California Technology Agency Publishes IT Policy Letters on Identity and Access Management, IT Expenditure Reporting and Smartphones
Referenced below, the Information Technology Policy Letters (ITPL) are available at: http://www.cio.ca.gov/Government/IT_Policy/TL.html.
ITPL 10-17, Establishment of the Identity and Access Management (IdAM) Policy:
- Establishes a framework for identity and access management, including authentication and access to applications, especially those requiring connectivity across organizational boundaries (i.e. security domains).
- Builds on the statewide Enterprise Architecture (EA) standard released in April 2009, and further enhanced and clarified in December 2010.
- Announces the addition of the IdAM EA Standard to Section 58D.1 of the Statewide Information Management Manual (SIMM) as Technical Reference Model (TRM) ID number 1.5.885.001.
- Announces the addition of the State Identity and Credential Access Management (SICAM) EA Practice to Section 158A of the SIMM as TRM ID number 1.5.885.002.
Questions concerning this policy should be directed to Lee Mosbrucker, Deputy Director for Enterprise Architecture, at (916) 403-9624, or by e-mail at Lee.Mosbrucker@state.ca.gov.
ITPL 10-18, Information Technology Expenditure Reporting and Cost Optimization:
- Updates instructions and templates for completing and submitting IT Cost Reports in Section 55 of the SIMM, including the addition of new worksheets to the IT Cost Report template to collect standard complement amounts for IT classifications, and maintenance and operation (M&O) costs for completed IT projects.
- Updates instructions for submitting IT Cost Reports to the California Technology Agency in Section 05A of the SIMM.
- Rescinds ITPL 10-06.
Questions concerning this policy should be directed to Gregg Fukuhara, Principal, California Technology Agency at (916) 403-9639, or by e-mail at Gregg.Fukuhara@state.ca.gov.
ITPL 10-19, Smartphone and Other Mobile Computing Device Security:
- Reminds state agencies and departments of their responsibilities regarding the secure use of the state’s information technology (IT) infrastructure and information assets
- Clarifies that the Telework and Remote Access Security Standard included as Section 66A of the SIMM applies to the use and implementation of smartphones and other mobile computing devices.
- Announces the release of the Remote Access Agreement as SIMM Section 65E, and updated content to the Telework and Remote Access Security Standard in SIMM Section 66A.
Questions concerning this policy should be directed to the Office of Information Security at (916) 445-5239 or via email to Security@state.ca.gov.
When the California Technology Agency (previously named the Office of the State Chief Information Officer) was established in January 2008, it was the intent of the Legislature and Governor to create an agency that, among other things, establishes policies and standards to ensure that state information technology systems run effectively. Through changes to the State Administrative Manual and the Statewide Information Management Manual, the OCIO creates statewide policy for the Executive Branch to ensure coordination as the agency works to oversee IT activities with a common direction and vision.
On January 1, 2011, the Office of the State Chief Information Officer was renamed the California Technology Agency in accordance with Chapter 404, Statutes of 2010 (AB 2408).
Subscribe / unsubscribe to the California Technology Agency distribution list here: http://www.cio.ca.gov/subscribe.asp.