Industries Public Sector How to use the schema
Public-sector vertical · OMB M-25-21 · FedRAMP 20x

How to use the public-sector controls schema

A workflow guide for CAIO staff and ISSOs preparing the September 22, 2026 OMB M-25-21 minimum-practices report and the next AI service Authority to Operate.

Audience CAIO staff · ISSOs · Authorizing Officials · Program offices · Contracting officers
Experimental schema notice. This guide describes a proposed extension of the CoSAI Shared Responsibility Framework. It is not part of SRF v1.0 and has not been endorsed by CoSAI, OMB, GSA, FedRAMP, NIST, or any federal agency. Nothing here constitutes legal, compliance, or acquisition advice. Section references to OMB M-25-21 and M-25-22 are illustrative; verify against the primary PDFs at whitehouse.gov before citing in agency documentation.

  1. Inventory use cases and confirm high-impact designations

    Start with your agency's AI use-case inventory. For each entry, confirm whether a high-impact designation exists, who made it, and when. If a use case lacks a designation decision, it needs one before you can assess M-25-21 compliance.

    The schema L1 controls SRF-L1-ACQ-001 and SRF-L1-ACQ-002 define the completeness and designation documentation requirements. Pull those controls into the M-25-21 readiness workpaper as your first two checklist rows.

    Practical check: OMB published agency compliance plans in fall 2025. If your agency published a plan (DHS, VA, HHS, EEOC plans are public examples), cross-reference the use cases listed there against your current inventory. Gaps indicate use cases added or changed since the plan was filed.

    For use cases that cannot meet minimum practices by September 22, the discontinuation and waiver process (SRF-L1-MON-005) must be ready. Document the approving official and timeline now, before the deadline.

  2. Select an operating model and trace CRM inheritance

    Each AI use case runs on one of four operating models. Selecting the right model determines which controls your agency owns outright, which it shares with a vendor, and which it can inherit from a FedRAMP authorization.

    Operating model Description Inheritance posture
    AI-SaaS AI capability via FedRAMP-authorized API (e.g., OpenAI 20x Moderate, IBM watsonx) CSP holds the L4/L5 authorization; agency owns L1-L3 and agency-side CRM rows
    AI-PaaS Agency-built or fine-tuned model on a FedRAMP-authorized platform Platform authorization inherited; agency adds application-layer and data-layer controls
    Agent-Ops Agentic AI in casework, benefits processing, or citizen service workflows Agency owns task boundary, oversight gate, and remedy controls; CSP shares platform controls
    Shared-Service Interagency platform (e.g., GSA enterprise AI services) Consuming agency inherits from service provider ATO; must document inheritance chain per SRF-L3-VAL-007

    Once you have selected a model, open the Customer Responsibility Matrix for the relevant FedRAMP authorization and map the responsibility_split values in the JSON controls (csp, agency, shared, inherited) to your existing CRM rows. AI-specific obligations in M-25-21 that do not appear in the CRM are agency-owned by default.

    For Shared-Service deployments: The inheritance chain must be documented before the ATO is granted (SRF-L3-VAL-007). Work with the GSA or interagency platform team to get the provider-side ATO boundary documentation, then map which controls flow to your agency.

  3. Map SRF personas to agency roles

    The schema uses six personas that correspond to SRF layers, not federal job titles. The table below maps each persona to the federal roles most commonly responsible for those obligations. Use this mapping to assign ownership rows in the workpaper.

    SRF persona Federal role(s) Primary layer(s)
    ai-system-governance CAIO, AI Governance Board, Deputy CIO L1
    data-provider CDO, Privacy Officer, Records Officer, ISSO L2
    application-developer Program office, system owner, application developer (contractor or FTE) L3
    agentic-platform-provider Platform engineering team, ISSO, cloud program office L3, L4
    ai-platform-provider ISSO, Authorizing Official, cloud program office; vendor for inherited controls L4
    model-provider Contracting officer, CAIO, vendor (for CSP-split controls) L5

    The workpaper Persona Mapping sheet carries these assignments pre-populated. Adjust them to reflect your agency's actual organizational structure. Where a role is shared across multiple offices, name a primary contact and a secondary.

  4. Set tier parameters by FIPS 199 level and high-impact designation

    Controls marked tier-configurable carry a parameter name (e.g., TIER_AI_INVENTORY_COVERAGE_PCT) rather than a hard threshold. Use the FIPS 199 impact level of the system and the M-25-21 high-impact designation to set values in the Tier Parameters sheet of the workpaper.

    Tier FIPS 199 level M-25-21 designation Suggested threshold posture
    Tier 1 High High-impact AI Maximum thresholds: inventory coverage 100%, staff training 100%, audit log completeness 100%, PSI < 0.2, accuracy degradation < 2%.
    Tier 2 Moderate High-impact AI Recommended minimums in schema descriptions: inventory 95%, training 95%, log completeness 100%, PSI < 0.25.
    Tier 3 Moderate or Low Not high-impact Reduced cadence acceptable for monitoring controls. Some OVR controls may not apply; document the rationale.
    Zero-tolerance controls are not tier-configurable. Controls marked zero-tolerance (agency data egress block, human oversight gate for adverse decisions, FedRAMP authorization status, and others) must be met at all tiers. They appear in the workpaper with locked thresholds.

  5. Assemble the evidence package for the OMB report and ATO file

    The September 22, 2026 OMB report requires agencies to demonstrate compliance with the seven M-25-21 minimum practices. The next AI service ATO requires completing the Customer Responsibility Matrix for AI-specific controls. Both artifacts draw from the same evidence set.

    Use the Minimum-Practices Evidence Log sheet in the workpaper to map each M-25-21 minimum practice to the relevant SRF controls and record the evidence artifact for each.

    M-25-21 minimum practices to SRF control mapping (illustrative)

    Pre-deployment testing
    SRF-L3-VAL-001: Pre-deployment test report; SRF-L3-VAL-002: AI impact assessment
    AI impact assessment
    SRF-L3-VAL-002: Completed and governance-board-reviewed impact assessment
    Ongoing monitoring
    SRF-L2-MON-004 (PSI); SRF-L2-MON-006 (accuracy); SRF-L4-MON-005 (audit log completeness)
    Human training
    SRF-L1-ACQ-008: Training completion records from the agency learning management system
    Human oversight
    SRF-L3-OVR-004: Oversight gate operational log; SRF-L3-MON-006: Agent boundary enforcement log
    Remedies or appeals
    SRF-L3-OVR-005: Documented remedy and appeal mechanism; SRF-L3-OVR-008: Explanation record per adverse decision
    Public feedback
    SRF-L1-OVR-006: Feedback channel operational with review logs; SRF-L1-ACQ-004: Compliance plan referencing the feedback mechanism

    For evidence types that are governance documents rather than streaming telemetry (impact assessments, ATO letters, compliance plans, training records), store them in your document management system and reference them by artifact ID in the workpaper. The OCSF evidence pointers in the JSON apply to controls that have machine-readable monitoring signals.

    FedRAMP 20x alignment: If your AI service is going through a 20x authorization, the KSI evidence format (machine-readable, from production) is the same evidence model the SRF evidence plane uses. Document both requirements with the same evidence artifact where possible.

M-25-21 readiness workpaper

XLSX · Generated from public-sector-controls.json · Includes Instructions, Tier Parameters, Persona Mapping, and Minimum-Practices Evidence Log

Download workpaper
Browse all controls