Policy Advisory

Policy Advisory Enterprise Information Security Policy

Date: 10/05/2018
Organization: Cybersecurity and Enterprise Risk Management
Referenced Sources: MGL Chapter 7D, Section 2

The Enterprise Information Security Policy outlines information security requirements to safeguard information assets and assist the Commonwealth to achieve its strategic objectives.

Contact for Enterprise Information Security Policy

Cybersecurity and Enterprise Risk Management

Table of Contents

Purpose

The Commonwealth of Massachusetts collects, manages and stores information on a regular basis in order to support business operations. The Commonwealth is committed to preserving the confidentiality, integrity, and availability of its information assets.

The Commonwealth must protect its information assets, provide for the integrity of business processes and records and comply with applicable laws and regulations. The Enterprise Information Security Policy reinforces the Commonwealth's commitment to protecting its information assets, establishes high-level functions of the Enterprise Security Office, and outlines information security requirements to safeguard information assets and assist the Commonwealth to achieve its strategic objectives.

Downloads for Enterprise Information Security Policy

Contact for Enterprise Information Security Policy

Referenced Sources:
Feedback