FedRAMP Execution Working Group
The charter of this working group is to drive execution of FedRAMP compliance.
Attributes
| Property | Value |
|---|---|
| Date Created | November 25, 2021 |
| End Date | TBD |
| Slack | #wg_fedramp (only accessible from within the company) |
| Google Doc | Working Group Agenda (only accessible from within the company) |
| Epic | Main Project Epic (only accessible from within the company) |
| Public Handbook Page | GitLab’s FedRAMP Authorization Program |
| Internal Handbook Page | FedRAMP Compliance |
Exit Criteria
GitLab achieves FedRAMP Moderate Authorization (Authority to Operate - ATO) for a new SaaS offering.
Roles and Responsibilities
| Team Member Name | Role | Working Group Role |
|---|---|---|
| Josh Lemos | CISO | Executive Sponsor |
| Mike Flouton | VP of Product | FedRAMP DRI |
| Mek Stittri | VP of Infrastructure | Infrastructure DRI |
| Fabian Zimmer | Dir, Product Management | SaaS Platforms Product Leadership |
| Chris Balane | Sr. Product Manager | PubSec PM / Product DRI |
| Marin Jankovski | Sr. Dir Engineering | SaaS Platforms Infrastructure Leadership |
| Corey Oas | Compliance Manager | FedRAMP SME |
| Will Szabo | Sr. Sec. Program Manager | Security Program Manager |
| Steve Manzuik | Dir. Threat Management | Vulnerability Remediation DRI |
| Stephen Dumesnil | EM US Public Sector Services | USPS Team DRI |
| Cynthia Miller | Sr. Dir. Security Assurance | Security DRI |
Direction
GitLab is pursuing FedRAMP authorization at the Moderate Impact Level. We will evaluate demand for High once we attain Moderate.
Further details of the FedRAMP plan, including anticipated or actual dates, cannot be shared publicly at this time. Team members can view details in the internal handbook. This public handbook page contains information about the FedRAMP Authorization process as it pertains to GitLab.
Last modified January 16, 2024: Update second link (
6c4e14e4)
