The Division of Information Security is an operating unit under the Department of Administration’s Division of Technology, responsible for a variety of statewide policies standards, programs and services relating to cyber security and information systems.
Information Security News
- Information Media Disposal Procedure Released
Sept. 8, 2016: DIS has released the statewide procedure for information media disposal. By law (South Carolina Code Ann. § 30-2-310) all state agencies are to follow this procedure to securely transfer or dispose of information technology hardware or storage media. See the procedure.
Information Security and Privacy Standards ReleasedSept. 18, 2015: DIS and the Enterprise Privacy Office (EPO) have released version 1.5 of the standards for compliance with InfoSec and privacy policies. These standards provide additional guidance and clarification for implementation of previously published policies; an updated tool for performing gap analysis, implementation planning, and tracking of implementation progress; as well as a new matrix mapping FedRAMP cloud services to these standards. Other changes from the previous draft include some corrections of typographic errors, and clarification of applicability within scope of HIPAA. View the Standard.
- Updated InfoSec Technology Coverage Standards Draft Released
Aug. 11, 2015: DIS has released an updated draft of the InfoSec Technology Coverage Standards (SCDIS-210) document for review. Any comments should be submitted to firstname.lastname@example.org. The revised document has been posted to the Policies and Procedures webpage. View the Standard.
- Deloitte InfoSec Final Report Released
Dec. 1, 2014: Deloitte has released its State of South Carolina Information Security and Privacy Final Report, which provides observations and recommendations related to the InfoSec and Privacy programs View Final Report.