Resources

• Policies with associated Standards and Guidelines
• Standards
• Guidelines
• Executive Orders
• State IT Projects
• Strategic Plans
• Annual Reports

ITA Policies (and associated Standards and Guidelines)

Policies, standards and guidelines which are new or were revised during fiscal year (FY2024) are shown in red.

1000 - General

• P1010 - IT Policies, Standards, and Guidelines Framework
• P1020 - Idaho.Gov Portal Privacy Notice
• P1030 - Electronic Document Management
• P1040 - Employee Electronic Mail and Messaging Use
• P1050 - Employee Internet Use, Monitoring and Filtering
• P1060 - Employee State Issued IT Devices (Personal Computer Use)
• P1070 - Geographic Information Systems (GIS)
• P1080 - Cloud Computing

2000 - IT Planning

• P2010 - Information Technology Planning Process
• P2020 - Business Recovery Planning
• P2030 - Information Technology Large-Scale Project Review
• P2040 - Risk Assessment

3000 - Telecommunications

• P3010 - Telecommunication Switching and Long distance Services
• P3020 - Connectivity and Transport Protocols
• P3030 - Wide Area Networks (WAN)
• P3040 - State 911 Multi-Line telephone Systems Network Services

4000 - Security - General

• P4110 - Agency IT Security Coordinator
• P4120 - Public Online File Storage Services
• P4130 - Information Systems Classification
• P4140 - Cybersecurity Framework (formerly P2050)
• P4150 - Privacy

4500 - Security - Computer and Operations Management

• P4501 - Least Privilege and Least Functionality
• P4502 - Privilege Access Management
• P4503 - Identity and Access Management
• P4505 - Cybersecurity Awareness Training
• P4520 - Patch & Vulnerability Management
• P4530 - Cleansing Data From Surplus Computer Equipment
• P4540 - Wireless Security for State Local Area Networks
• P4550 - Mobile Device Management
• P4570 - Firewall Security
• P4590 - Cybersecurity Incident Management

5000 - Information and Data

• P5010 - Web Publishing
• P5020 - .Gov Domain
• P5030 - Framework Standards Development
• P5040 - Use of Social Networking Sites

ITA Standards

Introduction

2000 - Software - Desktop, Notebook & Mobile Devices

• S2100 - Operating System (O/S) - Desktop & Notebook
• S2110 - Office Suite
• S2120 - Electronic Mail - Messaging
• S2130 - Anti-Virus/Endpoint Security (AV/EPS)
• S2140 - Mobile Device Security Capabilities

2500 - Software - Server

• S2510 - Network Operating System

3000 - Network and Telecommunications

• S3100 - Network Services - Internet/Intranet Web Server
• S3110 - Network Services - Internet/Intranet Web Browser
• S3120 - Network Services - Data/Network Integrity
• S3130 - Network Services - Video Conferencing
• S3131 - Network Services - Video Conference Dialing Plan
• S3220 - Security - Virtual Private Network
• S3230 - Security - Server Security Requirements
• S3510 - Network Connectivity and Transport - Transport
• S3520 - Network Connectivity and Transport - Local Area Network
• S3530 - Network Connectivity and Transport - Wireless LAN
• S3540 - Network Connectivity and Transport - LAN Backbone
• S3550 - Network Connectivity and Transport - Structured Cabling

4000 - Information and Data

• S4210 - Single Zone Coordinate System for GIS Data
• S4220 - Geospatial Metadata
• S4221 - Metatags
• S4228 - Bridge Data (NEW July 2023)
• S4229 - Airport Data (NEW July 2023)
• S4230 - Framework Standard for Emergency Service Zones
• S4231 - Structures and Landmarks Data Exchange
• S4232 - Parcel Data Exchange
• S4233 - Hydrography Data Exchange Standard
• S4234 - Control Point Standard
• S4235 - Idaho Legislative and Congressional Districts
• S4240 - Idaho Land Cover Dataset Standard
• S4245 - Idaho Trails Data Standard
• S4246 - Recent and Historical Digital Imagery
• S4247 - Elevation Data Exchange (NEW July 2023)
• S4250 - GIS Data Sharing Standards
• S4255 - NAIP Digital Orthoimagery & Data Exchange
• S4260 - Soils Dataset Standard
• S4261 - Landslide Inventory Data Exchange (NEW July 2023)
• S4262 - Active Faults Data (NEW July 2023)
• S4263 - Dam Inventory (NEW July 2023)
• S4264 - Historical Earthquakes (NEW July 2023)
• S4265 - Radon Gas Data (NEW July 2023)
• S4266 - Flood Hazard Layers Data Exchange (NEW July 2023)
• S4270 - Site Structure Address Points
• S4271 - Road Center Line
• S4272 - Public Safety Answering Point
• S4273 - Emergency Service Boundaries
• S4274 - Provision Boundaries

5000 - Web

• S5120 - Web Publishing

6000 - Security

• S6010 - Cybersecurity Incident and Breach Response Management and Reporting (with Handbook)
• S6020 - Center for Internet Security (CIS) Critical Security Controls (CSCs) Baseline
• S6030 - Identity and Authentication (Passwords)

ITA Guidelines

G100 - General

• G105 - ITA Glossary of Terms
• G110 - Agency IT Plan
• G115 - Business Recovery Plan
• G120 - Exemption Process

G200 - Project Profile

• G210 - IT Project Profile
• G215 - Risk Assessment
• G225 - Cost-Benefit Analysis
• G230 - IT Projects Best Practices Checklist

G300 - Information and Data

• G310 - Web Publishing
• G320 - Geographic Metadata (RESCINDED June 14, 2016)
• G330 - Best Practices for Utilizing Social Networking Sites
• G340 - Statewide Geospatial Clearinghouse
• G350 - Methodology for Recognizing a TIM Framework Dataset
• G360 - Statewide Geospatial Clearinghouse (INSIDE Idaho) Publisher Guidelines

G400 - Architecture and Design

• G410 - Idaho.gov, Id.gov Domains
• G420 - Roles of GIS Participants

G500 - Security Procedures

• G501 - Cybersecurity Framework Guidance
• G502 - Privacy Impact Assessment Guidelines
• G505 - Data Classification and Labeling Guidelines
• G510 - Cybersecurity Incident Reporting Classification Template (RESCINDED February 19, 2019)
• G515 - Critical Security Controls (CSCs) 1-6 Written Policy Template (Word document: G515)
• G520 - Cybersecurity Incident Handling (RESCINDED 2/19/2019)
• G525 - Cybersecurity Incident and Breach Response Management (RESCINDED 4/20/2021)
• G530 - Wireless Local Area Network (LAN) Security
• G535 - Firewall Configuration Guidelines
• G536 - Firewall: Ports, Protocols and Services Request
• G540 - Mobile Devices
• G550 - Cleansing Data From Surplus Computer Equipment
• G560 - Passwords (RESCINDED 6/15/2021)
• G570 - Patching & Vulnerabiltiy Management
• G580 - Cybersecurity Breach Notification (RESCINDED 2/19/2019)
• G585 - Cybersecurity Incident and Breach Response Reporting (RESCINDED 4/20/2021)
• G590A - Server Operating System; Initial Security Requirements
• G590B - Public-Facing SQL Server Setup
• G591B - SQL Injection Attacks: Information and Avoidance
• G590C - Public-Facing Webserver Setup
• G595 - Public Online File Storage Service Guideline

Executive Orders

The following Executive Orders are referenced in some of the ITA Policies, Standards and Guidelines.

• Executive Order 2017-02 (Findings of the Idaho Cybersecurity Cabinet Task Force) / Critical Security Controls Kick-Off Meeting (MP4 recording; February 2, 2017)
• Executive Order 2005-22 (Establishing statewide policies on computer, internet and electronic mail usage by state employees)
• Presidential Executive Order 12906 (1994) (Coordinating Geographic Data Acquisition and Access: The National Spatial Data Infrastructure); Amended by Presidential Executive Order 13286 (2003)

State IT Projects

• 2013 State IT Projects Overview
• 2012 State IT Projects Overview

Strategic Plans

• State GIS Strategic Plan (effective 12/14/2021)
• 2018 State IT Strategic Plan
• 2017 State IT Strategic Plan
• State GIS Strategic Plan
• 2016 State IT Strategic Plan
• 2014 / 2015 State IT Strategic Plan
• 2013 State IT Strategic Plan
• 2012 State IT Strategic Plan
• 2011 Strategic Goals
• 2009 Business Plan
• Federated Model of Governance (2007)

Annual Reports

• FY2020 ITA Annual Report
• FY2019 ITA Annual Report
• FY2018 ITA Annual Report
• FY2017 ITA Annual Report
• FY2016 ITA Annual Report
• FY2014 / FY2015 ITA Report (First report of the ITA)
• 2013 ITRMC Annual Report (Final report of the ITRMC)
• 2012 ITRMC Annual Report
• 2011 ITRMC Annual Report
• 2010 ITRMC Annual Report