Founded at the beginning of 2020, StateRAMP was born from the clear need for a standardized approach to the cybersecurity standards required from service providers offering solutions to state and local governments.
StateRAMP is a registered 501(c)(6) nonprofit membership organization comprised of service providers offering IaaS, PaaS, and/or SaaS solutions, third party assessment organizations, and government officials. Our members lead, manage, and work in various disciplines across the United States and are all committed to making the digital landscape a safer, more secure place.
February 2020
J.R. Sloan (CIO, AZ) and Joe Bielawski (Knowledge Services) developed the idea of StateRAMP to meet the growing need in state and local government to manage third party risk and efficiently verify cloud security.
March 2020
Dozens of current and former state security, procurement and privacy officers joined industry leaders and cyber assessing organizations to form a Steering Committee to charter StateRAMP.
April 2020
Amid the beginning days of the COVID-19 pandemic, the Steering Committee convened for the first time, electing Joe Bielawski as chairman and setting a schedule for priority discussions.
May 2020
At the May meeting, the Steering Committee Charter was adopted outlining a timeline with objectives for discovery and policy decisions.
September 2020
After months of meetings discussions questions around governance, process and security requirements, the committee adopted its first Security Assessment Framework.
December 2020
With an adopted framework for bylaws, the committee voted to launch StateRAMP in 2021 and form the inaugural Board of Directors with members: J.R. Sloan, Ted Cotterill and Joe Bielawski.
January 2021
StateRAMP launched under the leadership of Executive Director Leah McGrath with a focus on growing outreach and awareness with key stakeholders.
March 2021
The Board appointed inaugural members for Standards & Technical, Appeals and Nominating Committees, with Chairs & Vice Chairs: Dan Lohrmann (Security Mentor), Maria Thompson (NC), Owen Zorge (AZ), Rich Banta (Lifelines Data) and Jaime Schorr (ME).
April 2021
In mid-April, StateRAMP opens membership for state and local government officials and for providers.
StateRAMP will provide a shared service model for best practices and standardization in cloud security verification.
August 2021
StateRAMP is publishing templates in April, so that assessments can begin. For providers with federal authorization, StateRAMP will begin the Fast Track process in May.
Summer 2021
StateRAMP plans to publish its first Authorized Product List (APL) in June 2021. The APL will show a vendor’s security status and progression.
Ongoing
StateRAMP strives to shift the culture around cyber security to be one of continuous improvement. As an organization, StateRAMP will continually seek input and opportunities to improve for its members and for the betterment of all.
StateRAMP’s system of governance and policy making includes the Governing Board, councils and committees, Steering Committee, and StateRAMP leadership and staff. We are committed to a diverse and inclusive leadership with representation from all member categories and a variety of perspectives and experiences.
Interested in StateRAMP? Sign up below to receive StateRAMP Updates.