DoIT > Operations and Support > Security Policies and Standards

The State Information Technology Security Policy and Standards

State Agencies and Contractors
Information on establishing a secure course of action for State Agencies, State Agency Personnel, and Contractors supporting State Agencies.

Information Security Policy v3.0 (252KB)
Cyber Security Evaluation Tool (CSET)
Agency Self-evaluation Tool that is mapped to version 3.0
Technical Security Plan Template

Standards for Categorizing, Certifying, and Accrediting an Information System
The official process to confirm that an information system functions as predicted and provides the appropriate level of data security

Department of Information Technology (DoIT) Policies
Examples of policies implemented by DoIT.

IT Incident Reporting Form

To Request Alerts:

To receive alerts issued by the Multi-State Information Sharing and Analysis Center (MS-ISAC), please go to https://forms.us-cert.gov/maillists/