Cyber Threat Level
Right Column
Status of Required Security Reporting Activities
Overview
Given the government’s increased use of Information Technology (IT) and Internet-based services, the state has a compelling need to ensure the confidentiality, integrity and availability of those systems and services are adequately protected from known and anticipated threats. In addition, there is an increasing demand for broader transparency and accountability in reporting government activities.
Each state agency is responsible for the designation of officials within their agency to fulfill key security functions and reporting on its status of compliance with security policy, standards and procedures. The following represents the status of agency compliance with the required security reporting activities:
- Agency Designation Letter (SIMM 70A)
- Agency Risk Management and Privacy Program Certification (SIMM 70C)
- Agency Disaster Recovery Plan (SIMM 70B or SIMM 70D as applicable)
- Agency Telework and Remote Access Security Compliance Certification (SIMM 70E)
While agency reporting and self-certification activities alone do not ensure the security of state information assets, they do demonstrate an agency’s acknowledgement of the requirements and provide a measure of accountability.
Status
Status of Required Security Reporting Activities (as of 02/29/2012) (.pdf)