MKT-CSO-AGUMUSTAll frameworksImplementation guide coming soonAgency Use Cases
Marketplace Listing (MKT) · General Provider Responsibilities
Applies to: Providers
- Who this applies to
- Providers
- Service class
- All service classes
- Force
- MUST
- Timeframe
- No fixed timeframe
Reviewed implementation guidance for MKT-CSO-AGU is not published yet. The official source below remains complete and authoritative.
Information required
- Direct Use: The product will be used directly by agency customers for integration into a federal information system that falls within the scope of 44 USC § 3506 and will receive an agency Authorization to Operate.
- Indirect Use: The product will be included as a third-party information resource in other cloud service offerings that are directly used by agency customers.
Official FedRAMP source
Verbatim from FedRAMP/rules
Providers MUST demonstrate that a cloud service offering is intended for one of the following use cases:
Defined terms in this requirement
Notes
- FedRAMP will not list products or services that are outside the explicit statutory scope of FedRAMP; See MKT-FRP-SOF (Scope of FedRAMP).
- Services used by private companies to meet other compliance requirements (such as CMMC) that do not also meet one of the above use cases are outside the scope of FedRAMP.
Change history
2026-05-04Initial reset for the Consolidated Rules for 2026 Public Preview.
Content provenance
Official requirement text is sourced from FedRAMP/rules . Boundera implementation guidance has not been fully reviewed for this item.