IT Policy and Advice for Idaho Agencies

Resources

ITA Policies (and associated Standards and Guidelines)

1000 - General

  • P1010 - IT Policies, Standards, and Guidelines Framework
    • G120 - Exemption Process
  • P1020 - Idaho.Gov Portal Privacy Notice
  • P1030 - Electronic Document Management
  • P1040 - Employee Electronic Mail and Messaging Use
    • P1080 - Cloud Computing
    • S2120 - Electronic Mail - Messaging
  • P1050 - Employee Internet Use, Monitoring and Filtering
  • P1060 - Employee Personal Computer Use
  • P1070 - Geographic Information Systems (GIS)
    • S4210 - Single Zone Coordinate System for GIS Data
    • S4220 - Geospatial Metadata
    • G320 - Metadata
    • G420 - Roles of GIS Participants
  • P1080 - Cloud Computing
    • P1040 - Employee Electronic Email and Messaging Use
    • P4120 - Online File Storage Services
Software Standards
S2100 - Operating System (O/S)
S2110 - Office Suite
S2510 - Network Operating System

2000 - IT Planning

  • P2010 - Information Technology Planning Process
    • G110 - Agency IT Plan
  • P2020 - Business Recovery Planning
    • G110 - Agency IT Plan
    • G115 - Business Recovery Plan
    • G580 - Cybersecurity Breach Notification
  • P2030 - Information Technology Large-Scale Project Review
    • G110 - Agency IT Plan
    • G210 - Major Project Summary
    • G215 - Risk Assessment
    • G225 - Cost-Benefit Analysis
    • G230 - IT Projects Best Practices Checklist
  • P2040 - Risk Assessment
    • G210 - Major Project Summary
    • G215 - Risk Assessment
  • P2050 - Cybersecurity Framework
    • G220 - Cybersecurity Framework Guidance
  • P2060 -Least Privilege and Least Functionality

3000 - Telecommunications

  • P3010 - Telecommunication Switching and Long distance Services
  • P3020 - Connectivity and Transport Protocols
    • S3510 - Network Connectivity and Transport - Transport
    • S3520 - Network Connectivity and Transport - Local Area Network
    • S3530 - Network Connectivity and Transport - Wireless LAN
    • S3540 - Network Connectivity and Transport - LAN Backbone
    • S3550 - Network Connectivity and Transport - Structured Cabling
  • P3030 - Wide Area Networks (WAN)
  • P3040 - State 911 Multi-Line telephone Systems Network Services
    • S3100 - Network Services - Internet/Intranet Web Server
    • S3110 - Network Services - Internet/Intranet Web Browser
    • S3120 - Network Services - Data/Network Integrity
    • S3130 - Network Services - Video Conferencing

4000 - Security - General

  • P4110 - Agency IT Security Coordinator
    • G510 - Cybersecurity Incident Reporting Classification Template
    • G520 - Cybersecurity Incident Handling
    • G560 - Passwords
    • G570 - Patching & Vulnerability Management
  • P4120 - Online File Storage Services
    • P1080 - Cloud Computing
    • G595 - Online File Storage Services Guideline
  • P4130 - Information Systems Classification
    • P1030 - Electronic Document Management
    • G505 - Data Classification and Labeling Guideline
Security Standards
  • S2130 - Anti-Virus / Endpoint Security (AV/EPS)
  • S3200 - Security - Firewall (Replaced by P4570)
  • S3220 - Security - Virtual Private Network
  • S3230 - Security - Server Security Requirements
    • G590A - Server Operating System; Initial Security Requirements
    • G590B - Public-Facing SQL Server Setup
    • G591B - SQL Injection Attacks: Information and Avoidance
    • G590C - Public-Facing Webserver Setup

4500 - Security - Computer and Operations Management

  • P4505 - Cybersecurity Awareness Training
  • P4510 - Cybersecurity Incident Reporting
    • P4580 - Cybersecurity Incident Management
    • G510 - Cybersecurity Incident Reporting Classification Template
    • G520 - Cybersecurity Incident Handling
    • G580 - Cybersecurity Breach Notification
  • P4520 - Patch & Vulnerability Management
    • G570 - Patching & Vulnerability Management
    • G580 - Cybersecurity Breach Notification
  • P4530 - Cleansing Data From Surplus Computer Equipment
    • G540 - Mobile Devices
    • G550 - Cleansing Data From Surplus Computer Equipment
  • P4540 - Wireless Security for State Local Area Networks
    • S3530 - Network Connectivity and Transport - Wireless LAN
    • G530 - Wireless Local Area Network (LAN) Security
  • P4550 - Mobile Device Management
  • P4560 - Data Breach Management
    • G580 - Cybersecurity Breach Notification
  • P4570 - Firewall Security (Replaces Standard S3200)
    • G535 - Firewall Configuration Guidelines
    • G536 - Firewall: Ports, Protocols and Services Request
  • P4580 - Cybersecurity Incident Management
    • P4510 - Cybersecurity Incident Reporting
    • G510 - Cybersecurity Incident Reporting Classification
    • G520 - Cybersecurity Incident Handling
    • G580 - Cybersecurity Breach Notification

5000 - Information and Data

  • P5010 - Web Publishing
    • P1020 - Idaho.Gov Portal Privacy Notice
    • P5020 - .Gov Domain
    • S4221 - Metatags
    • S5120 - Web Publishing
    • G310 - Web Publishing
    • G410 - Idaho.gov and Id.gov Domains
  • P5020 - .Gov Domain
    • G410 - Idaho.gov and Id.gov Domains
  • P5030 - Framework Standards Development
    • S4230 - Data Exchange for Emergency Service Zones
    • S4231 - Structures and Landmarks Data Exchange
    • S4232 - Parcel Data Exchange
  • P5040 - Use of Social Networking Sites
    • G330 - Best Practices for Utilizing Social Networking Sites
  • ITA Standards

    Introduction

    2000 - Software - Desktop, Notebook & Mobile Devices

    • S2100 - Operating System (O/S) - Desktop & Notebook
    • S2110 - Office Suite
    • S2120 - Electronic Mail - Messaging
    • S2130 - Anti-Virus/Endpoint Security (AV/EPS)
    • S2140 - Mobile Device Security Capabilities

    2500 - Software - Server

    • S2510 - Network Operating System

    3000 - Network and Telecommunications

    • S3100 - Network Services - Internet/Intranet Web Server
    • S3110 - Network Services - Internet/Intranet Web Browser
    • S3120 - Network Services - Data/Network Integrity
    • S3130 - Network Services - Video Conferencing
    • S3131 - Network Servcies - Video Conference Dialing Plan
    • S3200 - Security - Firewall (Replaced by P4570)
    • S3220 - Security - Virtual Private Network
    • S3230 - Security - Server Security Requirements
    • S3510 - Network Connectivity and Transport - Transport
    • S3520 - Network Connectivity and Transport - Local Area Network
    • S3530 - Network Connectivity and Transport - Wireless LAN
    • S3540 - Network Connectivity and Transport - LAN Backbone
    • S3550 - Network Connectivity and Transport - Structured Cabling

    4000 - Information and Data

    • S4210 - Single Zone Coordinate System for GIS Data
    • S4220 - Geospatial Metadata
    • S4221 - Metatags
    • S4230 - Framework Standard for Emergency Service Zones
    • S4231 - Structures and Landmarks Data Exchange
    • S4232 - Parcel Data Exchange
    • S4240 - Idaho Land Cover Dataset Standard
    • S4250 - GIS Data Sharing Standards

    5000 - Web

    ITA Guidelines

    G100 - Information Technology Planning

    • G110 - Agency IT Plan
    • G115 - Business Recovery Plan
    • G120 - Exemption Process

    G200 - Project Profile

    • G210 - IT Project Profile
    • G215 - Risk Assessment
    • G220 - Cybersecurity Framework Guidance
    • G225 - Cost-Benefit Analysis
    • G230 - IT Projects Best Practices Checklist

    G300 - Information and Data

    • G310 - Web Publishing
    • G320 - Geographic Metadata (RESCINDED - Effective June 14, 2016)
    • G330 - Best Practices for Utilizing Social Networking Sites
    • G340 - Statewide Geospatial Clearinghouse
    • G350 - Methodology for Recognizing a TIM Framework Dataset

    G400 - Architecture and Design

    • G410 - Idaho.gov, Id.gov Domains
    • G420 - Roles of GIS Participants

    G500 - Security Procedures

    • G505 - Data Classification and Labeling Guidelines
    • G510 - Cybersecurity Incident Reporting Classification Template
    • G520 - Cybersecurity Incident Handling
    • G530 - Wireless Local Area Network (LAN) Security
    • G535 - Firewall Configuration Guidelines
    • G536 - Firewall: Ports, Protocols and Services Request
    • G540 - Mobile Devices
    • G550 - Cleansing Data From Surplus Computer Equipment
    • G560 - Passwords
    • G570 - Patching & Vulnerabiltiy Management
    • G580 - Cybersecurity Breach Notification
    • G590A - Server Operating System; Initial Security Requirements
    • G590B - Public-Facing SQL Server Setup
    • G591B - SQL Injection Attacks: Information and Avoidance
    • G590C - Public-Facing Webserver Setup
    • G595 - Online File Storage Service Guideline

    Executive Orders

    The following Executive Orders are referenced in some of the ITA Policies, Standards and Guidelines.

    State IT Projects

    Strategic Plans

    Annual Reports

  • Meetings at a glance

    • Access Idaho Steering Committee

      Thursday, September 22, 2016
      1:30 - 3:00 p.m. (Mountain)
      LBJ Building, Room 155
      650 W. State St., Boise

    • IT Leadership Council

      Tuesday, October 18, 2016
      9:30 - 11:30 a.m. (Mountain)
      JRW Building
      East Conference Room
      700 W. State St., Boise

    • IGC - Executive Committee

      Thursday, September 15, 2016
      9:30 - 11:30 am (Mountain)
      JRW Building
      East Conference Room
      700 W. State St., Boise

    • Idaho Technology Authority

      Thursday, September 8, 2016
      9:30 - 11:30 am (Mountain)
      JRW Building
      East Conference Room
      700 W. State St., Boise