OCIO Releases Policy Letter on Security Reporting Scorecards

State Technology Update October 7, 2010

The Office of the State Chief Information Officer (OCIO) has published Information Technology Policy Letter (ITPL) 10-13, Security Reporting Scorecards.

Considering the government’s increased use of Information Technology (IT) and Internet-based services, the state has a responsibility to ensure the confidentiality, integrity and availability of those systems and services are protected from known and anticipated threats. In addition, there is an increasing demand for broader transparency and accountability in reporting government activities.

Consistent with Chapter 404, Statutes of 2010 (AB 2408), the purpose of this Information Technology Policy Letter (ITPL) is to:

  1. Establish the Security Reporting Scorecard process for reporting on state Agency and department participation in required security reporting activities.

  2. Remind Department Directors, Agency Chief Information Officers (Agency CIOs), Department Chief Information Officers (CIOs), Agency Information Security Officers (AISO) and Information Security Officers (ISOs) of their reporting responsibilities.

Questions concerning this policy should be directed to the Office of Information Security at (916) 445-5239 or via email to Security@state.ca.gov.

Contact: Bill Maile (916) 549-2845