Federal Setup
GOVERN is designed to meet the requirements of US federal deployments including FedRAMP Moderate and FedRAMP High authorization levels.
FedRAMP authorization status
GOVERN is currently pursuing FedRAMP Moderate authorization. Contact federal@archetypal.ai for the current authorization status and System Security Plan (SSP) access.
Compliance frameworks supported
- FedRAMP Moderate (NIST SP 800-53 Rev 5)
- DoD IL2 and IL4
- FISMA
- ITAR-adjacent environments (air-gapped configuration required)
Federal deployment requirements
Federal deployments require:
- On-premises or GovCloud infrastructure (not commercial cloud)
- FIPS 140-2 compliant cryptographic modules
- CAC/PIV authentication integration
- Audit log export to agency SIEM
FIPS mode
Enable FIPS mode in the GOVERN API configuration:
security: fips_mode: true tls_min_version: "1.2" allowed_ciphers: - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256CAC/PIV authentication
GOVERN supports SAML 2.0 integration with agency identity providers. Contact Archetypal for the SAML configuration guide for your agency’s IdP.