DISA has approved the signed Cloud Computing Security Requirements Guide v1r2 for public release. The requirements in this SRG become effective immediately except for those CSPs currently being assessed under v1r1. The SRG is available on IASE at:http://iase.disa.mil/cloud_
DoD Cloud computing policy and the CC SRG is constantly evolving based on lessons learned with respect to the authorization of Cloud Service Offerings and their use by DoD Components. As such the CC SRG is following an “Agile Policy Development” strategy and will be updated quickly when necessary. In support of this strategy, DISA is offering a continuous public review option by accepting comments on the current version of the CC SRG at any time. Please use the comment matrix posted along with the SRG. We would appreciate it if your comments are limited to critical issues and omissions or recommended coverage topics.
Submit all comment matrices and questions to disa.stig_spt@mail.mil
For all STIG related questions, please contact the DISA STIG Customer Support Desk:disa.stig_spt@mail.mil