Given the California government's increased use of Information Technology (IT) and Internet-based services, the state has a compelling need to ensure the confidentiality, integrity and availability of those systems and services are adequately protected from known and anticipated threats. In addition, there is an increasing demand for broader transparency and accountability in reporting government activities. Consistent with Chapter 404, Statues of 2010 (AB 2408), the purpose of this Information Technology Policy Letter (ITPL) is to:
- Establish the "Security Reporting Scorecard" process for reporting on state Agency and department participation in required security reporting activities.
- Remind Department Directors, Agency Chief Information Officers (Agency CIOs), Department Chief Information Officers (CIOs), Agency Information Security Officers (AISO) and Information Security Officers (ISOs) of their reporting responsibilities.