From 4683c14e89ed12aa7d6620cca4a6774c0992942c Mon Sep 17 00:00:00 2001
From: pete-gov <pete.waterman@gsa.gov>
Date: Tue, 17 Mar 2026 10:12:39 -0400
Subject: [PATCH 1/2] fixes #57

---
 FRMR.documentation.json | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/FRMR.documentation.json b/FRMR.documentation.json
index 734361f..edf2b16 100644
--- a/FRMR.documentation.json
+++ b/FRMR.documentation.json
@@ -2,8 +2,8 @@
   "info": {
     "title": "FedRAMP Machine-Readable Documentation",
     "description": "This datafile contains FedRAMP documentation for cloud service providers seeking FedRAMP Authorization. This includes definitions, requirements, recommendations, and key security indicators.",
-    "version": "0.9.41-beta",
-    "last_updated": "2026-03-03"
+    "version": "0.9.42-beta",
+    "last_updated": "2026-03-17"
   },
   "FRD": {
     "info": {
@@ -1713,11 +1713,11 @@
               "name": "Senior Security Reviewer",
               "varies_by_level": {
                 "low": {
-                  "statement": "Agencies MAY designate a senior information security official to review Ongoing Authorization Reports and represent the agency at Quarterly Reviews for cloud service offerings included in agency information systems with a Security Category of High.",
+                  "statement": "Agencies MAY designate a senior information security official to review Ongoing Authorization Reports and represent the agency at Quarterly Reviews for cloud service offerings included in agency information systems with a Security Category of Low.",
                   "primary_key_word": "MAY"
                 },
                 "moderate": {
-                  "statement": "Agencies MAY designate a senior information security official to review Ongoing Authorization Reports and represent the agency at Quarterly Reviews for cloud service offerings included in agency information systems with a Security Category of High.",
+                  "statement": "Agencies MAY designate a senior information security official to review Ongoing Authorization Reports and represent the agency at Quarterly Reviews for cloud service offerings included in agency information systems with a Security Category of Moderate.",
                   "primary_key_word": "MAY"
                 },
                 "high": {

From cb4d71a877f94b4734cae93a61f28cb340393c91 Mon Sep 17 00:00:00 2001
From: pete-gov <pete.waterman@gsa.gov>
Date: Tue, 17 Mar 2026 10:15:28 -0400
Subject: [PATCH 2/2] add update

---
 FRMR.documentation.json | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/FRMR.documentation.json b/FRMR.documentation.json
index edf2b16..cf9fbb8 100644
--- a/FRMR.documentation.json
+++ b/FRMR.documentation.json
@@ -1713,21 +1713,25 @@
               "name": "Senior Security Reviewer",
               "varies_by_level": {
                 "low": {
-                  "statement": "Agencies MAY designate a senior information security official to review Ongoing Authorization Reports and represent the agency at Quarterly Reviews for cloud service offerings included in agency information systems with a Security Category of Low.",
+                  "statement": "Agencies MAY designate a senior information security official to review Ongoing Authorization Reports and represent the agency at Quarterly Reviews for cloud service offerings included in agency information systems with a Security Objective of Low.",
                   "primary_key_word": "MAY"
                 },
                 "moderate": {
-                  "statement": "Agencies MAY designate a senior information security official to review Ongoing Authorization Reports and represent the agency at Quarterly Reviews for cloud service offerings included in agency information systems with a Security Category of Moderate.",
+                  "statement": "Agencies MAY designate a senior information security official to review Ongoing Authorization Reports and represent the agency at Quarterly Reviews for cloud service offerings included in agency information systems with a Security Objective of Moderate.",
                   "primary_key_word": "MAY"
                 },
                 "high": {
-                  "statement": "Agencies SHOULD designate a senior information security official to review Ongoing Authorization Reports and represent the agency at Quarterly Reviews for cloud service offerings included in agency information systems with a Security Category of High.",
+                  "statement": "Agencies SHOULD designate a senior information security official to review Ongoing Authorization Reports and represent the agency at Quarterly Reviews for cloud service offerings included in agency information systems with a Security Objective of High.",
                   "primary_key_word": "SHOULD"
                 }
               },
               "terms": ["Agency", "Cloud Service Offering", "Quarterly Review"],
               "affects": ["Agencies"],
               "updated": [
+                {
+                  "date": "2026-03-17",
+                  "comment": "Changed mention of Security Category to security objective and added Low and Moderate."
+                },
                 {
                   "date": "2026-02-04",
                   "comment": "Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes."