Isms Templates

Document Sample
Isms Templates Powered By Docstoc
					                  Agency for Enterprise Information Technology

                             Office of Information Security

   Security Rule 71A-1
        o Two public meetings have been held. The Security Rule is scheduled to be completed in
             September, 2011.
   Enterprise IT Security Strategic Plan in final draft
        o The Enterprise IT Strategic Plan has been completed. It was sent to ISMs for comment
             and the final will be made available via the website after the printer has formatted the
   Agencies Security Strategic Plan and Operational Plan
        o 282.318 requires the state agencies to submit to AEIT annually by July 31, the agency's
             strategic and operational information security plans developed pursuant to the rules and
             guidelines established by the office (AEIT).
        o AEIT has formed a workgroup of Information Security Managers to update and streamline
             the process and standardize the deliverables. This project will be complete in May 2011.
                                                                                           th      th
        o The workgroup is holding training for the ISMs on the templates – May 26 and 27 ,
             invitation have gone out to the ISMs to sign up.
   Service Level Agreement Security Check sheet template
        o An Information Security Manager workgroup has created and distributed a Template to
             agencies to use as a guide for identifying potential security requirements as they move
             through data center consolidation.
   Training opportunities
        o FREE - Florida’s Digital Summit will be held May 12-13 at the FSU Turnbull Center.
             Amongst other presentations, there will be two on information security
                   Information Leakage – Symantec Corporation
                   Cybercrime Trends – Federal Bureau of Investigation
        o There will be an InfraGard Meeting - August 24, 2010: The National Institute of Standards
             and Technology (NIST) will present on how to apply security strategies to protect your
             data. This meeting is open to the public.
        o FREE - Florida Government Technology Conference – Cyber Summit ; October 19 ,
                                          th                                            th
             Cyber Summit October 20 Four keynotes on Cyber Security on Oct 20
   Enterprise Security Services Implementation Plan
    This is a proposed implementation plan for information technology security and has been
    assigned by the legislature to AEIT The completion date is December 31, 2010. . The agency
    shall describe the scope of operation, conduct costs and requirements analyses, conduct an
    inventory of all existing security information technology resources, and develop strategies,
    timeframes, and resources necessary for statewide migration.
   Recent CBS Printer Scanners news report
    A recent CBS investigative report on Multi-function devices (MFD) pointed out some issues with
    the storage of information on hard drives located within these copiers. As a result, AEIT has
    been working with DMS to provide security language for the DMS RFQ MFD procurement.
    In addition, AEIT has created a best practice whitepaper on this subject.

Description: Isms Templates document sample