Helpful Tip: The FedRAMP PMO recommends the Just-In-Time approach as it is a more iterative and
agile approach that may prevent rework after 3PAO testing has occurred.
10.3 Work Breakdown Structure and In Process Request
As your federal agency finalizes the Authorization Planning phase, complete the following actions:
1. Complete a work breakdown structure (WBS), in partnership with the CSP. After the completion of the WBS,
please send it to the FedRAMP PMO at intake@fedramp.gov for review and feedback.
2. Submit a FedRAMP In-Process Request to the FedRAMP PMO via intake@fedramp.gov. The completion of
this form indicates to the FedRAMP PMO that your federal agency is ready to begin coordinating a kickoff
meeting with the CSP, FedRAMP PMO, and 3PAO (optional and recommended). It also indicates that you
have reviewed and approved the WBS and 3PAO testing is scheduled within six (6) months. At this point,
the FedRAMP PMO will provide a copy of the kickoff meeting presentation template to the CSP.
3. Instruct your CSP to begin working on the kickoff meeting presentation. A copy of the CSP’s completed
presentation must be sent to the FedRAMP PMO via intake@fedramp.gov for review and feedback prior to
confirming a date and time for the kickoff meeting.
See the FedRAMP In Process section on the About FedRAMP Marketplace webpage for more information about the
FedRAMP In Process request, WBS, and the full criteria for a CSP to be listed as In Process. Your federal agency’s
FedRAMP Liaison will be able to assist in the above actions listed above.
10.4 Kickoff Meeting
The purpose of the kickoff meeting is to formally begin the FedRAMP agency authorization process by introducing
key team members, reviewing the CSO, and ensuring all stakeholders are aligned on the overall process. While the
FedRAMP PMO coordinates and facilitates kickoff meetings, these meetings are meant to be in service of the CSP
and federal agency partnership. Review FedRAMP’s Kickoff Briefing guidance to understand the full scope of a
FedRAMP-facilitated kickoff meeting.
At the conclusion of the kickoff meeting, all stakeholders will have a shared understanding of:
● The overall authorization process, milestones, deliverables, roles and responsibilities, and schedule
● The roles and responsibilities of all project team members including federal agency, CSP, and
3PAO personnel
● The CSO’s purpose and function, authorization boundary, data flows, known security gaps and plans for
remediation, federal agency-specific requirements, customer responsible controls, and areas that may
require federal agency risk acceptance
● The federal agency’s process for reviewing the authorization package and reaching a risk-based
authorization decision