The Defense Information Systems Agency (DISA) is an agency of the US Department of Defense (DoD) and is responsible for developing and maintaining the DoD’s Cloud Computing Security Requirements Guide (CC-SRG).
The CC-SRG defines standardized security requirements for cloud services that host DoD information, systems and applications, and gives the DoD a framework for assessing the security of a cloud service offering.
Compliance with the SRG is required for any cloud service provider that will host DoD information.
IBM Cloud for Government (IC4G) is DoD DISA Impact Level-2-authorized, and supports all major US government standards and regulations.
IBM Service Descriptions (SDs) indicate if a given offering maintains DoD DISA Impact Level 2 compliance status. Services below are assessed each year.