Security
The Office of Information Security (OIS) has responsibility and authority to:
- Create, issue, maintain and ensure compliance of IT security and privacy policies, standards, and procedures.
- Advise and consult with state entities to effectively manage risks.
- Conduct, or require to be conducted, independent security assessments or audits of any entity.
Featured
IT security policy
Current policy regarding Information Security.
IT security operations
Monitoring for advanced cyber threats.
IT security resources
Additional resources related to Information Security.
What's New
Advisory Services Program
We offer valuable advisory services to state entity information security professionals.
Cybersecurity awareness toolkit
A program to raise awareness about the importance of cybersecurity.
AgencyNET access information
Provides sensitive information security resources with government entities. (PDF)
BitSight Access Information
A Security Rating Platform that provides third-party risk management.
OIS meetings and training
Meetings
ISO, RM, IR, Privacy, and TRP Quarterly Meetings
April 8, 2025 & April 9, 2025
Training
CA CyberScholar Training System-
ISO Standard Training 101
On-demand – Registration available 24/7 unless otherwise noted
CA CyberScholar Training System-ISO Standard Training 102
Upcoming Dates: TBA