Security
The Office of Information Security (OIS) has responsibility and authority to:
- Create, issue, maintain and ensure compliance of IT security and privacy policies, standards, and procedures.
- Advise and consult with state entities to effectively manage risks.
- Conduct, or require to be conducted, independent security assessments or audits of any entity.
Featured
Current policy regarding Information Security.
Monitoring for advanced cyber threats.
Additional resources related to Information Security.
What’s new
Advisory Services Program
We offer valuable advisory services to state entity information security professionals.
Cybersecurity awareness toolkit
A program to raise awareness about the importance of cybersecurity.
AgencyNET access information
Provides sensitive information security resources with government entities. (PDF)
BitSight Access Information
A Security Rating Platform that provides third-party risk management.
Advisory Services Program
We offer valuable advisory services to state entity information security professionals.
Cybersecurity awareness toolkit
A program to raise awareness about the importance of cybersecurity.
AgencyNET access information
Provides sensitive information security resources with government entities. (PDF)
BitSight Access Information
A Security Rating Platform that provides third-party risk management.
OIS meetings and training
Meetings
ISO, IR, Privacy, and TRP Quarterly Meetings
February 10, 2026 and February 11, 2026
Training
CA CyberScholar Training System ISO Standard Training 101
On-demand – Registration available 24/7 unless otherwise noted
CA CyberScholar Training System-ISO Standard Training 102
Upcoming Dates: TBA