• Executive Order No. 504

    An Order signed by Governor Patrick on September 19, 2008 that recognizes the importance of protecting personal information and specifically outlines how all state agencies in the Executive Branch must address the security and confidentiality of personal information.
  • Workshop for Agency Information Security Officers (ISOs) ppt format of 			Workshop for Agency ISOs
	file size 1MB

    Materials for April 2009 EO 504 training presentation to agency ISOs.
  • Webcast

    A link to a webcast, hosted by Qwest, for CIO's and agency general counsels who could not attend the meetings in person.
  • Implementing E0504 in Your Agency ppt format of 			Implementing E0504 in Your
	file size 1MB

    A presentation for the Tech-Law Group Training Program given by Linda Hamel, General Counsel for the Information Tech. Division; Stephanie Ziertan, Deputy Gen. Counsel for the Information Tech. Division; and Jenny Hedderman, Deputy Gen. Counsel for the Office of the State Comptroller.
  • Executive Order 504: Procurement Standards and Procedures

    This document outlines mandatory procurement standards and procedures adopted by ITD under the authority granted to it under EO 504.
  • Vendor Certification Requirements

    In order to comply with the contractor certification requirements of Executive Order 504, agencies must require that all vendors executing contracts on or after January 1, 2009 certify compliance with applicable security measures. This resource provides guidance on complying with the certification requirements of Executive Order 504.
  • Vendor Certification Form doc format of 			Vendor Certification Form

    The Commonwealth's Standard Contract Form and Instructions will be amended to include certification of compliance; however, until such time as the Standard Contract Form has been amended, agencies that are subject to Executive Order 504 can comply with this obligation by having vendors entering into any new agreements execute this form. Instructions in completing this form can be found under Vendor Certification Requirements.
  • Agency Compliance Checklist doc format of 			Agency Compliance Checklist

    A tool to assist agencies in complying with Executive Order 504.
  • Information Security Program (ISP) & Electronic Security Plan (ESP) Tool xls format of 			Information Security Prog

    The Executive Order 504 ISP/ESP tool is populated by agencies of the Commonwealth in their identification of compliance measures in place or planned which address EO 504 requirements.
  • ITD Model Security/Privacy Matrix xls format of 			ITD Model Security/Privac

  • EO504 User Group Wiki Page

    A login is required to access this page. This wiki page has contact information and resources available for agencies regarding EO504.