Menu
Search

Information Security Policy Manual

ISPM 100 - Information Identification and Classification Policy

Policy currently under development...

ISPM 101 - Owner and Custodian of Information Policy

Policy currently under development...

ISPM103 - Handling of Confidential and Personal Information Policy

All information classified as confidential, personal, and/or protected information must be properly stored, transmitted, moved, and disposed of in order to protect it from unauthorized access, disclosure, and modification. For the purposes of this policy, FTI and protected health information will be collectively known as “protected information.”

Read More...

ISPM104 - Access of Protected Information Through Other Agencies Policy

Policy currently under development...

ISPM105 - Configuration of the Information System Policy

Policy currently under development...

ISPM106 - Integrity of the Information Security Policy

When the information system handles, stores, or transmits Federal Tax Information (FTI) or protected health information, a system and information system policy must be developed referring to access, encryption, hash totals, etc., to protect the integrity of the information. For the purposes of this policy, FTI and protected health information will be collectively as “protected information”.

Read More...

ISPM107 - Internal Audits Policy

Policy currently under development...

ISPM108 - Data Center Mission Statement Policy

Policy currently under development...

ISPM109 - Contract Language Policy

Policy currently under development...

ISPM200 - Risk Management Program Policy

Policy currently under development...

ISPM201 - Security Incident Program Policy

Policy currently under development...

ISPM202 - Security Awareness and Training Program Policy

Policy currently under development...

ISPM203 - Acceptable Use Policy

It is DGS policy that the Department's information assets and resources shall only be utilized by authorized users and for official business of the Department.  Authorized users include all DGS employees, DGS contractors and authorized non-DGS third party individuals with access to DGS' information assets and resources.  Under no circumstances is a user authorized to engage in any activity that is illegal under local, State, or federal laws, or perform activities in violation of DGS' Acceptable Use Standards, while using or accessing DGS' information assets and resources.

Read More...

ISPM204 - Users Of Information Policy

Policy currently under development...

ISPM205 - Audit Accountability Policy

Policy currently under development...

ISPM206 - Vulnerability Management Program Policy

Policy currently under development...

ISPM207 - Patch Management Program Policy

Policy currently under development...

ISPM210 - User Identification And Authorization Standard

Policy currently under development...

ISPM211 - User Account Termination Procedure

Policy currently under development...

ISPM212 - Administrative Rights Policy

Policy currently under development...

ISPM213 - Password Policy

Policy currently under development...

ISPM214 - Electronic Mail Policy

Policy currently under development...

ISPM231 - Computing Devices On The Domain Standard

Policy currently under development...

ISPM232 - Multi-Function Device Standard

Policy currently under development...

ISPM243 - System Level Accounts Standard

Policy currently under development...

ISPM245 - Voice Over IP Standard

Policy currently under development...

ISPM256 - Mobile Devices Policy

Policy currently under development...

ISPM257 - Remote Access Policy

Policy currently under development...

ISPM300 - Contingency Planning Program Policy

Policy currently under development...

ISPM301 - Data And Backup Retention Policy

Policy currently under development...

ISPM302 - Comprehensive Documentation For Systems And Networks Policy

Policy currently under development...

ISPM400 - Physical Security Policy

Policy currently under development...

ISPM401 - Personnel Security Controls Policy

Policy currently under development...

ISPM402 - Identification Badge Policy

Policy currently under development...

ISPM403 - Locked Entry Request Policy

Policy currently under development...

ISPM503 - Cloud Storage Policy

Policy currently under development...

ISPM504 - Non-Disclosure Policy

Policy currently under development...

ISPM600 - Privacy Policy

Policy currently under development...