Cyber Threat Level
Right Column
Go RIM for Policy Section 5310 - Policy Management
The following provides a central location for information security standards, authority, guidance, forms, tools, definitions, and reference to other policies related to policy management.
- Information Security Policy (State Administrative Manual)
- Authority
- Standards
- Guidance
- Forms
- Tools
- Definitions
- Related Policies
- Go RIM Home
Authority
- Government Code Section 11549
- Statewide Security Policy, Section 5310
- Important IT Policies and Practices (Safeguards for Firewalls and Servers), Budget Letter (BL) 03-11
- Important IT Policy (Peer-to-Peer File Sharing), BL 05-03
- Information Technology Security Policy (Encryption on Portable Computing Devices), BL 05-32
- Information Technology Security Policy (Information Security Notification and Reporting), BL 06-34
Standards
- ISO/IEC 27002:2005 (formerly ISO 17799) , Section 5 - Security Policy
- Federal Information Processing Standards (FIPS)
- HIPAA Security Standards, Section 164.308(a)(1) and 164.308(a)(2)
- North America Electric Reliability Corporation (NERC) Standards CIP, 003 - Security Management Controls
- PCI-DSS, Requirement 12
Guidance
- Guideline for Establishing Data Exchange and System Interconnection Agreements Between Government Agencies (.doc, 2mb)
- A Framework for IT Policy Development by Educause
- Policy Development Process with Best Practices by ACUPA
- Policy Development and Review Process by Georgia Tech
- SANS Security Policy Project by SANS.org
Last Updated: Tuesday, May 26, 2009
