Computer Operations Center Security (SS-08-016)

Minimum security requirements for computer operations centers

Facilities Security (SS-08-015)

Incorporates facilities security into overall protection of IT assets

Network Access and Session Controls (SS-08-048)

Requires control and monitoring of network sessions

Outsourced IT Services and Third-Party Interconnections (SS-08-044)

Requires third-party adherence to established State security requirements

Security Awareness Program (PS-08-010)

Establishes a need to increase user security awareness through an awareness and training program

Security Education and Awareness (SS-08-012)

Requires all employees and contractors to attend annual security awareness training

Third-Party Access (PS-08-011)

Provisions for third-party access to state facilities and information systems

Third-Party Security Requirements (SS-08-013)

Establishes security requirements for conducting business with contractors, outsourcing vendors and/or other third-parties

Web and E-Commerce Security (SS-08-049)

Requires control and management of web services