FedRAMP authorization featured image

Esper achieves FedRAMP authorization

Esper, a leading provider of cloud-based policy software, today announced it has received FedRAMP authorization.

Matthew Moloney August 17, 2022

Esper, a leading provider of cloud-based policy software, today announced it has received Federal Risk and Authorization Management Program (FedRAMP) authorization for its policymaking platform.

FedRAMP is ​​a government-wide program that promotes the adoption of secure cloud services across the federal government by providing a standardized approach to security and risk assessment for cloud technologies and federal agencies.

The goal of the FedRAMP program is to:

  • Grow the use of secure cloud technologies in use by government agencies
  • Enhance the framework by which the government secures and authorizes cloud technologies
  • Build and foster strong partnerships with FedRAMP stakeholders

As government agencies continue their migration from on-prem technology into the cloud, FedRAMP authorization ensures that Esper meets all federal cloud security guidelines at the Low Impact – Software as a Service (LI-SaaS) baseline.

Lilli Oetting policy management software founder - FedRAMP authorization

“This is a monumental step for Esper. Our FedRAMP authorization allows federal agencies to securely procure and implement Esper’s cloud-based policy software to modernize their mission-critical work. Additionally, local and state governments are looking towards FedRAMP’s standards to improve their cloud security. This allows us to implement federal best practices for cloud security across every agency we work with.”

Lilli Oetting policy management software founder - FedRAMP authorization
Lilli Oetting
Co-Founder and CTO, Esper

Esper joins only 271 other cloud-service providers (CSPs) that have achieved FedRAMP authorization.

Understanding the FedRAMP authorization process

Prior to Esper’s FedRAMP Authorized designation, the cloud offering was FedRAMP In Process, which indicates a federal agency’s intent to authorize.

FedRAMP authorization process

Once the initial assessment was completed and the partnering agency granted an Authorization to Operate (ATO), FedRAMP conducted a review of the authorization package materials—as pictured above—to verify Esper’s security control implementations adhered to the FedRAMP LI-SaaS baseline requirements.

Dunn headshot - FedRAMP authorization blog

“The FedRAMP program ensures software providers meet an appropriate standard of business continuity and security for government agencies to procure modern tools with confidence as they relate to ongoing operations.”

Dunn headshot - FedRAMP authorization blog
Chris Dunn
VP of Engineering, Esper

Security-first playbook 

Esper approaches security and compliance activities as fundamental cornerstones of a government-ready product. This extends to all areas of Esper’s solution guiding every software, team and partnership decision. All vendor selections by Esper are required to adhere to FedRAMP or equivalent compliance guidelines. This includes using AWS as a cloud hosting provider, integration with FedRAMP Authorized system health tools and ongoing auditing with FedRAMP-recognized Third Party Assessment Organizations (3PAOs).

FedRAMP authorization is just the beginning for Esper. As the product line evolves, Esper will seek other relevant compliance to ease procurement for all types of industry. Through ongoing disclosure of past performance and audit results, Esper intends to promote confidence in the platform for all buyers and industries.

A trusted partner to governments

Esper’s secure, cloud-based policy software has been deployed by local, state and federal government agencies across the country.

The New Hampshire Department of Education deployed Esper in September 2021, allowing the department to securely draft, collaborate and manage all of their administrative rulemakings. Additionally, the Washington State Department of Health will leverage Esper’s cloud platform for all of their rulemaking processes and citizen engagement on policies.


Esper’s suite of policy workflow and management tools are purpose-built for government agencies across the United States. Their cloud-based, SaaS platform allows for data-driven research, collaborative policymaking and public-facing engagement on the policies that impact citizens and employees.

See the Product Esper is streamlining policymaking for agencies
across the U.S.

See Esper in action