The Defense Information Systems Agency has published an updated version of the Cloud Computing Security Requirements Guide by the Defense Department chief information officer in response to feedback from industry and mission partners.
DISA said Monday the CC SRG v1r2 release also includes a revision history and a comment matrix, which work to facilitate understanding of the changes among cloud service providers and enable them to provide immediate feedback.
“The new version fittingly represents the evolution we are going through to refine our processes and better position the department to enable secure options to migrate systems and data to the cloud,” said John Hickey, DISA chief information officer and risk management executive.
The update applies feedback to CC SRG v1r1 document released in January and provides guidance on DoD security objectives to CSPs that provide cloud computing technologies and services to the department, DISA said.
The agency added that the updated guide aims to help public and private stakeholders manage cloud service authorization policies and requirements.