This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 42%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESN%3C/text%3E%3C/svg%3E)
My company recently became a federal government contractor and all of our systems are deployed on Azure. Government agencies are asking about our FedRAMP compliance. I've seen that Azure commercial has FedRAMP high compliance available and Azure Government does as well.
For our Azure deployed apps, are we automatically FedRAMP compliant? If not, do we need to be on Azure Government? Is the pricing the same on Azure Government? Any help would be appreciated. -Steven
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 0%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVM%3C/text%3E%3C/svg%3E)
@Steven Netsch Thanks for reaching out.
Azure commercial and Azure Govt, both are FedRAMP compliant and you do not have to on Azure Govt Cloud for this.
Check more about each service status within Azure Commercial/Public which is FedRAMP compliant :
-----------------------------------------------------------------------------------------------------------------
Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.
Vipulsparch,
So for clarity... I can tell public sector employers that all of our systems are FedRAMP compliant on Azure?
If so, is there any documentation I can point to? Is it FedRAMP high compliance?
Any details would be helpful.
-Steven
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 48%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKC%3C/text%3E%3C/svg%3E)
So, to be sure I understand, if we are hosting clients using Azure (public/commercial/global), we are already FedRAMP High compliant? Nothing else needs to be done? How do we prove this to our client?
Also, if we've got clients in Arizona and Virginia, do we need to purchase Azure Government?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 65%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hey Kate, am not sure if you got an update for your post but as far as i know, Azure as an CSP is FedRAMP compliant, but any CSC is not at all compliant unless the CSC deploy all the 423 High controls for FedRAMP on their respective Azure Portal.
@VipulSparsh-MSFT Please correct me if I am wrong, i have the similar gap in understanding but it would nice to share your thoughts.