Policy Advisory

Policy Advisory  Enterprise Information Security Policy

Date: 10/05/2018
Organization: Cybersecurity and Enterprise Risk Management
Referenced Sources: MGL Chapter 7D, Section 2

The Enterprise Information Security Policy outlines information security requirements to safeguard information assets and assist the Commonwealth to achieve its strategic objectives.

Contact   for Enterprise Information Security Policy

Cybersecurity and Enterprise Risk Management

Online

For cybersecurity or risk management questions: Email Cybersecurity and Enterprise Risk Management at ERM@mass.gov

Table of Contents

Purpose

The Commonwealth of Massachusetts collects, manages and stores information on a regular basis in order to support business operations. The Commonwealth is committed to preserving the confidentiality, integrity, and availability of its information assets.

The Commonwealth must protect its information assets, provide for the integrity of business processes and records and comply with applicable laws and regulations. The Enterprise Information Security Policy reinforces the Commonwealth's commitment to protecting its information assets, establishes high-level functions of the Enterprise Security Office, and outlines information security requirements to safeguard information assets and assist the Commonwealth to achieve its strategic objectives.

Downloads   for Enterprise Information Security Policy

Contact   for Enterprise Information Security Policy

Online

For cybersecurity or risk management questions: Email Cybersecurity and Enterprise Risk Management at ERM@mass.gov
Referenced Sources:

Help Us Improve Mass.gov  with your feedback

Please do not include personal or contact information.
Feedback