Security Policies/Standards/Compliance

Security Policies

​​Information Technology (IT) Security Policy Handbook

DOA Employee ID Policy (login required)


Security Standards


Access Control StandardAppropriate Use of Software Standard
Audit and Accountability StandardConfiguration Management Standard
Contingency Planning StandardData Classification Standard
Encryption Standard
Identification and Authentication Standard
Incident Response Standard
Maintenance Standard
Media Protection Standard
Mobile Device Security Standard
Password Standard
Patch Management Standard
Personnel Security Standard
Physical and Environment Protection Standard
Program Management Standard
Remote Access Standard
Risk Assessment Standard
Security and Awareness Training Standard
Security Assessment and Authorization Standard
Security Planning Standard
System and Communication Protection Standard
System and Information Integrity Standard
System and Services Acquisition Standard
Wireless Access Standard
Vulnerability Management Standard

Security Exceptions

Please note:  Due to a temporary technical difficulty, if you are unable to open the documents below, please send an email to DOA DL All DET Security and you will be sent a digital copy of the form that you can fill out and return. 

Exception Request

Exception Procedure

Risk Acceptance Agreement


Security Compliance Management

Security Compliance Management


National Institute of Standards and Technology (NIST) Special Publication 800-53 Revision 4

FINAL DRAFT Executive Branch Security Policies and Standards – 2018

Click here to see draft documents for Executive Branch Security Policies and Standards