Page Info

Description: This section contains the entire Consolidated Rules for 2026 as a standalone reference for each ruleset.

Purpose: This content allows folks to see the full rules together without them broken apart by stakeholder.

Complete Ruleset Reference¶

This section of the Consolidated Rules for 2026 contains each complete FedRAMP Ruleset with all related content in a single rule as an overall reference. The individual stakeholder sections of this site contain only the specific rules that apply in different circumstances for different stakeholders, while the reference rulesets are entirely unabridged.

Acronym	Ruleset	Status	Counts	Most Recently Updated
AGU	Agency Use of FedRAMP Certified Cloud Services (Needs Review)	Placeholder	Subsets: 3 Rules: 18	2026-05-04
CCM	Collaborative Continuous Monitoring	Stable	Subsets: 3 Rules: 23	2026-05-04
CDS	Certification Data Sharing	Stable	Subsets: 5 Rules: 20	2026-05-04
FRC	FedRAMP Certification	Placeholder	Subsets: 9 Rules: 45	2026-05-04
FSI	FedRAMP Security Inbox	Stable	Subsets: 2 Rules: 16	2026-05-04
IAP	Independent Assessment Plan	Empty	Subsets: 0 Rules: 0
IAR	Independent Assessment Report	Empty	Subsets: 0 Rules: 0
ICP	Incident Communications Procedures	Placeholder	Subsets: 2 Rules: 8	2026-05-04
MAS	Minimum Assessment Scope	Stable	Subsets: 1 Rules: 5	2026-05-04
MKT	Marketplace Listing	Placeholder	Subsets: 5 Rules: 14	2026-05-04
REC	FedRAMP Recognition of Independent Assessment Services	Placeholder	Subsets: 2 Rules: 16	2026-05-04
SCG	Secure Configuration Guide	Stable	Subsets: 2 Rules: 9	2026-05-04
SCN	Significant Change Notifications	Stable	Subsets: 5 Rules: 17	2026-05-04
SDR	Security Decision Record	Empty	Subsets: 0 Rules: 0
UCM	Using Cryptographic Modules	Placeholder	Subsets: 1 Rules: 3	2026-05-04
VDR	Vulnerability Detection and Response	Stable	Subsets: 7 Rules: 38	2026-05-04

Complete Ruleset Reference¶

Comments