The state chief information officer is responsible for overseeing a planning framework to collaboratively develop and publish information technology policy and procedures.

These guide architecture, design, engineering, operations and procurement activities of software, hardware, network solutions, products and services.

These policies apply to state agencies under the authority given to the state chief information officer by N.C.G.S. 143B Article 15.

Artificial Intelligence

FrameworkDateRelated
North Carolina State Government Responsible Use of Artificial Intelligence FrameworkAug. 21, 2024

 

Technology

PolicyDateRelated
Microsoft 365 Agency Requirements for Email and Collaboration Services PolicyJan. 24, 2024 
Digital Accessibility & Usability StandardApril 4, 2024 

 

Security, Privacy & Data Protection

PolicyDateRelated
State Adoption of NIST Risk Management Framework  
Statewide Information Security ManualJanuary 2022
High-Risk Applications PolicyJan. 26, 2023 
State Adoption of Fair Information Practice PrinciplesMay 2022 
Media Protection PolicyJanuary 2022Provides guidance on NIST 800-53 Security and Privacy Controls
Statewide Glossary of Information Technology TermsFebruary 2024 
Statewide Data Classification and Handling PolicyFebruary 2016 
Statewide Acceptable Use PolicyMarch 2022 
Mobile Device Management Policy March 30, 2021 
Securing Multifunctional Devices (MFDs) and Network Printers MemoFeb.11, 2015 
2018 Continuous Monitoring Plan Memo June 1, 2018 
2018 Continuous Monitoring Plan - Annual Assessment & Compliance Report TemplateJune 1, 2018 
2016 Continuous Monitoring Plan MemoJan. 27, 2016 
Corrective Action Plan (CAP) and Instructions  
Secure Cloud Storage, File Sharing and Collaboration MemoJan. 4, 2017 
Secure Cloud Storage, File Sharing and Collaboration - Phase II MemoFeb. 15, 2018 
Mandatory HTTPS for Public Sites MemoMarch 8, 2018 
Statewide International Travel Policy  
Vendor Readiness Assessment Report (VRAR)March 2022 
Cloud Vendor Exception Workflow  
ESRMO Forensic Request Form  

 

Annual Security Training

PolicyDateRelated
IRS Security Training for Department of IT Employees and Contractors  
IRS Security Training Confirmation Form for Department of IT Contractors   

 

IT Procurement

PolicyDateRelated
IT Procurement Rules  
IT Procurement Policies and Procedures