IBM Cloud® compliance: DoD DISA
Illustration showing a person interacting with a computer interface, around which are a security shield and a small government building
What is DoD DISA?

The Defense Information Systems Agency (DISA) is an agency of the US Department of Defense (DoD) and is responsible for developing and maintaining the DoD’s Cloud Computing Security Requirements Guide (CC-SRG).

The CC-SRG defines standardized security requirements for cloud services that host DoD information, systems and applications, and gives the DoD a framework for assessing the security of a cloud service offering.

Compliance with the SRG is required for any cloud service provider that will host DoD information.

IBM position

IBM Cloud for Government (IC4G) is DoD DISA Impact Level-2-authorized, and supports all major US government standards and regulations.

IBM Service Descriptions (SDs) indicate if a given offering maintains DoD DISA Impact Level 2 compliance status. Services below are assessed each year.

Take the next step

Questions about a compliance program? Need a protected compliance report? We can help.

See more compliance programs