The Software and Application Management Policy establishes the minimum security requirements that must be implemented to develop, test, install, manage, and terminate software programs, systems and applications.
With all levels of government and businesses across the country urging employees to work remotely to slow the spread of the Coronavirus, now’s a good time to review the security settings of your home network and pay close attention to business-specific guidance.
The Third Party Risk Management Policy establishes the minimum security requirements that must be implemented to manage third-party vendors who provide any type of information technology goods and/or services, outsources applications, cloud services, and/or network and security management to the Commonwealth.
This standard reinforces the Commonwealth’s commitment to a Third-Party information security strategy and outlines the controls necessary to safeguard the Commonwealth’s information assets and reduce risks.
The Vulnerability Management Policy establishes the minimum security requirements that must be implemented to protect, detect and remediate vulnerabilities in the Commonwealth’s information technology environment.
The Vulnerability Management Standard documents the requirements to protect, detect and recover from vulnerabilities in the technology environment and applies to all Executive Department offices and agencies.
This standard reinforces the Commonwealth’s commitment to a vulnerability management strategy and outlines the controls necessary to safeguard the Commonwealth’s information assets and reduce risks.
