FedRAMP | Federal Assessments | SOC 2
By:
Matt Hungate
June 29th, 2026
If you’ve heard “FedRAMP” and immediately thought “that’s a year-long, million-dollar project we’re not ready for” — this post is for you. A lot has changed. The program's new Class A certification tier was built specifically for companies that have already done the hard work of achieving SOC 2 Type II. Here’s what your SOC 2 actually gets you, and why the path to the federal marketplace may be shorter than you think.
FedRAMP | News | Federal Assessments
By:
Schellman
June 25th, 2026
Schellman, the nation's No. 1 FedRAMP Independent Assessor, breaks down the most significant restructuring of the federal cloud security program since its 2011 inception.
By:
Matt Hungate
June 25th, 2026
On June 24, 2026, FedRAMP published the Consolidated Rules for 2026, featuring a sweeping overhaul of the policies, requirements, and terminology that govern how cloud service providers (CSPs) obtain and maintain FedRAMP Certification. The rules are effective July 4, 2026, for 20x CSPs and replace a patchwork of legacy guidance documents, memoranda, and program policies with a single machine-readable, structured ruleset. For existing Rev5 CSPs, most requirements become mandatory on January 1, 2027, with optional early adoption available immediately.
By:
Matt Hungate
June 4th, 2026
This article was drafted based on a LinkedIn Live discussion between Schellman’s Matt Hungate (Managing Principal, Federal Practice) and Jacob Karp (VP of Strategic Sales). View their full conversation here.
By:
Matt Hungate
May 18th, 2026
Schellman is the industry’s #1 FedRAMP Third Party Assessment Organization (3PAO) and has become the first to assess over 200 cloud service offerings on the FedRAMP Marketplace. From over a decade of experience, we’ve accumulated a significant amount of firsthand experience and hard-earned insights into what it actually takes to achieve and maintain federal authorization.
By:
Schellman
April 30th, 2026
The most experienced Third Party Assessment Organization in the federal cloud security market reaches a program milestone more than a decade in the making
By:
Nick Rundhaug
April 6th, 2026
As federal agencies increasingly rely on cloud technologies to support mission-critical operations, ensuring those systems meet consistent security standards is essential. The Federal Risk and Authorization Management Program (FedRAMP) provides a standardized approach for assessing, authorizing, and continuously monitoring cloud services used by the U.S. government.
By:
Nick Rundhaug
January 12th, 2026
As the Department of Defense (DoD) continues to accelerate its Zero Trust strategy, organizations supporting national security missions face increasing expectations for how they secure, monitor, and manage sensitive information.