Menu

You are here

Home ยป Risk Management Policy

Risk Management Policy

Policies

Risk Management Policy
Number 
141.10, 1.2 Now SEC-11
Policy Action Date
Adopted February 11, 2023
Approved March 14, 2023
Sunset Review March 14, 2026
Purpose 
The Information Security Risk Management Policy establishes a common framework for their IT risk management strategies. Senate Bill 5432, section 7c, requires agencies mitigate risks discovered in the environments they control. It also requires the Office of Cybersecurity to report risks that are not mitigated appropriately to the governor and appropriate committees. This policy provides agencies with a framework to satisfy this requirement.
Downloadable Document