Federal Deployment Overview
GOVERN Federal is the hardened deployment configuration of the GOVERN AI Governance Platform designed for U.S. federal agencies, DoD components, and defense contractors operating under federal AI governance requirements.
Regulatory Context
Federal AI deployments are subject to a layered compliance framework:
| Requirement | Authority | Scope |
|---|---|---|
| EO 14110 | White House | AI safety and security standards for federal use |
| OMB M-24-10 | OMB | AI governance requirements for federal agencies |
| NIST AI RMF | NIST | AI risk management framework |
| FedRAMP | GSA/OMB | Cloud security authorization |
| CMMC 2.0 | DoD | Defense contractor cybersecurity |
| NIST SP 800-53 | NIST | Security controls for federal information systems |
| IL2–IL6 | DoD | Impact Level controls for defense workloads |
GOVERN Federal Architecture
GOVERN Federal is a configuration of GOVERN Container (values-federal.yaml) with:
- GovCloud deployment — AWS GovCloud (US-Gov-East/West) or Azure Government
- FedRAMP-authorized components — Only FedRAMP-authorized third-party services
- FIPS 140-2 encryption — All data in transit and at rest
- CAC/PIV authentication — No username/password authentication
- IL2/IL4/IL6 configurations — Separate values files per impact level
- Air-gap capability — Full offline bundle for classified networks
- OSCAL export — Machine-readable compliance data in NIST OSCAL format
- Continuous ATO — Automated control monitoring for cATO programs
Deployment Paths
| Path | Use Case | Time to Deploy |
|---|---|---|
| GovCloud (AWS) | Unclassified + CUI workloads | 2–4 hours |
| GovCloud (Azure) | M365/Entra-integrated environments | 2–4 hours |
| Air-gapped | Classified networks (IL5/IL6) | 1–3 days |
| DISA IL2 | DoD public-facing workloads | 4–8 hours |
| DISA IL4 | Controlled Unclassified Information | 4–8 hours |
| DISA IL6 | Secret classification | 1–2 weeks |
Getting Started
- GovCloud Deployment — Deploy to AWS or Azure GovCloud
- Air-Gapped Installation — Offline bundle for classified networks
- Impact Level Configuration — IL2, IL4, IL5, IL6 settings
- FedRAMP Authorization — Authorization path and documentation
- CMMC Compliance — Level 2 and Level 3 compliance mapping
- NIST 800-53 Controls — Control implementation statements
- CAC/PIV Authentication — Smart card authentication setup
- OSCAL Export — Machine-readable compliance output