Filevine
Compliance ProgramsControlsLeveraged SystemsInterconnectionsDeliverables

Filevine Platform Trust Center

Vinesign is the electronic signature component of the Filevine suite. It enables government legal teams, contract and compliance departments, and related legal services to prepare, send, and execute documents electronically in compliance with legal and security standards. Vinesign provides an auditable record of document execution, supports records governance requirements, and integrates with Filevine case and contract management tools to maintain continuity of documentation workflows.
⌘K

Compliance Programs

See All (1)
The ongoing systems Filevine maintains to stay secure and prove it—covering the policies, processes, and tools that ensure regulatory and security requirements are consistently met.
FedRAMP

FR 20x Mod

The standard for federal cloud security designed to be Continuously Monitored, ensuring that security posture is maintained in real-time rather than just at the point of audit. Geared toward applications that handle data not strictly "public" but not "critically sensitive," where a breach would have serious adverse effects. Offers a faster route to authorization than traditional processes while ensuring robust monitoring and protection for moderate-risk data.

Controls

See All (230)
Controls are the specific safeguards or security requirements put in place to reduce risk and protect systems, data, and operations.

ADS-01

Pass
Providers MUST publicly share up-to-date information about the cloud service offering in both human-readable and machine-readable formats, including at least: • Direct link to the FedRAMP Marketplace for the offering • Service Model • Deployment Model • Business Category • UEI Number • Contact Information • Overall Service Description • Detailed list of specific services and their impact levels (see FRR-ADS-03) • Summary of customer responsibilities and secure configuration guidance • Process for accessing information in the trust center (if applicable) • Availability status and recent disruptions for the trust center (if applicable) • Customer support information for the trust center (if applicable)

ADS-02

Pass
Providers MUST use automation to ensure information remains consistent between human-readable and machine-readable formats when authorization data is provided in both formats; Providers SHOULD generate human-readable and machine-readable data from the same source at the same time OR generate human-readable formats directly from machine-readable data.

ADS-03

Pass
Providers MUST share a detailed list of specific services and their impact levels that are included in the cloud service offering using clear feature or service names that align with standard public marketing materials; this list MUST be complete enough for a potential customer to determine which services are and are not included in the FedRAMP authorization without requesting access to underlying authorization data.

Leveraged Systems

See All (1)
A cloud service or system that is FedRAMP authorized and whose security capabilities are leveraged by Filevine Cloud.
AWS US East/West

AWS US East/West

Amazon US East/West is a multi-tenant public cloud for Federal, State and Local Government customers, as well as commercial customers, designed to meet a wide range of regulatory requirements, to include government compliance and security requirements. AWS leverages the Infrastructure-as-a-Service (IaaS) cloud computing model, which enables convenient, on-demand Internet access to a shared pool of configurable computing resources such as servers, storage, network infrastructure, and various other web services. Customers can rapidly provision or release computing resources on demand.

Interconnections

See All (1)
A direct and specific system-to-system connection between Filevine Cloud, the Cloud Service Offering (CSO), and another external systems or services.
AWS US East/West - Interconnection

AWS US East/West - Interconnection

Hosts the system environment

Deliverables

See All (2)
The evidence packages that demonstrate Filevine has implemented required controls and is maintaining compliance.

Coalfire - FedRAMP 20x Assessment Letter

Official third-party assessment validation letter from Coalfire confirming our FedRAMP 20x compliance and security control effectiveness.

Filevine - FedRAMP 20x Moderate Package

FedRAMP 20x Moderate authorization package including KSI implementations, evidence, and third-party assessment.