background

FedRAMP Baselines Control Allocation Spreadsheet

FedRAMP baselines are based on the NIST 800-53 Rev. 5 control catalog. Each FedRAMP baseline—Low, LI-SaaS, Moderate, and High—includes a fixed set of required controls that must be implemented for authorization. To help you understand the scope and complexity of each baseline, this spreadsheet breaks down the number of required controls by control family across all four baselines. It’s a clear, side-by-side comparison designed to highlight how control requirements scale and which cybersecurity domains are most emphasized at each level.

What you'll get:

  • Break down the number of NIST 800-53 Rev. 5 controls per family across the FedRAMP baselines
  • See the total number of controls you'll need to implement for the Low, LI-SaaS, Moderate, and High baselines