The Mission Owner must select and configure an Impact Level 5 cloud service offering (CSO) listed in the DISA Provisional Authorization (PA) DOD Cloud Catalog when hosting Unclassified National Security Information (U-NSI).
An XCCDF Rule
Description
U-NSI must be housed on an Impact Level 5 CSO. This is Unclassified National Security Systems (NSS) information and data. This is because NSS-specific security requirements are included in FedRAMP+.
- ID
- SV-259886r959010_rule
- Version
- SRG-OS-000480-CLD-000032
- Severity
- High
- References
- Updated
Remediation Templates
A Manual Procedure
This applies to Impact Level 5.
FedRAMP High.
For U-NSI information, select and configure a CSO listed in the DISA PA DOD Cloud Catalog for use with Impact Level 5.
Specify in the Service Level Agreement (SLA) with the CSP and any third-party providers compliance with applicable STIG configurations.