Skip to main content
NCDIT logo NCDIT

Topical Navigation

  • Home
  • Services
  • Programs
    Programs
    • Broadband & Digital Equity
    • CJLEADS
    • Enterprise Strategy
    • FirstTech
    • IT Volume Purchasing
    • N.C. 911 Board
    • N.C. Health Information Exchange Authority
    • NC360
    • Optimization
    • Project Portfolio Management
  • Resources
    Resources
    • COVID-19 Resources
    • Cybersecurity & Risk Management
    • Data Protection & Privacy
    • Statewide IT Strategic Plan
    • Statewide IT Procurement
    • State IT Policies
    • IT Application Portfolio Management
    • Standards
    • Resources Guide
    • Knowledge College
    • Documents
    • Reports
  • About
    About
    • Commitment to Customers
    • Leadership
    • Boards & Commissions
    • Climate Change & Clean Energy
    • NCDIT Strategic Plan
    • Work for NCDIT
    • Annual Report
    • Rules Review
  • News & Events
    News & Events
    • Events
    • Press Releases
  • Support
    Support
    • NCID
    • Training & User Resources
    • Submit a Service Desk Ticket
    • Report a Cybersecurity Incident
    • Services Status
  • Contact
    Contact
    • Media Inquiries
    • Public Records Requests
    • Speaker Requests
  • PASSWORD HELP
  • SERVICE PORTAL
  • CAREERS
  • NC.GOV
NCDIT »   Resources »   Cybersecurity & Risk Management »   ESRMO Initiatives

ESRMO Initiatives

An enterprise approach optimizes IT security and risk management activities performed at the statewide level, allowing North Carolina to gain economies of scale and helping to ensure security program consistency.

To support agencies’ efforts to improve their information security and risk management posture, the state has created an enterprise IT fund and allocated a portion of those funds to help define and implement the following enterprise security and risk management initiatives coordinated for the state chief information officer by the N.C. Department of Information Technology’s Enterprise Security and Risk Management Office.

Statewide Security Policies, Standards & Procedures Framework

North Carolina builds and maintains the state policy standards and procedures (PSPs) framework to ensure that all agencies have a common baseline of PSPs within the National Institute of Standards and Technology 800-53 standards framework.

Learn More

Enterprise Security & Risk Management Training

The statewide security and risk management training and awareness program addresses a wide range of needs from general staff awareness to specific training for information security and business continuity management professionals.

Learn More

Purchase & Deployment of Security and Risk Management Technologies

North Carolina benefits from an enterprise approach to the purchase and deployment of security technologies as the state technology infrastructure is upgraded to support information technology consolidation.

Learn More

Statewide Information Security Threat Management & Incident Response

The ESRMO operates a threat management team to raise awareness of cyberthreats and improve cyber incident response.

Learn More

Enterprise Approach for IT Business Continuity Management

State agencies benefit from an enhanced, standardized and centrally managed business continuity management planning tools that support statewide IT infrastructure and services.

Learn More

Cybersecurity & Risk Management

  • Cyber Incident Reporting
  • Statewide Cybersecurity Incident Report Form
  • Cybersecurity Awareness
  • About the ESRMO
  • ESRMO Initiatives
    • Statewide Information Security Policies
    • IT Business Continuity Management
    • Purchase & Deployment of Security & Risk Management Technologies
    • Information Security Threat Management & Incident Response
    • Training & Awareness Program
  • Information & Risk Management Services
  • N.C. Information Sharing & Analysis Center
  • Contact

Share this page:

  • Facebook
  • Twitter
  • Email

How can we make this page better for you?

Back to top

Contact

N.C. Department of Information Technology

P.O. Box 17209
Raleigh, NC 27619-7209
919-754-6000
800-722-3946

 

@NCDIT

Tweets by @NCDIT

Quick Links

NCDIT Service Portal
NCDIT Service Desk
NCID Assistance
Training & User Resources
Statewide IT Strategic Plan
Cybersecurity Incident Reporting
NCDIT Communications Hub

Follow Us

  • Facebook
  • Twitter
  • Flickr
  • YouTube
  • LinkedIn
  • Accessibility
  • Terms of Use
  • Privacy Policy
  • Open Budget
https://it.nc.gov/resources/cybersecurity-risk-management/initiatives