Security concern or incident to report?
We are here to help with network security vulnerabilities and threats in Colorado: 303.764.7760

Information Security Policies & Standards

The Office of Information Security has issued the following rules and policies under the authority of Colorado Revised Statutes 24-37.5-401 et seq. 


(State Agency Cyber Security Planning)

Colorado Information Security Policies (CISPs)
All of the Colorado Information Security Policies were revised in their entirety on Feb. 1, 2017. These mandatory policies supersede all previously posted CISPs (including the version 1.0 policies dated Feb. 11, 2015).

Colorado Security Standards

These State of Colorado technology standards support the state's information security policies.