The Physical and Environmental Security Policy ensures that the Commonwealth's information assets, whether on-site or off-site, are protected against unauthorized physical access, damage, or loss due to physical and/or environmental causes.
This standard reinforces the Commonwealth’s commitment to a physical and environmental strategy and outlines the controls necessary to safeguard the Commonwealth’s information assets and reduce risks.
The Physical and Environmental Security Standard establishes requirements to ensure that the Commonwealth’s information assets are protected by physical and environmental controls that prevent tampering, damage, theft or unauthorized physical access.
This standard reinforces the Commonwealth’s commitment to a secure system and software strategy and outlines the controls necessary to safeguard the Commonwealth’s information assets and reduce risks.
Executive Office of Technology Services and Security The Secure System and Software Lifecycle Management Standard establishes requirements for identifying controls to be incorporated in system and software planning, design, building, testing and implementation.
Executive Office of Technology Services and Security
EOTSS has standardized on and is implementing a VMP throughout the Commonwealth enterprise. All executive branch entities and other state agencies as determined by the Secretary/CIO of Technology Services and Security under Chapter 7D are required to comply with this program. There will be corresponding Administrative Directives published in support of this program.
The Software and Application Management Policy establishes the minimum security requirements that must be implemented to develop, test, install, manage, and terminate software programs, systems and applications.
