This site provides a knowledge base for cloud computing security authorization processes and security requirements for use by DoD and Non-DoD Cloud Service Providers (CSPs) as well as DoD Components, their application/system owners/operators and Information owners using Cloud Service Offerings (CSOs).
DoD Cloud Computing Security
Cloud Computing Security Requirements Guide (CC SRG)
DoD Cloud computing policy and the CC SRG is constantly evolving based on lessons learned with respect to the authorization of Cloud Service Offerings and their use by DoD Components. As such the CC SRG is following an “Agile Policy Development” strategy and will be updated quickly when necessary. In support of this strategy, DISA is offering a continuous public review option by accepting comments on the current version of the CC SRG at any time. Please use the comment matrix posted below. We would appreciate it if your comments are limited to critical issues and omissions or recommended coverage topics.
Submit all comment matrices and questions to disa.stig_spt@mail.mil