FeDRamp/ GovRamp
Compliance Diagrams
There are 3 Diagram Types that Define your System and NIST 800-53 rev. 5 compliance.
Whether you are seeking GovRamp or FedRamp
You will need these 3 diagrams.
01
02
Network Diagram
03
Data Flow Diagram
These support a variety of NIST 800-53 rev.5 Control Families:
ACCESS CONTROL(AC); ASSESSMENT, AUTHORIZATION, AND MONITORING (CA); PERSONALLY IDENTIFIABLE INFORMATION PROCESSING (PT); CONFIGURATION MANAGEMENT (CM); SYSTEM AND SERVICES ACQUISITION (SA); SYSTEM AND COMMUNICATIONS PROTECTION (SC); and SYSTEM AND INFORMATION INTEGRITY (SI).
Special note: GovRamp will allow you to combine the 3 diagrams into one main diagram, but FedRamp will expect 3 separate ones.