Undergoing FedRAMP+ at Impact Level 4

white paper

Achieving FedRAMP+ at Impact Level 4 Through The Department of Defense

Undergoing FedRAMP+ at Impact Level 4

The Department of Defense (DoD) has created cloud computing security requirements that go above and beyond the current FedRAMP requirements for cloud service providers (CSP) interested in selling services to the DoD and its affiliates. The authorization program is managed by the Defense Information Systems Agency (DISA).

The DoD Cloud Computing Security Requirements Guide (DoD SRG) authorization process closely mirrors the FedRAMP authorization process, allowing CSPs to leverage the work done for FedRAMP. CSPs will need to meet additional controls to satisfy the requirements for one of four information impact levels (IL) defined by the DoD. In fact, all CSPs receiving FedRAMP Moderate authorizations are equivalent to and awarded a DoD SRG authorization for IL2. Assessments must be conducted by a FedRAMP-accredited Third Party Assessment Organization (3PAO).

This paper will explore and detail the process that a CSP needs to undergo to achieve IL4 compliance, activities involved with achieving the IL4 accreditation, and how to prepare for the IL4 process and briefing.

This white paper requires registration. Please fill out the form to instantly receive access.