Skip to main content

CMS ATO Notice

CMS ATO information can now be found at, along with other security and privacy resources.

This website will be retired. You will be redirected in a moment.


The overarching goal of the Rapid ATO initiative is to modernize the ATO process and integrate security and compliance into the System Development Life Cycle (SDLC).

This section is intended to provide a high level overview, including many of the important steps required during each phase of the Authority to Operate (ATO) process. However, it does not include every detail and requirement along the way.

Please visit or consult the linked resources embedded in these sections for additional information and guidance.