FedRAMP Execution Working Group

The charter of this working group is to drive execution of FedRAMP compliance.

Attributes

Property Value
Date Created November 25, 2021
End Date TBD
Slack #wg_fedramp (only accessible from within the company)
Google Doc Working Group Agenda (only accessible from within the company)
Epic Main Project Epic (only accessible from within the company)
Public Handbook Page GitLab’s FedRAMP Authorization Program
Internal Handbook Page FedRAMP Compliance

Exit Criteria

GitLab achieves FedRAMP Moderate Authorization (Authority to Operate - ATO) for a new SaaS offering.

Roles and Responsibilities

Team Member Name Role Working Group Role
Josh Lemos CISO Executive Sponsor
Mike Flouton VP of Product FedRAMP DRI
Mek Stittri VP of Infrastructure Infrastructure DRI
Fabian Zimmer Dir, Product Management SaaS Platforms Product Leadership
Chris Balane Sr. Product Manager PubSec PM / Product DRI
Marin Jankovski Sr. Dir Engineering SaaS Platforms Infrastructure Leadership
Corey Oas Compliance Manager FedRAMP SME
Will Szabo Sr. Sec. Program Manager Security Program Manager
Steve Manzuik Dir. Threat Management Vulnerability Remediation DRI
Stephen Dumesnil EM US Public Sector Services USPS Team DRI
Cynthia Miller Sr. Dir. Security Assurance Security DRI

Direction

GitLab is pursuing FedRAMP authorization at the Moderate Impact Level. We will evaluate demand for High once we attain Moderate.

Further details of the FedRAMP plan, including anticipated or actual dates, cannot be shared publicly at this time. Team members can view details in the internal handbook. This public handbook page contains information about the FedRAMP Authorization process as it pertains to GitLab.