601: INFORMATION SECURITY LEADERSHIP

Policy 601: Information Security Leadership tasks the Secretary of Information Technology with designating a Chief Information Security Officer (CISO) for the state, tasks agency CIOs with designating a Senior Agency Information Security Officer (SAISO), and creates the State Security Council.

 

Policy 601 addresses the following NIST SP 800-53 security controls:

  • PM-2: Senior Information Security Officer
  • PM-15: Contacts with Security Groups and Associations

 

View or Download:

DRAFT Policy 601: Information Security Leadership