Information Technology Policies, Standards and Procedures
Information Technology (IT) Policies, Standards, and Procedures are based on ADOA-ASET strategies and framework. This provides a comprehensive framework of business principles, best practices, technical standards, migration, and implementation strategies that direct the design, deployment, and management of IT for the State of Arizona.
Due to changes in P1050, template links for non-security policies have been removed. Please view the presentation for details.
For more information, please reach out to the ADOA-ASET PSP contact at [email protected].
Information Security
Risk Acceptance Form |
Risk Acceptance Questionnaire |
F8280 State Access Agreement (pdf) |
State Access Agreement (Word) |
Acceptable Use Summary (pdf) |
Tailoring PSP Templates Guide |
Data Classification Policy (pdf) |
Data Classification Policy Template (Word) |
System Security Acquisition and Development Policy (pdf) |
System Security Acquisition and Development Policy Template (Word) |
System Security Acquisition and Development Summary (pdf) |
System Security Maintenance Policy (pdf) |
System Security Maintenance Policy Template (Word) |
Contingency Planning Policy (pdf) |
Contingency Planning Policy Template (Word) |
Contingency Planning Summary (pdf) |
Media Protection Policy (pdf) |
Media Protection Policy Template (Word) |
Media Protection Standard (pdf) |
Media Protection Summary (pdf) |
Physical Security Protections Policy (pdf) |
Physical Security Protections Policy Template (Word) |
Physical Security Protections Summary (pdf) |
Personnel Security Controls Policy (pdf) |
Personnel Security Controls Policy Template (Word) |
Personnel Security Controls Summary (pdf) |
Acceptable Use Policy (pdf) |
Acceptable Use Policy Template (Word) |
Account Management Policy (pdf) |
Account Management Policy Template (Word) |
Account Management Summary (pdf) |
Access Controls Policy (pdf) |
Access Controls Policy Template (Word) |
Access Control Standard (pdf) |
Access Control Summary (pdf) |
System Security Audit Policy (pdf) |
System Security Audit Policy Template (Word) |
System and Communication Protections Policy (pdf) |
System and Communication Protections Policy Template (Word) |
System Privacy Policy (pdf) |
System Privacy Policy Template (Word) |
System Privacy Summary (pdf) |
Executive Order 2008-10 Mitigating Cyber Security Threats |
Guest Wireless Network Terms of Use |
System Security Maintenance Standard (pdf) |
System Security Maintenance Summary (pdf) |
System Security Audit Standard (pdf) |
System Security Audit Summary (pdf) |
System and Communication Protections Standard (pdf) |
System and Communication Protections Summary (pdf) |
Data Classification Summary (pdf) |
IT Governance
Project Summary Form |
Information Technology Planning Policy |
Information Technology Policy |
SPO End User Hardware Pricing 2016-02-11 |
IT Policies, Standards & Procedures Program |
Policies, Standards and Procedures (PSP) Template |
P1100 - Cloud First Policy 1.1 |
S1100 - Cloud First Exception Request Standard 1.3 |
Website Design Policy |
Website Accessibility Policy |
Domain Naming Policy |
Domain Naming Standard |
Release Management Policy |
Project Investment Justification Policy |
Project Investment Justification Standard |
Project Status Reporting |
Project Special Funding |
Project Oversight |
Data Governance
Data Governance policy adoption cost worksheet |
Data Governance Policy Implementation Guidelines |
State-Owned Cloud Data Policy |
P4470 - Data Governance Documentation Policy |
P4400 - Data Governance Organization Policy |
P4430 - Data Governance Technology Policy |
P4450 - Data Operations Policy |
P4460 - Data Governance Data Quality Policy |
Collaboration and Communication
Social Media Policy |
Electronic and Digital Signature Policy |
State Data Center
State Data Center Contingency Planning Policy |
State Data Center Infrastructure Configuration and Change Control Policy |
State Data Center Physical Security Policy |
Enterprise Architecture
Enterprise Architecture Policy |
Network Architecture Policy |
Network Infrastructure Standard |
Platform Architecture Policy |
Software Architecture Policy |
Service Oriented Architecture Policy |