FedRAMP is more a cheatsheet for compliance people. Someone in a federal agency had an auditor validate that the required NIST controls were done.

The most useful thing about FIPS 140 is that it’s a great way of quickly identifying clueless security people.