Information Security Controls Standard (SS-17-001)

In accordance with the Information Security Control Policy, each agency operating within a shared-service environment is responsible for ensuring that applicable NIST 800-53 (rev. 5) security controls are implemented and operated effectively.

Information Security Infrastructure (SS-08-005)

Requirements for creating an information security program and infrastructure

Information Security Management Organization (SS-08-006)

Minimum standards for an information security management organization

Information Technology Policies and Standards (PM-04-001)

GTA’s statutory authority and approach for setting technology policies, standards and guidelines

Information Technology Reporting (SS-08-053)

Annual reporting requirements

Information Technology Review Policy (PM-06-001)

To ensure that proposed agency information technology initiatives are consistent with the State's strategies and goals, and with enterprise IT policies and standards.

Information Technology Review Standard SM-08-103 (SM-08-103 )

Specifies GTA and agency responsibilities concerning State oversight of information technology (IT) investments with respect to State and agency strategic goals, and with enterprise policies and standards.

Information Technology Strategic Plan (SM-09-003)

Agencies must develop and maintain an IT strategic plan

Integration Middleware (SA-07-020)

Standard middleware platform for enterprise integration

International Teleworking and Remote Access (SS-22-001 )

This standard establishes minimum security requirements for teleworking and remotely accessing state information systems while traveling internationally.