FRC-CLA-EAMMUSTAll frameworksImplementation guide coming soonExternal Assessment Materials
FedRAMP Certification (FRC) · FedRAMP Class A Certification Rules
Applies to: Providers
- Who this applies to
- Providers
- Service class
- All service classes
- Force
- MUST
- Timeframe
- No fixed timeframe
Reviewed implementation guidance for FRC-CLA-EAM is not published yet. The official source below remains complete and authoritative.
Information required
- SOC 2 Type II: Complete report, bridge or gap letter (if applicable), verified audit engagement documentation, estimated schedule for upcoming report, supplemental compliance evidence (if applicable)
- FedRAMP Ready: Readiness Assessment Report, Security Assessment Plan, and any other materials required by FedRAMP.
- GovRAMP: Readiness Assessment Report, Security Assessment Plan, and any other materials required by GovRAMP.
Official FedRAMP source
Verbatim from FedRAMP/rules
Providers seeking a FedRAMP Class A Certification MUST supply the following materials from their alternative security framework assessment to all necessary parties:
Defined terms in this requirement
Change history
2026-06-24Official launch of the FedRAMP Consolidated Rules for 2026.
Content provenance
Official requirement text is sourced from FedRAMP/rules . Boundera implementation guidance has not been fully reviewed for this item.