Statewide technology policies and guidelines set standards and define best practices for the State's IT community. All statewide technology policies are available by category and can be ordered by number, date published, and date modified date.
A complete listing of defined terms for NYS Information Technology Policies, Standards, and Best Practice Guidelines is available in the "NYS Information Technology Policies, Standards, and Best Practice Guidelines Glossary"
More information about the process for establishing NYS policies is available in the Process for Establishing Enterprise Information Technology Standards(NYS-P09-002) and also located in the Development of Enterprise IT Policies (NYS-P09-003). To request an archived policy, contact policy@its.ny.gov.
| Category | Date Published | Last Updated |
No. |
Title |
|---|---|---|---|---|
| Web and Digital Government | 04/15/2016 | 04/15/2016 | NYS-S16-001 | New York State Universal Web Navigation |
| Security | 05/15/2015 | 02/15/2017 | NYS-S15-003 | 802.11 Wireless Network Security |
| Security | 01/16/2015 | 03/10/2017 | NYS-S15-002 | Vulnerability Scanning Standard |
| Security | 01/16/2015 | 03/10/2017 | NYS-S15-001 | Patch Management Standard |
| Security | 08/15/2014 | 03/10/2017 | NYS-S14-013 | Account Management / Access Control Standard |
| Technology Development/Use | 04/11/2014 | 04/15/2014 | NYS-S14-012 | Bring Your Own Device (BYOD) |
| Technology Development/Use | 04/11/2014 | 04/15/2014 | NYS-S14-011 | Enterprise Mobile Management Technical Standard |
| Security | 04/18/2014 | 03/10/2017 | NYS-S14-010 | Remote Access Standard |
| Security | 04/18/2014 | 02/15/2017 | NYS-S14-009 | Mobile Device Security |
| Security | 04/18/2014 | 02/15/2017 | NYS-S14-008 | Secure Configuration Standard |
| Security | 03/21/2014 | 07/14/2017 | NYS-S14-007 | Encryption Standard |
| Security | 03/21/2014 | 02/15/2017 | NYS-S14-006 | Authentication Tokens |
| Security | 02/21/2014 | 02/21/2017 | NYS-S14-005 | Security Logging Standard |
| Security | 10/10/2008 | 03/10/2017 | NYS-S14-003 | Information Security Controls Standard |
| Security | 10/10/2008 | 03/10/2017 | NYS-S14-002 | Information Classification Standard |
| Security | 01/17/2014 | 03/10/2017 | NYS-S14-001 | Information Security Risk Management Standard |
| Security | 11/15/2013 | 03/10/2017 | NYS-S13-005 | Cyber Incident Response Standard |
| Security | 10/18/2013 | 03/10/2017 | NYS-S13-004 | Identity Assurance Standard |
| Security | 10/18/2013 | 07/14/2017 | NYS-S13-003 | Sanitization/Secure Disposal Standard |
| Security | 10/18/2013 | 03/10/2017 | NYS-S13-002 | Secure Coding Standard |
| Security | 10/18/2013 | 03/10/2017 | NYS-S13-001 | Secure System Development Life Cycle (SSDLC) Standard |
| Security | 02/12/2010 | 03/10/2017 | NYS-S10-001 | CPE Requirements for ISOs/Designated Security Representatives Standard |
| Web and Digital Government | 08/24/2007 | 05/16/2017 | NYS-S07-001 | Mandatory Technology Standard on Webcasting Open Meetings |
| Web and Digital Government | 08/22/2005 | 04/10/2017 | NYS-S05-002 | Contact Web Page |
| Technology Development/Use | 04/17/1998 | 08/30/2011 | NYS-P98-003 | NYS-P98-003 Date/Time Conversion Contract Language Policy (PDF) |
| Security | 01/17/2014 | 02/22/2017 | NYS-P14-001 | Acceptable Use of Information Technology (IT) Resources Policy |
| Security | 10/18/2013 | 03/10/2017 | NYS-P13-001 | Information Security Exception Policy |
| Web and Digital Government | 10/20/2011 | 07/28/2014 | NYS-P11-001 | Social Media Policy |
| Security | 10/05/2010 | 02/16/2017 | NYS-P10-006 | Identity Assurance Policy |
| Network Services | 10/05/2010 | 10/05/2010 | NYS-P10-005 | Enterprise Identity Management (EIM) Governance Authority |
| Privacy | 08/07/2010 | 06/28/2017 | NYS-P10-004 | Guidance for the Use of SSNs by State Government Entities |
| GIS | 07/17/1997 | 05/01/2010 | NYS-P10-003 | GIS Data Sharing |
| GIS | 09/17/1996 | 05/01/2010 | NYS-P10-002 | Geographic Information Systems |
| Web and Digital Government | 03/25/2005 | 03/25/2005 | NYS-P10-001 | Advertisements, Endorsements and Sponsorships on State Entity Websites |
| Policy | 10/01/2009 | 10/01/2009 | NYS-P09-003 | Development of Enterprise IT Policies |
| IT Standards | 10/01/2009 | 06/01/2010 | NYS-P09-002 | Process for Establishing Enterprise Information Technology Standards |
| Technology Development/Use | 03/09/2009 | 07/27/2011 | NYS-P09-001 | State Agency Use of Supercomputing Resources |
| Web and Digital Government | 10/20/2010 | 11/16/2010 | NYS-P08-005 | 2010 NYS Accessibility Coordinator Listing |
| Web and Digital Government | 05/17/2010 | 11/14/2012 | NYS-P08-005 | Accessibility of Web-Based Information and Applications – Haitian Creole |
| Web and Digital Government | 05/17/2010 | 11/04/2012 | NYS-P08-005 | Accessibility of Web-Based Information and Applications – Italiano |
| Web and Digital Government | 05/07/2010 | 11/14/2012 | NYS-P08-005 | Accessibility of Web-Based Information and Applications – Korean |
| Web and Digital Government | 05/17/2010 | 11/14/2012 | NYS-P08-005 | Accessibility of Web-Based Information and Applications – Russian |
| Web and Digital Government | 05/17/2010 | 11/14/2012 | NYS-P08-005 | Accessibility of Web-Based Information and Applications – Chinese |
| Web and Digital Government | 05/17/2010 | 11/14/2012 | NYS-P08-005 | Accessibility of Web-Based Information and Applications – Spanish |
| Web and Digital Government | 09/10/2010 | 10/20/2010 | NYS-P08-005 | Accessibility of Web-Based Information and Applications Compliance Reporting |
| Web and Digital Government | 05/17/2010 | 11/27/2012 | NYS-P08-003 | Domain Names for State Government Entities |
| Policy | 01/14/2009 | 04/29/2011 | NYS-P08-002 | Authority to Establish State Enterprise Information Technology (IT) Policy, Standards and Guidelines |
| Security | 04/18/2003 | 03/10/2017 | NYS-P03-002 | Information Security Policy |
| Policy | 04/27/2001 | 03/22/2017 | NYS-P01-001 | Bid Protest Policy |
| Security | 05/10/2010 | 02/15/2017 | NYS-G10-001 | Secure Use of Social Media Guideline |
| Web and Digital Government | 04/11/2007 | 05/16/2017 | NYS-G07-002 | Best Practice Guideline on Webcasting Open Meetings |
| Electronic Records | 05/01/2004 | 12/20/2013 | NYS-G04-001 | Revised Electronic Signatures and Records Act (ESRA) Guidelines |
| IT Standards | 06/17/2002 | 03/21/2017 | NYS-G02-001 | Internet Privacy Guideline |