Justice Court Fund Reporting Changes
Fiscal Stress Monitoring System Briefing for Non-Calendar Year Filers
NYSLRS Record of Activities - Elected and Appointed Officials
Information Technology Governance
Local Government Management Guide
Security Self-Assessment: Questions
Information Technology Governance: Security Self-Assessment Questions
A fillable form is available for download and completion online at https://www.osc.ny.gov/files/local-government/publications/pdf/IT-Governance-Self-Assessment-Form.pdf
Information Technology Governance
Local Government Management Guide
Additional Resources
Center for Internet Security | https://www.cisecurity.org/ |
National Institute of Standards and Technology | https://www.nist.gov/ |
New York State Education Department | http://www.nysed.gov/data-privacy-security |
Information Technology Governance
Local Government Management Guide
Area #12 – Information Technology Contingency Planning
Written IT Contingency Plan
Because no computer system can be expected to operate perfectly at all times, unplanned service disruptions are inevitable. A disruptive event could include a power outage, software failure caused by a virus or malicious software, equipment destruction, inadvertent employee action or a natural disaster, such as a flood or fire. The plans, policies, procedures and technical measures that help enable the recovery of operations after an unexpected IT disruption are collectively referred to as IT contingency planning.
Information Technology Governance
Local Government Management Guide
Area #11 – Physical Controls
Physical security controls restrict physical access to computer resources and protect those resources from intentional or unintentional harm, loss or impairment. Such controls include guards, gates and locks, and also environmental controls such as smoke detectors, fire alarms and extinguishers, protection from water damage and uninterruptible power supplies.
Information Technology Governance
Local Government Management Guide
Area #10 – Firewalls and Intrusion Detection
Networks that are connected to the Internet are physically connected to unknown networks and their users all over the world. While such connections are often useful, they also increase the vulnerability of IT systems and electronic data to access and attacks from unauthorized individuals.
Information Technology Governance
Local Government Management Guide
Area #9 – Wireless Network
Wireless networks are exposed to many of the same types of threats and vulnerabilities as wired networks, including viruses, malware, unauthorized access and data loss. However, they are considered inherently less secure than wired networks because data are transmitted into the air and can potentially be intercepted and misused by individuals with malicious intent. Also, because wireless networks are often used as extensions of wired networks, even minor IT security weaknesses on wireless networks can expose internal network resources to additional threats.