The Enterprise Security Office is part of the Department of Administrative Services' Enterprise Information Strategy and Policy Division. The Enterprise Security Office (ESO) manages statewide efforts to protect state government's information. The ESO creates policies, guides and tools to help agencies protect and secure state information.
The ESO follows these guiding principles:
Be proactive.
Follow federal and state regulations.
Manage information security to support agency business priorities.
Follow industry best practices.
The ESO has three goals to guide planning for 2008-13:
Goal 1:Strengthen governance and accountability for information security. The ESO will work with governance groups to oversee statewide efforts; develop policies, guides and tools to help agencies manage information security; and monitor for threats, risks, tools, and industry best practices. The ESO will look at information security incidents, identify problems and take actions to reduce risk. The governance groups will look at opportunities to identify new statewide projects and give feedback on policies.
Goal 2: Provide guidance and support on information security. The ESO will help agencies meet policy requirements and create programs to increase awareness of security issues in state government.
Goal 3: Manage risk related to information security. The ESO will work with agencies to assess information business risk and vulnerability. The ESO will use the results to identify trends and risks at the agency and state level. The ESO will examine the trends to identify statewide projects and tactics that will reduce risk.
Page updated: October 28, 2008
Adobe Reader is required to view PDF files. Click the "Get Adobe Reader" image to get a free download of the reader from Adobe.
