AI and FedRAMP: How Leading Models Are Getting Government-Ready

As artificial intelligence (AI) transforms federal government operations, the Federal Risk and Authorization Management Program (FedRAMP) has become a critical pathway for securing authorization to serve U.S. agencies. Just last year the Treasury Department, Air Force Research Laboratory, NASA, and the IRS started purchasing ChatGPT Enterprise licenses to help ease “administrative burdens and increase efficiency”. Although these use cases were limited to unclassified systems and data, government interest in integrating AI in daily work has come to a head in a leaked government project, possibly launching around July 4, that could integrate models like ChatGPT, Gemini, and Claude via Amazon Bedrock.

For those unfamiliar, FedRAMP is a standardized approach to enable cloud services for federal use, ensuring compliance with NIST SP 800-53 security controls. Historically, achieving FedRAMP authorization was a labor-intensive process, with companies building infrastructure and pursuing agency-specific Authority to Operate (ATO) designations, often taking 12–18 months and costing $300-500k. Today, the landscape has shifted dramatically, leaving two paths AI providers are leading:

• (RETIRED AS OF 2024) Provisional ATO (P-ATO): Previously held by Google, a P-ATO, granted by the Joint Authorization Board (JAB), was a reusable FedRAMP authorization for broad agency adoption. It was ideal for services targeting multiple agencies or with components outside the CSP’s boundary (e.g., proprietary servers, custom AI pipelines) and was selective, prioritizing widely applicable systems, taking 12–18 months. This designation and process has been deprecated as of late 2024, making Google FedRAMP Authorized under the new unified framework. This process is being reworked to create a FedRAMP-Direct Authorization, allowing CSPs to pursue authorization directly without requiring an agency sponsor.

  • Google’s Gemini secured a FedRAMP High Authorization in March 2025, enabling use across agencies without individual sponsorships

• Cloud Leverage: AI providers can inherit NIST 800-53 security controls from FedRAMP-authorized cloud service providers (CSPs) like AWS GovCloud, Azure Government, or Google Cloud, reducing compliance scope, time, and cost. If the AI service operates entirely within the CSP’s authorized boundary (e.g., Azure OpenAI Service) and control inheritance is documented in a system security plan (SSP), a separate ATO usually isn’t required. For example:

  • OpenAI’s ChatGPT runs on Azure Government’s FedRAMP Authorized environment, inheriting Microsoft’s controls without its own authorization

• (Now FedRAMP Authorized) Agency-Sponsored ATO: This is the traditional FedRAMP compliance pathway (followed by 70% of FedRAMP Authorized entities) where a federal agency sponsors your service to obtain an ATO specific to that agency. The ATO designation has been retired and organizations completing this path are simply "FedRAMP Authorized". If your AI tool has components outside the CSPs boundary (custom models, proprietary data pipelines), you’ll follow this path. Collaborators such as Palantir’s FedStart or Google’s Assured Workloads are changing this traditionally burdensome process by providing a pre-accredited Kubernetes environment and using open-source standards to slash timelines from 12-18 months to as little as 6 weeks. These partnerships can also support the "Cloud Leverage" path (see above).

  • Anthropic’s Claude has achieved FedRAMP High authorization through AWS Bedrock and Google Cloud’s Vertex AI, allowing use by multiple agencies, not just agency-specific ATOs

As of late 2024, the FedRAMP program has unified all authorizations under a single FedRAMP Authorized designation, eliminating the distinction between the JAB P-ATO and an agency-sponsored ATO. The OMB Memo M-24-15 and the FedRAMP 20x initiative also emphasize developing additional authorization paths to increase the size of the FedRAMP Marketplace. These are still in development but FedRAMP is exploring leveraging existing commercial security frameworks (such as SOC 2) and simplifying continuous monitoring. It's safe to say that FedRAMP is in a period of transition as the program works to identify faster ways to allow authorization.

A summary of the current pathways is summarized in the graphic below, keeping in mind that some companies are following multiple pathways at the same time (e.g. Anthropic):

Google leads the charge in AI FedRAMP compliance with Gemini securing FedRAMP High authorization in March 2025—the first for a generative AI assistant in productivity suites like Google Workspace, already a go-to for government agencies. Anthropic is close behind, with Claude earning multi-cloud FedRAMP High approvals on April 2 and June 11, 2025, via AWS and Google Cloud, offering agencies flexible choices. OpenAI got a head start, tapping into Azure Government’s FedRAMP High status since August 2024, for ChatGPT without its own authorization. Microsoft’s Copilot, embedded in Microsoft 365 Government, scored FedRAMP High authorization in April 2024, giving it an early edge.

With over 90,000 government users adopting ChatGPT Enterprise since last year and a potential July 4, 2025, project blending AI models on Amazon Bedrock, demand is soaring. Google’s lead comes from being the first to deliver a tailored, productivity-focused AI solution fully integrated into Workspace, widely used by federal users, but Copilot’s early authorization, Claude’s multi-cloud adaptability, and OpenAI’s timeline advantage keep Microsoft, Anthropic, and OpenAI in the race.

How AI Companies Achieve FedRAMP

The chart below summarizes how some of the largest AI companies are achieving FedRAMP today: