Form Oit-0137 - Information Security'S Certification And Accreditation Checklist Page 3
Download a blank fillable Form Oit-0137 - Information Security'S Certification And Accreditation Checklist in PDF format just by clicking the "DOWNLOAD PDF" button.
Open the file in any PDF-viewing software. Adobe Reader or any alternative for Windows or MacOS are required to access and complete fillable content.
Complete Form Oit-0137 - Information Security'S Certification And Accreditation Checklist with your personal data - all interactive fields are highlighted in places where you should type, access drop-down lists or select multiple-choice options.
Some fillable PDF-files have the option of saving the completed form that contains your own data for later use or sending it out straight away.
ADVERTISEMENT
1
2
3
4The purpose of the checklist is to guide an agency and for the Statewide Office of Information Security to
follow in validating security requirements for systems, applications, system software, and other
technologies before they are deployed into a production environment. It is designed to ensure
compliance with specifications, regulations, standards and objectives identified during each phase of
the System Development Life Cycle (SDLC). Reference the 205 – Certification and Accreditation
Policy.
Check Boxes for those that are Completed
DOTGOV name
Create the dotgov name space space (include other domain space .com, etc) within
space
the State’s environment.
In order for a DOTGOV to be acquired by a state level authority the Chief Information
Officer must approve the domain via a signed authorization letter. Creative Services
keeps a copy of all the authorization letters.
OIT does not pay for any client domains. All domains are registered by the client at
their respective registrar; nj.gov and state.nj.us are registered through OIT.
Physical SAR
Vulnerability
Assessment
Requests to OIT for a vulnerability assessment of applications, hosts, devices or networks should be
submitted to
oit.riskassessments@oit.nj.gov
no later than 4:00 pm Thursdays and prior to 20 business
days before production. Execution of security scanning will be conducted the next week following the
request. The risk assessment and remediation are not included in the scanning process and must be
factored into the project timeline.
1) OS and Software scans.
Scan Date
Requestor Name
2) Application security scans.
Scan Date
Requestor Name
3) Penetration testing.
Scan Date
Requestor Name
Vulnerabilities Detected.
Vulnerabilities Results Reviewed.
Vulnerabilities Report Distributed.
Risk
Assessment
OIT-0137 (11/02/2016)
Information Security’s Certification and Accreditation Checklist Version 4
Page 3 of 4
ADVERTISEMENT
0 votes
Related Articles
Related forms
Form 1096 (for Informational Purposes) - Annual Summary And Transmittal Of U.s. Information Returns - 2016
Financial
Form 1096 (for Informational Purposes) - Annual Summary And Transmittal Of U.s. Information Returns - 2017
Financial
Form Hud-3111 - Mortgagee's Certification And Application For Interest Reduction Payments - U.s. Department Of Housing And Urban Development
Legal
Form Mv-901di - Instructions And Requirements For Completing Mv-901d "garageman's Certification And Bill Of Sale For Vehicles Worth Less Than 500"
Legal
Form Ds-de 50 Sequoia - Provisional Ballot Voter's Certificate And Affirmation - Processing Procedures (2006)
Legal
Form Ds-de 49 Ts - Provisional Ballot Voter's Certificate And Affirmation - Provisional Ballot Processing Procedures (2006)
Legal
Form Ds De 49-os/ts - Provisional Ballot Voter's Certificate And Affirmation - Provisional Ballot Processing Procedures (2006)
Legal
Related Categories
Parent category: Legal