Policy 510: Enterprise Architecture defines the roles and responsibilities for OIT and state agencies to create and support an enterprise network architecture.

Standard 510S1: Zone Architecture provides an overview of the OIT multi-zone network architecture approach.

Standard 510S2: Point of Sale (POS) Systems Architecture provides requirements for a solution-based architecture that assures compliance with the Payment Card Industry (PCI) Data Security Standard (DSS).

These documents will replace the following legacy documents:

  • Policy 510 replaces Policy 500: Statewide Information Systems Architecture
  • Standard 510S1 replaces Standard 500S1: Network Architecture Standard
  • Standard 510S2 replaces Standard 662S3: POS Systems Security

Each of the new documents are a reboot of the legacy documents they are replacing; only minor changes were made.

Risks addressed in this document set include:

  • Standardizing enterprise architecture processes for state agencies
  • Defining network zones – helps manage communications between services and systems
  • Compliance with PCI DSS

Policy 510 addresses NIST SP800-53r4 and IRS Pub. 1075 security control PM-7.


View or Download:

DRAFT Policy 510: Enterprise Architecture

DRAFT Standard 510S1: Zone Architecture

DRAFT Standard 510S2: Point of Sale (POS) Systems Architecture