All files are posted in pdf format unless otherwise indicated.

Index
Number Description Date Posted Last Reviewed
14-30-NJOIT

1600 - Acceptable Internet Usage

09/05/201409/5/2014
14-18-NJOIT

174 - Network Security Policy

06/12/201406/12/2014
14-17-NJOIT

166 - Electronic Mail/Messaging Content Policy and Standards

04/03/201404/2/2014
14-14-NJOIT

116 - Security Assessment Policy

07/28/201407/28/2014
14-13-NJOIT

205 - Certification and Accreditation Policy

03/10/201403/10/2014
14-12-NJOIT

183 - Software License Management and Distribution

04/03/201404/3/2014
14-11-NJOIT

Internet and Statewide Intranet Presence for New Jersey State Government

01/23/201401/23/2014
14-09-NJOIT

168 - Change Management Policy

01/07/201401/7/2014
14-08-NJOIT

180 - Security in Application Development Policy

01/07/201401/7/2014
14-07-NJOIT

1602 -Media Protection Policy

01/07/201401/7/2014
14-06-NJOIT

162 - System Planning and Acceptance Policy

01/07/201401/7/2014
14-05-NJOIT

161 -Operational Security Policy

01/07/201401/7/2014
14-04-NJOIT

1703 - State of New Jersey Disclaimer Policy

07/28/201407/28/2014
14-04-S1-NJOIT

1703-01 - State of New Jersey Disclaimer Standard

07/28/201401/7/2014
14-03-NJOIT

173 -Wireless Network Security Policy

01/07/201401/7/2014
  • 14-03-S1-NJOIT
    This standard is published/posted in NJ-ISAC.

173-01 -Wireless Network Security Standard and Procedure

01/07/201401/7/2014
14-02-NJOIT

115 - Information Security Risk Management Policy

01/07/201401/7/2014

Risk Management Remediation Report Template

01/10/201401/10/2014
14-01-NJOIT

171 - Minimum System Security and Protection Policy

01/23/201401/23/2014
14-01-S1-NJOIT
This standard is published/posted in NJ-ISAC.

171-01 -Minimum System Security and Protection Standards

01/07/201401/7/2014
13-11-NJOIT

177- Password Management Policy

07/09/201307/8/2013

177-01 - Password Management Standard

07/09/201305/30/2014
13-09-NJOIT

131 State of New Jersey On-line Privacy Policy

12/20/201311/25/2013
12-04-NJOIT

184-Information Security Vulnerability Management Policy

05/03/201205/3/2012

184-01  Information Security Vulnerability Management Standard And Procedure

09/10/201209/10/2012
12-03-NJOIT

110 - Security Framework Policy

07/17/201207/17/2012
12-02-NJOIT

132 - Portable Computing Use and Temporary Worksite Assignment Policy

06/20/201307/17/2012

Portable Computing User Agreement

09/06/201304/19/2013

Cellular Wireless Device and Portable Computing Device Request

12/04/201312/3/2013

State-Owned Property Removal Form

04/30/201203/20/2012
12-01-NJOIT

141 - Security Awareness Program Policy

03/21/201203/21/2012
11-05-NJOIT

Review and Approval of Agency RFPs

10/07/201110/7/2011
11-02-NJOIT

190-NJOIT - Information Security Incident Management Policy

05/24/201205/24/2012

190-00-01 Information Security Incident Management Reporting Procedures

07/26/201307/25/2013

Attachment A to 11-02-P1-NJOIT

07/26/201307/26/2013

Information Security Incident Reporting Form

07/26/201307/24/2013

191- Information Security Incident Management Response Procedure

07/26/201303/9/2012
11-01-NJOIT

179 - Remote Access Policy

03/09/201203/9/2012
  • 11-01-P1-NJOIT

179-01-P1-NJOIT Remote Access Procedure
To obtain a copy contact Statewide Office of Information Security

07/20/201107/20/2011

179-01 - Remote Access Standard

07/20/201107/20/2011
09-11-NJOIT

Extranet Policy

08/10/200908/10/2009

Extranet Procedure

07/20/201208/10/2009

Extranet Procedure Appendix A - GSN Extranet Application Form [doc 54k]

10/2/201210/1/2012

Extranet Procedure Appendix B - GSN Extranet MOU [doc 62k]

10/02/201210/1/2012

Extranet Procedure Appendix C - GSN Extranet Operational Form [doc 62k]

10/02/201210/1/2012
09-10-NJOIT

152 - Information Disposal and Media Sanitization

04/08/201104/8/2011

152-01 - Information Disposal and Media Sanitization Standards

04/08/201104/8/2011

152-00-01 - Information Disposal and Media Sanitization Procedure

04/08/201104/8/2011

Media Disposal Forms [doc 4.5mb]

04/201104/1/2011
09-05-NJOIT

203 Information Security Payment Card Industry (PCI) Data Security Policy

10/02/200810/2/2008

203-01 Information Security Payment Card Industry (PCI) Data Security Standard

10/02/200810/2/2008
08-04-NJOIT

130 Information Asset Classification Control Policy

07/31/200807/31/2008

130-01 Information Asset Classification and Control Standard

06/15/201206/15/2012

130-00-01 - Information Assets Classification and Control Procedure

07/31/200807/31/2008

130-00-01 Attachment A (Inventory Spreadsheet) [xls 30k]

07/31/200810/3/2013
08-02-NJOIT

111 Information Security Managing Exceptions

06/02/200806/2/2008

Policy Exception Request Form

02/12/201401/29/2014
08-01-NJOIT

100 Information Security Program

06/18/200806/18/2008
07-14-NJOIT

Standard and Policy for Year 2000 Compliance

03/13/200703/13/2007
07-12-NJOIT

Web Accessibility Policy

06/13/200706/13/2007
07-10-NJOIT

Use of Statewide Disaster Recovery Facilities

06/11/201406/11/2014

J2EE Application Deployment Policy and Procedures

07/200707/2007
06-06-NJOIT

State of New Jersey Online Disclaimer Policy

11/20/200608/10/2001
06-04-NJOIT

Internet Proxy and Cache Policy

11/20/200610/20/2006
06-03-NJOIT

Internet Access Policy for State Agencies

11/20/200610/20/2001

NJ Shared IT Architecture

09/201101/1/2014

Web Site Standards and Guidelines

11/201211/2012


OIT Related Treasury Circulars
Number Description Date Posted Last Reviewed
14-15-DPMC/OIT

Minimum Communications Wiring Requirements for State-Owned and State Leased Space

6/30/2014
14-12-DORES/OIT

Enterprise Electronic Mail Retention And Disposition Framework

4/4/2014
14-07-DPP/OMB/OIT

Professional Services: Review Control Monitoring and Extensions

4/28/2011
13-05-OIT

Assignment and Use of State Owned Cellular Wireless Devices

09/18/2012
13-04-OMB/OIT

Telephone Billing

09/12/2012
12-13-OMB/OIT

Moratorium on Procurements of Information Technology (IT) Hardware, Software and Related Services

06/13/2012
11-16-DPP/OIT

Procurement of Information Technology (IT) Hardware, Software and related Services

04/12/2011
00-17-DPP

Disposition of Excess & Surplus Computer Equipment

05/08/2000