|
Statewide Information Security & Privacy Office
The Statewide Information Security and Privacy Office (SISPO) within the
Government Information Technology Agency serves as the strategic planning,
facilitation and coordination office for information technology security in
the State.
The structure of the SISPO implementation will be consistent with the
Business Case (pdf)
analysis presented to the legislature in March 2007. The powers and duties
of the office are described in its
enabling statute.
Featured News
SISPO is working with budget units to develop solutions for compliance with
Governor Janet Napolitano’s January 15, 2008 Executive Order 2008-10,
“Mitigating Cyber Security Threats”. Key summary features of this
Executive Order
are:
-
• Protect confidential information acquired from citizens and businesses
-
• Following Information Security best practices, the risks of a cyber
security incidents can be significantly mitigated
-
• Agencies are required to report cyber security incidents to the
Statewide Information Security and Privacy Office
-
• Develop and implement strategies, policies and procedures to protect
all confidential information resources, including electronic, paper and
other media
-
• Deploy encryption technology for all information resources deemed
confidential and/or that contain personally identifiable information
Additionally, SISPO is tracking compliance by budget unit for each point in
the EO.
|
