FedRAMP Baselines Control Allocation Spreadsheet

FedRAMP baselines are based on the NIST 800-53 Rev. 5 control catalog. Each FedRAMP baseline—Low, LI-SaaS, Moderate, and High—includes a fixed set of required controls that must be implemented for authorization. To help you understand the scope and complexity of each baseline, this spreadsheet breaks down the number of required controls by control family across all four baselines. It’s a clear, side-by-side comparison designed to highlight how control requirements scale and which cybersecurity domains are most emphasized at each level.

What you'll get:

Break down the number of NIST 800-53 Rev. 5 controls per family across the FedRAMP baselines
See the total number of controls you'll need to implement for the Low, LI-SaaS, Moderate, and High baselines

Product

Risk Management

Vendor Security Reviews

Supported Frameworks

Solutions

Top Frameworks

Partner Types

Partner Program

Security and Compliance Resources

Framework Resources

Customer Resources

Company

FedRAMP Baselines Control Allocation Spreadsheet