Text Size:   A+ A- A   •   Text Only
Site Image
Enterprise IT Standards
Desktop Computing
PC, Laptop, Tablet PC, Mini Desktop & Netbook Standard Configurations (.doc) (.pdf)*
* Updated 2009 Standard Configurations - Endorsed by the CIO Council September 2009

Content in development

Content in development

Operating Systems, Office Suite, Database Management Systems
Content in development

Geographic Information System (GIS) Software
125-600-7550 (Oregon Administrative Rule)

E-mail Server Software
S-107-001-12: E-mail Server Software Standard (PDF) 
Endorsed for adoption by the CIO Council in February 2010, and updated in March 2012.  

ISO 27001 & ISO 27002
The State of Oregon, Department of Administrative Services has a Network Site License Agreement with ANSI for dissemination of an electronic version of the International Standards ISO 27001:2005 and 27002:2005. The intent of the site license is to provide all information technology professionals within Oregon state government with access to this standard.
The standard is available to Oregon state employees by accessing the state of Oregon intranet at https://intranet.egov.oregon.gov/sites/DAS/EISPD/ESO/ISO.jsp.


State Information Security Plan and Standards
Primary Website: http://oregon.gov/DAS/EISPD/ESO/SW_Plan_Standards.shtml 
In this State Information Security Plan, DAS has defined policies, standards, and processes for
state agencies with respect to information security. Fundamental components of information
security are addressed including roles and responsibilities. Executive department agencies are
required to meet or exceed this State Information Security Plan. Agencies also may develop and
adopt information security plans that are more stringent than the minimum requirements
identified in this State Information Security Plan.
The standards are required to be applied to information systems within the Executive Branch agencies. Agencies are responsible for complying with these standards and ensuring, through documented agreements, all third parties acting on their behalf comply. In circumstances where the standards can/will not be implemented, agencies must document exceptions and indicate what compensating controls have been applied to adequately protect the information. The exception document must be signed by the agency director. In instances where the risk is low and is accepted by the agency, the situation must be documented, signed by the agency director, and kept on file for review by auditors or during a security assessment.
July 1, 2012 Compliance date
Additional Resources

Data/Information Management
GIS Data Standards
Oregon GIS Data Standards 
Endorsed by the Oregon Geographic Information Council

Network protocols, Network Hardware Components, Network Services
Content in development
Systems Management
Tools for Management and Control of Servers, Networks and IT Infrastructure
Content in development
Application Development
Development Tools and Methods
Content in development
Access & Communications
Internet, telephony, voicemail, interactive voice response (IVR)
Content in development
IT Controls and Methods
Content in development
Other Standards
Content in development
For additional information, please contact the Office of the CIO at 503-378-3175.