GovRAMP
Core.
$25,000 – $90,000
Annual Costs depending on company size *new in 2025
✓
For companies not meeting Ready but have the core requirements
✓
NIST 800-53 rev 5
✓
FIPS 140-2/3 encryption
✓
3PAO requirement
✓
Market: SLED Agencies
✓
May combine 3 diagrams into 1
✓
Monthly Continuous Monitoring and Advisory meetings
GovRAMP
Ready.
$40,000 – $200,000
Annual Costs depending on company size
✓
NIST 800-53 rev 5
✓
Fewer controls than Authorized
✓
FIPS 140-2/3 encryption
✓
Continuous Monitoring (ConMon) monthly
✓
3PAO requirement
✓
Market: SLED Agencies
✓
External Connections do not have to be Authorized
✓
May combine 3 diagrams into 1
✓
No sponsor required
GovRAMP
Authorized.
$70,000 – $2,000,000
Annual cost based on company size and estimated cost of connected FedRAMP certified services
✓
NIST 800-53 rev 5
✓
FIPS 140-2/3 encryption
✓
Continuous Monitoring (ConMon) monthly.
✓
External services must generally be Authorized
✓
3PAO requirement
✓
Market: SLED Agencies
✓
Need SLED or Committee sponsorship
✓
May allow external parties to have snapshot certification
✓
Reciprocity with FedRAMP
✓ May combine 3 diagrams into 1
ReQUIRED for FED Supply Chain
FedRAMP
Authorized.
$150,000 – $2,000,000
Annual Cost Depends on Impact Level
✓
NIST 800-53 rev 5
✓
FIPS 140-2/3 encryption
✓
Continuous Monitoring (ConMon) monthly.
✓
External services must generally be Authorized
✓
3PAO requirement
✓
Market: Federal Agencies
✓
Agency or JAB sponsorship required.
✓
Reciprocity with GovRAMP rare
✓
Need 3 separate diagrams AB, Data, Network
✓
Authorized only. Ready cert is Sunset.