DISA has released “Best Practices Guide for Department of Defense Cloud
Mission Owners” which is available at
http://iase.disa.mil/cloud_security/Pages/index.aspx

This site provides a knowledge base for cloud computing security processes and cloud service provider (CSP) security requirements.

DISA has developed the following DRAFT documents related to Cloud Computing Security and the use/integration of Cloud Computing in DoD which are available for community review and feedback/comments:
• Draft Cloud Computing Security Requirements Guide (SRG), Version 1 Release 2
• Draft Cloud Access Point (CAP) Functional Requirements Document (FRD) V2.2
• Draft Concept of Operations (CONOPS) for Cloud Computer Network Defense (CND) v1

The Draft documents and a Comment Matrix for each (in a .zip file) are available below.

Please provide comments by COB 22 August 2015 on the Comment Matrix associated with each document via one unclassified email for each comment matrix to:
disa.letterkenny.re.mbx.stig-info@mail.mil

Please Note: It is critical that each comment matrix is returned in a separate email with the subject line stating “[Your organization] Comments for [document title]” so we can distribute the comment matrices to the appropriate team for each document and easily identify the source.