FedRAMP Authorized — Moderate Impact
iCIMS Government Cloud by iCIMS. 6 compliance features verified.
iCIMS Government Cloud
by iCIMS
Impact Level
Moderate
Status
Authorized
Pricing
mid market
Authorization Date: March 28, 2022 | Sponsoring Agency: GSA
Overview
iCIMS Government Cloud provides FedRAMP Moderate authorized talent acquisition and recruiting platform for government organizations. It offers applicant tracking, career sites, and AI-powered candidate matching. The platform supports compliance with OFCCP and EEO requirements for government contractors.
Key Features
Certifications & Authorizations
Deployment Options
NIST 800-171 Compliance Coverage
How to Procure iCIMS Government Cloud for Defense Contracts
iCIMS Government Cloud is available through GSA MAS (Multiple Award Schedule) under SIN 518210C (IT Professional Services) and SIN 54151S (Information Technology Software). The solution is also procurable via SEWP V and CIO-SP3 OASIS contract vehicles. Government pricing includes significant discounts from commercial rates, typically 15-25% below standard enterprise pricing, with additional volume discounts for large agencies. Contracting officers must review the current P-ATO documentation including the System Security Plan (SSP), which defines the authorization boundary covering the iCIMS application layer, database tier, and AWS GovCloud infrastructure. The SSP explicitly excludes customer data integration points and agency-side network configurations from the FedRAMP boundary. COs must approve data residency requirements (US-only storage), export control compliance for international users, and integration security controls with existing agency systems. Typical procurement timeline is 90-120 days including security review, with an additional 30-45 days for Authority to Operate (ATO) if reciprocity is not granted. For CMMC assessments, include iCIMS Government Cloud in your assessment boundary as a cloud service provider, documenting the shared responsibility model where iCIMS manages infrastructure controls (SC family) while agencies maintain responsibility for user access management (AC family) and audit logging configuration (AU family). Ensure your CMMC Level 2 assessment addresses data flow mapping between iCIMS and internal HR systems.
Compliance Cross-References
iCIMS Government Cloud's FedRAMP Moderate authorization directly supports DFARS 252.204-7012 compliance for Controlled Unclassified Information (CUI) processing, as the platform handles sensitive personnel data including SSNs, security clearance information, and personally identifiable information. The cloud deployment satisfies DFARS 252.239-7010 requirements through AWS GovCloud infrastructure and FedRAMP continuous monitoring. NIST 800-171 control family mappings include: Access Control (AC) family through role-based permissions and multi-factor authentication; System and Communications Protection (SC) family via encryption in transit/rest and boundary protection; and Audit and Accountability (AU) family through comprehensive logging and monitoring capabilities. For CMMC Level 2, the solution addresses Asset Management (AM), Access Control (AC), Audit and Accountability (AU), Configuration Management (CM), Identification and Authentication (IA), Incident Response (IR), Risk Assessment (RA), Security Assessment (CA), and System and Communications Protection (SC) domains. The shared responsibility model requires agencies to implement additional controls for Media Protection (MP) and Personnel Security (PS) domains. DoD Cloud Computing SRG IL-4 requirements are met through the FedRAMP Moderate baseline, supporting moderate-impact government data processing with appropriate encryption, access controls, and continuous monitoring aligned with DoD security requirements.
Defense Contractor Use Case
Defense contractors use iCIMS Government for recruiting cleared personnel, managing applicant pipelines, and ensuring compliance with OFCCP requirements for government contract staffing.
Related Products
More HR & Workforce Products
Frequently Asked Questions
What is the FedRAMP authorization level for iCIMS Government Cloud?
iCIMS Government Cloud is authorized at the FedRAMP Moderate impact level, with authorization granted on 2022-03-28 sponsored by GSA. The FedRAMP Moderate baseline includes approximately 325 security controls covering confidentiality, integrity, and availability.
Can defense contractors use iCIMS Government Cloud for CUI?
iCIMS Government Cloud is authorized at the FedRAMP Moderate baseline. While FedRAMP Moderate covers a broad range of government data, defense contractors handling CUI should carefully evaluate whether Moderate controls meet their specific DFARS 252.204-7012 and NIST 800-171 requirements. Some CUI categories may require FedRAMP High authorization depending on the sensitivity of the data and contract requirements.
How does iCIMS Government Cloud pricing compare to commercial?
iCIMS Government Cloud government pricing is generally competitive with commercial pricing, though the government edition may carry a premium of 10-20% to cover FedRAMP compliance and dedicated infrastructure costs. Mid-market organizations can often access government pricing through GSA Schedule contracts or reseller partners. Contact iCIMS for a quote tailored to your organization size and requirements.
Browse All FedRAMP Authorized Tools
Search and filter 80+ FedRAMP authorized products for your defense contracting needs.
Open FedRAMP FinderTrack iCIMS Government Cloud FedRAMP compliance updates with AI-powered intelligence
Signals matches SAM.gov opportunities to your profile, monitors regulatory changes, and alerts you before competitors. Free for 90 days.
Start Free — 90 Days