FedRAMP Authorized — Moderate Impact
Pega Government Cloud by Pegasystems. 6 compliance features verified.
Pega Government Cloud
by Pegasystems
Impact Level
Moderate
Status
Authorized
Pricing
enterprise
Authorization Date: March 22, 2019 | Sponsoring Agency: GSA
Overview
Pega Government Cloud is a FedRAMP Moderate authorized AI-powered decisioning and workflow automation platform for government organizations. It provides CRM, case management, and robotic process automation within a compliant boundary. The platform uses AI to optimize customer engagement and operational efficiency.
Key Features
Certifications & Authorizations
Deployment Options
NIST 800-171 Compliance Coverage
How to Procure Pega Government Cloud for Defense Contracts
Pega Government Cloud is available through GSA MAS (Multiple Award Schedule) under SIN 132-51 for Business Intelligence and Analytics. The platform is also procurable via SEWP V contracts and select CIO-SP3 task orders focusing on business process automation. Government pricing includes significant discounts compared to commercial rates, typically 15-25% below standard licensing fees, with additional volume discounts for enterprise deployments. For SSP development, contracting officers must obtain Pega's Customer Responsibility Matrix (CRM) and System Security Plan boundary documentation, which clearly delineates shared responsibility between Pega and the government customer. The authorization boundary includes the Pega Platform, Pega Infinity suite applications, and underlying AWS GovCloud infrastructure components. Contracting officers need to approve data residency requirements, ensuring all government data remains within CONUS AWS GovCloud regions. Integration requirements with existing government systems must be documented, particularly API connections and data flows. Typical procurement timeline spans 4-6 months from RFP to contract award, including technical evaluation, security assessment review, and legal review of the subscription agreement. For CMMC assessment boundaries, include Pega Government Cloud as an external service provider requiring verification of FedRAMP authorization inheritance and documentation of data protection controls for CUI processing workflows.
Compliance Cross-References
Pega Government Cloud's FedRAMP Moderate authorization directly satisfies DFARS 252.204-7012 safeguarding requirements for covered contractor information systems processing CUI. The platform's AWS GovCloud deployment aligns with DFARS 252.239-7010 cloud computing security requirements, providing adequate security controls for DoD information. For NIST 800-171 compliance, the platform addresses multiple control families: Access Control (AC) through role-based permissions and multi-factor authentication, System and Communications Protection (SC) via encryption in transit and at rest, and Audit and Accountability (AU) through comprehensive logging and monitoring capabilities. Under CMMC Level 2, Pega Government Cloud supports Asset Management (AM), Access Control (AC), and System Security (SS) domains through inherited AWS GovCloud controls and Pega-specific application security measures. The platform's workflow automation capabilities help government contractors implement and document CMMC practices, particularly for incident response and security awareness training tracking. DoD Cloud Computing SRG Impact Level 2 requirements are met through the FedRAMP Moderate baseline, providing appropriate security controls for DoD sensitive information processing and storage within the platform's case management and CRM functionalities.
Defense Contractor Use Case
Defense contractors use Pega Government Cloud for complex case management, customer engagement automation, and AI-driven decisioning in government-facing operations and proposal management.
Related Products
More CRM & Sales Products
Frequently Asked Questions
What is the FedRAMP authorization level for Pega Government Cloud?
Pega Government Cloud is authorized at the FedRAMP Moderate impact level, with authorization granted on 2019-03-22 sponsored by GSA. The FedRAMP Moderate baseline includes approximately 325 security controls covering confidentiality, integrity, and availability.
Can defense contractors use Pega Government Cloud for CUI?
Pega Government Cloud is authorized at the FedRAMP Moderate baseline. While FedRAMP Moderate covers a broad range of government data, defense contractors handling CUI should carefully evaluate whether Moderate controls meet their specific DFARS 252.204-7012 and NIST 800-171 requirements. Some CUI categories may require FedRAMP High authorization depending on the sensitivity of the data and contract requirements.
How does Pega Government Cloud pricing compare to commercial?
Pega Government Cloud government pricing is typically negotiated on an enterprise basis and may differ from commercial list prices. Government and defense contractor pricing often includes compliance overhead that can make it 15-30% higher than commercial equivalents. However, volume discounts, GSA Schedule pricing, and multi-year commitments can help offset these costs. Contact Pegasystems directly or check GSA Advantage for current government pricing.
Browse All FedRAMP Authorized Tools
Search and filter 80+ FedRAMP authorized products for your defense contracting needs.
Open FedRAMP FinderTrack Pega Government Cloud FedRAMP compliance updates with AI-powered intelligence
Signals matches SAM.gov opportunities to your profile, monitors regulatory changes, and alerts you before competitors. Free for 90 days.
Start Free — 90 Days