Office of the Chief Information Officer

 Policy & Standards

 Glossary

1000 - Manpower & Personnel (Human Resources)

1100 - Training

1100-P141: Information Security Awareness and Training

1200 - System Usage

1200-P142: User Responsibilities

1200-P143: Internet Acceptable Use Policy

2000 - Communication

2100 - Social Media

2100-P010: Social Media Usage

            2100-G010: Guidelines for Use of Social Media

3000 - Plans & Operations, Research & Development

3100 - General

3100-P010: Information Technology Change Management Oversight

            3100-G010: Information Technology Change Management Guideline

3100-P160: Communications and Operations Management

3200 - Configuration Management

3200-P161: Malicious Code Prevention

3200-P163: Network Security Management

3300 - Domain Name Service

3300-P010: Web Domain Naming Policy

3400 - Email Services

3400-P010: Email Policy

3400-P011: Electronic Mail Management

          3400-S001: Electronic Mail Management Standard

3500 - Web Services

3500-P010: Web ADA Compliance Policy

3500-P011: Website Advertising Policy

          3500-S011: Advertising Disclaimer Language Standard

3500-P012: Web Browser Support Policy

          3500-S012: Web Standards

 3500-P013: Web Cookie Use Policy

3500-P014: Web Graphics and Multimedia Policy

         3500-S014: Web Graphics and Multimedia State Standard File Types

3500-P015: Web site Retention Policy

 3500-P132: Privacy Policy

3600 - Directory Services

4000 - Facilities, Logistics, Natural Resources and Environmental

4100 - Asset Management

 4100-P130: Responsibility for Information Technology Resources

5000 - Health and Safety

6000 - Legislative Affairs

6100 - General

 6100-P301: Contract Warranty Period

          6100-S301: Contract Warranty Period Standard

7000 - Budget, Finance, Audits

7100 - State Compliance Audits

 7100-P211: Policy and Technical Compliance

8000 - Information Management & Control, Document Mangement

8100 - Data Confidentiality

8100-P131: Information Classification

          8100-S131: Information Classification Standard

          8100-G131: Guidelines for Handling Sensitive and/or Confidential Documents

8100-P166: Data Protection for Electronic Government Services

8300 - Electronic Archiving

8300-P162: Backup, Storage and Restoration

          8300-G010: Information Record Decision Tree 

9000 - Security & Privacy

9100 - Physical Security

9100-P150: Physical Security of Information Technology Resources

9200 - Contractor & Vendor Security

9200-P121: Third Party Security

9300 - Application Security

 9300-P010: Web SSL Certificate Use Policy

 9300-P168: Security Controls for Instant Messaging

9400 - Information Technology Security

 9400-P164: Preparation of Electronic Devices and Media for Disposal

 9400-P167: IT Resource Monitoring

 9400-P170: User Access Management

 9400-P173: Logical Access Controls on Information Technology Resources

          9400-S173: Security Warning Banner

          9400-S173: AD Privileged Access Standard

          9400-S173: Automatic Screen Lock Standard

  9400-P174: Network Connections and Management

          9400-S174: Wireless Access Point Naming Convention Standard

 9400-P175: Mobile Computing and Telework

 9400-P180: Information Security in the System Lifecycle

 9400-P183: Technical Vulnerability Management

 9400-P190: Reporting Security Events and Vulnerabilities

 9400-P200: Information Security Planning

 9400-P210: Compliance with Legal Requirements

10000 - General

10100-P110: Security Policies, Standards and Procedures

Interim Policies

7200-P010: PCI-DSS Compliance

10200-P020: Use of Mobile Devices for Synchronizing to Google Apps