Arizona Department of Homeland Security

Arizona Department of Homeland Security

You are here

Arizona Risk and Authorization Management Program (AZRAMP)

The Arizona Risk and Authorization Management Program is a NIST-based assessment developed to analyze a vendor’s threshold for security and data protection. Modeled after the Federal Risk and Authorization Management Program, AZRAMP has successfully vetted over 450 cloud service products as of September 2025. These services must be periodically reviewed to ensure continued compliance with NIST regulation requirements.

**UPDATE**

The State of Arizona’s cloud security program, AZRAMP, is officially transitioning to StateRAMP (dba GovRAMP), reinforcing Arizona’s commitment to standardized cybersecurity requirements and enhanced vendor risk management. The move aligns Arizona’s cloud security policies with the widely adopted GovRAMP framework, ensuring consistency in security assessments and streamlined procurement processes for cloud service providers operating in the state.

With this transition, Arizona will leverage GovRAMP’s established compliance framework, which provides enhanced security oversight and efficiency for state agencies and service providers. This move simplifies compliance efforts for vendors while strengthening Arizona’s cybersecurity posture across public sector entities.

As of July 1, 2025, all new contracts will include risk assessment requirements that align with the GovRAMP program which is based on National Institute of Technology and Standards (NIST) 800-53. Any grace period offered to reach the appropriate assessment level will be defined within the solicitation for the product/service. 

As of July 1, 2026, all renewal contracts will include risk assessment requirements that align with GovRAMP or FedRAMP.

For more information: https://programs.govramp.org/arizona/

The State of Arizona also recognizes FedRAMP Authorizations. Their authorized product list page can be found here: https://marketplace.fedramp.gov/products (FedRAMP).

Below is a list of AZRAMP authorized cloud service products, the solution they provide, when they became AZRAMP authorized, the expiration date of their authorization, the impact level of each, and the entity that reviewed and approved their AZRAMP authorization.

Company Namesort descending Product Authorized Expiration Impact Reviewed by
Atlassian
Trello Enterprise Cloud + SaaS Solutions
07/05/2021
07/04/2029
Low
AZDOHS
AtomicAI
Maintenance Management System
08/25/2025
08/25/2028
Moderate
AZDOHS
Atos Public Safety
NG-911
02/01/2021
05/09/2027
Moderate
AZDOHS
Auditboard
OIG/IAA Audit Management Software
07/02/2019
11/20/2027
Moderate
AZDOHS
Avesis
Vision Care
08/07/2025
08/07/2028
Moderate
AZDOHS
AZTEC
Corrections Inmate GED Program
07/12/2020
08/06/2029
Moderate
AZDOHS
Baker, Tilly, Virchow, & Krause LLP
Insurance Regulatory, Analytical, and Examination Services
05/15/2024
05/15/2027
Moderate
AZDOHS
Becklar Workforce Safety
WorkerSafety Pro
11/02/2022
08/12/2027
Moderate
AZDOHS
Bentley Systems
ProjectWise and OpenGround + iTwin
05/06/2024
05/06/2027
Moderate
AZDOHS
BeyondTrust
Secure Remote Access
08/31/2023
05/09/2027
Low
AZDOHS