DARS IT System and Services Acquisition Policy.docx
1/22/2019 2:48 PMPerrine, Rob (DARS)6.0SEC 501 and 525Addresses purpose, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and Procedures to facilitate the implementation of an IT system
DARS Incident Response Policy.docx
1/22/2019 2:51 PMPerrine, Rob (DARS)2.0SEC 501 and 525Sets standards for threat detection, security monitoring and logging, as well as incident handling. Also includes incident response training (including testing), handling, monitoring, reporting, planning and assisting
DARS IT Configuration Management Policy.docx
1/22/2019 3:52 PMPerrine, Rob (DARS)3.0SEC 501 and 525Sets baseline configuration and establishes configuration change control and settings along with configuration management plan. Also includes security impact analysis, access for change restriction, least functionality, and IS Component inventory
DARS IT Media Protection Policy.docx
1/22/2019 4:02 PMPerrine, Rob (DARS)3.0SEC 501 and 525Creates Data Storage/Media Protection practices, including access, storage, transport, and sanitization. Applies to digital and non digital media
DARS IT Personnel Security Policy.docx
1/22/2019 4:35 PMPerrine, Rob (DARS)4.0SEC 501 and 525Documents sensitive information and information systems protection for personnel pre and post employment. Includes, personnel screening, transfer, sanctions and termination along with access agreements and third party personnel security
DARS IT Physical Environmental Protection Policy.docx
9/30/2019 11:59 AMPerrine, Rob (DARS)5.0SEC 501 and 525Defines level of physical/ environmental security for all facilities to safeguard information resources, including physical access authorizations, controls and monitoring. Emergency power, fire protection and temperature control also included
DARS IT Risk Assessment Policy.docx
1/22/2019 4:02 PMPerrine, Rob (DARS)3.0SEC 501 and 525Discusses security categorization, risk assessments, and vulnerability scans to be used in the execution, development and implementation of remediation programs.
DARS IT System and Communications Protection Policy.docx
1/22/2019 4:03 PMPerrine, Rob (DARS)3.0SEC 501 and 525Establishes application partitioning, security function isolation,  boundary protection, public access protections, secure name/address resolution, as well as information in shared resources
DARS IT System and Information Integrity Policy.docx
1/22/2019 4:03 PMPerrine, Rob (DARS)3.0SEC 501 and 525Addresses the implementation of the system and information integrity  controls including flaw remediation, malicious code protection, information system monitoring, spam protection, security alert/advisories/directives, and information input validation
DARS IT System Maintenance Policy.docx
1/22/2019 4:03 PMPerrine, Rob (DARS)3.0SEC 501 and 525Maintenance, diagnostic, and repair activities, performed on site or remotely, are managed and monitored to preserve the confidentiality, integrity, and availability of DARS information systems
DARS IT System Security Planning Policy.docx
1/23/2019 10:38 AMPerrine, Rob (DARS)4.0SEC 501 and 525Develops system security plan for each information system classified as sensitive. Also contains rules to address user behavior with sensitive information and system usage.  Plan and coordinate security-related activities affecting systems
DARS Logical Access Controls Policy.docx
10/1/2019 12:25 PMPerrine, Rob (DARS)3.0SEC 501 and 525Ensures access controls to all information systems, including test and production envorinments. Includes account management, access enforcement, information flow enforcement, separation of duties, least privilege, session lock, unsuccessful login attempts
10/1/2019 12:36 PMPerrine, Rob (DARS)6.0SEC 501 and 525DARS users will be assigned a unique identity to securely authenticate to the systems that they have been authorized to access. Also includes identifier and authenticator management, along with authenticator feedback
DARS IT Security Assessment and Authorization Policy.docx
1/23/2019 10:39 AMPerrine, Rob (DARS)3.0SEC 501 and 525Sets Information System Connections, secruity authorizations covering operations and assets, and established a continuous monitoring program
DARS IT System and Data Classification Policy.docx
3/10/2020 10:20 AMPerrine, Rob (DARS)2.0SEC 501 and 525Designate data types and owner, to ensure systems are properly protected and configured based on the information containted in them