FedRAMP Authorized — Moderate Impact
Atlassian Cloud for Government by Atlassian. 6 compliance features verified.
Atlassian Cloud for Government
by Atlassian
Impact Level
Moderate
Status
Authorized
Pricing
enterprise
Authorization Date: May 14, 2023 | Sponsoring Agency: GSA
Overview
Atlassian Cloud for Government provides FedRAMP Moderate authorized versions of Jira, Confluence, and Jira Service Management on AWS GovCloud. It enables project tracking, knowledge management, and IT service management within a compliant environment. The platform supports agile project management and documentation workflows.
Key Features
Certifications & Authorizations
Deployment Options
NIST 800-171 Compliance Coverage
How to Procure Atlassian Cloud for Government for Defense Contracts
Atlassian Cloud for Government is available through GSA Multiple Award Schedule (MAS) Contract GS-35F-0119Y under Special Item Numbers 132-51 (Information Technology Professional Services) and 132-62 (Software as a Service). Government pricing includes significant discounts from commercial rates, typically 15-25% below standard Atlassian Cloud pricing. The authorization boundary encompasses Jira Software, Jira Service Management, and Confluence applications running on dedicated AWS GovCloud infrastructure. Contracting officers must verify the specific FedRAMP Authorization Letter covers all intended use cases and data classifications. The procurement process typically requires 45-90 days including security review, with additional time for ATO if agency-specific assessment is required. Include clear data classification requirements (CUI vs public) and user count estimates in your SOW. For CMMC assessment boundary inclusion, document Atlassian's role in protecting CUI through their FedRAMP controls inheritance, map to your System Security Plan (SSP), and ensure proper ISSO review of the Customer Responsibility Matrix. Verify that planned integrations with other systems maintain authorization boundary integrity and that data residency requirements are explicitly addressed in the contract.
Compliance Cross-References
Atlassian Cloud for Government's FedRAMP Moderate authorization directly supports DFARS 252.204-7012 compliance by providing adequate security controls for Controlled Unclassified Information (CUI). The platform's AWS GovCloud deployment satisfies DFARS 252.239-7010 cloud computing security requirements through validated government cloud infrastructure. For NIST 800-171 compliance, Atlassian inherits critical control families including Access Control (AC) through SAML/SSO integration, System and Communications Protection (SC) via encryption in transit and at rest, and Audit and Accountability (AU) through comprehensive logging. CMMC Level 2 domains are addressed through Atlassian's implementation of Access Management (AM), Asset Management (AS), Audit and Accountability (AU), Configuration Management (CM), Identification and Authentication (IA), Incident Response (IR), Maintenance (MA), Media Protection (MP), Personnel Security (PS), Physical Protection (PE), Risk Assessment (RA), Security Assessment (CA), Situational Awareness (SA), and System and Communications Protection (SC) practices. The DoD Cloud Computing SRG Impact Level 2 requirements are met through the FedRAMP Moderate baseline controls implementation.
Defense Contractor Use Case
Defense contractors use Atlassian Government for project management with Jira, documentation with Confluence, and IT service management, especially for software development teams practicing agile methodologies.
Related Products
More Collaboration Products
Related Compliance Assessments
Frequently Asked Questions
What is the FedRAMP authorization level for Atlassian Cloud for Government?
Atlassian Cloud for Government is authorized at the FedRAMP Moderate impact level, with authorization granted on 2023-05-14 sponsored by GSA. The FedRAMP Moderate baseline includes approximately 325 security controls covering confidentiality, integrity, and availability.
Can defense contractors use Atlassian Cloud for Government for CUI?
Atlassian Cloud for Government is authorized at the FedRAMP Moderate baseline. While FedRAMP Moderate covers a broad range of government data, defense contractors handling CUI should carefully evaluate whether Moderate controls meet their specific DFARS 252.204-7012 and NIST 800-171 requirements. Some CUI categories may require FedRAMP High authorization depending on the sensitivity of the data and contract requirements.
How does Atlassian Cloud for Government pricing compare to commercial?
Atlassian Cloud for Government government pricing is typically negotiated on an enterprise basis and may differ from commercial list prices. Government and defense contractor pricing often includes compliance overhead that can make it 15-30% higher than commercial equivalents. However, volume discounts, GSA Schedule pricing, and multi-year commitments can help offset these costs. Contact Atlassian directly or check GSA Advantage for current government pricing.
Browse All FedRAMP Authorized Tools
Search and filter 80+ FedRAMP authorized products for your defense contracting needs.
Open FedRAMP FinderTrack Atlassian Cloud for Government FedRAMP compliance updates with AI-powered intelligence
Signals matches SAM.gov opportunities to your profile, monitors regulatory changes, and alerts you before competitors. Free for 90 days.
Start Free — 90 Days