| About Us | |
| Mission Statement | |
Department of Administrative Services
Lead the Pursuit of Excellence in State Government
| |
| Organization | |
| Annual Performance Measures The Enterprise Security Office is part of the Department of Administrative Services (DAS) Enterprise Information Strategy and Policy Division (EISPD). The Enterprise Security Office (ESO) manages statewide efforts to protect the state's information. The ESO creates policies, guides and tools to help agencies so state information is protected, secure and available for use. The ESO follows these guiding principles:
The ESO has three goals to guide planning for 2008-2013. Goal 1: Promote information security governance and accountability. The ESO will work with governance groups to oversee statewide efforts; develop policies, guides and tools to help agencies manage information security; and monitor for threats, risks, tools, and industry best practices. The ESO will look at information security incidents and identify problem areas and actions to reduce risk. The governance groups will look at opportunities to identify new statewide projects and give feedback on policies. Goal 2: Provide information security guidance and support. The ESO will help agencies meet policy requirements and create security programs. It will increase awareness of security issues facing state government. Goal 3: Manage information security risk. The ESO will work with agencies to do information business risk and vulnerability assessments. The results will be used to identify trends and risks at the agency and the state level. The ESO will examine these trends to identify statewide projects and tactics that will reduce risk. | |
