Skip to main content
ADOA-ASET Logo
  • Home
  • About
    • Careers
    • Leadership Team
    • Statutes and Rules
    • Meeting Requests
  • Services
    • Current Rates
  • Strategy
    • ACT Recommendations
    • Digital Government
    • Enterprise Architecture
    • Enterprise Project Management Office
    • Strategic Oversight
    • Statewide Strategic IT Plans
  • Governance
    • IT Authorization Committee (ITAC)
    • Chief Information Officer (CIO) Council
    • Change Advisory Board (CAB)
    • Enterprise Security Program Advisory Council (ESPAC)
  • Programs
    • AZNET II - Arizona Network
    • Archived Programs
  • Resources
    • ASET Billing
    • Glossary
    • Policies, Standards and Procedures
    • Security
      • Incident Reporting
    • Service Desk
    • Training
    • Agency Engagement Manager List
  • Home
  • Resources
  • Information Technology Policies, Standards and Procedures

Information Technology Policies, Standards and Procedures

Information Technology (IT) Policies, Standards, and Procedures are based on Enterprise Architecture (EA) strategies and framework. EA provides a comprehensive framework of business principles, best practices, technical standards, migration and implementation strategies that direct the design, deployment and management of IT for the State of Arizona.

For more information, please contact Enterprise Architecture.

Procurement pricing related to end user devices such as laptops, desktops, etc., is available in the IT Governance section under "1000 - Information Technology" policy. Please contact your SPO representative for assistance with ordering from these contracts.

PSP Training PowerPoint Presentation

 

  • In Force
  • Open for Comment
  • In Development

Information Security

1.0 Risk Acceptance
Risk Acceptance Form
Risk Acceptance Questionnaire
8280 Acceptable Use
State Access Agreement (Word)
F8280 State Access Agreement (pdf)
Acceptable Use Summary (pdf)
Arizona NIST Baseline Security Controls
Arizona Control Quick Guide v2.0 (pdf)
Arizona Baseline Infrastructure Security Controls 2017 (Excel)
NIST SP800-53 R4 (pdf)
Arizona Baseline Infrastructure Security Controls Pre-requisite (Excel)
Resources
Tailoring PSP Templates Guide
8110 Data Classification Policy
Data Classification Policy (pdf)
Data Classification Policy Template (Word)
8120 Information Security Program
Information Security Program Policy (pdf)
Information Security Program Policy Template (Word)
Information Security Program Standard (pdf)
Information Security Program Summary (pdf)
8130 System Security Acquisition and Development
System Security Acquisition and Development Policy (pdf)
System Security Acquisition and Development Policy Template (Word)
System Security Acquisition and Development Summary (pdf)
8210 Security Awareness Training and Education
Security Awareness Training and Education Policy (pdf)
Security Awareness Training and Education Policy Template (Word)
Security Awareness Training and Education Standard (pdf)
Security Awareness Training and Education Summary (pdf)
8220 System Security Maintenance
System Security Maintenance Policy (pdf)
System Security Maintenance Policy Template (Word)
8230 Contingency Planning
Contingency Planning Policy (pdf)
Contingency Planning Policy Template (Word)
Contingency Planning Summary (pdf)
8240 Incident Response Planning
Incident Response Planning Policy (pdf)
Incident Response Planning Policy Template (Word)
Incident Response Planning Standard (pdf)
Incident Response Planning Summary (pdf)
8250 Media Protection
Media Protection Policy (pdf)
Media Protection Policy Template (Word)
Media Protection Standard (pdf)
Media Protection Summary (pdf)
8260 Physical Security Protections
Physical Security Protections Policy (pdf)
Physical Security Protections Policy Template (Word)
Physical Security Protections Summary (pdf)
8270 Personnel Security Controls
Personnel Security Controls Policy (pdf)
Personnel Security Controls Policy Template (Word)
Personnel Security Controls Summary (pdf)
8280 Acceptable Use
Acceptable Use Policy (pdf)
Acceptable Use Policy Template (Word)
8310 Account Management
Account Management Policy (pdf)
Account Management Policy Template (Word)
Account Management Summary (pdf)
8320 Access Controls
Access Controls Policy (pdf)
Access Controls Policy Template (Word)
Access Control Standard (pdf)
Access Control Summary (pdf)
8330 System Security Audit
System Security Audit Policy (pdf)
System Security Audit Policy Template (Word)
8340 Identification and Authentication
Identification and Authentication Policy (pdf)
Identification and Authentication Policy Template (Word)
Identification and Authentication Standard (pdf)
Identification and Authentication Summary (pdf)
8350 System and Communication Protections
System and Communication Protections Policy (pdf)
System and Communication Protections Policy Template (Word)
8410 System Privacy
System Privacy Policy (pdf)
System Privacy Policy Template (Word)
System Privacy Summary (pdf)
Executive Orders
Executive Order 2008-10 Mitigating Cyber Security Threats
Guest Wi-Fi Terms and Conditions
Guest Wireless Network Terms of Use
8220 System Security Maintenance
System Security Maintenance Standard (pdf)
System Security Maintenance Summary (pdf)
8330 System Security Audit
System Security Audit Standard (pdf)
System Security Audit Summary (pdf)
8350 System and Communication Protections
System and Communication Protections Standard (pdf)
System and Communication Protections Summary (pdf)
8110 Data Classification
Data Classification Summary (pdf)

IT Governance

1360 - Information Technology Planning
Project Summary Form
Information Technology Planning Policy
1000 - Information Technology
Information Technology Policy
Information Technology Policy Template
SPO End User Hardware Pricing 2016-02-11
1050 - Policies, Standards and Procedures
Policies, Standards and Procedures (PSP) Policy
Policies, Standards and Procedures (PSP) Template
1100 - Cloud First
P1100 - Cloud First Policy 1.1
S1100 - Cloud First Exception Request Standard 1.3
1250 - Website Design
Website Design Policy
1300 - Website Accessibility
Website Accessibility Policy
Website Accessibility Policy Template
1310 - Domain Naming
Domain Naming Policy
Domain Naming Standard
1650 - Release Management
Release Management Policy
Release Management Policy Template
340 Project Investment Justification
Project Investment Justification Policy
Project Investment Justification Standard
Project Status Reporting
Project Special Funding
Project Oversight

Data Governance

Implementation Guidelines
Data Governance policy adoption cost worksheet
Data Governance Policy Implementation Guidelines
Data Governance Documentation
P4470 - Data Governance Documentation Policy
P4470 - Data Governance Documentation Policy Template
Data Governance Organization
P4400 - Data Governance Organization Policy
P4400 Data Governance Organization Policy Template
Data Governance Technology
P4430 - Data Governance Technology Policy
P4430 Data Governance Technology Policy Template
Data Operations
P4450 - Data Operations Policy
P4450 - Data Governance Data Operations Policy Template
Data Quality
P4460 - Data Governance Data Quality Policy
Data Sharing and Interoperability
P4440 - Data Governance Data Interoperability Policy
AZ Standard Data Sharing Agreement Template
Enterprise Data Sharing Memorandum of Understanding (Amended)

Collaboration and Communication

4050 Email Public Records Management
Email Public Records Management Policy
5050 Social Media
Social Media Policy
Social Media Policy Template
P4070 - Electronic and Digital Signatures
Electronic and Digital Signature Policy

State Data Center

6000 State Data Center Contingency Planning
State Data Center Contingency Planning Policy
6100 State Data Center Infrastructure Configuration and Change Control
State Data Center Infrastructure Configuration and Change Control Policy
6200 State Data Center Physical Security
State Data Center Physical Security Policy

Enterprise Architecture

700 Enterprise Architecture
Enterprise Architecture Policy
7100 - Network Architecture
Network Architecture Policy
Network Infrastructure Standard
720 Platform Architecture
Platform Architecture Policy
7300 - Software Architecture
Software Architecture Policy
Software Architecture Policy Template
740 Data Information Architecture
Data Information Architecture Policy
Data Modeling Standard
Database Access Standard
750 Data Information Architecture
Service Oriented Architecture Policy

Enterprise Architecture

7000 - Enterprise Architecture
Policy/Standard Name Status Submit A Comment
Enterprise Architecture Policy Open for Comment Until
Friday, December 27, 2019
Submit a Comment

Information Security

User Owned Device Guidelines
Policy/Standard Name Status Submit A Comment
User Owned Device Guidelines Open for Comment Until
Friday, December 27, 2019
Submit a Comment
XXXX User Owned Devices
Policy/Standard Name Status Submit A Comment
User Owned Devices Open for Comment Until
Friday, December 27, 2019
Submit a Comment

Collaboration and Communication

4050 Email Public Records Management
Policy/Standard Name Status Submit A Comment
Email Public Records Management Open for Comment Until
Friday, December 20, 2019
Submit a Comment
4060 Electronic and Digital File Management
Policy/Standard Name Status Submit A Comment
Electronic and Digital File Management Open for Comment Until
Friday, December 20, 2019
Submit a Comment

Policies and documents on this tab represent transformational initiatives undertaken by Enterprise Architecture at ADOA-ASET. We invite you to actively participate in developing these by submitting comments, making recommendations and participating in one or more working sessions that we are planning in the near future. With your active participation we plan to eventually tune these into statewide polices or templates that you can tailor to your agency’s needs.

There is no set target date for implementation of the items in this tab. Please e-mail [email protected] or click the “Submit a Comment” link below to submit comments,  join a working group or submit suggestions for new policies to bridge gaps in your environment.

IT Governance

1800 - Vendor Management
Policy/Standard Name Submit A Comment
Vendor Management Policy Submit a Comment

Data Governance

4465 State-Owned Cloud Data
Policy/Standard Name Submit A Comment
State-Owned Cloud Data Policy Submit a Comment

Resources

  • ASET Billing
  • Glossary
  • Policies, Standards and Procedures
  • Security
    • Incident Reporting
  • Service Desk
  • Training
  • Agency Engagement Manager List
LinkedIn Twitter YouTube This site (RSS)
Arizona State Seal
Contact Us
ADOA-ASET
100 N. 15th Avenue, Suite 400
Phoenix, AZ 85007
Find in Google Maps
Phone: 602.542.2250
Map Image

Footer Utility

  • Statewide Website Policies
  • Site Map
  • Meeting Requests