Policies & Standards Issued by CTO

The policies and standards listed below are issued by the West Virginia Office of Technology Chief Technology Officer under the authority granted by the Legislature in WV Code Section 5A-6-4a and the Governor's Executive Order 6-06 and 3-17.

CSS#	Standard	Revised Date*
2018-1	Remote Access Authentication	Issued: 08/01/2018
2019-2	Advanced E-Mail Protections	Revised: 08/01/2019
2019-3	Payment Card Industry Data Security	Revised: 04/17/2019

PO#	Policy Name	Revised Date*
18-001	New CTO Accelerated Approval Policy	Issued: 12/10/2018
	New CTO Accelerated Approval Policy Instructions and Form	Issued: 12/10/2018
PO1002	Acceptable Use of Portable and/or Wireless Devices	Revised: 03/01/2019
PO1010	Acceptable Use of State-Provided Instant Messaging	Revised: 03/01/2019
PO1025	Accreditation and Certification	Revised: 03/01/2019
PO1021	Account Management	Revised: 03/01/2019
PO1014	Malicious Software/Anti-Virus	Revised: 03/01/2019
PO1015	Change & Configuration Management	Revised: 03/01/2019
PO1033	Cloud Services - OneDrive for Business	Revised: 03/01/2019
PO1012	Contractor Management - Attachment A. Contractor Information Form - Attachment B. Employment Confirmation	Revised: 03/01/2019
PO1013	Data Backup and Retention	Revised: 03/01/2019
PO1006	Data Classification	Revised: 03/01/2019
PO1005	E-Mail Use Standards	Revised: 03/01/2019
PO1023	E-Recycling -- See WV Admin Code Title 163	--
PO1008	Information Security Auditing Program	Revised: 03/01/2019
PO1001	Information Security Policy	Revised: 03/01/2019
PO1022	Internet Usage	Revised: 03/01/2019
PO1000	IT Policy and Procedure Development	Revised: 03/01/2019
PO1018	Network Violation Reporting	Revised: 03/01/2019
PO1011	Media Protection	Revised: 03/01/2019
PO1017	Use of Social Media	Revised: 03/01/2019
PO1019	Wireless Access Points	Revised: 03/01/2019
PO1026	WVOT Monitoring Policy	Revised: 03/01/2019
PR1001	Technical Investigations This procedure, along with the accompanying form, details the process for State Agencies to follow when requesting an investigation into any State employee’s technology-based activity. Supervisors and managers must follow this procedure to initiate investigations of persons using State equipment and systems submitting the required information at SocForms.wv.gov	Revised: 03/01/2019
FOIA	FOIA Request for Information This form is for INTERNAL USE ONLY. Agencies are required to use this form to assist in the recovery of electronic data for FOIA requests. If you do not enter accurate or required information, we may be unable to fulfill your data request.
VSS	Vulnerability Scanning Request Form This form is for agencies that are not within the Executive Branch that wish to participate in the Vulnerability Scanning Service.

These policies apply to all Executive Branch Departments, Agencies and Commissions within the Governor's organizational structure.