DoW CC SRG Services

Grow Your Business with a Department of War (DoW) Provisional Authorization (PA)

Contact Us Download Data Sheet
Teamwork process

As an authorized Federal Risk and Authorization Management Program (FedRAMP) Third Party Assessment Organization (3PAO), Kratos follows its proven methodology for assessments to determine whether a Cloud Services Provider’s (CSP’s) offering meets DoW security requirements as stated in the latest version of the DoW Cloud Computing (CC) Security Requirements Guide (SRG).

Save Time & Money

The DoW CC SRG requirements are built on a FedRAMP foundation and typically leverage an existing FedRAMP authorization. The reciprocity between DoW and FedRAMP enables Kratos to recognize many efficiencies and, in most cases, limit the scope of the assessment to only the required DoW security controls and parameters in the SRG, saving the CSP both time and money.

Information Impact (Protection) Levels

Impact Level 2 icon

Impact Level 2

An assessment is no longer required! If the Cloud Service Offering (CSO) has a FedRAMP Joint Authorization Board (JAB) PA or Agency Authority to Operate (ATO), the decision to leverage the JAB PA or Agency ATO is at the discretion of the DoW Mission Owner and the responsible Authorizing Official (AO). Further assessment may be needed to grant an ATO.

Impact Levels 4/5 icon

Impact Levels 4/5

An assessment is required — based on security controls/enhancements in the FedRAMP baseline, coupled with DoW specific controls and other requirements (referred to as FedRAMP+).

Impact Level 6 icon

Impact Level 6

DoW PA assessments are required in Secret (or above) classified environments — based on security controls/enhancements in FedRAMP High, DoW CC SRG, and the CNSSI 1253 classified overlay. May require cleared staff up to the Top Secret level, DD-254 flow-down, DCSA Approved environments, lead time for CAC IDs/SIPRNET tokens, and direct oversight from the DoW during the onsite assessment.

Benefits of a Kratos DoW CC SRG Assessment

  • Improve organizational and/or information system security posture through vulnerability identification and remediation
  • Meet or improve standing with current or future mandatory regulatory frameworks/requirements (e.g., FedRAMP, FISMA, and NIST)
  • Minimize downtime by discovering vulnerabilities before they become security incidents
  • DoW-cleared staff to support assessments in Secret and Top Secret environments
  • Expand your customer base beyond FedRAMP

Ready to Learn More?

Reach out to a Kratos expert for Advice & Support
Contact Us

Work with a Leader and Make a Difference

Find Opportunities