Minnesota North Star
 
 
 
Advanced Search  |  Search Topics      OET Only    All North Star   

IT Security

IT Security is a high-profile issue for agencies. OET takes the lead in providing directives, resources, and applications to aid agencies in protecting their information assets.

Enterprise Information Security Incident Management Standard 2010-01 —  
Approved Dec. 23, 2009

Enterprise Vulnerability Management Security Standard 2010-02 —  
Approved Dec. 23, 2009

Enterprise Security Operational Control Policies 2010-01 —  
Approved Dec., 23, 2009

Enterprise Security Technical Control Policies 2010-02 —  
Approved Dec 23, 2009

Enterprise Security Program Applicability Standard 2009-6 —  
This, along with the Enterprise Security Program Policy, represents the scope, framework, and governance authority of the Enterprise Security Program.

Enterprise Security Program Policy 2009-06 —  
The Office of Enterprise Technology, Enterprise Security Office, and the Information Security Council announce the publication of the Enterprise Security Program Policy.

Enterprise Security Policy on Continuity of Operations Policy 2007-01 —  
This policy outlines requirements for state agencies to develop, test and maintain a Continuity of Operations Plan (COOP).

Enterprise Security Standard on Continuity of Operations Standard 2007-01 —  
Continuity of operation planning is the process of identifying, migrating and responding to an interruption of services. The purpose of this standard is to establish "when" continuity of operations planning is required, "what" is required and "why".

Portable Computing Devices 2006-04 —  
State agencies shall implement controls to reduce theft and loss of portable computing devices and data stored on them.

Enterprise Security Policy on Electronic Mail 2006-05 —  
Policy addresses security controls for state email, including encryption email messages containing not public data.

Computerized Information Resources Security Standards —  
IRM Standard 16, Version 1: (6-1998) This standard describes agency head responsibility for eleven aspects of security policy implementation and defines security related terms.

Enterprise Storage Media Sanitation Policy 2008-03 —  
This policy addresses the risk of not-public data stored on storage devices that are being removed from service. Approved Oct. 2, 2008

Glossary of Information Security Terms and Definitions —  
The Enterprise Security Glossary is a reference document for the terms, and their definitions, used throughout the Enterprise Security Program. All enterprise security policies and standards will use these terms and point to this document as a supporting document. The document is currently in draft status, due to the number of changes expected in the near term.