FedRAMP Authorized — Moderate Impact
SAS Viya Government by SAS Institute. 6 compliance features verified.
SAS Viya Government
by SAS Institute
Impact Level
Moderate
Status
Authorized
Pricing
enterprise
Authorization Date: May 22, 2021 | Sponsoring Agency: GSA
Overview
SAS Viya Government provides FedRAMP Moderate authorized advanced analytics, AI, and data management for government organizations. It offers statistical analysis, machine learning, and decision intelligence within a cloud-native architecture. The platform is trusted for mission-critical analytics across federal agencies.
Key Features
Certifications & Authorizations
Deployment Options
NIST 800-171 Compliance Coverage
How to Procure SAS Viya Government for Defense Contracts
SAS Viya Government is available through GSA Multiple Award Schedule (MAS) 70 under SIN 54151S (IT Professional Services) and SIN 518210C (Software Licenses). The product is also procurable via SEWP V contracts and NASA Solutions for Enterprise-Wide Procurement (SEWP). Government pricing includes significant discounts from commercial rates, typically 15-25% below list price for federal agencies. Contracting officers must review the FedRAMP Moderate P-ATO documentation, including the System Security Plan (SSP) covering 325+ NIST 800-53 controls, Continuous Monitoring Plan, and Authorization Boundary definition. The authorization boundary encompasses SAS Viya's microservices architecture, including the analytics runtime, data management layer, and web-based user interfaces. Procurement timeline typically requires 90-120 days including security review, pricing negotiations, and Authority to Operate (ATO) inheritance documentation. For CMMC assessments, include SAS Viya Government within your assessment boundary when processing CUI analytics workloads, ensuring proper data flow mapping between your organization's enclave and the SAS cloud environment. Document API connections and data transfer protocols for CMMC Level 2 System and Communications Protection requirements.
Compliance Cross-References
SAS Viya Government's FedRAMP Moderate authorization directly supports DFARS 252.204-7012 compliance for CUI processing through implemented NIST 800-171 controls across all 14 families. The cloud deployment satisfies DFARS 252.239-7010 requirements with FedRAMP certification serving as adequate security assessment. Key NIST 800-171 control mappings include Access Control (AC) through role-based authentication and privileged access management, System and Communications Protection (SC) via TLS 1.2+ encryption and boundary protection, and Audit and Accountability (AU) through comprehensive logging and monitoring. For CMMC Level 2, SAS Viya Government addresses Asset Management (AM) through automated data classification, Configuration Management (CM) via infrastructure-as-code deployments, and System and Information Integrity (SI) through continuous vulnerability scanning. DoD Cloud Computing SRG Impact Level 2 compliance enables processing of DoD Basic CUI and Public data categories. The platform's data governance capabilities support Identification and Authentication (IA) CMMC requirements through integrated identity management and supports Risk Assessment (RA) processes through built-in data quality and lineage tracking features.
Defense Contractor Use Case
Defense contractors use SAS Viya Government for advanced statistical analysis, predictive modeling, and fraud detection in government programs requiring rigorous analytical methodologies.
Related Products
More Analytics & BI Products
Frequently Asked Questions
What is the FedRAMP authorization level for SAS Viya Government?
SAS Viya Government is authorized at the FedRAMP Moderate impact level, with authorization granted on 2021-05-22 sponsored by GSA. The FedRAMP Moderate baseline includes approximately 325 security controls covering confidentiality, integrity, and availability.
Can defense contractors use SAS Viya Government for CUI?
SAS Viya Government is authorized at the FedRAMP Moderate baseline. While FedRAMP Moderate covers a broad range of government data, defense contractors handling CUI should carefully evaluate whether Moderate controls meet their specific DFARS 252.204-7012 and NIST 800-171 requirements. Some CUI categories may require FedRAMP High authorization depending on the sensitivity of the data and contract requirements.
How does SAS Viya Government pricing compare to commercial?
SAS Viya Government government pricing is typically negotiated on an enterprise basis and may differ from commercial list prices. Government and defense contractor pricing often includes compliance overhead that can make it 15-30% higher than commercial equivalents. However, volume discounts, GSA Schedule pricing, and multi-year commitments can help offset these costs. Contact SAS Institute directly or check GSA Advantage for current government pricing.
Browse All FedRAMP Authorized Tools
Search and filter 80+ FedRAMP authorized products for your defense contracting needs.
Open FedRAMP FinderTrack SAS Viya Government FedRAMP compliance updates with AI-powered intelligence
Signals matches SAM.gov opportunities to your profile, monitors regulatory changes, and alerts you before competitors. Free for 90 days.
Start Free — 90 Days