Information Technology Policies, Standards and Procedures
Information Technology (IT) Policies, Standards, and Procedures are based on Enterprise Architecture (EA) strategies and framework. EA provides a comprehensive framework of business principles, best practices, technical standards, migration and implementation strategies that direct the design, deployment and management of IT for the State of Arizona.
For more information, please contact Enterprise Architecture.
Procurement pricing related to end user devices such as laptops, desktops, etc., is available in the IT Governance section under "1000 - Information Technology" policy. Please contact your SPO representative for assistance with ordering from these contracts.
PSP Training PowerPoint Presentation
Information Security
| Risk Acceptance Form |
| Risk Acceptance Questionnaire |
| State Access Agreement (Word) |
| F8280 State Access Agreement (pdf) |
| Acceptable Use Summary (pdf) |
| Tailoring PSP Templates Guide |
| Data Classification Policy (pdf) |
| Data Classification Policy Template (Word) |
| System Security Acquisition and Development Policy (pdf) |
| System Security Acquisition and Development Policy Template (Word) |
| System Security Acquisition and Development Summary (pdf) |
| System Security Maintenance Policy (pdf) |
| System Security Maintenance Policy Template (Word) |
| Contingency Planning Policy (pdf) |
| Contingency Planning Policy Template (Word) |
| Contingency Planning Summary (pdf) |
| Media Protection Policy (pdf) |
| Media Protection Policy Template (Word) |
| Media Protection Standard (pdf) |
| Media Protection Summary (pdf) |
| Physical Security Protections Policy (pdf) |
| Physical Security Protections Policy Template (Word) |
| Physical Security Protections Summary (pdf) |
| Personnel Security Controls Policy (pdf) |
| Personnel Security Controls Policy Template (Word) |
| Personnel Security Controls Summary (pdf) |
| Acceptable Use Policy (pdf) |
| Acceptable Use Policy Template (Word) |
| Account Management Policy (pdf) |
| Account Management Policy Template (Word) |
| Account Management Summary (pdf) |
| Access Controls Policy (pdf) |
| Access Controls Policy Template (Word) |
| Access Control Standard (pdf) |
| Access Control Summary (pdf) |
| System Security Audit Policy (pdf) |
| System Security Audit Policy Template (Word) |
| System and Communication Protections Policy (pdf) |
| System and Communication Protections Policy Template (Word) |
| System Privacy Policy (pdf) |
| System Privacy Policy Template (Word) |
| System Privacy Summary (pdf) |
| Executive Order 2008-10 Mitigating Cyber Security Threats |
| Guest Wireless Network Terms of Use |
| System Security Maintenance Standard (pdf) |
| System Security Maintenance Summary (pdf) |
| System Security Audit Standard (pdf) |
| System Security Audit Summary (pdf) |
| System and Communication Protections Standard (pdf) |
| System and Communication Protections Summary (pdf) |
| Data Classification Summary (pdf) |
IT Governance
| Project Summary Form |
| Information Technology Planning Policy |
| Information Technology Policy |
| Information Technology Policy Template |
| SPO End User Hardware Pricing 2016-02-11 |
| Policies, Standards and Procedures (PSP) Policy |
| Policies, Standards and Procedures (PSP) Template |
| P1100 - Cloud First Policy 1.1 |
| S1100 - Cloud First Exception Request Standard 1.3 |
| Website Design Policy |
| Website Accessibility Policy |
| Website Accessibility Policy Template |
| Domain Naming Policy |
| Domain Naming Standard |
| Release Management Policy |
| Release Management Policy Template |
| Project Investment Justification Policy |
| Project Investment Justification Standard |
| Project Status Reporting |
| Project Special Funding |
| Project Oversight |
Data Governance
| Data Governance policy adoption cost worksheet |
| Data Governance Policy Implementation Guidelines |
| P4470 - Data Governance Documentation Policy |
| P4470 - Data Governance Documentation Policy Template |
| P4400 - Data Governance Organization Policy |
| P4400 Data Governance Organization Policy Template |
| P4430 - Data Governance Technology Policy |
| P4430 Data Governance Technology Policy Template |
| P4450 - Data Operations Policy |
| P4450 - Data Governance Data Operations Policy Template |
| P4460 - Data Governance Data Quality Policy |
Collaboration and Communication
| Email Public Records Management Policy |
| Social Media Policy |
| Social Media Policy Template |
| Electronic and Digital Signature Policy |
State Data Center
| State Data Center Contingency Planning Policy |
| State Data Center Infrastructure Configuration and Change Control Policy |
| State Data Center Physical Security Policy |
Enterprise Architecture
| Enterprise Architecture Policy |
| Network Architecture Policy |
| Network Infrastructure Standard |
| Platform Architecture Policy |
| Software Architecture Policy |
| Software Architecture Policy Template |
| Data Information Architecture Policy |
| Data Modeling Standard |
| Database Access Standard |
| Service Oriented Architecture Policy |
Policies and documents on this tab represent transformational initiatives undertaken by Enterprise Architecture at ADOA-ASET. We invite you to actively participate in developing these by submitting comments, making recommendations and participating in one or more working sessions that we are planning in the near future. With your active participation we plan to eventually tune these into statewide polices or templates that you can tailor to your agency’s needs.
There is no set target date for implementation of the items in this tab. Please e-mail [email protected] or click the “Submit a Comment” link below to submit comments, join a working group or submit suggestions for new policies to bridge gaps in your environment.
