Branding Guidance December 17,

Similar documents
Introduction to the Federal Risk and Authorization Management Program (FedRAMP)

FedRAMP: Understanding Agency and Cloud Provider Responsibilities

Agency Guide for FedRAMP Authorizations

FedRAMP JAB P-ATO Vulnerability Scan Requirements Guide. Version 1.0

Akamai White Paper. FedRAMP SM Helps Government Agencies Jumpstart their Journey to the Cloud. FedRAMP. Federal Risk Authorization Management Program

Open Compute Project SM TRADEMARK USAGE GUIDELINES Ver. 1.2 August 1, 2016

FedRAMP Security Assessment Framework. Version 2.0

FedRAMP Initial Review Standard Operating Procedure. Version 1.3

FedRAMP JAB P-ATO Process TIMELINESS AND ACCURACY OF TESTING REQUIREMENTS. VERSION 1.0 October 20, 2016

FedRAMP Security Assessment Framework. Version 2.1

Incident Response Requirements and Process Clarification Comment Disposition and FAQ 11/27/2014

American Association for Laboratory Accreditation

Quality Assurance Procedure Use of Accreditation Body & FP Certification FZE Marks, Logos and Symbols

Brand Identity Standards

FedRAMP Digital Identity Requirements. Version 1.0

Introduction to AWS GoldBase

FedRAMP Plan of Action and Milestones (POA&M) Template Completion Guide. Version 1.1

OpenFlow Trademark Policy

FedRAMP Training - Continuous Monitoring (ConMon) Overview

FedRAMP Plan of Action and Milestones (POA&M) Template Completion Guide. Version 1.2

1. Approval for Use of OpenPOWER Marks and Trademark License

Guide to Use of the CFP Marks by Education Partners

Guide to Understanding FedRAMP. Version 2.0

APPLE USER GROUPS SIGNATURE and TRADEMARK LICENSE

Superannuation Transaction Network

NVM EXPRESS, INC. TRADEMARK AND LOGO USAGE GUIDELINES EFFECTIVE AS OF April 26, 2018

Physical Security Reliability Standard Implementation

AGREEMENT FOR USE OF MARKS/LOGO

FedRAMP Security Assessment Plan (SAP) Training

Phase I CAQH CORE 102: Eligibility and Benefits Certification Policy version March 2011

FedRAMP BRANDING GUIDANCE. FedRAMP BRANDING GUIDANCE. June 2017

Phase II CAQH CORE 202 Certification Policy version March 2011 CAQH 2011

2018 CANADIAN ELECTRICAL CODE UPDATE TRAINING PROVIDER PROGRAM Guidelines

Compliance Verification Program Governance Guide

ASBO International. SFO Recertification Guide One-Step Process. Updated February 1, 2018 Tel: x

BRAND GUIDELINES UPDATED: JULY 4,2018

Better Training for Safer Food initiative. Visual identity. guidelines for Contractors. Executive Agency for Health and Consumers

CERTIFICATE SCHEME THE MATERIAL HEALTH CERTIFICATE PROGRAM. Version 1.1. April 2015

Requirements for Certification under the Grandfathering Provision

Timber Products Inspection, Inc.

Water Quality Association Sustainability Certification Program s Logo Policy. Version 1.0

Cyber Security Reliability Standards CIP V5 Transition Guidance:

Information Official District information as defined herein and/or by other Board policy.

Information Bulletin

Contemporary Challenges for Cloud Service Providers Seeking FedRAMP Compliance

Cloud First Policy General Directorate of Governance and Operations Version April 2017

Canadian Access Federation: Trust Assertion Document (TAD)

Credentials and Marks Policy

Authorized Training Provider Application Process

Winnebago Industries, Inc. Privacy Policy

REGISTERED TRAINING PROVIDER GUIDELINES AND APPLICATION 2018

Government of Ontario IT Standard (GO ITS) GO-ITS Number 56.3 Information Modeling Standard

MNsure Privacy Program Strategic Plan FY

Consideration of Issues and Directives Federal Energy Regulatory Commission Order No. 791 January 23, 2015

Mac. Logo Guidelines March 2018

IEEE Electronic Mail Policy

HUMBOLDT COUNTY Website Accessibility Policy

Handbook December 2018

INCLUDING MEDICAL ADVICE DISCLAIMER

Chain of Custody Policy. July, 2015

Government of Ontario IT Standard (GO ITS)

LMS Certifications Pvt. Ltd.

Code of Ethics Certification 2018 CHECKLIST

Scientific Working Group on Digital Evidence

Provider Monitoring Process Overview Training. Updated August Course#: C Music Only No Narration

CFRE INTERNATIONAL STYLE GUIDE FOR USE OF THE CFRE DESIGNATION AND MARKS

Framework for a Better Ads Experience Program

UNIFORM STANDARDS FOR PLT COURSES AND PROVIDERS

Click to edit Master title style

Shaw Privacy Policy. 1- Our commitment to you

READ ME for the Agency ATO Review Template

EXHIBIT C October VESA DisplayPort Certification Logo Usage Guidelines

A. Purpose : The purpose of these rules is to ensure proper usage of logo(s) of IAF, Accreditation Bodies & IRQS for the clients certified by IRQS.

MARPA DOCUMENT MARPA Revision 1.1

Development Authority of the North Country Governance Policies

Workplace Safety Certificate of Recognition

FAMILY RESOURCE NETWORK BRANDING STYLE GUIDE FIRST THINGS FIRST FAMILY RESOURCE NETWORK MARCH 2014 VERSION 1.2

ISACA Cincinnati Chapter March Meeting

ECLIPSE FOUNDATION, INC. INDIVIDUAL COMMITTER AGREEMENT

SERVICE ORGANIZATION CONTROL (SOC) REPORTS: WHAT ARE THEY?

Trademark and Compliance Claim Requirements Date: 2003/10/21 09:00:00

Continuous Monitoring Strategy & Guide

10 Considerations for a Cloud Procurement. March 2017

Access to University Data Policy

BERKELEY COLLEGE Social Media Policy

DIGITAL COMMUNICATIONS GOVERNANCE

Guidelines for Certification Symbol and Standard Mark Guidelines Valid from: 15/12/2014 Distribution: Internal & External

MANAGEMENT SYSTEM CERTIFICATION A value to communicate

Brand Guidelines. version

ACM Limited. Certification Body Branding Guidelines. UKAS Certification Clients. P_14 Version 1 ACM Limited is part of EMB Group Ltd Page 1 of 7

Scientific Working Group on Digital Evidence

Phase IV CAQH CORE Certification and Testing Policies v4.0.0

About the DISA Cloud Playbook

Scientific Working Group on Digital Evidence

Status Report of SOPs Implementation in [Country Name] 1 Month, Year

International Standard on Auditing (Ireland) 505 External Confirmations

About the ISA Corporate Branding Guide. Table of Contents. Caitlyn Pollihan Executive Director International Society of Arboriculture

Canadian Access Federation: Trust Assertion Document (TAD)

Trend Micro Professional Services Partner Program

Redistributions of documents, or parts of documents, must retain the FISWG cover page containing the disclaimer.

Transcription:

Branding Guidance December 17, 2014 1

Executive Summary This document provides guidelines on the use of the FedRAMP name and logo on all FedRAMP marketing and collateral materials. General guidelines are provided first, followed by more specific guidelines for the two major uses of the FedRAMP mark: Designation of FedRAMP 3PAO accreditation FedRAMP Compliance 2

Document Revision History Date Page(s) Description Author 12/01/2012 Original Release FedRAMP PMO 11/17/2014 Updated branding guidance to highlight proper use of new FedRAMP logo. Removed specific logos for 3PAOs or types of authorizations. FedRAMP PMO 3

Table of Contents FedRAMP Overview... 5 General Guidelines... 6 Layout and Design Requirements When Using the FedRAMP Logo... 7 Clear S p a c e... 7 Minimum S i z e... 7 Coloring... 7 FedRAMP Mark Review Policy... 9 Mark Violations... 11 Questions about Using the FedRAMP Mark... 11 FedRAMP in Promotional Materials... 12 Third Party Assessment Organization (3PAO) Use of FedRAMP Mark... 13 Cloud Service Provider (CSP) Use of FedRAMP Mark... 14 A g e n c y A T O with Accredited 3PAO... Error! Bookmark not defined. FedRAMP Provisional Authorization... Error! Bookmark not defined. 4

FedRAMP Overview FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. This approach uses a do once, use many times framework that will save cost, time, and staff required to conduct redundant agency security assessments. The objective of FedRAMP is threefold: Ensure that information systems/services used government-wide have adequate information security; Eliminate duplication of effort and reduce risk management costs; and Enable rapid and cost-effective procurement of information systems/services for federal agencies. 5

General Guidelines 1. The FedRAMP mark refers to the FedRAMP name and FedRAMP approved logo detailed in this document. 2. The FedRAMP PMO will authorize an entity s ability to use the FedRAMP mark. The authorization will detail the specific circumstance(s) when an organization can use the FedRAMP mark. 3. The FedRAMP mark may never be used in any manner that would imply government endorsement of a company, its products, or its services. Neither the mark nor the FedRAMP name may be used in any other company name, product name, service name, domain name or Web site title. 4. The mark may not be altered, cut apart, separated, or otherwise distorted in perspective or appearance. 5. The mark may never be used in a manner that would disparage FedRAMP or any government body. 6. Abbreviation of the Federal Risk Authorization Management Program must always appear as FedRAMP. 7. The Service Mark SM must be used with the first time the word FedRAMP appears in materials and: There shall be no space between the word FedRAMP and the SM symbol; The SM symbol should always be in superscript; The SM symbol shall be repeated in a document for each chapter title or Web page. The SM symbol shall appear with the FedRAMP logo each time it is used 8. Authorized organizations are responsible for the proper use of the FedRAMP mark as outlined in this document. This includes but is not limited to the use by any representatives such as advertising agencies, system integrators, resellers, partners, etc. 6

Layout and Design Requirements When Using the FedRAMP Logo Clear S p a c e We require that a clear space of.333 inches remain around the graphic box that houses the FedRAMP logo. No other graphic elements, such as text and images can appear in this area. We require this clear space since the Promotional Mark frequently appears within materials using complex imagery such as other marks, graphic devices and text. Minimum Size The mark may be resized, but the proportions must be maintained. If the FedRAMP logo is made larger, the mark s fidelity must be maintained (i.e. the logo cannot become pixilated or otherwise lose image quality). For legibility in print, the logo may not be reproduced smaller in width than.70 inches and in height smaller than.35 inches. Coloring If multicolor printing is available that the logo must be printed using the color scheme below. 7

If grey-scale printing is used, the logo must be printed using the color scheme below. 8

Optional Uses of FedRAMP Mark The FedRAMP mark can use the text FedRAMP and Federal Risk Authorization Management Program in the following ways: No text Text Below the mark or Text to the right of the mark Or 9

10

FedRAMP Mark Review Policy Use of the FedRAMP mark in conjunction with qualified products or services (i.e. an approved3pao) does not require approval. The FedRAMP PMO must approve any major educational or promotional campaigns that feature the FedRAMP mark prior to use. The submitted materials will be reviewed for consistency with these guidelines within two (2) weeks of receipt of the materials. Materials should be submitted to the FedRAMP Director at matthew.goodrich@gsa.gov with the following in the subject line: FedRAMP Branding Review. Mark Violations The FedRAMP PMO actively monitors proper use of the FedRAMP mark. The following explains the general course of action for addressing mark violations: 1. Anyone who misuses the mark will be contacted in writing or by telephone. 2. The FedRAMP Program Management Office will provide a distinct timeframe to correct the error(s). The timeframe will be dependent upon the medium in which the violation appeared and the severity of the violation. 3. Follow-up will be conducted to ensure that the error(s) has been corrected. Failure to make the required changes may result in termination of a stakeholder s participation in FedRAMP and/or legal action. Questions about Using the FedRAMP Mark If you have questions regarding the use the FedRAMP mark, please contact the FedRAMP PMO at info@fedramp.gov. 11

FedRAMP in Promotional Materials This section outlines the messages that FedRAMP believes are important to convey regarding the benefits of the program. The government incorporates three messages into its materials, and recommends those meeting the guidelines outlined in this document to do the same, to the extent possible. The messages are: The goal of FedRAMP is to: Accelerate the adoption of secure cloud solutions through reuse of assessments and authorizations Increase confidence in the security of cloud solutions Achieve consistent security authorizations using a baseline set of agreed upon standards for cloud solution Ensure consistent application of existing security practices Increase confidence in security assessments Increase automation and near real-time data for continuous monitoring Major benefits of FedRAMP Increases re-use of existing security assessments across agencies Saves significant cost, time and resources do once, use many times Improves real-time security visibility Provides a uniform approach to risk-based security management Enhances transparency between government and cloud service providers (CSPs) Improves the trustworthiness, reliability, consistency, and quality of the Federal security authorization process 12

Third Party Assessment Organization (3PAO) Use of FedRAMP Mark FedRAMP allows the use of the FedRAMP mark for FedRAMP accredited 3PAOs under the following conditions: 1. You must be a FedRAMP accredited 3PAO and maintain that accreditation in order to use the FedRAMP mark. 2. An accredited FedRAMP 3PAO can refer to themselves in the following ways: Accredited FedRAMP 3PAO Accredited FedRAMP Third Party Assessment Organization FedRAMP 3PAO FedRAMP Third Party Assessment Organization 3. An organization can use the official FedRAMP logo to designate themselves as an Accredited 3PAO. 4. FedRAMP accredited 3PAOs receive an official letter from the FedRAMP PMO designating their authorization to use the FedRAMP logo in the manner described above. 13

Cloud Service Provider (CSP) Use of FedRAMP Mark FedRAMP allows the use of the FedRAMP mark for CSPs that have met the FedRAMP requirements and are deemed FedRAMP compliant by the FedRAMP PMO. In order to use the FedRAMP mark, a CSP must have their completed security authorization package available for Federal Agency leveraging within the FedRAMP secure repository. FedRAMP Compliant CSPs 1. A CSP with this level of authorization can refer to their product or service in the following ways: Meet the FedRAMP security requirements Utilized a FedRAMP accredited 3PAO Granted an Authority to Operate by [Federal Agency(ies)]. 2. The use of the official FedRAMP mark must clearly align with the product or service named within the assessment materials used to earn the Agency ATO. 14

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback