Division of Technology

Information Security

The Division of Information Security is an operating unit under the Department of Administration’s Division of Technology, responsible for a variety of statewide policies standards, programs and services relating to cyber security and information systems.

Information Security News

  • Information Media Disposal Procedure Released
    Sept. 8, 2016: DIS has released the statewide procedure for information media disposal.  By law (South Carolina Code Ann. § 30-2-310) all state agencies are to follow this procedure to securely transfer or dispose of information technology hardware or storage media. See the procedure.
  • Information Security and Privacy Standards Released
    Sept. 18, 2015: DIS and the Enterprise Privacy Office (EPO) have released version 1.5 of the standards for compliance with InfoSec and privacy policies. These standards provide additional guidance and clarification for implementation of previously published policies; an updated tool for performing gap analysis, implementation planning, and tracking of implementation progress; as well as a new matrix mapping FedRAMP cloud services to these standards. Other changes from the previous draft include some corrections of typographic errors, and clarification of applicability within scope of HIPAA. View the Standard.
     
  • Updated InfoSec Technology Coverage Standards Draft Released 
    Aug. 11, 2015: DIS has released an updated draft of the InfoSec Technology Coverage Standards (SCDIS-210) document for review. Any comments should be submitted to informationsecurity@admin.sc.gov. The revised document has been posted to the Policies and Procedures webpage. View the Standard.
     
  • Deloitte InfoSec Final Report Released 
    Dec. 1, 2014: Deloitte has released its State of South Carolina Information Security and Privacy Final Report, which provides observations and recommendations related to the InfoSec and Privacy programs View Final Report.