Resources

• ITA Policies
• ITA Standards
• ITA Guidelines
• Executive Orders
• State IT Projects
• Strategic Plans
• Annual Reports

ITA Policies (and associated Standards and Guidelines)

New policies, standards, and guidelines revised within the past year are shown in red.

1000 - General

• P1010 - IT Policies, Standards, and Guidelines Framework
• P1015 - IT Policies, Standards, and Guidelines Development (NEW August 2024)
• P1020 - Idaho.Gov Portal Privacy Notice
• P1030 - Electronic Document Management
• P1040 - Electronic Mail and Messaging (August 2024)
• P1050 - Internet Use and Control (August 2024)
• P1060 - State-Issued IT Devices (August 2024)
• P1070 - Geographic Information Systems (GIS)
• P1080 - Cloud Computing (Rescinded April 2024)
• P1090 - Cloud Services (Returned to committee Aug. 2024)

2000 - IT Planning

• P2010 - Information Technology Planning Process
• P2020 - Business Recovery Planning
• P2030 - Information Technology Large-Scale Project Review
• P2040 - Risk Assessment
• P2045 - Risk Management Program

3000 - Telecommunications

• P3010 - Telecommunication Switching and Long distance Services
• P3020 - Connectivity and Transport Protocols
• P3030 - Wide Area Networks (WAN)
• P3040 - State 911 Multi-Line Telephone Systems Network Services

4000 - Security - General

• P4110 - Agency Cybersecurity Coordinator (August 2024)
• P4120 - Public Online File Storage Services (Rescinded April 2024)
• P4130 - Information Systems Classification (NEW July 2023)
• P4140 - Cybersecurity Framework (August 2024)
• P4150 - Privacy Policy (August 2024)

4500 - Security - Computer and Operations Management

• P4501 - Least Privilege and Least Functionality (August 2024)
• P4502 - Privilege Access Management (August 2024)
• P4503 - Identity and Access Management (August 2024)
• P4505 - Cybersecurity Awareness Training (August 2024)
• P4520 - Patch & Vulnerability Management
• P4530 - Cleansing Data From Surplus Computer Equipment
• P4540 - Wireless Security for State Local Area Networks
• P4550 - Mobile Device Management
• P4570 - Firewall Security
• P4590 - Cybersecurity Incident Management

5000 - Information and Data

• P5010 - Web Publishing
• P5020 - .Gov Domain
• P5030 - Framework Standards Development
• P5040 - Use of Social Networking Sites

ITA Standards

Introduction

2000 - Software - Desktop, Notebook & Mobile Devices

• S2100 - Operating System (O/S) - Desktop & Notebook
• S2110 - Office Suite
• S2120 - Electronic Mail - Messaging
• S2130 - Anti-Virus/Endpoint Security (AV/EPS)
• S2140 - Mobile Device Security Capabilities

2500 - Software - Server

• S2510 - Network Operating System

3000 - Network and Telecommunications

• S3100 - Network Services - Internet/Intranet Web Server
• S3110 - Network Services - Internet/Intranet Web Browser
• S3120 - Network Services - Data/Network Integrity
• S3130 - Network Services - Video Conferencing
• S3131 - Network Services - Video Conference Dialing Plan
• S3220 - Security - Virtual Private Network
• S3230 - Security - Server Security Requirements
• S3510 - Network Connectivity and Transport - Transport
• S3520 - Network Connectivity and Transport - Local Area Network
• S3530 - Network Connectivity and Transport - Wireless LAN
• S3540 - Network Connectivity and Transport - LAN Backbone
• S3550 - Network Connectivity and Transport - Structured Cabling

4000 - Information and Data

• S4210 - Single Zone Coordinate System for GIS Data
• S4220 - Geospatial Metadata
• S4221 - Metatags
• S4228 - Idaho Bridge Data
• S4229 - Idaho Airports Data Layer
• S4230 - Framework Standard for Emergency Service Zones
• S4231 - Structures and Landmarks Data Exchange
• S4232 - Parcel Data Exchange
• S4233 - Hydrography Data Exchange Standard
• S4234 - Control Point Standard
• S4235 - Idaho Legislative and Congressional Districts
• S4240 - Idaho Land Cover Dataset Standard
• S4245 - Idaho Trails Data Exchange Standard
• S4246 - Recent and Historical Digital Imagery
• S4247 - Elevation Data Exchange
• S4250 - GIS Data Sharing Standards
• S4255 - NAIP Digital Orthoimagery and Data Exchange
• S4256 - Geological Map of Idaho Data (NEW July 2024)
• S4259 - National Soil Survey Derived Layers (NEW July 2024)
• S4260 - Soils Dataset Standard
• S4261 - Landslide Inventory Data Exchange
• S4262 - Active Faults Data
• S4263 - Idaho Dam Inventory
• S4264 - Historical Earthquakes Data
• S4265 - Idaho Radon Data
• S4266 - Flood Hazard Layers Data
• S4270 - Site Structure Address Points
• S4271 - Road Center Line
• S4272 - Public Safety Answering Point
• S4273 - Emergency Service Boundaries
• S4274 - Provision Boundaries

5000 - Web

• S5120 - Web Publishing

6000 - Security

• S6010 - Cybersecurity Incident and Breach Response Management and Reporting (with Handbook)
• S6020 - Center for Internet Security (CIS) Critical Security Controls (CSCs) Baseline
• S6030 - Identity and Authentication (Passwords)

ITA Guidelines

G100 - General

• G105 - ITA Glossary of Terms
• G110 - Agency IT Plan
• G115 - Business Recovery Plan
• G120 - Exemption Process

G200 - Project Profile

• G210 - IT Project Profile
• G215 - Risk Assessment
• G225 - Cost-Benefit Analysis
• G230 - IT Projects Best Practices Checklist

G300 - Information and Data

• G310 - Web Publishing
• G330 - Best Practices for Utilizing Social Networking Sites
• G340 - Statewide Geospatial Clearinghouse
• G350 - Methodology for Recognizing a TIM Framework Dataset
• G360 - Statewide Geospatial Clearinghouse (INSIDE Idaho) Publisher Guidelines

G400 - Architecture and Design

• G410 - Idaho.gov, Id.gov Domains
• G420 - Roles of GIS Participants

G500 - Security Procedures

• G501 - Cybersecurity Framework Guidance
• G502 - Privacy Impact Assessment Guidelines
• G505 - Data Classification and Labeling Guidelines
• G515 - Critical Security Controls (CSCs) 1-6 Written Policy Template (Word document: G515)
• G530 - Wireless Local Area Network (LAN) Security
• G535 - Firewall Configuration Guidelines
• G536 - Firewall: Ports, Protocols and Services Request
• G540 - Mobile Devices
• G550 - Cleansing Data From Surplus Computer Equipment
• G570 - Patching and Vulnerability Management
• G590A - Server Operating System; Initial Security Requirements
• G590B - Public-Facing SQL Server Setup
• G591B - SQL Injection Attacks: Information and Avoidance
• G590C - Public-Facing Webserver Setup
• G595 - Public Online File Storage Service Guideline

Executive Orders

The following Executive Orders are referenced in some of the ITA Policies, Standards and Guidelines.

• Executive Order 2017-02 (Findings of the Idaho Cybersecurity Cabinet Task Force)
• Executive Order 2005-22 (Establishing statewide policies on computer, internet and electronic mail usage by state employees)
• Presidential Executive Order 12906 (1994) (Coordinating Geographic Data Acquisition and Access: The National Spatial Data Infrastructure); Amended by Presidential Executive Order 13286

Strategic Plans

• State IT Strategic Plan (its.idaho.gov)
• State GIS Strategic Plan (gis.idaho.gov)

Annual Reports

• FY2022 ITA Annual Report
• FY2021 ITA Annual Report
• FY2020 ITA Annual Report
• FY2019 ITA Annual Report