44 USC § 3608 - Federal risk and authorization management program

---
identifier: "/us/usc/t44/s3608"
source: "usc"
legal_status: "official_legal_evidence"
title: "44 USC § 3608 - Federal risk and authorization management program"
title_number: 44
title_name: "PUBLIC PRINTING AND DOCUMENTS"
section_number: "3608"
section_name: "Federal risk and authorization management program"
chapter_number: 36
chapter_name: "MANAGEMENT AND PROMOTION OF ELECTRONIC GOVERNMENT SERVICES"
positive_law: true
currency: "119-84"
last_updated: "2025-02-05"
format_version: "1.1.0"
generator: "[email protected]"
source_credit: "(Added Pub. L. 117–263, div. E, title LIX, § 5921(b), Dec. 23, 2022, 136 Stat. 3450.)"
---


# § 3608. Federal risk and authorization management program

There is established within the General Services Administration the Federal Risk and Authorization Management Program. The Administrator, subject to section 3614, shall establish a Government-wide program that provides a standardized, reusable approach to security assessment and authorization for cloud computing products and services that process unclassified information used by agencies.

---

**Source Credit**: (Added Pub. L. 117–263, div. E, title LIX, § 5921(b), Dec. 23, 2022, 136 Stat. 3450.)

### Repeal of Section

For repeal of section by , see Effective Date of Repeal note below.

## Statutory Notes and Related Subsidiaries

### Effective Date of Repeal

, , , provided that the repeal of this section is effective on the date that is 5 years after .

### Construction

For rule of construction regarding , see , set out as a note under .