We recently blogged about our plans to do a discovery for G-Cloud 9 (G9). Although this piece of work hasn’t started just yet, we’re already thinking about what we need to find out.
For G-Cloud 6 there is a new approach for the security of each service. Suppliers will need to select the most appropriate Security Assertions to a set of questions, derived from CESG’s Cloud Security Guidance. As part of our effort …
We want to share the new security approach process and draft questions that suppliers will need to answer prior to submissions for G-Cloud 6 opening.
The transition to the new G-Cloud Security Approach, which asks for self-assertion, and the Digital Marketplace will be soon coming into effect. This means that suppliers on G-Cloud will no longer need to get Pan Government Accreditation (PGA). G-Cloud will …
As you may know, since April 2014, the classification system in Government changed from 'Unclassified', 'Protect', 'Restricted', 'Confidential', 'Secret' and 'Top Secret' to just 'Official' 'Secret' and 'Top Secret'. A new Cloud Security Principles guide was published to support this. The …
In April, the Government Security Classification scheme changed. The updated OFFICIAL, SECRET and TOP SECRET classifications provide an opportunity to make the security assurance process for G-Cloud services simpler. Impact Levels are no longer relevant to describe the security properties …
Here is a new G-Cloud Service Accreditation scope template document (Version 4) for suppliers who want to apply for Pan Government Accreditation. This document has been updated to include: the new Government Security Classifications; maturity of the service; and if the …