Form Oit-0137 - Information Security'S Certification And Accreditation Checklist

Download a blank fillable Form Oit-0137 - Information Security'S Certification And Accreditation Checklist in PDF format just by clicking the "DOWNLOAD PDF" button.

Open the file in any PDF-viewing software. Adobe Reader or any alternative for Windows or MacOS are required to access and complete fillable content.

Complete Form Oit-0137 - Information Security'S Certification And Accreditation Checklist with your personal data - all interactive fields are highlighted in places where you should type, access drop-down lists or select multiple-choice options.

Some fillable PDF-files have the option of saving the completed form that contains your own data for later use or sending it out straight away.

ADVERTISEMENT

INFORMATION SECURITY’S CERTIFICATION
AND ACCREDITATION CHECKLIST
Agency / Asset Information
Date:
Agency:
ASAI:
Project Name:
Application Name:
The purpose of the checklist is to guide an agency and for the Statewide Office of Information Security to
follow in validating security requirements for systems, applications, system software, and other
technologies before they are deployed into a production environment. It is designed to ensure
compliance with specifications, regulations, standards and objectives identified during each phase of
the System Development Life Cycle (SDLC). Reference the 205 – Certification and Accreditation
Policy.
Check Boxes for those that are Completed
Begin the System Architecture Review (SAR) process.
Business Case
Review
Template.dot
Identify:
On-Premise
On Premise
Cloud Service Provider
Hybrid.
and/or Cloud
(Infrastructure as a Service – single tenant).
Provider
(Software as a Service – multi-tenant with no Personal Identifiable Information or
Intellectual Property).
Cloud Provider:
RFP appendix
In addition to the Standard Terms and Conditions, please reference Amendment #3
requirements
– Change to Method of Operation. This needs to be completed by the software
(including
publisher and approved by DPP.
Security Plan)
Once the terms and conditions have been addressed, we are then able to move into
the system architecture review (SAR) and security realm. We will treat the software
publisher as an Business Entity.
Standard Security Controls Language for RFPs – reference RFP Security Controls with
Extranet & File Transfer.
Asset
Completed the Asset Classification worksheet.
Classification
Security
Identified anticipated security needs based on regulatory compliance.
Requirements
OIT-0137 (11/02/2016)
Information Security’s Certification and Accreditation Checklist Version 4
Page 1 of 4

ADVERTISEMENT

00 votes

Related Articles

Related forms

Related Categories

Parent category: Legal
Go
Page of 4