FedRAMP enables the federal government to leverage industry to securely modernize IT infrastructure. Before FedRAMP, vendors were required to meet a different set of security requirements for each agency. Now, with FedRAMP’s baseline security framework and guiding principle of “do once, use many times,” a CSO that is authorized at one federal agency can be re-used at any other agency. This certification extends to the broader state and local public sector market, drastically expanding a vendor’s TAM and revenue potential. In essence, build your cloud service once but sell it multiple times.