Contact for Enterprise Information Security Policy

Cybersecurity and Enterprise Risk Management

Table of Contents


The Commonwealth of Massachusetts collects, manages and stores information on a regular basis in order to support business operations. The Commonwealth is committed to preserving the confidentiality, integrity, and availability of its information assets.

The Commonwealth must protect its information assets, provide for the integrity of business processes and records and comply with applicable laws and regulations. The Enterprise Information Security Policy reinforces the Commonwealth's commitment to protecting its information assets, establishes high-level functions of the Enterprise Security Office, and outlines information security requirements to safeguard information assets and assist the Commonwealth to achieve its strategic objectives.

Downloads for Enterprise Information Security Policy

Contact for Enterprise Information Security Policy

Referenced Sources: