IFR-CLA-ASFMUSTAll frameworksImplementation guide coming soonApproved Alternative Security Frameworks
Initial FedRAMP Certification (IFR) · FedRAMP Class A Certification Rules
Applies to: Providers
- Who this applies to
- Providers
- Service class
- All service classes
- Force
- MUST
- Timeframe
- No fixed timeframe
Reviewed implementation guidance for IFR-CLA-ASF is not published yet. The official source below remains complete and authoritative.
Information required
- FedRAMP Ready
- SOC 2 Type II
- GovRAMP
Official FedRAMP source
Verbatim from FedRAMP/rules
Providers seeking a FedRAMP Class A Certification MUST have completed a certification or equivalent process, including an independent assessment, from one of the following alternative security frameworks:
Defined terms in this requirement
Change history
2026-05-04Initial reset for the Consolidated Rules for 2026 Public Preview.
Content provenance
Official requirement text is sourced from FedRAMP/rules . Boundera implementation guidance has not been fully reviewed for this item.