler, GovRAMP supports providers in meeting essential security controls as specified by the NIST 800-53 framework. This partnership not only ensures that providers comply with these rigorous standards but also offers the benefit of transferable credentials through a standardized cybersecurity verification process. This means that once providers achieve verification, they can leverage this status to serve multiple government entities efficiently. This system of product cybersecurity validation is available to all participating government members, fostering a more secure and streamlined approach to managing cybersecurity across various jurisdictions.

• What is GovRAMP?

  Founded at the beginning of 2020, GovRAMP was born from the clear need for a standardized approach to the cybersecurity standards required from service providers offering solutions to state and local governments.

  As a 501(c)6 nonprofit, our mission is to promote cybersecurity best practices through education and policy development to improve the cyber posture of public institutions and the citizens they serve. GovRAMP is composed of service providers offering IaaS, PaaS, and/or SaaS solutions, third-party assessment organizations, and government officials. Our members lead, manage, and work in various disciplines across the United States and are all committed to making the digital landscape a safer, more secure place.

• City of Chandler's GovRAMP Determination

  Cloud computing service products subject to GovRAMP authorization.

  Any Contractor who will be storing, processing, and/or transmitting City data in external, non-City environments (Cloud), are required to attain verified GovRAMP (www.govramp.org) Authorized status for the cloud products the City will be utilizing, at the security category level required by the City. The Contractor must attain GovRAMP Ready status within 12 months of Agreement execution and GovRAMP Authorized status within 18 months of Agreement execution. Any Contractor without GovRAMP Ready or Authorized status at the time of Agreement execution must complete a GovRAMP Security Snapshot within three months of Agreement execution and must provide monthly progress reporting to GovRAMP until GovRAMP Ready or GovRAMP Authorization status is obtained. The Contractor will be required to maintain GovRAMP authorization at the required category level throughout the contract term and partnership with the City. The City will provide GovRAMP sponsorship to the Contractor for the purpose of this contract engagement.

• How do I get started?

  To learn more about how to obtain any of our GovRAMP statuses, visit our GovRAMP for Service Providers page.

  This page provides an overview of the GovRAMP organization, general onboarding information, a getting started checklist, and complete details regarding the requirements for beginning the GovRAMP verification process. 

• Who can I contact?

  For additional information, reach out to info@govramp.org.