The Statewide Information Security Manual is the foundation for security and privacy in the state of North Carolina, and is based on industry standards and best practices. The Security Manual provides State agencies with a baseline for managing information security and making risk based decisions. These policies were developed with the assistance of subject matter experts and peer reviewed by agency representatives using NIST 800-53 revision 4 controls as the framework.

Subscribe to Documents