Web Content Viewer

ITS-SEC-02 Enterprise Security Controls Framework

This state IT standard specifies the minimum requirements for information security in all agencies and identifies the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 (Revision 4), “Security and Privacy Controls for Federal Information Systems and Organizations,” as the framework for information security controls implementation for the state.