Skip to content

Impact Level 5 Compliance Requirements

Impact Level 5 (IL5) is designed for systems that manage Controlled Unclassified Information (CUI) with a mission-critical or national security context. These systems require stronger safeguards compared to IL4 environments because they support DoW operations and warfighter missions.

IL5 compliance requirements

To achieve IL5 authorization, cloud systems must meet stringent criteria, including but not limited to:

  • Hosting in a U.S. facility and using a cloud service operated by U.S. citizens.
  • Physical and logical separation from non-DoW customers.
  • Access controls and auditing that meet or exceed NIST SP 800-53 security controls at the High baseline.
  • Continuous monitoring and vulnerability management compliant with DoW standards.
  • Incident response and reporting procedures aligned with DoW cyber operations.

These requirements ensure that systems operating at IL5 can protect mission-sensitive data while maintaining availability and resilience. Most commercial cloud offerings require significant customization and investment to meet these demands.

Obtain access to IL5

To access an IL5 environment, you must complete a series of prerequisites to ensure your identity, system, and access controls meet DoW security standards.

Begin with Platform One onboarding

  1. Visit the Platform One site to provision a Platform One (P1) Single Sign-On (SSO) account. See Platform One for detailed instructions.
  2. Install and configure Appgate SDP, which is required for secure network access. See Install Appgate SDP for detailed instructions.
  3. Configure your government-issued access card—such as a CAC (Common Access Card), ECA (External Certification Authority), or PIV (Personal Identity Verification)—to map to your P1 SSO account. See Platform One (P1) SSO Configuration for detailed instructions.
  4. Run compliance hardening scripts on your device to achieve at least 80% compliant before proceeding. See IL5 Access Setup for detailed instructions.

Access and review IL4 documentation

Before gaining IL5 access, you must review critical documentation hosted in an IL4 environment, which outlines compliance expectations for IL5 systems.

As IL4 documentation is hosted within a secure environment, it requires the same access setup completed during Platform One onboarding:

  • P1 SSO account
  • Appgate SDP
  • Mapped government-issued access card (CAC, ECA, or PIV)
If you’ve completed the onboarding steps above, you already have the necessary credentials to access the IL4 documentation.

Additional configuration

After satisfying the above requirements:

  • Our engineering team will ensure you are assigned to the correct application groups.
  • Additional access configurations may be required based on your role and project scope.

Need help?

If you have any questions or encounter issues during the process, reach out to your Technical Implementation Manager (TIM) for assistance.