PSN and G-Cloud
IL0, IL1/2, IL3? Busting the G-Cloud Accreditation Security Jargon
UPDATE June 2015: Since the original publication of this article, the Government’s approach to G-Cloud security has significantly changed. Please refer to this article instead – it explains the new security assertions process introduced with G-Cloud 6. To keep in touch with future developments why not sign-up to receive our regular news .
If you are a supplier looking to offer your services through the Government’s G-Cloud service you’ll need to get that service accredited, and security accreditation is a big part of this.
This can seem a complex process if you are new to this world. We know from helping other suppliers achieve G-Cloud accreditation that part of the confusion stems from the varying levels of security requirements. As with any Government accreditation scheme there’s a lot of jargon: IL0, IL1/2, IL3? What does this all mean and what level applies to you? Here is Ascentor’s simple guide.
Ascentor’s quick guide to G-Cloud security requirements
G-Cloud services are divided into three tiers, which represent the security requirements of the customer’s information. Your accreditation requirements vary between these tiers:
- IL0 — This represents the lowest level of security requirements: There is no requirement for security accreditation. Very few services will fall into this category.
- IL1/2 — This represents the baseline level of security requirements and is probably relevant for 60%-70% of public sector customers. Accreditation is based on the use of ISO 27001 certification, i.e. good commercial practice.
- IL3 — This requires enhanced security to protect sensitive information and is a common requirement for central Government departments and some agencies. Accreditation is based on HMG security standards – these are based on ISO 27001, but with more stringent requirements.
We hope these definitions help to make the G-Cloud security accreditation process a bit clearer. You’ll find some G-Cloud accreditation tips here: for IL1/2 .
Article by Peter Curran ,Principal IA Consultantat Ascentor.
Looking for support for your G-Cloud project? Find out how we can help.
Other articles you might like:
For Further Information
If you have any questions about the topics we've covered, or would like to have a chat about any aspect of your own cyber security strategy, please get in touch with the team at Ascentor.
Please use the contact details below - also found on our Contact Us page.