Skip Ribbon Commands Skip to main content

IASE content is currently preparing to migrate to the DoD Cyber Exchange.
Please see for updates to PKI/E content until the DoD Cyber Exchange goes live.

SRG-STIG Library Compilations

*PKI = DoD PKI Certificate Required

​The SRG-STIG Library Compilation .zip files are compilations of DoD Security Requirements Guides (SRGs), DoD Security Technical Implementation Guides (STIGs), Security Readiness Review (SRR) Tools (scripts and OVAL Benchmarks), as well as some other content that may be available through the IASE web site's STIG pages.

The Library Compilation .zip files will be updated and released during each SRG-STIG Quarterly Update Release Cycle to capture all newly updated or released SRGs, STIGs, and Tools. New SRG-STIG content released mid cycle will be individually downloadable from IASE as released. This content will appear in the subsequent release of the Library Compilation.

Two versions of the Library Compilation are produced, an FOUO version and a NON-FOUO version.

The file name preceded by FOUO_ is the FOUO version which contains STIGs and related content that has been designated as DoD sensitive information and therefore marked as "For Official Use Only (FOUO)" requiring protection from general distribution under the Freedom of Information Act. As such a DoD PKI certificate is required to download this file. The file name preceded by U_ is the NON-FOUO version which does not contain FOUO. It is therefore downloadable by the general public. These compilations may be used and distributed in the same manner as the individually downloaded documents. The FOUO compilation as a whole and any separated FOUO content must be handled in accordance with customary FOUO handling and dissemination guidelines.

See 'SRG-STIG Library Compilation READ ME' for more information to include download / extraction instructions, a FAQ, and a notice about access to the FOUO compilation by non-CAC holders.

NOTE: While every attempt will be made to provide a complete set of 'currently in force' SRGs, STIGs, and related tools, DISA makes no guarantee as to the completeness of the compilation or the "currently in force" status of the contents.

NOTE: While every attempt will be made to publish updated compilation files on the SRG-STIG Quarterly Update Release date, publication may lag due to competing workloads. Updated Compilation files will be published on or as soon as possible the published date. We apologize for any inconvenience this may impose.

Concerns or questions related to the contents or format of these compilation files should be directed to the DISA STIG Customer Support Desk at


 SRG-STIG Library Compilation files for download

STIGs Related Links