Information Security Policies & Standards

The Office of Information Security has issued the following rules and policies under the authority of Colorado Revised Statutes 24-37.5-401 et seq. 


(State Agency Cyber Security Planning)

Colorado Information Security Policies (CISPs)
These policies were reviewed and updated October 2019 and supersede any policies posted prior to this date.

Colorado Security Standards

These State of Colorado technology standards support the state's information security policies.