Security

The Office of Information Security (OIS) has responsibility and authority to:

Create, issue, maintain and ensure compliance of IT security and privacy policies, standards, and procedures.
Advise and consult with state entities to effectively manage risks.
Conduct, or require to be conducted, independent security assessments or audits of any entity.

Featured



IT security policy

Current policy regarding Information Security.



IT security resources

Additional resources related to Information Security.

Oversight

Information Security Program Audit

Independent Security Assessment

What's New

Data Privacy Week – January 27 – 31, 2025

Your data is valuable. Many people and businesses would pay top dollar for it and they don’t all have your best interests in mind. But you have the power to take charge of your data. This is why we are excited to celebrate Data Privacy Week every year!

The Data Privacy Week is to spread awareness about online privacy. We think data privacy should be a priority both for individuals and organizations. Our goal is to empower people to better manage their data and to encourage organizations to treat their users’ data with respect.

The theme this year is – Take Control of Your Data:

. KNOW THE TRADEOFF BETWEEN PRIVACY AND CONVENIENCE
ADJUST PRIVACY SETTINGS TO YOUR COMFORT LEVEL
PROTECT YOUR DATA

To promote the Data Privacy Week 2025, use one of the following backgrounds for your virtual meetings.

Virtual Background 1

Virtual Background 2

Virtual Background 3

OIS meetings and training

Meetings

ISO, RM, IR, Privacy, and TRP Quarterly Meetings

TBD

Training

CA CyberScholar Training System-
ISO Standard Training 101

On-demand – Registration available 24/7 unless otherwise noted

CA CyberScholar Training System-ISO Standard Training 102

Upcoming Dates: TBA

Our department

Community of practice

State campaigns

Website Accessibility Certification