FedRAMP AI Cloud Procurement Guidance

Policy Window Editorial Board

FedRAMP AI Cloud Procurement Guidance

FEDRAMP-AI-2024 · US

In forceLast verified 2026-05-31

In force since 2024-01-01. A Policy statement from US. Operational PMO guidance for agencies acquiring AI / generative-AI cloud services within the existing FedRAMP authorisation framework. Key operational themes that recur across the published surface: (1) AI cloud services that process federal data require a FedRAMP ATO (Low / Moderate / High baseline) per the standard FedRAMP scope; (2) GenAI-specific control tailoring — agencies + JAB consider model-specific risks (training-data exposure, prompt-injection, output disclosure) when scoping the SSP + selecting NIST SP 800-53 control overlays; (3) cross-walk to OMB M-24-10 minimum practices for safety- + rights-impacting AI; (4) supply-chain risk-management considerations for model + dataset provenance; (5) agency authorising-official discretion remains the operative gate — FedRAMP authorisation enables but does not by itself approve a specific AI use case (M-24-10 governance applies separately). Editorial note: limited public detail on this row reflects the PMO's web-page-plus-memo distribution pattern; a consolidated GenAI baseline document is the natural next milestone and would refresh this row.

Key finding

FedRAMP PMO operational guidance on AI/GenAI cloud authorisation; ATO scope, baseline selection, GenAI control tailoring, M-24-10 cross-walk.

“AI cloud services processing federal data require FedRAMP authorisation; agency authorising officials remain the operative gate for specific AI use cases.”

guidanceprimary source ↗Editor-selected excerpt — verbatim from the cited source, not generated.

Coverage at a glance

governs1implicit5silent18conflicts0of 24 cells

Coverage fingerprint — color = verdict, height = confidence. One tick per tracked topic.

Key finding

FedRAMP PMO operational guidance on AI/GenAI cloud authorisation; ATO scope, baseline selection, GenAI control tailoring, M-24-10 cross-walk.

“AI cloud services processing federal data require FedRAMP authorisation; agency authorising officials remain the operative gate for specific AI use cases.”
guidance · Primary source

Reviewed by Editorial board (in formation) (Policy Window) · 2026-05-31 · Editorial board

Scope and obligations

Operational PMO guidance for agencies acquiring AI / generative-AI cloud services within the existing FedRAMP authorisation framework. Key operational themes that recur across the published surface: (1) AI cloud services that process federal data require a FedRAMP ATO (Low / Moderate / High baseline) per the standard FedRAMP scope; (2) GenAI-specific control tailoring — agencies + JAB consider model-specific risks (training-data exposure, prompt-injection, output disclosure) when scoping the SSP + selecting NIST SP 800-53 control overlays; (3) cross-walk to OMB M-24-10 minimum practices for safety- + rights-impacting AI; (4) supply-chain risk-management considerations for model + dataset provenance; (5) agency authorising-official discretion remains the operative gate — FedRAMP authorisation enables but does not by itself approve a specific AI use case (M-24-10 governance applies separately). Editorial note: limited public detail on this row reflects the PMO's web-page-plus-memo distribution pattern; a consolidated GenAI baseline document is the natural next milestone and would refresh this row.

FedRAMP AI Cloud Procurement Guidance addresses 1 contested AI-governance topics explicitly, 5 via general principles,.

Topics governed

implicit
Foundation Models / GPAI— GenAI-specific control tailoring guidance addresses model-specific risks (training-data exposure, prompt-injection, output disclosure) within SSP + NIST SP 800-53 control overlay selection
implicit
Compute-Threshold Reporting— FedRAMP authorisation enables ATO; agency-AI-use disclosure flows through OMB M-24-10 inventory + quarterly procurement reporting rather than through FedRAMP itself
governs
Transparency Obligations— FedRAMP authorisation requires System Security Plan + control documentation; GenAI guidance extends to vendor disclosure of training-data provenance, evaluation results, model documentation
SSP + control documentationparaphrase
Faithful summary: FedRAMP authorisation requires a System Security Plan documenting NIST SP 800-53 controls; GenAI guidance extends disclosure to training-data provenance, evaluation results, and model documentation.
source
implicit
Individual Redress— Guidance cross-walks to OMB M-24-10 minimum practices including human-consideration + remedy for rights-impacting AI
implicit
Training-Data Rights— Supply-chain risk-management considerations include training-data + model-weight provenance disclosure within the SSP
implicit
National Security Carveouts in AI Regulation— FedRAMP High baseline + JAB authorisation route exists for higher-sensitivity use cases; classified systems are outside FedRAMP scope and governed by separate ICD-503 / NIST SP 800-53 IC overlay frameworks

Cross-jurisdiction comparison

How peer instruments treat the topics FedRAMP AI Cloud Procurement Guidance governs.

Cross-jurisdiction coverage of the 1 topics governed by FedRAMP AI Cloud Procurement Guidance, compared with 37 peer instruments
Topic	EU-AIA-2024	US-EO-14110	US-EO-14179	UK-WHITEPAPER-2023	CN-GENAI-2023	G7-HIROSHIMA	OECD-AI-PRIN	COE-AI-CONV	UN-RES-2024	NIST-AI-RMF	BLETCHLEY-2023	SEOUL-2024	NIST-AI-RMF-GENAI	CA-SB-1047	IN-DPDP-2023	BR-AIBILL-2024	ASEAN-AI-GUIDE-2024	AU-AI-STRATEGY-2024	ANTHROPIC-RSP-2024°	OPENAI-PREPAREDNESS-2023°	DEEPMIND-FSF-2024°	META-FRONTIER-2024°	UK-US-AISI-MOU-2024	WH-VOLUNTARY-2023	SG-MODEL-AI-2024	JP-METI-AI-2024	NYC-LL-144-2021	CO-SB-24-205	IL-HB-3773-2024	EU-GDPR-2016	EU-GPAI-COP-2025	EU-AIA-DELEGATED-ART51	OMB-M-24-10	GSA-AI-GUIDE-2024	FAR-PART-39	DOD-RAI-2022	DFARS-252-204
Transparency Obligations	governs	implicit	silent	implicit	conflicts	governs	governs	governs	implicit	governs	implicit	governs	governs	implicit	implicit	governs	governs	silent	governs	implicit	implicit	governs	implicit	governs	governs	governs	silent	silent	silent	governs	governs	silent	governs	governs	implicit	governs	silent

°= industry self-imposed voluntary framework. Comparing a voluntary code's "governs" tint with a binding regulation's "governs" tint flattens the legal-force distinction; use the instrument-page banner for the operative status of each.

How to cite this article

APA 7

Policy Window. (2024). FedRAMP AI Cloud Procurement Guidance [Wiki article — Instrument]. https://policywindow.org/wiki/fedramp-ai-guidance

Chicago 17

Policy Window. 2024. "FedRAMP AI Cloud Procurement Guidance." Wiki article (Instrument). https://policywindow.org/wiki/fedramp-ai-guidance.

BibTeX

@misc{policywindow-fedramp-ai-guidance,
  title  = {FedRAMP AI Cloud Procurement Guidance},
  author = {Policy Window},
  year   = {2024},
  howpublished = {FedRAMP Program Management Office, AI / Generative-AI cloud procurement guidance (2024); operational guidance distributed across fedramp.gov landing + PMO memos under 44 U.S.C. §3607 statutory authority. See fedramp.gov for the current consolidated state.},
  url    = {https://policywindow.org/wiki/fedramp-ai-guidance},
  note   = {Primary source: https://www.fedramp.gov/}
}

References

FedRAMP Program Management Office, AI / Generative-AI cloud procurement guidance (2024); operational guidance distributed across fedramp.gov landing + PMO memos under 44 U.S.C. §3607 statutory authority. See fedramp.gov for the current consolidated state.
GenAI-specific control tailoring guidance addresses model-specific risks (training-data exposure, prompt-injection, output disclosure) within SSP + NIST SP 800-53 control overlay selection
FedRAMP authorisation enables ATO; agency-AI-use disclosure flows through OMB M-24-10 inventory + quarterly procurement reporting rather than through FedRAMP itself
FedRAMP authorisation requires System Security Plan + control documentation; GenAI guidance extends to vendor disclosure of training-data provenance, evaluation results, model documentation
Guidance cross-walks to OMB M-24-10 minimum practices including human-consideration + remedy for rights-impacting AI
Supply-chain risk-management considerations include training-data + model-weight provenance disclosure within the SSP
FedRAMP High baseline + JAB authorisation route exists for higher-sensitivity use cases; classified systems are outside FedRAMP scope and governed by separate ICD-503 / NIST SP 800-53 IC overlay frameworks

Cite this article

6 formats · 1-click copy

@misc{policywindow-fedramp-ai-guidance,
  title  = {FedRAMP AI Cloud Procurement Guidance},
  author = {Policy Window},
  year   = {2024},
  howpublished = {FedRAMP Program Management Office, AI / Generative-AI cloud procurement guidance (2024); operational guidance distributed across fedramp.gov landing + PMO memos under 44 U.S.C. §3607 statutory authority. See fedramp.gov for the current consolidated state.},
  url    = {https://policywindow.org/wiki/fedramp-ai-guidance},
  note   = {Primary source: https://www.fedramp.gov/}
}

Verify the year + paste-and-refine. Primary source linked in BibTeX/RIS note.

Permalink downloads.bib .ris .csl.json

Persistent identifier: https://policywindow.org/wiki/fedramp-ai-guidance — committed-stable URL with content-versioning via ?asOf= (rollout pending per methodology §7). DOIs via Zenodo are on the roadmap.

Track this article

Save FedRAMP AI Cloud Procurement Guidance to your local reading list, follow the RSS changelog for any catalog change, or compare with a peer article. All three work without signup.

Subscribe via RSS Compare with another article

Source: Edit on GitHub (search for `FEDRAMP-AI-2024`)

Spotted a stale fact or missing source? Report a problem with this page →

Per-audience views

Provisions →Article-by-article obligation breakdown for procurement + RFP authors.
Disclosure form →Vendor-disclosure questionnaire derived from this instrument's operative obligations.
Harm narratives →Documented harms relevant to this instrument's topics, for civil-society advocacy.
Briefing pack →Journalist-ready summary with quotes + dates + primary-source links.

Scope and obligations

FedRAMP AI Cloud Procurement Guidance addresses 1 contested AI-governance topics explicitly, 5 via general principles,.

Topics governed

implicit

Foundation Models / GPAI— GenAI-specific control tailoring guidance addresses model-specific risks (training-data exposure, prompt-injection, output disclosure) within SSP + NIST SP 800-53 control overlay selection

implicit

Compute-Threshold Reporting— FedRAMP authorisation enables ATO; agency-AI-use disclosure flows through OMB M-24-10 inventory + quarterly procurement reporting rather than through FedRAMP itself

governs

Transparency Obligations— FedRAMP authorisation requires System Security Plan + control documentation; GenAI guidance extends to vendor disclosure of training-data provenance, evaluation results, model documentation

SSP + control documentationparaphrase

Faithful summary: FedRAMP authorisation requires a System Security Plan documenting NIST SP 800-53 controls; GenAI guidance extends disclosure to training-data provenance, evaluation results, and model documentation.

source

implicit

Individual Redress— Guidance cross-walks to OMB M-24-10 minimum practices including human-consideration + remedy for rights-impacting AI

implicit

Training-Data Rights— Supply-chain risk-management considerations include training-data + model-weight provenance disclosure within the SSP

implicit

National Security Carveouts in AI Regulation— FedRAMP High baseline + JAB authorisation route exists for higher-sensitivity use cases; classified systems are outside FedRAMP scope and governed by separate ICD-503 / NIST SP 800-53 IC overlay frameworks

Cross-jurisdiction comparison

How peer instruments treat the topics FedRAMP AI Cloud Procurement Guidance governs.

Cross-jurisdiction coverage of the 1 topics governed by FedRAMP AI Cloud Procurement Guidance, compared with 37 peer instruments
Topic	EU-AIA-2024	US-EO-14110	US-EO-14179	UK-WHITEPAPER-2023	CN-GENAI-2023	G7-HIROSHIMA	OECD-AI-PRIN	COE-AI-CONV	UN-RES-2024	NIST-AI-RMF	BLETCHLEY-2023	SEOUL-2024	NIST-AI-RMF-GENAI	CA-SB-1047	IN-DPDP-2023	BR-AIBILL-2024	ASEAN-AI-GUIDE-2024	AU-AI-STRATEGY-2024	ANTHROPIC-RSP-2024°	OPENAI-PREPAREDNESS-2023°	DEEPMIND-FSF-2024°	META-FRONTIER-2024°	UK-US-AISI-MOU-2024	WH-VOLUNTARY-2023	SG-MODEL-AI-2024	JP-METI-AI-2024	NYC-LL-144-2021	CO-SB-24-205	IL-HB-3773-2024	EU-GDPR-2016	EU-GPAI-COP-2025	EU-AIA-DELEGATED-ART51	OMB-M-24-10	GSA-AI-GUIDE-2024	FAR-PART-39	DOD-RAI-2022	DFARS-252-204
Transparency Obligations	governs	implicit	silent	implicit	conflicts	governs	governs	governs	implicit	governs	implicit	governs	governs	implicit	implicit	governs	governs	silent	governs	implicit	implicit	governs	implicit	governs	governs	governs	silent	silent	silent	governs	governs	silent	governs	governs	implicit	governs	silent

How to cite this article

APA 7

Policy Window. (2024). FedRAMP AI Cloud Procurement Guidance [Wiki article — Instrument]. https://policywindow.org/wiki/fedramp-ai-guidance

Chicago 17

Policy Window. 2024. "FedRAMP AI Cloud Procurement Guidance." Wiki article (Instrument). https://policywindow.org/wiki/fedramp-ai-guidance.

BibTeX

@misc{policywindow-fedramp-ai-guidance,
  title  = {FedRAMP AI Cloud Procurement Guidance},
  author = {Policy Window},
  year   = {2024},
  howpublished = {FedRAMP Program Management Office, AI / Generative-AI cloud procurement guidance (2024); operational guidance distributed across fedramp.gov landing + PMO memos under 44 U.S.C. §3607 statutory authority. See fedramp.gov for the current consolidated state.},
  url    = {https://policywindow.org/wiki/fedramp-ai-guidance},
  note   = {Primary source: https://www.fedramp.gov/}
}

References

FedRAMP Program Management Office, AI / Generative-AI cloud procurement guidance (2024); operational guidance distributed across fedramp.gov landing + PMO memos under 44 U.S.C. §3607 statutory authority. See fedramp.gov for the current consolidated state.

GenAI-specific control tailoring guidance addresses model-specific risks (training-data exposure, prompt-injection, output disclosure) within SSP + NIST SP 800-53 control overlay selection

FedRAMP authorisation enables ATO; agency-AI-use disclosure flows through OMB M-24-10 inventory + quarterly procurement reporting rather than through FedRAMP itself

FedRAMP authorisation requires System Security Plan + control documentation; GenAI guidance extends to vendor disclosure of training-data provenance, evaluation results, model documentation

Guidance cross-walks to OMB M-24-10 minimum practices including human-consideration + remedy for rights-impacting AI

Supply-chain risk-management considerations include training-data + model-weight provenance disclosure within the SSP

FedRAMP High baseline + JAB authorisation route exists for higher-sensitivity use cases; classified systems are outside FedRAMP scope and governed by separate ICD-503 / NIST SP 800-53 IC overlay frameworks

Per-audience views

Provisions →Article-by-article obligation breakdown for procurement + RFP authors.

Disclosure form →Vendor-disclosure questionnaire derived from this instrument's operative obligations.

Harm narratives →Documented harms relevant to this instrument's topics, for civil-society advocacy.

Briefing pack →Journalist-ready summary with quotes + dates + primary-source links.

[1] FedRAMP Program Management Office, AI / Generative-AI cloud procurement guidance (2024); operational guidance distributed across fedramp.gov landing + PMO memos under 44 U.S.C. §3607 statutory authority. See fedramp.gov for the current consolidated state.

[2] GenAI-specific control tailoring guidance addresses model-specific risks (training-data exposure, prompt-injection, output disclosure) within SSP + NIST SP 800-53 control overlay selection

[3] FedRAMP authorisation enables ATO; agency-AI-use disclosure flows through OMB M-24-10 inventory + quarterly procurement reporting rather than through FedRAMP itself

[4] FedRAMP authorisation requires System Security Plan + control documentation; GenAI guidance extends to vendor disclosure of training-data provenance, evaluation results, model documentation

[5] Guidance cross-walks to OMB M-24-10 minimum practices including human-consideration + remedy for rights-impacting AI

[6] Supply-chain risk-management considerations include training-data + model-weight provenance disclosure within the SSP

[7] FedRAMP High baseline + JAB authorisation route exists for higher-sensitivity use cases; classified systems are outside FedRAMP scope and governed by separate ICD-503 / NIST SP 800-53 IC overlay frameworks