600: SECURITY AND PRIVACY – OIT- The Alabama Office of Information Technology

Protecting the Confidentiality, Integrity, and Availability of Information requires a risk-based approach that accounts for both the privacy and security aspects of data stewardship. OIT policies, procedures, standards, and guidelines are aimed at protecting information in a manner commensurate with the risk that would result from unauthorized access, use, disclosure, disruption, modification, or destruction of such information.

Released	Reviewed	Title
04/04/2018	03/16/2018	Policy 606: Annual Security Survey

04/23/2019	04/11/2019	Policy 621: Data Breach Notification - DRAFT

09/17/2018	09/13/2018	Policy 630: Identification & Authentication
03/12/2019	01/16/2019	* Standard 630S1: Authenticator Management
09/17/2018	09/13/2018	* Guideline 630G1: Biometric Authentication

09/17/2018	09/13/2018	Policy 638: Mobile Device Access Control
09/17/2018	09/13/2018	* Standard 638S1: Mobile Device Management
09/17/2018	09/13/2018	* Standard 638S2: Mobile Device Use

05/09/2019	08/15/2019	Policy 639: External Information Systems - DRAFT
05/09/2019	08/15/2019	* Standard 639S1: External System Connections - DRAFT

04/04/2018	03/16/2018	Policy 640: Security Awareness and Training
09/14/2018	09/13/2018	* Procedure 640P1: FTI Disclosure Awareness Training
09/14/2018	09/13/2018	* Form 640F1: FTI Confidentiality Statement

09/14/2018	09/13/2018	Policy 660: System Use
09/14/2018	09/13/2018	* Standard 660S1: User Rules of Behavior
08/05/2019	Review Now	* Standard 660S1: User Rules of Behavior - REVISED - DRAFT