FedRAMP 20x is built around machine-readability and so are the related standards and documents.
All FedRAMP 20x documentation is available in a FedRAMP Machine-Readble (FRMR) format as the primary source of truth, with human-readable versions rendered into markdown and pdfs:
Markdown | Description | Version | Published Date | |
---|---|---|---|---|
Vulnerability Detection and Response Standard (VDR) | [PDF] | This update moves the remediation table from FRR-VDR-TF-HI-07 to FRR-VDR-TF-HI-08, adds a clarification on application to Rev5, and fixes a few minor typos. No actual breaking/modifying changes were made to content. | 25.09B | 2025-09-11 |
FedRAMP Definitions (FRD) | [PDF] | Added FRD-ALL-18 through FRD-ALL-39 aligned with the Vulnerability Detection and Response standard. | 25.09A | 2025-09-10 |
Authorization Data Sharing Standard (ADS) | [PDF] | Initial release of the Authorization Data Sharing Standard | 25.08A | 2025-08-24 |
Significant Change Notification Requirements (SCN) | [PDF] | Minor non-breaking updates to align term definitions and highlighted terms across updated materials (definitions are now in FRD-ALL). | 25.06B | 2025-08-24 |
Minimum Assessment Standard (MAS) | [PDF] | Minor non-breaking updates to align term definitions and highlighted terms across updated materials (definitions are now in FRD-ALL). | 25.06B | 2025-08-24 |
Key Security Indicators (KSI) | [PDF] | Minor non-breaking updates to align term definitions and highlighted terms across updated materials (no changes to KSIs, definitions are now in FRD-ALL). | 25.05D | 2025-08-24 |