Log in links for this page

Security Policy Exception

Request for an exception for issues identified through vulnerability scan or another compliance issue that can't be resolved. Request must include a plan to mitigate the vulnerability.

EOTSS End User and IT Service Support


Support for Commonwealth end users and IT support personnel

The Details of Security Policy Exception

Features for Security Policy Exception

Compliance with enterprise security and standards is mandatory for the Executive Department including all executive offices, boards, commissions, agencies, departments, divisions, councils, and bureaus.  In addition to enterprise security and standards, the vulnerability management program scans various environments and must comply with the standards. 

A policy exception may be granted only if the benefits of the exception outweigh the increased risks, as determined by the Commonwealth CISO.

Pricing for Security Policy Exception

There is no charge for this service.

How to request Security Policy Exception

Policies for Security Policy Exception

Contact for Security Policy Exception

Help Us Improve Mass.gov with your feedback