Skip to main content
ADOA-ASET Logo
  • Home
  • About
    • Careers
    • Leadership Team
    • Statutes and Rules
    • Meeting Requests
  • Services
    • Current Rates
  • Strategy
    • ACT Recommendations
    • Digital Government
    • Enterprise Architecture
    • Enterprise Project Management Office
    • Strategic Oversight
    • Statewide Strategic IT Plans
  • Governance
    • IT Authorization Committee (ITAC)
    • Chief Information Officer (CIO) Council
    • Change Advisory Board (CAB)
    • Enterprise Security Program Advisory Council (ESPAC)
  • Programs
    • AZNET II - Arizona Network
    • Archived Programs
  • Resources
    • ASET Billing
    • Glossary
    • Policies, Standards and Procedures
    • Security
      • Incident Reporting
    • Cyber Resources - Local/Tribal Governments
    • Service Desk
    • Training
    • Agency Engagement Manager List
  • Home
  • Resources
  • Information Technology Policies, Standards and Procedures

Information Technology Policies, Standards and Procedures

Information Technology (IT) Policies, Standards, and Procedures are based on ADOA-ASET strategies and framework. This provides a comprehensive framework of business principles, best practices, technical standards, migration, and implementation strategies that direct the design, deployment, and management of IT for the State of Arizona.

Due to changes in P1050, template links for non-security policies have been removed. Please view the presentation for details.

For more information, please reach out to the ADOA-ASET PSP contact at [email protected]. 

 

 

  • In Force
  • Open for Comment

Information Security

1.0 Risk Acceptance
Risk Acceptance Form
Risk Acceptance Questionnaire
8280 Acceptable Use
F8280 State Access Agreement (pdf)
State Access Agreement (Word)
Acceptable Use Summary (pdf)
Arizona NIST Baseline Security Controls
Arizona Control Quick Guide v2.0 (pdf)
Arizona Baseline Infrastructure Security Controls Pre-requisite (Excel)
Arizona Baseline Infrastructure Security Controls 2017 (Excel)
NIST SP800-53 R4 (pdf)
Resources
Tailoring PSP Templates Guide
8110 Data Classification Policy
Data Classification Policy (pdf)
Data Classification Policy Template (Word)
8120 Information Security Program
Information Security Program Policy (pdf)
Information Security Program Policy Template (Word)
Information Security Program Standard (pdf)
Information Security Program Summary (pdf)
8130 System Security Acquisition and Development
System Security Acquisition and Development Policy (pdf)
System Security Acquisition and Development Policy Template (Word)
System Security Acquisition and Development Summary (pdf)
8210 Security Awareness Training and Education
Security Awareness Training and Education Policy (pdf)
Security Awareness Training and Education Policy Template (Word)
Security Awareness Training and Education Standard (pdf)
Security Awareness Training and Education Summary (pdf)
8220 System Security Maintenance
System Security Maintenance Policy (pdf)
System Security Maintenance Policy Template (Word)
8230 Contingency Planning
Contingency Planning Policy (pdf)
Contingency Planning Policy Template (Word)
Contingency Planning Summary (pdf)
8240 Incident Response Planning
Incident Response Planning Policy (pdf)
Incident Response Planning Policy Template (Word)
Incident Response Planning Standard (pdf)
Incident Response Planning Summary (pdf)
8250 Media Protection
Media Protection Policy (pdf)
Media Protection Policy Template (Word)
Media Protection Standard (pdf)
Media Protection Summary (pdf)
8260 Physical Security Protections
Physical Security Protections Policy (pdf)
Physical Security Protections Policy Template (Word)
Physical Security Protections Summary (pdf)
8270 Personnel Security Controls
Personnel Security Controls Policy (pdf)
Personnel Security Controls Policy Template (Word)
Personnel Security Controls Summary (pdf)
8280 Acceptable Use
Acceptable Use Policy (pdf)
Acceptable Use Policy Template (Word)
8310 Account Management
Account Management Policy (pdf)
Account Management Policy Template (Word)
Account Management Summary (pdf)
8320 Access Controls
Access Controls Policy (pdf)
Access Controls Policy Template (Word)
Access Control Standard (pdf)
Access Control Summary (pdf)
8330 System Security Audit
System Security Audit Policy (pdf)
System Security Audit Policy Template (Word)
8340 Identification and Authentication
Identification and Authentication Policy (pdf)
Identification and Authentication Policy Template (Word)
Identification and Authentication Standard (pdf)
Identification and Authentication Summary (pdf)
8350 System and Communication Protections
System and Communication Protections Policy (pdf)
System and Communication Protections Policy Template (Word)
8410 System Privacy
System Privacy Policy (pdf)
System Privacy Policy Template (Word)
System Privacy Summary (pdf)
Executive Orders
Executive Order 2008-10 Mitigating Cyber Security Threats
Guest Wi-Fi Terms and Conditions
Guest Wireless Network Terms of Use
8220 System Security Maintenance
System Security Maintenance Standard (pdf)
System Security Maintenance Summary (pdf)
8330 System Security Audit
System Security Audit Standard (pdf)
System Security Audit Summary (pdf)
8350 System and Communication Protections
System and Communication Protections Standard (pdf)
System and Communication Protections Summary (pdf)
8110 Data Classification
Data Classification Summary (pdf)

IT Governance

1360 - Information Technology Planning
Project Summary Form
Information Technology Planning Policy
1000 - Information Technology
Information Technology Policy
SPO End User Hardware Pricing 2016-02-11
1050 IT Policies, Standards & Procedures Program
IT Policies, Standards & Procedures Program
Policies, Standards and Procedures (PSP) Template
1100 - Cloud First
P1100 - Cloud First Policy 1.1
S1100 - Cloud First Exception Request Standard 1.3
1250 - Website Design
Website Design Policy
1300 - Website Accessibility
Website Accessibility Policy
1310 - Domain Naming
Domain Naming Policy
Domain Naming Standard
1650 - Release Management
Release Management Policy
P340 - Project Investment Justification
Project Investment Justification Policy
3400 Project Investment Justification
Project Investment Justification Standard
Project Status Reporting
Project Special Funding
Project Oversight

Data Governance

Implementation Guidelines
Data Governance policy adoption cost worksheet
Data Governance Policy Implementation Guidelines
4465 State-Owned Cloud Data
State-Owned Cloud Data Policy
Data Governance Documentation
P4470 - Data Governance Documentation Policy
Data Governance Organization
P4400 - Data Governance Organization Policy
Data Governance Technology
P4430 - Data Governance Technology Policy
Data Operations
P4450 - Data Operations Policy
Data Quality
P4460 - Data Governance Data Quality Policy
Data Sharing and Interoperability
P4440 - Data Governance Data Interoperability Policy
AZ Standard Data Sharing Agreement Template
Enterprise Data Sharing Memorandum of Understanding (Amended)

Collaboration and Communication

5050 Social Media
Social Media Policy
P4070 - Electronic and Digital Signatures
Electronic and Digital Signature Policy

State Data Center

6000 State Data Center Contingency Planning
State Data Center Contingency Planning Policy
6100 State Data Center Infrastructure Configuration and Change Control
State Data Center Infrastructure Configuration and Change Control Policy
6200 State Data Center Physical Security
State Data Center Physical Security Policy

Enterprise Architecture

700 Enterprise Architecture
Enterprise Architecture Policy
7100 - Network Architecture
Network Architecture Policy
Network Infrastructure Standard
720 Platform Architecture
Platform Architecture Policy
7300 - Software Architecture
Software Architecture Policy
750 Data Information Architecture
Service Oriented Architecture Policy

IT Governance

3400 Project Investment Justification
Policy/Standard Name Status Submit A Comment
Project Investment Justification Policy Open for Comment Until
Friday, April 16, 2021
Submit a Comment

Collaboration and Communication

P4070 - Electronic and Digital Signatures
Policy/Standard Name Status Submit A Comment
Electronic and Digital Signature Policy Open for Comment Until
Friday, April 16, 2021
Submit a Comment

Resources

  • ASET Billing
  • Glossary
  • Policies, Standards and Procedures
  • Security
    • Incident Reporting
  • Cyber Resources - Local/Tribal Governments
  • Service Desk
  • Training
  • Agency Engagement Manager List
LinkedIn Twitter YouTube This site (RSS)
Arizona State Seal
Contact Us
ADOA-ASET
100 N. 15th Avenue, Suite 400
Phoenix, AZ 85007
Find in Google Maps
Phone: 602.542.2250
Map Image

Footer Utility

  • Statewide Website Policies
  • Site Map
  • Meeting Requests