Browse by Topic

Minimum security requirements for computer operations centers

Establishes the process for detecting and responding to security incidents

Requires plans to sustain or recover/restore critical operations in the event of a system disruption or disaster

Minimum requirements for the use of cryptographic controls

Establishes an enterprise Cybersecurity Cabability Maturity Model to provide a structure for State agencies to baseline current capabilities in cybersecurity while establishing a foundation for consistent evaluation.

Provides a set of certifications for statewide cybersecurity positions.

Provides for inventory and classification of state data and information processing systems

Impact Level definitions and standards of information assets

Management of business data through its lifecycle

Requires all data to be processed, stored, transmitted and disposed in the geographical United States