Standards for Categorizing, Certifying, and Accrediting an Information System

The Certification and Accreditation process is intended to provide assurance to the managers responsible for an agency's business mission and IT infrastructure that security risk associated with an IT system was evaluated and determined to be at an acceptable level.

These guidelines apply to all agencies of the Executive Branch of the government of the State of Maryland.  Agencies are encouraged to evaluate and accredit each IT system and/or site operated by, or on behalf of, the agencies (including those operated by contractors).

Standards for Categorizing of Information Systems (144KB)
Provides standard procedures for categorizing security levels of information systems

Security Certification and Accreditation Guidelines (189KB)
Details the State IT Security Certification and Accreditation process

IT Security Certi​fication Overview (102KB)
A brief overview of State IT Security and Accreditation