OneStream Software Receives FedRAMP Authorization for XF Cloud CPM Solution

12th November 2018

OneStream Software, LLC, a provider of Corporate Performance Management (CPM) solutions for the mid-sized to large enterprise, has received Federal Risk and Authorization Management Program (FedRAMP) authorization for its XF Cloud solution. OneStream has achieved a FedRAMP Moderate authorization, helping it to expand business across federal government agencies.





“The FedRAMP authorization ensures government agencies evaluating OneStream Software that our cloud service has the level of information security they require. This ‘pre-qualification,’ if you will, helps to streamline agency evaluation and accelerate their procurement process. We are proud to achieve a FedRAMP Moderate authorization,” said Tom Shea, chief executive officer, OneStream Software.


While OneStream already has several implementations in US government agencies, the FedRAMP Moderate authorization makes OneStream’s XF Cloud CPM platform more accessible to federal agencies seeking solutions for financial consolidation, reporting, planning, analysis and data quality.


“FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization and continuous monitoring for cloud services. The FedRAMP assessment was a rigorous process, taking more than a year to complete with full reviews of OneStream’s cloud platform; security policies and procedures; incident reporting and mitigation as well as other internal controls and annual audits specific to the FedRAMP authorization into the future.  This level of review and auditing should give public and private companies alike assurance in the security of their financial data,” said Mark Angle, vice president of IT and Cloud Services for OneStream Software. 

FedRAMP authorizes vendors at low, moderate and high impact levels. OneStream is authorized at the moderate impact level, which accounts for nearly 80% of applications that receive FedRAMP authorization. High impact levels are typically for Law Enforcement and Emergency Services, for example.

“In addition to powerful third-party validation of its cloud CPM solution, the FedRAMP authorization also opens the door for OneStream to sell into federal agencies, which is an attractive market for CPM. In fact, state and even local government agencies often view the FedRAMP authorization as a pre-requisite to do business,” said Craig Colby, chief revenue officer, OneStream Software.