Cyber Threat Level
Right Column
Go RIM for Policy Section 5305 - Risk Management
The following provides a central location for information security standards, authority, guidance, forms, tools, definitions, and reference to other policies related to risk management.
- Information Security Policy (State Administrative Manual)
- Authority
- Standards
- Guidance
- Forms
- Tools
- Definitions
- Related Policies
- Go RIM Home
Authority
- Government Code Section 11549
- Statewide Security Policy, Section 5305
- Agency Risk Management and Privacy Program Compliance Certification Requirements, Budget Letter 06-34
Standards
- ISO/IEC 27002:2005 (formerly ISO/IEC 17799:2005), Section 4.1 - Assessing Security Risk; Section 4.2 - Treating Security Risks; and Section 12.6 - Technical Vulnerability Management
- Federal Information Processing Standards (FIPS)
- HIPAA Security Standards, Section 164.308(a)(1)
- North America Electric Reliability Corporation (NERC) Standards CIP, 002 - Critical Cyber Asset Identification
Last Updated: Friday, July 18, 2008

