5300    INTRODUCTION
(Revised 10/09)

Information security means the protection of information and information systems, equipment, and people from a wide spectrum of threats and risks. Implementing appropriate security measures and controls to provide for the confidentiality, integrity, and availability of information, regardless of its form (electronic, print, or other media) is critical to ensure business continuity and protection against unauthorized access, use, disclosure, disruption, modification, or destruction.

Government Code Section 11549 (et. seq) Chapter 183 of the Statutes of 2007 (Senate Bill 90), provides the California Office of Information Security, within the State and Consumer Services Agency's Office of Information Security and Privacy Protection, with the responsibility and authority to create, issue, and maintain policies, standards, and procedures; direct state agencies to effectively manage security and risk; advise and consult with state agencies on security issues; and, ensure state agencies are in compliance with the requirements specified in the State Administrative Manual (SAM) Sections 5300 - 5399. These sections will continue to evolve as new policy is adopted.

AUTHORITY          STANDARDS          GUIDANCE          FORMS          TOOLS