IL0, IL1/2, IL3? Busting the G-Cloud Accreditation Security Jargon

GCloud image

UPDATE June 2015: Since the original publication of this article, the Government’s approach to G-Cloud security has significantly changed. Please refer to this article instead – it explains the new security assertions process introduced with G-Cloud 6. To keep in touch with future developments why not sign-up to receive our regular news.

If you are a supplier looking to offer your services through the Government’s G-Cloud service you’ll need to get that service accredited, and security accreditation is a big part of this.

This can seem a complex process if you are new to this world. We know from helping other suppliers achieve G-Cloud accreditation that part of the confusion stems from the varying levels of security requirements. As with any Government accreditation scheme there’s a lot of jargon: IL0, IL1/2, IL3? What does this all mean and what level applies to you? Here is Ascentor’s simple guide. 

Ascentor’s quick guide to G-Cloud security requirements

G-Cloud services are divided into three tiers, which represent the security requirements of the customer’s information.  Your accreditation requirements vary between these tiers:

  • IL0 – This represents the lowest level of security requirements: There is no requirement for security accreditation.  Very few services will fall into this category.
  • IL1/2 – This represents the baseline level of security requirements and is probably relevant for 60%-70% of public sector customers.  Accreditation is based on the use of ISO 27001 certification, i.e. good commercial practice.
  • IL3 – This requires enhanced security to protect sensitive information and is a common requirement for central Government departments and some agencies.  Accreditation is based on HMG security standards – these are based on ISO 27001, but with more stringent requirements.

We hope these definitions help to make the G-Cloud security accreditation process a bit clearer. You’ll find some G-Cloud accreditation tips here: for IL1/2.


Article by Peter Curran, Principal IA Consultant at Ascentor.

Looking for support for your G-Cloud project? Find out how we can help.

Other articles you might like:

avatar

Peter Curran

Principal IA Consultant at Ascentor

More Posts

Follow Me:
Twitter

Share

3 Trackbacks

You can leave a trackback using this URL: http://www.ascentor.co.uk/2012/12/ilo-il12-il3-busting-g-cloud-accreditation-security-jargon/trackback/

  1. By Five Steps to G-Cloud Accreditation | Ascentor on December 3, 2012 at 7:04 pm

    […] Uncategorized Home / Government Information Security, Information Security for Government Suppliers, PSN and G-Cloud / Five Steps to G-Cloud Accreditation « Four Stages to Protecting Your Online Identity ILO, IL1/2, IL3? Busting the G-Cloud Accreditation Security Jargon » […]

  2. […] G-Cloud service you’ll need to undergo a security accreditation process. As we set out in our previous blog post, G-Cloud services are divided into three tiers. Here are a few useful tips for those who require […]

  3. […] G-Cloud service you’ll need to undergo a security accreditation process. As we set out in our previous blog post, G-Cloud services are divided into three tiers. Here are a few useful tips for those who require […]

Post a Comment

Your email is never shared. Required fields are marked *

*
*

Latest Insights

Recent Comments

    • Barry Harvey: It is perhaps surprising to hear that a generation we think of as being tech savvy is anything but....
    • David Conway: I can imagine that, even at this stage, many businesses will still be blissfully unaware of this...
    • Sonja Jefferson: Are you going to be offering that training for ‘normal, non-techie people that now have...
    • Dave James: @Colin Robbins: Yes, Its really illumintaing isnt’t it. Provides a bit of context to the recent...
    • Colin Robbins: Very interesting report. I find it staggering that 26% of companies had not briefed their boards on...
  •  
    Buy Cialis in UK