The mission of OIS is to provide leadership in the development, delivery and maintenance of an information security program by safeguarding the state's information assets against unauthorized use, disclosure, modification, damage or loss to support Colorado’s mission to provide secure and sustainable services.
OIS is directly aligned with the goals and objectives of the National Strategy to Secure Cyberspace. Working closely with federal, state, local and private sector partners, the Office of Information Security actively gathers and analyzes information on cyber threats and vulnerabilities that present risk to the state's information systems or the critical information managed within.
Security Management: The OIS Security Management is responsible for security risk management across state departments. This group manages State Information Security Policies, Security Standards, onsets with agencies on technical matters, and manages enterprise projects to meet security requirements.
Compliance Program: The OIS Compliance Program has oversight of applicable regulatory compliance to include compliance with federal and state laws, regulations, and Colorado Information Security Policy.
Application Security Program: The OIS Application Security Program is responsible for the creation of secure coding best practices to protect Colorado's information systems and mission critical applications.
Deborah Blyth, the State of Colorado's Chief Information Security Officer (CISO) is responsible for leading OIS and the enterprise-wide Colorado Information Security Program (CISP) that includes governance, risk, compliance and risk management. Read more about Debbi here»
The vision of OIS is to be a leader in preserving the confidentiality, integrity, and availability of state and citizen data while maintaining efficient and effective IT operations for the State of Colorado. At all times, this effort will embrace the following security principles: