TO:
Agency Chief Information Officers (AIO)
Chief Information Officers (CIO)
Agency Information Security Officers (AISO)
Information Security Officers (ISO)
SUBJECT:
CDT General SIMM Maintenance
BACKGROUND:
The California Department of Technology (CDT) routinely evaluates its Statewide Information Management Manual (SIMM) policies and procedures for needed updates. The outcome of its most recent evaluation yielded non-substantive changes to several information security SIMMs. A summary of the updates for each SIMM is outlined below.
PURPOSE:
The purpose of this Procedures/Standards update is to announce:
-
- The outcome of its most recent evaluation which yielded non-substantive changes to several information security SIMMs (5300-C, 5310-A, and 5310-C). A summary of the updates for each SIMM is provided below.
- SIMM 5300-C: GV-1a and ID.GV-1b has been updated to include National Institute of Standards and Technology (NIST) 800-53, Revision 5 and minor edits to ID.GV-1a to clarify Privacy Threshold Assessment/Privacy Impact Assessment (PTA/PIA) policy.
- SIMM 5310-A: Minor edits to Privacy Policy Statement date requirement to include last reviewed date, last revision date in addition to the effective date of the privacy policy statement.
- SIMM 5310-C: Corrected section 4.2.2 Collection Tip information to reflect SAM section 4.2 references.
- People, Process and Technology: People, Process and Technology: A Navigational Guide for Agency/State Entities to Achieve Effective Information Security has been updated to include NIST 800-53, Revision 5.
REFERENCES:
The following reference materials are associated with this procedures/standards update. Statewide Information Management Manual (SIMM) is available on the CDT’s website located at Policy – SIMM. The State Administrative Manual (SAM) is available on the Department of General Services website located at: SAM – DGS.
-
- SIMM 5300-C
- SIMM 5310-A
- SIMM 5310-C
- SAM 5300
QUESTIONS:
Questions regarding this announcement may be directed to the CDT, Office of Information Security (OIS) at security@state.ca.gov.