INFORMATION ASSET DOCUMENTATION - 5315.3

Policy: In conjunction with Records Management (SAM Chapter 1600) and Property Accounting (SAM Chapter 8600) requirements, each state entity shall ensure information security documentation is prepared and maintained as part of the overall documentation for all information assets. Documentation shall include a description of the effective use and maintenance of security controls and the state entity’s responsibilities in maintaining the security of the information assets. Each state entity shall obtain administrator and user documentation for each information system, and provisions for the protection of documentation from loss, theft, damage, or misuse.

Implementation Controls: NIST SP 800-53: System and Services Acquisition (SA); SAM Chapters 1600 and 8600