An official website of the Commonwealth of Massachusetts
This page, Designated Security Officers (DSOs), is part of
This page, Designated Security Officers (DSOs), is offered by

Designated Security Officers (DSOs)

Designated Security Officers (DSOs) are responsible for ensuring compliance with the Commonwealth’s and/or Agency/Secretariat Acceptable Use and Teleworking policies, along with the Enterprise Security Policy and Standards, and any other internal Agency/Secretariat approval processes.

Table of Contents

Designated Security Officer (DSO) Responsibilities

Compliance

DSOs are responsible for ensuring compliance with the Commonwealth’s and/or agency/Secretariat's:

  • Acceptable Use policies;
  • Teleworking policies;
  • Enterprise Security Policy and Standards; and
  • any other internal agency/Secretariat approval processes.
Requests

DSOs are responsible for submitting and approving security-related requests on behalf of their agency/Secretariat.

Certain ServiceNow request items are only available to DSOs.  Requests for these applications or services will not be accepted via Incidents or Requests submitted using other ServiceNow Catalog request items.  Unauthorized requesters will be referred back to their Agency/Secretariat DSOs - this is to ensure that all access requests have been internally approved within the Agency/Secretariat prior to submission.

Request items available to DSOs

These request items appear under the Secure Applications & Access category in the ServiceNow Catalog (see Additional Resources, below).

  • ITL - Request or Modify ITL Users and Groups*
  • Commonwealth VPN requests
  • Microsoft O365 International Access
  • Web Content Filtering Requests
  • Add/Remove a Designated Security Officer (DSO)

*NOTE: IT Liaisons (ITLs) will also have access to IT Liaison (ITL) requests

Additional Resources

Designating Agency/Secretariat DSOs

Who should be a Designated Security Officer?
  • Someone who will ensure compliance with the Commonwealth’s and/or agency/Secretariat Acceptable Use and Teleworking policies, along with the Enterprise Security Policy and Standards, and any internal agency/Secretariat approval processes.
  • Someone who will approve and submit security-related requests on behalf of their agency/Secretariat.
  • Best practice: at least two (2) DSOs per agency/Secretariat
How do I modify my agency/Secretariat's DSO list?

Only currently designated DSOs are able to add or remove DSOs on behalf of their agency/Secretariat.  DSOs may modify their agency/Secretariat DSOs using the Add/Remove a Designated Security Officer (DSO) catalog request item in ServiceNow (see Additional Resources, below).

 

Additional Resources

Feedback