Policy 601: Information Security Leadership tasks the Secretary of Information Technology with designating a Chief Information Security Officer (CISO) for the state, tasks agency CIOs with designating a Senior Agency Information Security Officer (SAISO), and creates the State Security Council.
Policy 601 addresses the following NIST SP 800-53 security controls:
- PM-2: Senior Information Security Officer
- PM-15: Contacts with Security Groups and Associations
View or Download: