Resources
- Policies with associated Standards and Guidelines
- Standards
- Guidelines
- Executive Orders
- State IT Projects
- Strategic Plans
- Annual Reports
ITA Policies (and associated Standards and Guidelines)
Policies, standards and guidelines which are new or were revised during fiscal year (FY2024) are shown in red.
1000 - General
- P1010 - IT Policies, Standards, and Guidelines Framework
- P1020 - Idaho.Gov Portal Privacy Notice
- P1030 - Electronic Document Management
- P1040 - Employee Electronic Mail and Messaging Use
- P1050 - Employee Internet Use, Monitoring and Filtering
- P1060 - Employee State Issued IT Devices (Personal Computer Use)
- P1070 - Geographic Information Systems (GIS)
- P1080 - Cloud Computing
2000 - IT Planning
- P2010 - Information Technology Planning Process
- P2020 - Business Recovery Planning
- P2030 - Information Technology Large-Scale Project Review
- P2040 - Risk Assessment
3000 - Telecommunications
- P3010 - Telecommunication Switching and Long distance Services
- P3020 - Connectivity and Transport Protocols
- P3030 - Wide Area Networks (WAN)
- P3040 - State 911 Multi-Line telephone Systems Network Services
4000 - Security - General
- P4110 - Agency IT Security Coordinator
- P4120 - Public Online File Storage Services
- P4130 - Information Systems Classification
- P4140 - Cybersecurity Framework (formerly P2050)
- P4150 - Privacy
4500 - Security - Computer and Operations Management
- P4501 - Least Privilege and Least Functionality
- P4502 - Privilege Access Management
- P4503 - Identity and Access Management
- P4505 - Cybersecurity Awareness Training
- P4520 - Patch & Vulnerability Management
- P4530 - Cleansing Data From Surplus Computer Equipment
- P4540 - Wireless Security for State Local Area Networks
- P4550 - Mobile Device Management
- P4570 - Firewall Security
- P4590 - Cybersecurity Incident Management
5000 - Information and Data
- P5010 - Web Publishing
- P5020 - .Gov Domain
- P5030 - Framework Standards Development
- P5040 - Use of Social Networking Sites
ITA Standards
2000 - Software - Desktop, Notebook & Mobile Devices
- S2100 - Operating System (O/S) - Desktop & Notebook
- S2110 - Office Suite
- S2120 - Electronic Mail - Messaging
- S2130 - Anti-Virus/Endpoint Security (AV/EPS)
- S2140 - Mobile Device Security Capabilities
2500 - Software - Server
- S2510 - Network Operating System
3000 - Network and Telecommunications
- S3100 - Network Services - Internet/Intranet Web Server
- S3110 - Network Services - Internet/Intranet Web Browser
- S3120 - Network Services - Data/Network Integrity
- S3130 - Network Services - Video Conferencing
- S3131 - Network Services - Video Conference Dialing Plan
- S3220 - Security - Virtual Private Network
- S3230 - Security - Server Security Requirements
- S3510 - Network Connectivity and Transport - Transport
- S3520 - Network Connectivity and Transport - Local Area Network
- S3530 - Network Connectivity and Transport - Wireless LAN
- S3540 - Network Connectivity and Transport - LAN Backbone
- S3550 - Network Connectivity and Transport - Structured Cabling
4000 - Information and Data
- S4210 - Single Zone Coordinate System for GIS Data
- S4220 - Geospatial Metadata
- S4221 - Metatags
- S4228 - Bridge Data (NEW July 2023)
- S4229 - Airport Data (NEW July 2023)
- S4230 - Framework Standard for Emergency Service Zones
- S4231 - Structures and Landmarks Data Exchange
- S4232 - Parcel Data Exchange
- S4233 - Hydrography Data Exchange Standard
- S4234 - Control Point Standard
- S4235 - Idaho Legislative and Congressional Districts
- S4240 - Idaho Land Cover Dataset Standard
- S4245 - Idaho Trails Data Standard
- S4246 - Recent and Historical Digital Imagery
- S4247 - Elevation Data Exchange (NEW July 2023)
- S4250 - GIS Data Sharing Standards
- S4255 - NAIP Digital Orthoimagery & Data Exchange
- S4260 - Soils Dataset Standard
- S4261 - Landslide Inventory Data Exchange (NEW July 2023)
- S4262 - Active Faults Data (NEW July 2023)
- S4263 - Dam Inventory (NEW July 2023)
- S4264 - Historical Earthquakes (NEW July 2023)
- S4265 - Radon Gas Data (NEW July 2023)
- S4266 - Flood Hazard Layers Data Exchange (NEW July 2023)
- S4270 - Site Structure Address Points
- S4271 - Road Center Line
- S4272 - Public Safety Answering Point
- S4273 - Emergency Service Boundaries
- S4274 - Provision Boundaries
5000 - Web
- S5120 - Web Publishing
6000 - Security
- S6010 - Cybersecurity Incident and Breach Response Management and Reporting (with Handbook)
- S6020 - Center for Internet Security (CIS) Critical Security Controls (CSCs) Baseline
- S6030 - Identity and Authentication (Passwords)
ITA Guidelines
G100 - General
- G105 - ITA Glossary of Terms
- G110 - Agency IT Plan
- G115 - Business Recovery Plan
- G120 - Exemption Process
G200 - Project Profile
- G210 - IT Project Profile
- G215 - Risk Assessment
- G225 - Cost-Benefit Analysis
- G230 - IT Projects Best Practices Checklist
G300 - Information and Data
- G310 - Web Publishing
- G320 - Geographic Metadata (RESCINDED June 14, 2016)
- G330 - Best Practices for Utilizing Social Networking Sites
- G340 - Statewide Geospatial Clearinghouse
- G350 - Methodology for Recognizing a TIM Framework Dataset
- G360 - Statewide Geospatial Clearinghouse (INSIDE Idaho) Publisher Guidelines
G400 - Architecture and Design
G500 - Security Procedures
- G501 - Cybersecurity Framework Guidance
- G502 - Privacy Impact Assessment Guidelines
- G505 - Data Classification and Labeling Guidelines
- G510 - Cybersecurity Incident Reporting Classification Template (RESCINDED February 19, 2019)
- G515 - Critical Security Controls (CSCs) 1-6 Written Policy Template (Word document: G515)
- G520 - Cybersecurity Incident Handling (RESCINDED 2/19/2019)
- G525 - Cybersecurity Incident and Breach Response Management (RESCINDED 4/20/2021)
- G530 - Wireless Local Area Network (LAN) Security
- G535 - Firewall Configuration Guidelines
- G536 - Firewall: Ports, Protocols and Services Request
- G540 - Mobile Devices
- G550 - Cleansing Data From Surplus Computer Equipment
- G560 - Passwords (RESCINDED 6/15/2021)
- G570 - Patching & Vulnerabiltiy Management
- G580 - Cybersecurity Breach Notification (RESCINDED 2/19/2019)
- G585 - Cybersecurity Incident and Breach Response Reporting (RESCINDED 4/20/2021)
- G590A - Server Operating System; Initial Security Requirements
- G590B - Public-Facing SQL Server Setup
- G591B - SQL Injection Attacks: Information and Avoidance
- G590C - Public-Facing Webserver Setup
- G595 - Public Online File Storage Service Guideline
Executive Orders
The following Executive Orders are referenced in some of the ITA Policies, Standards and Guidelines.
- Executive Order 2017-02 (Findings of the Idaho Cybersecurity Cabinet Task Force) / Critical Security Controls Kick-Off Meeting (MP4 recording; February 2, 2017)
- Executive Order 2005-22 (Establishing statewide policies on computer, internet and electronic mail usage by state employees)
- Presidential Executive Order 12906 (1994) (Coordinating Geographic Data Acquisition and Access: The National Spatial Data Infrastructure); Amended by Presidential Executive Order 13286 (2003)
State IT Projects
Strategic Plans
- State GIS Strategic Plan (effective 12/14/2021)
- 2018 State IT Strategic Plan
- 2017 State IT Strategic Plan
- State GIS Strategic Plan
- 2016 State IT Strategic Plan
- 2014 / 2015 State IT Strategic Plan
- 2013 State IT Strategic Plan
- 2012 State IT Strategic Plan
- 2011 Strategic Goals
- 2009 Business Plan
- Federated Model of Governance (2007)
Annual Reports
- FY2020 ITA Annual Report
- FY2019 ITA Annual Report
- FY2018 ITA Annual Report
- FY2017 ITA Annual Report
- FY2016 ITA Annual Report
- FY2014 / FY2015 ITA Report (First report of the ITA)
- 2013 ITRMC Annual Report (Final report of the ITRMC)
- 2012 ITRMC Annual Report
- 2011 ITRMC Annual Report
- 2010 ITRMC Annual Report