Policies & Standards


CORA: Colorado Open Records Requests

Pursuant to C.R.S. §24-72-205, OIT does not impose a charge for the first hour of time expended in connection with the research and retrieval of public records. After the first hour, OIT charges $25 per hour for the research and retrieval of public records. When the number of pages produced in response to a records request exceeds 25 pages, OIT will charge $0.25 per page for all documents photocopied. CORA requests made of OIT should be submitted in writing, via email, to oit_cora@state.co.us.

Policies & Standards Issued By OIT

Acceptable Use Policy (AUP)

Credentialing/Identity Management

Data Management

Financial Services


Information Security

The Office of Information Security has issued the following policies, rules and standards under the authority of CRS 24-37.5-401 et seq.   

  • Rules
(State Agency Cyber Security Planning)
  • Colorado Information Security Policies (CISPs): These policies were updated in their entirety in February 2017 and supersede any policies posted prior to this date.

Project Management

The Portfolio and Project Management Center of Excellence (PPMCoE) is responsible for setting policies and procedures related to project, program and portfolio management within the Office of Information Technology (OIT) and for Executive Branch agencies who embark on projects that include an IT component.


The Chief Technology Office has issued the following technical standards, superseding any standards posted prior. Each standard has been approved by the OIT Architecture Review Board (ARB), effective as of the "Effective Date" established in each document, and remains in effect until removed or revised by a decision of the ARB.