Policies and Guidance

State of Maryland Information Technology Security Manual​

The purpose of the Maryland IT Security Manual is to describe the security requirements with which executive departments and independent state agencies must comply to protect the confidentiality, integrity and availability of Maryland Information Systems (MIS) and State-owned data. This document serves as the primary policy for establishing and defining the State’s mandated IT security practices and requirements forall Maryland agencies.

IT Master Plans (ITMP)

 

Agency IT Plan Waiver

An Agency may be granted a waiver if one or more of the following conditions apply: 

  1. ​The Agency is a small agency with less than 10 resources with no IT projects or systems beyond the standard laptops/desktops with office automation software (Microsoft Office, Visio, Outlook, Google, etc.);
  2. The Agency does not have any systems beyond a static website with static content; and/or
  3. The Agency is not a “Unit” of State government, as defined under MD Code, State Finance and Procurement § 11-101.

Under certain circumstances, the Agency may still be required to complete an abridged ITMP. Please complete the form to request an ITMP waiver, and send the form to epmo.doit@maryland.gov.

IT Requests

The DoIT Intake process has been established to provide agencies with a centralized entry point to request support for their IT needs. While agencies will continue to utilize the service desk and end-user support teams for day-to-day operations, the DoIT Intake process will serve as a “no wrong door” through which agency can initiate conversations with the DoIT team to assist in increasing IT efficiency, cost effectiveness and user experience.

Examples of IT needs would include, but not be limited to the following:

  • Obtaining new services from the DoIT Service Catalogue
  • Modifying services currently being provided by DoIT
  • Identifying IT solutions for business problems
  • Leveraging existing or initiating new MITDP projects
  • Connecting agencies with available master contract vehicles and other state-wide solutions
  • Assisting in the development of long term IT strategy and roadmap planning
  • Providing technical writing services to prepare IT solicitations for review
  • Conducting IT solicitation reviews

Please send all IT requests intended for the DoIT intake process to DoIT.Intake@maryland.gov. If you would like more information about the request process, please contact your assigned Portfolio Officer​.

This process will eliminate the need for agencies to submit separate IT Solution Requests (ITSRs) Questions regarding the ITSR or ITPR processes should be directed to epmo.doit.maryland.gov.

Other Policies and Guidelines

​ ​​​​​​​​