|
|
|
|
Enterprise IT Standards
|
|
|
|
|
|
Article Content  |
| Hardware |
|
Desktop Computing
PC, Laptop, Tablet PC, Mini Desktop & Netbook Standard Configurations (.doc) (.pdf)*
* Updated 2009 Standard Configurations - Endorsed by the CIO Council September 2009
Servers
Content in development
Printers
Content in development
|
|
|
| Software |
|
Operating Systems, Office Suite, Database Management Systems
Content in development
Geographic Information System (GIS) Software
125-600-7550 (Oregon Administrative Rule)
E-mail Server Software
S-107-001-12: E-mail Server Software Standard (PDF)
Endorsed for adoption by the CIO Council in February 2010, and updated in March 2012.
|
|
|
| Security |
|
ISO 27001 & ISO 27002
The State of Oregon, Department of Administrative Services has a Network Site License Agreement with ANSI for dissemination of an electronic version of the International Standards ISO 27001:2005 and 27002:2005. The intent of the site license is to provide all information technology professionals within Oregon state government with access to this standard.
The standard is available to Oregon state employees by accessing the state of Oregon intranet at https://intranet.egov.oregon.gov/sites/DAS/EISPD/ESO/ISO.jsp.
-------------------------------------------------------------------
State Information Security Plan and Standards
Primary Website: http://oregon.gov/DAS/EISPD/ESO/SW_Plan_Standards.shtml
In this State Information Security Plan, DAS has defined policies, standards, and processes for
state agencies with respect to information security. Fundamental components of information
security are addressed including roles and responsibilities. Executive department agencies are
required to meet or exceed this State Information Security Plan. Agencies also may develop and
adopt information security plans that are more stringent than the minimum requirements
identified in this State Information Security Plan.
The standards are required to be applied to information systems within the Executive Branch agencies. Agencies are responsible for complying with these standards and ensuring, through documented agreements, all third parties acting on their behalf comply. In circumstances where the standards can/will not be implemented, agencies must document exceptions and indicate what compensating controls have been applied to adequately protect the information. The exception document must be signed by the agency director. In instances where the risk is low and is accepted by the agency, the situation must be documented, signed by the agency director, and kept on file for review by auditors or during a security assessment.
Adopted
July 1, 2012 Compliance date
Additional Resources
|
|
|
| Data/Information Management |
|
GIS Data Standards
Oregon GIS Data Standards
Endorsed by the Oregon Geographic Information Council
|
|
|
| Network |
|
Network protocols, Network Hardware Components, Network Services
Content in development
|
|
|
| Systems Management |
|
Tools for Management and Control of Servers, Networks and IT Infrastructure
Content in development
|
|
|
| Application Development |
|
Development Tools and Methods
Content in development
|
|
|
| Access & Communications |
|
Internet, telephony, voicemail, interactive voice response (IVR)
Content in development
|
|
|
| IT Controls and Methods |
|
Content in development
|
|
|
| Other Standards |
|
Content in development
|
|
|
| Contact |
|
For additional information, please contact:
Sean McSpaden, Deputy State CIO
Phone 503-378-5257
Email: Sean.L.McSpaden@state.or.us
|
|
|
|
|
|
|
|
|
|
|