Policy Number |
Name |
Current Version |
SEC-000 |
EBR OIT Security Planning Policy (HTML/PDF) System Security Plan (HTML/PDF) |
November 2018 June 2017 |
SEC-001 |
Personally Identifiable Information Storage and Transfer (HTML/PDF) |
July 2017 |
SEC-002 |
Annuitant Account Security (HTML/PDF) Annuitant Account Procedure (HTML/PDF) |
July 2017 |
SEC-003 |
Lost or Stolen IT Equipment (HTML/PDF) Lost or Stolen IT Equipment Checklist and Questionnaire (Word/PDF) |
August 2016 |
SEC-004 |
Computer and Information Security (HTML/PDF) |
June 2017 |
SEC-005 |
Identification and Authentication of Users on New L&I Computer Systems (HTML/PDF) |
July 2017 |
SEC-006 |
OIT Secured Area Access and Physical Security (HTML/PDF) OIT Physical Security Access Request Procedure (HTML/PDF) |
July 2017 |
SEC-007 |
Contractor Account Administration (HTML/PDF) Contractor Account Administration Procedure (HTML/PDF) |
June 2017 |
SEC-008 |
Security Incident Response Policy (HTML/PDF) Security Breach Procedure (HTML/PDF) Reporting Information Security Incidents Procedure (HTML/PDF) Security Incident Reporting for Social Security Administration Procedure (HTML/PDF) Security Incident Reporting for Internal Revenue Service Procedure (HTML/PDF) |
December 2016
October 2020
August 2018 |
SEC-009 |
Federal Tax Information Data Compliance Policy (HTML/PDF) Federal Tax Information Fax Handling for UC Benefits Procedure (HTML/PDF)
Granting Contractors Access to Federal Tax Information (HTML/PDF) |
September 2017 December 2016 August 2017 |
SEC-010 |
Access Control for Non-Commonwealth Users (HTML/PDF) Access Control for Non-Commonwealth Users Procedures (HTML/PDF) |
November 2016
September 2018 |
SEC-011 |
Remote Access to the Commonwealth Network (HTML/PDF) Remote Access to the Commonwealth Network Procedure (HTML/PDF) |
June 2017 October 2016 |
SEC-012 |
Audit, Accountability, and Reporting Policy (HTML/PDF) |
December 2016 |
SEC-013 |
Access Management (HTML/PDF)
Account Revocation Procedure (HTML/PDF) |
June 2017 |
SEC-014 |
Information Technology Equipment Restrictions (HTML/PDF) |
August 2017 |
SEC-015 |
Data Sanitization (HTML/PDF)
Data Sanitization of Workstations and Media Procedures (HTML/PDF) Disposal of L&I-Owned & Leased Workstations Procedures (HTML/PDF) |
September 2017 |