FedRAMP Updates Changelog

July

• 2025-07-22 Updated 20x Phase One pilot page to include a submission deadline of August 19, 2025 (See 20x Phase One pilot page)
• 2025-07-15 Added new Request for Comment (See RFC-0012 FedRAMP Continuous Vulnerability Management Standard)

June

• 2025-06-26 Published a new blog post (See FedRAMP 20x: Three Months In and Maximizing Innovation)
• 2025-06-23 RFC-0011 has been closed to public comment. Public comments can be reviewed on the FedRAMP Community RFC threads. (See External: RFC-0011 Public Comments)
• 2025-06-18 Minor content changes (See Rev5 Agency Authorization, and FedRAMP 20x Key Security Indicators (KSI))
• 2025-06-17 Published updated guidance and external FedRAMP project information. (See FedRAMP 20x Significant Change Notification (SCN) Requirements, FedRAMP 20x Minimum Assessment Scope Standard (MAS), FedRAMP 20x Key Security Indicators (KSI), FedRAMP 20x Low Consolidated Guidance, External: FedRAMP 20x Machine Readable (FRMR) Docs, and External: FedRAMP Public Roadmap)
• 2025-06-15 RFC-0009 and RFC-0010 have been closed to public comment. Public comments can be reviewed on the FedRAMP Community RFC threads. (See External: RFC-0009 Public Comments, and External: RFC-0010 Public Comments)
• 2025-06-10 RFC-0008 has been closed to public comment. Public comments can be reviewed on the FedRAMP Community RFC threads. (See External: RFC-0008 Public Comments)

May

• 2025-05-30 Published 20x Phase One pilot authorization process (See FedRAMP 20x phase one)
• 2025-05-29 Published 20x guidance and standards, as well as a new blog post. (See FedRAMP 20x Minimum Assessment Scope (MAS), FedRAMP 20x Key Security Indicators (KSI), FedRAMP 20x Documentation Identifiers, FedRAMP 20x Standards, consolidated 20x Guidance and 20x Guidance Explorer, and FedRAMP 20x: Two Months In and Taking Off)
• 2025-05-26 RFCs 0005, 0006, and 0007 have all been closed to public comment, and an information page about the services that require FedRAMP Authorization has been added. (See FedRAMP Scope)
• 2025-05-23 Added new Request for Comment (See RFC-0011 FedRAMP Pilot Standard for Storing and Sharing Authorization Data)
• 2025-05-15 Added new Request for Comments (See RFC-0010 FedRAMP Scope Interpretation Technical Assistance, and RFC-0009 Significant Change Notification Technical Assistance)
• 2025-05-14 Updated the 20x Phase One Pilot pages for clarity (See Phase One Pilot page, and Pilot Participation Example page)
• 2025-05-09 Added new Request for Comment (See RFC-0008 Continuous Reporting Standard)
• 2025-05-06 Updated the 20x Phase One Pilot pages for clarity (See Phase One Pilot page, and Pilot Participation Example page)

April

• 2025-04-24 Added new Requests for Comment and other new content (See FedRAMP 20x: One Month in and Moving Fast, Phase One page, RFC-0005 Minimum Assessment Scope Standard, RFC-0006 20x Phase One Key Security Indicators, and RFC-0007 Significant Change Notification Standard)
• 2025-04-11 Updated about marketplace page to reflect marketplace policy changes (See About FedRAMP Marketplace)
• 2025-04-07 Added top level outcomes for all recently closed RFCs (See Requests for Comment)
• 2025-04-02 Closed all open RFCs (See Requests for Comment)

March

• 2025-03-21 GSA announces a new direction for FedRAMP, with significant website changes and press engagement (See Press Engagement, Community Working Groups, and Phase One Goals)

January

• 2025-01-28 The Emerging Technology Prioritization Framework page has been removed per Executive Order 'INITIAL RESCISSIONS OF HARMFUL EXECUTIVE ORDERS AND ACTIONS' (See Executive Order: INITIAL RESCISSIONS OF HARMFUL EXECUTIVE ORDERS AND ACTIONS)
• 2025-01-20 President Donald J. Trump takes office and appoints new leadership for the General Services Administration.