CMMCDocs.comHome / Glossary / FedRAMP High
FedRAMP High
Also known as: FedRAMP High Impact
The FedRAMP authorization tier for cloud services handling the most sensitive federal information. Required for some categories of CUI and for CMMC Level 3.
FedRAMP High is the highest authorization tier in the Federal Risk and Authorization Management Program. It applies to cloud services handling federal information categorized as High impact under FIPS 199.
For CMMC purposes, FedRAMP High is required for cloud services handling certain sensitive CUI categories (notably ITAR-controlled technical data) and for cloud services supporting CMMC Level 3 environments. Microsoft Azure Government High and AWS GovCloud (US) are the two best-known FedRAMP High cloud providers.
FedRAMP Moderate is sufficient for most defense contractors handling ordinary CUI; FedRAMP High is necessary only when contract terms or CUI categorization specifically require it.
Stop Googling. Start working.
CMMCDocs has all 110 NIST SP 800-171 Rev 2 requirements built in — with the language, the templates, and the evidence vault you need. Spin up a free demo workspace and click around the way an assessor would.
Get my demo account