FedRAMP
FedRAMP is the U.S. federal authorization program for cloud services. AI systems offered to federal customers must satisfy the controls in NIST SP 800-53. This page describes which controls Verdifax addresses and which it does not.
Quick orientation
FedRAMP comes in three baselines:
- Low — limited adverse impact (e.g., open public information)
- Moderate — serious adverse impact (most AI systems serving federal customers land here)
- High — severe / catastrophic adverse impact (intelligence, defense)
Each baseline is a defined subset of the ~1,000 NIST 800-53 controls. Verdifax contributes specifically to the audit and accountability (AU) family — the controls that govern logging, integrity of audit records, and event review.
AU controls Verdifax contributes to
| Control | What it requires | Verdifax contribution |
|---|---|---|
| AU-2 Event Logging | Identify which events to log; document the rationale | Every AI inference is a logged event with full sealed manifest |
| AU-3 Content of Audit Records | Records must contain sufficient information for forensic review | The 18-field manifest plus payload hash, route, program id, timestamp |
| AU-9 Protection of Audit Information | Audit records must be protected from unauthorized modification | Manifest hash is sealed; modification is detectable cryptographically |
| AU-10 Non-Repudiation | Identity of actors performing logged actions cannot be denied | API key is bound to runs; revocation is auditable |
| AU-11 Audit Record Retention | Records retained per organization-defined period | SQLite store ships with the orchestrator; retention is operator policy |
| AU-12 Audit Generation | System generates audit records for defined events | Every /execute call writes a record |
Verdifax also contributes to:
- SI-7 Software, Firmware, and Information Integrity — through hardware-anchored attestation (TPM2 / SEV-SNP)
- SC-12 Cryptographic Key Establishment — uses NIST-approved SHA-256 for sealing
- CM-3 Configuration Change Control — manifest hashes provide change-evidence (see SOX § 404 for the same logic in commercial framing)
What Verdifax does not address
Most of the FedRAMP control catalog. Verdifax is one component of a much larger authorization package. It does not provide:
- Personnel security (PS family)
- Physical and environmental protection (PE)
- Most access control (AC)
- Identification and authentication (IA, beyond the API-key plumbing)
- Incident response (IR), other than producing forensic-quality records
- Risk assessment (RA) — that's your governance team
A reasonable analogy: Verdifax is to AU what database encryption is to SC — necessary for the relevant controls, sufficient for none of them, and entirely unrelated to most of the catalog.
Where Verdifax helps most
Federal AI deployments where the auditor needs to confirm specific decisions later — benefits eligibility determinations, security-clearance adjudication assistance, threat triage, denial-of-claim recommendations. Anything where "show me how this AI made that determination" is a question the system has to answer.
Continue
- Sample audit response
- Integrating AWS Bedrock (the natural runtime for FedRAMP work)