Information Technology Policies, Standards and Procedures
Information Technology (IT) Policies, Standards, and Procedures are based on ADOA-ASET strategies and frameworks. They provide a comprehensive framework of business principles, best practices, technical standards, migration, and implementation strategies that direct the design, deployment, and management of IT for the State of Arizona.
Please note that the P8000: Information Security Policies, Standards and Procedures have been moved to the new Department of Homeland Security Information Technology (IT) Policies, Standards, and Procedures webpage.
A PSP Frequently Asked Questions (FAQs) document is now available. If additional information is needed, please reach out to [email protected].
Please note the Category and Status filters below. The Category filter allows the user to view only one category of PSPs at a time if desired. The Status filter allows the user to view PSPs that are either "In Force" or "Open for Comment Until". "Open for Comment Until" shows PSPs in draft form that are open for a two-week period to receive feedback prior to being approved and published as "In Force."
P1000: IT Governance
| P1000 - Information Technology Governance Policy |
| P1020 - Independent Verification And Validation (IV&V) Policy |
| P1050 - IT Policies, Standards & Procedures Program | ||
| T1050 - Policy Template | ||
| T1060 - Standard Template | ||
| T1070 - Procedure Template |
| P1100 - Cloud Smart Policy | ||
| S1100 - Cloud Smart Exception Standard | ||
| Cloud Smart Policy Exception Form |
| S1110 - Google Workspace Platform Standard |
| S1120 - Gmail Standard |
| S1130 - Google Drive Standard |
| P1250 - Website and Application Design Policy |
| P1300 - Accessibility of Electronic or Information Technology Policy |
| P1310 - Domain Naming Policy | ||
| S1310 - Domain Naming Standard |
| P1360 - Information Technology Planning Policy |
| P1550 - Change Control & Management Policy | ||
| S1550 - Change Control & Management Standard | ||
| 1550PR - Change Control & Management Procedure |
| P1650 - Release Management Policy |
| P2000 - Generative AI Policy | ||
| 2000PR - Use of Generative AI Procedure |
P4400: Data Governance
| P4400 - Data Governance Organization Policy | ||
| S4400 - Data Governance Organization Policy Exception Standard |
| P4430 - Data Governance Technology Policy |
| P4440 - Data Governance Data Interoperability Policy | ||
| T4440 - AZ Standard Data Sharing Agreement Template | ||
| Enterprise Data Sharing Memorandum of Understanding (Amended) |
| P4450 - Data Governance Data Operations Policy |
| P4460 - Data Governance Data Quality Policy |
| P4465 - State-Owned Cloud Data Policy |
| P4470 - Data Governance Documentation Policy |
| Data Governance Policy Implementation Guidelines |
P5000: Collaboration and Communication
| P5050 - Social Media Policy |
| P5070 - Electronic and Digital Signature Policy |
P6000: State Data Center
| P6000 - State Data Center Contingency Planning Policy |
| P6100 - State Data Center Infrastructure Configuration Management and Change Control Policy |
| P6200 - State Data Center Physical Security Policy |
P7000: Enterprise Architecture
| S7100 - Network Infrastructure Standard |
| P7100 - Network Operations Policy |
| P7300 - Software Architecture Policy |