Website seems to say yes, but it does not call out Jira by name - just one other product.
I can't speak to Jira Cloud.
I believe that Jira Data Center can be configured (particularly in AWS) so that it doesn't violate FedRAMP, but there's more to it.
Jira Data Center itself doesn't cover the entire scope of FedRAMP compliance at any impact level. Much of FedRAMP is around operational procedures like account management, authentication, log monitoring, incident response, and maintenance procedures.
Yes and No. For an ELI5, FedRAMP is certification around Cloud applications.
Jira (Datacenter), the product, does not need to be FedRAMP compliant. If hosted on a cloud service (i.e. AWS, Azure, etc..) that service and all the processes and procedures around it need to be complaint.
Contegix, an Atlassian Partner, has FedRAMP compliant infrastructure and can host the DataCenter versions of the applications on it thus meeting compliance requirements.
Jira (Cloud) is a Cloud based product so it needs to be FedRAMP compliant for certain organizations.
Only Trello currently is FedRAMP compliant.
Jira should have Moderate Authorization to Operate by Q1 2025. See https://community.atlassian.com/t5/Trust-Security-articles/It-s-official-FedRAMP-Moderate-has-a-new-date-in-cloud/ba-p/2488663.
Full Disclosure, I work for Isos Federal (part of Isos Technology) which is also an Atlassian Partner like Contegix.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I've worked on multiple government agencies projects and they all had either the server or data center version. Some of the issues @Jim Knepley - ReleaseTEAM mentions are covered in overall security and operational documents outlining how they do the functions. I don't know about the cloud service.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Searching FedRamp (https://marketplace.fedramp.gov/products) I can see only Trello is, if you search Atlassian it'll show you all products authorized by them. Jira is not in this list.#
You can email Atlassian's contact to find out more: fedramp@atlassian.com
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Eddie Bibisi and welcome to the community,
It is not, take a look at the Atlassian pages about compliancy: https://www.atlassian.com/trust/compliance/resources
Cheers
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.