Enterprise Architecture

DISA / Department of Defense Cloud Computing Security Requirements Version 1 R4

  • 1.  DISA / Department of Defense Cloud Computing Security Requirements Version 1 R4

    Posted Jan 20, 2022 11:45:00 AM
      |   view attached
    Hi All,

    DOD recently published Department of Defense Cloud Computing Security Requirements Version 1 R 4 20220114

    The Cloud Computing (CC) Security Requirements Guide (SRG) outlines the security model by which DoD will leverage cloud computing, along with the security controls and requirements necessary for using cloud-based solutions. The CC SRG applies to DoD-provided cloud services and those provided by a contractor on
    behalf of the department, i.e., a commercial cloud service provider or integrator. Cloud computing technology and services provide the DoD with the opportunity to deploy an
    enterprise cloud environment aligned with federal government-wide information technology (IT) strategies and efficiency initiatives. Cloud computing enables the department to consolidate infrastructure, leverage commodity IT functions, and eliminate functional redundancies while improving the continuity of operations. The overall success of these initiatives depends on well-executed security requirements, defined and understood by both DoD components and industry. Consistent implementation and operation of these requirements ensure mission execution, provide sensitive data protection, increase mission effectiveness, and ultimately result in the outcomes and operational efficiencies the DoD seeks.

    The December 15, 2014, DoD chief information officer memo Updated Guidance on the Acquisition and Use of Commercial Cloud Computing Services defines DoD component responsibilities when acquiring commercial cloud services. The memo allows components to responsibly acquire cloud services minimally in accordance with the security requirements outlined in Federal Risk and Authorization Management Program (FedRAMP) and this CC SRG


    ------------------------------
    Michael Roza CPA, CISA, CIA, MBA, Exec MBA
    ------------------------------