Accessibility Tools

Skip to main content

Access World-Class NIST RMF Documentation with ASP Learn More

DoD Cloud Security

DoD CC SRG

DoD CC SRG

Comprehensive consulting, advisory, and implementation services for DoD contractors having to comply with the Department of Defense (DoD) Cloud Computing (CC) Security Requirements Guide (SRG).

Arlington Security Portal

Get Access to 100 + NIST RMF security and privacy policies & procedures, programs, and plan templates.

Department of Defense (DoD) Cloud Computing (CC) Security Requirements Guide (SRG) Consulting and Advisory

Arlington provides comprehensive consulting, advisory, and implementation services for DoD contractors having to comply with the Department of Defense (DoD) Cloud Computing (CC) Security Requirements Guide (SRG). Per a DoD memorandum put forth in December, 2014, “...For more sensitive DoD unclassified data or missions…[the] DoD has developed cloud security requirements and guidance that go beyond FedRAMP…”.

As such, the Cloud Computing (CC) Security Requirements Guide (SRG) outlines the security model by which DoD will leverage cloud computing, along with the security controls and requirements necessary for using cloud-based solutions. The CC SRG applies to DoD-provided cloud services and those provided by a contractor on behalf of the department, i.e., a commercial cloud service provider or integrator. With Arlington, we offer industry leading cloud security solutions for AWS, Microsoft Azure, Google Cloud, Salesforce, and more.

Purpose and Audience

  • Provides security requirements and guidance to DoD and commercial cloud service providers (CSPs) that want to have their cloud service offerings CSO(s) included in the DoD Cloud Service Catalog.

  • Establishes a basis on which DoD will assess the security posture of a DoD or non-DoD CSP’s CSO, supporting the decision to grant a DoD provisional authorization (PA) that allows a CSP to host DoD missions.

  • Establishes a basis on which a DoD component’s authorizing official (AO) will assess the security posture of a DoD CSP’s CSO, supporting the decision to grant a DoD component’s authorization to operate (ATO) for the CSP/CSO, and a DoD PA if the CSO might be leveraged by other DoD Components. (e.g., DISA’s ATO/PA for milCloud).

  • Defines the requirements and architectures for the use and implementation of DoD or commercial cloud services by DoD mission owners.

Arlington Security Portal

Get Access to 100 + NIST RMF security and privacy policies & procedures, programs, and plan templates.

Related Services

Corresponding Case Studies

How Arlington Can Help with CC SRG Implementation and Compliance

Arlington offers the following advisory services for helping DoD contractors implement all required Cloud Computing (CC) Security Requirements Guide (SRG) measures:

Why Arlington?

Decades of Defense Industry Expertise. Recognized leaders in all things DoD. World-Class Arlington Security Portal (ASP).

Passion. Integrity. Innovation. Impact.