Statewide technology policies and guidelines set standards and define best practices for the State's IT community. All statewide technology policies are available by category and can be ordered by number, date published, and date modified date. A complete listing of defined terms for NYS Information Technology Policies, Standards, and Best Practice Guidelines is available in the "NYS Information Technology Policies, Standards, and Best Practice Guidelines Glossary".
More information about the process for establishing NYS policies is available in the Process for Establishing Enterprise Information Technology Policies, Standards, and Guidelines (NYS-P09-003).
| Category | Date Published | Last Updated |
No. |
Title |
|---|---|---|---|---|
| Security | 07/16/2020 | 07/16/2020 | NYS-S20-001 | Digital Identity Standard |
| IT Standards | 01/30/2018 | 01/30/2018 | NYS-S17-003 | Notification Standard for Certain Types of Regulated Data |
| Web and Digital Government | 04/15/2016 | 04/15/2016 | NYS-S16-001 | New York State Universal Web Navigation |
| Security | 05/15/2015 | 11/23/2021 | NYS-S15-003 | 802.11 Wireless Network Security |
| Security | 01/16/2015 | 05/04/2021 | NYS-S15-002 | Vulnerability Management |
| Security | 01/16/2015 | 05/04/2021 | NYS-S15-001 | Patch Management |
| Security | 08/15/2014 | 12/01/2020 | NYS-S14-013 | Account Management Access Control Standard |
| Technology Development/Use | 04/11/2014 | 12/01/2020 | NYS-S14-012 | Bring Your Own Device (BYOD) |
| Technology Development/Use | 04/11/2014 | 11/23/2021 | NYS-S14-011 | Enterprise Mobile Management Technical Standard |
| Security | 04/18/2014 | 07/16/2020 | NYS-S14-010 | Remote Access |
| Security | 04/18/2014 | 08/16/2021 | NYS-S14-009 | Mobile Device Security |
| Security | 04/18/2014 | 08/16/2021 | NYS-S14-008 | Secure Configuration Standard |
| Security | 03/21/2014 | 07/16/2020 | NYS-S14-007 | Encryption Standard |
| Security | 03/21/2014 | 12/01/2020 | NYS-S14-006 | Authentication Tokens Standard |
| Security | 02/21/2014 | 11/23/2021 | NYS-S14-005 | Security Logging Standard |
| Security | 10/10/2008 | 03/10/2017 | NYS-S14-003 | Information Security Controls |
| Security | 10/10/2008 | 07/16/2020 | NYS-S14-002 | Information Classification Standard |
| Security | 01/17/2014 | 11/23/2021 | NYS-S14-001 | Information Security Risk Management Standard |
| Security | 11/15/2013 | 09/10/2018 | NYS-S13-005 | Cyber Incident Response Standard |
| Security | 10/18/2013 | 11/23/2021 | NYS-S13-003 | Sanitization Secure Disposal Standard |
| Security | 10/18/2013 | 12/01/2020 | NYS-S13-002 | Secure Coding Standard |
| Security | 10/18/2013 | 03/09/2017 | NYS-S13-001 | Secure System Development Life Cycle |
| Security | 02/12/2010 | 05/04/2021 | NYS-S10-001 | CPE Requirements for ISOs/Designated Security Representatives Standard |
| Web and Digital Government | 08/22/2005 | 11/23/2021 | NYS-S05-002 | Contact Web Page |
| Technology Development/Use | 04/17/1998 | 11/23/2021 | NYS-P98-003 | Date Time Conversion Contract Language |
| Security | 07/16/2020 | 07/16/2020 | NYS-P20-001 | Digital Identity Policy |
| Security | 01/17/2014 | 12/07/2018 | NYS-P14-001 | Acceptable Use of Information Technology (IT) Resources Policy |
| Security | 10/18/2013 | 02/07/2020 | NYS-P13-001 | Information Security Exception Policy |
| Web and Digital Government | 10/20/2011 | 08/14/2018 | NYS-P11-001 | Social Media |
| Privacy | 07/07/2010 | 10/02/2020 | NYS-P10-004 | Guidance for the Use of SSNs by State Government Entities |
| Division of Legal | 03/25/2005 | 08/16/2021 | NYS-P10-001 | Advertisements, Endorsements and Sponsorships on State Entity Websites |
| Policy | 04/04/2002 | 05/04/2021 | NYS-P09-003 | Process for Establishing Enterprise Information Technology Policies, Standards, and Guidelines |
| Web and Digital Government | 04/04/2002 | 07/17/2019 | NYS-P08-005 | Accessibility of Information Communication Technology |
| Web and Digital Government | 10/27/2008 | 12/27/2019 | NYS-P08-003 | Domain Names for State Government Agencies |
| Policy | 04/04/2002 | 11/23/2021 | NYS-P08-002 | Authority to Establish Enterprise Information Technology Policies, Standards, and Guidelines |
| Procurement | 04/01/2008 | 07/06/2022 | NYS-P08-001 | Plan to Procure |
| Security | 04/18/2003 | 11/23/2021 | NYS-P03-002 | Information Security Policy |
| Policy | 04/27/2001 | 08/24/2020 | NYS-P01-001 | Bid Protest Policy |
| Security | 05/10/2010 | 10/25/2018 | NYS-G10-001 | Secure Use of Social Media |
| Policy | 05/26/2004 | 05/04/2021 | NYS-G04-001 | Electronic Signatures and Records Act (ESRA) Guidelines |
| IT Standards | 06/17/2002 | 10/02/2020 | NYS-G02-001 | Internet Privacy Guideline |
