All files are posted as pdf unless otherwise indicated.

    Number Description Date Posted
    14-17-NJOIT 166 - Electronic Mail/ Messaging Content Policy and Standards 04/03/2014
    14-13-NJOIT 205 - Certification and Accreditation Policy 03/10/2014
    14-12-NJOIT 183 - Software License Management and Distribution 04/03/2014
    14-09-NJOIT 168 - Change Management Policy 01/07/2014
    14-08-NJOIT 180 - Security in Application Development Policy 01/07/2014
    14-07-NJOIT 1602 -Media Protection Policy 01/07/2014
    14-06-NJOIT 162 - System Planning and Acceptance Policy 01/07/2014
    14-05-NJOIT 161 -Operational Security Policy 01/07/2014

    14-03-NJOIT

    173 -Wireless Network Security Policy

    01/07/2014
    • 14-03-S1-NJOIT
      This standard is published/posted in NJ-ISAC.

    173-01 -Wireless Network Security Standard and Procedure

    01/07/2014

    14-02-NJOIT

    115 - Information Security Risk Management Policy

    01/07/2014

    Risk Management Remediation Report

    01/10/2014
    14-01-NJOIT 171 - Minimum System Security and Protection Policy 01/23/2014
    14-01-S1-NJOIT
    This standard is published/posted in NJ-ISAC.
    171-01 -Minimum System Security and Protection Standards 01/07/2014
    13-11-NJOIT 177- Password Management Policy 07/09/2013
    177-01 - Password Management Standard 07/09/2013
    12-04-NJOIT 184-Information Security Vulnerability Management Policy 05/03/2012
    184-01  Information Security Vulnerability Management Standard And Procedure 09/10/2012
    12-03-NJOIT 110 - Security Framework Policy 07/17/2012
    12-02-NJOIT 132 - Portable Computing Use and Temporary Worksite Assignment Policy 06/20/2013
    Portable Computing User Agreement 09/06/2013
    Cellular Wireless Device and Portable Computing Device Request 10/11/2012
    State-Owned Property Removal Form 04/30/2012
    12-01-NJOIT 141 - Security Awareness Program Policy 03/21/2012
    11-02-NJOIT 190-NJOIT - Information Security Incident Management Policy 05/24/2012
    190-00-01 Information Security Incident Management Reporting Procedure 07/26/2013
    Attachment A to 11-02-P1-NJOIT 07/26/2013
    Information Security Incident Reporting Form 07/26/2013
    191- Information Security Incident Management Response Procedure 07/26/2013
    11-01-NJOIT 179 - Remote Access Policy 03/09/2012
    • 11-01-P1-NJOIT
    179-01-P1-NJOIT Remote Access Procedure
    To obtain a copy contact Statewide Office of Information Security
    07/20/2011
    179-01 - Remote Access Standard 07/20/2011
    09-11-NJOIT Extranet Policy 08/10/2009
    Extranet Procedure 07/20/2012
    Extranet Procedure Appendix A - GSN Extranet Application Form [doc 54k]

    10/02/2012

    Extranet Procedure Appendix B - GSN Extranet MOU [doc 62k]

    10/02/2012

    Extranet Procedure Appendix C - GSN Extranet Operational Form [doc 62k]

    10/02/2012

    09-10-NJOIT 152 - Information Disposal and Media Sanitization 04/08/2011
    152-01 - Information Disposal and Media Sanitization Standards 04/08/2011
    152-00-01 - Information Disposal and Media Sanitization Procedure 04/08/2011
    Media Disposal Forms [doc 4.5mb] 04/2011
    09-07-NJOIT 1600 - Acceptable Internet Usage 01/30/2009
    09-05-NJOIT 203 Information Security Payment Card Industry (PCI) Data Security Policy 10/02/2008
    203-01 Information Security Payment Card Industry (PCI) Data Security Standard 10/02/2008
    08-04-NJOIT 130 Information Asset Classification Control Policy 07/31/2008
    130-01 Information Asset Classification and Control Standard 06/15/2012
    130-00-01 - Information Assets Classification and Control Procedure 07/31/2008
    130-00-01 Attachment A (Inventory Spreadsheet) [xls 30k] 07/31/2008
    08-02-NJOIT 111 Information Security Managing Exceptions 06/02/2008
    Policy Exception Request Form 02/12/2014
    08-01-NJOIT 100 Information Security Program 06/18/2008