Statewide technology policies and guidelines set standards and define best practices for the State's IT community. All statewide technology policies are available by category and can be ordered by number, date published, and date modified date. A complete listing of defined terms for NYS Information Technology Policies, Standards, and Best Practice Guidelines is available in the "NYS Information Technology Policies, Standards, and Best Practice Guidelines Glossary".
More information about the process for establishing NYS policies is available in the Process for Establishing Enterprise Information Technology Policies, Standards, and Guidelines (NYS-P09-003).
| Category | Date Published |
Last Updated |
No. | Title |
|---|---|---|---|---|
| Security | 01/17/2014 | 12/07/2018 | NYS-P14-001 | Acceptable Use of Information Technology (IT) Resources Policy |
| Security | 04/18/2003 | 12/07/2018 | NYS-P03-002 | Information Security Policy |
| Security | 05/10/2010 | 10/25/2018 | NYS-G10-001 | Secure Use of Social Media |
| Security | 02/21/2014 | 09/13/2018 | NYS-S14-005 | Security Logging |
| Security | 10/18/2013 | 09/11/2018 | NYS-S13-002 | Secure Coding Standard |
| Security | 04/18/2014 | 09/11/2018 | NYS-S14-008 | Secure Configuration Standard |
| Security | 05/15/2015 | 09/11/2018 | NYS-S15-003 | 802.11 Wireless Network Security |
| Security | 04/18/2014 | 09/11/2018 | NYS-S14-009 | Mobile Device Security |
| Security | 01/16/2015 | 09/11/2018 | NYS-S15-001 | Patch Management |
| Security | 01/17/2014 | 09/11/2018 | NYS-S14-001 | Information Security Risk Management Standard |
| Security | 02/12/2010 | 09/10/2018 | NYS-S10-001 | CPE Requirements for ISOs/Designated Security Representatives Standard |
| Security | 11/15/2013 | 09/10/2018 | NYS-S13-005 | Cyber Incident Response Standard |
| Web and Digital Government | 10/20/2011 | 08/14/2018 | NYS-P11-001 | Social Media |
| Web and Digital Government | 08/22/2005 | 07/11/2018 | NYS-S05-002 | Contact Web Page |
| Web and Digital Government | 10/27/2008 | 07/03/2018 | NYS-P08-003 | Domain Names for State Government Agencies |
| Policy | 12/04/2017 | 06/14/2018 | NYS-P09-003 | Process for Establishing Enterprise Information Technology Policies, Standards, and Guidelines |
| IT Standards | 06/17/2002 | 04/20/2018 | NYS-G02-001 | Internet Privacy Guideline |
| IT Standards | 01/30/2018 | 01/30/2018 | NYS-S17-003 | Notification Standard for Certain Types of Regulated Data |
| Technology Development/Use | 04/11/2014 | 11/29/2017 | NYS-S14-012 | Bring Your Own Device (BYOD) |
| Policy | 01/14/2009 | 10/10/2017 | NYS-P08-002 | Authority to Establish Policy |
| Web and Digital Government | 03/25/2005 | 10/03/2017 | NYS-P10-001 | Advertisements, Endorsements and Sponsorships on State Entity Websites |
| Policy | 05/26/2004 | 09/06/2017 | NYS-G04-001 | Electronic Signatures and Records Act (ERSA) Guidelines |
| Security | 10/18/2013 | 07/17/2017 | NYS-S13-003 | Sanitization Secure Disposal Standard |
| Security | 03/21/2014 | 07/11/2017 | NYS-S14-007 | Encryption Standard |
| Privacy | 08/07/2010 | 06/28/2017 | NYS-P10-004 | Guidance for the Use of SSNs by State Government Entities |
| Web and Digital Government | 08/24/2007 | 05/17/2017 | NYS-S07-001 | Mandatory Technology Standard on Webcasting Open Meetings |
| Web and Digital Government | 04/11/2007 | 05/16/2017 | NYS-G07-002 | Best Practice Guideline on Webcasting Open Meetings |
| Policy | 04/27/2001 | 03/22/2017 | NYS-P01-001 | Bid Protest Policy |
| Security | 10/18/2013 | 03/10/2017 | NYS-S13-001 | Secure System Development Life Cycle |
| Security | 10/18/2013 | 03/10/2017 | NYS-P13-001 | Information Security Exception Policy |
| Security | 08/15/2014 | 03/10/2017 | NYS-S14-013 | Account Management / Access Control Standard |
| Security | 10/18/2013 | 03/10/2017 | NYS-S13-004 | Identity Assurance Standard |
| Security | 04/18/2014 | 03/10/2017 | NYS-S14-010 | Remote Access |
| Security | 10/10/2008 | 03/10/2017 | NYS-S14-002 | Information Classification Standard |
| Security | 10/10/2008 | 03/10/2017 | NYS-S14-003 | Information Security Controls |
| Security | 01/16/2015 | 03/10/2017 | NYS-S15-002 | Vulnerability Scanning |
| Security | 10/05/2010 | 02/16/2017 | NYS-P10-006 | Identity Assurance Policy |
| Security | 03/21/2014 | 02/15/2017 | NYS-S14-006 | Authentication Tokens |
| Technology Development/Use | 04/17/1998 | 02/07/2017 | NYS-P98-003 | Date/Time Conversion Contract Language Policy (PDF) |
| Web and Digital Government | 04/15/2016 | 04/15/2016 | NYS-S16-001 | New York State Universal Web Navigation |
| Technology Development/Use | 04/11/2014 | 04/15/2014 | NYS-S14-011 | Enterprise Mobile Management Technical Standard |
| Web and Digital Government | 05/17/2010 | 11/14/2012 | NYS-P08-005 | Accessibility of Web-Based Information and Applications – Haitian Creole |
| Web and Digital Government | 05/07/2010 | 11/14/2012 | NYS-P08-005 | Accessibility of Web-Based Information and Applications – Korean |
| Web and Digital Government | 05/17/2010 | 11/14/2012 | NYS-P08-005 | Accessibility of Web-Based Information and Applications – Russian |
| Web and Digital Government | 05/17/2010 | 11/14/2012 | NYS-P08-005 | Accessibility of Web-Based Information and Applications – Chinese |
| Web and Digital Government | 05/17/2010 | 11/14/2012 | NYS-P08-005 | Accessibility of Web-Based Information and Applications – Spanish |
| Web and Digital Government | 05/17/2010 | 11/04/2012 | NYS-P08-005 | Accessibility of Web-Based Information and Applications – Italiano |
| Web and Digital Government | 09/10/2010 | 10/20/2010 | NYS-P08-005 | Accessibility of Web-Based Information and Applications Compliance Reporting |
| Procurement | 04/01/2008 | 07/12/2010 | NYS-P08-001 | Plan to Procure |
| Policy | 10/01/2009 | NYS-P09-002 | Process for Establishing Enterprise Information Technology Standards - Original posted 2009 |