• About GTA
  • Board of Directors
  • GTA Leadership
  • Career Opportunities
• News & Information
  • Headlines
  • IT for State Executives
  • Multimedia
  • GTA in the News
  • GTA Blogs
• Services
  • Data Sales
    • Bulk Corporations Data
    • Dealer Internet Inquiry
    • Georgia Felon Search
    • LicenseMatch
    • Motor Vehicle Reports
  • MPLS
    • Training - Monitoring Tools
  • Products and Services Catalog
    • Computer Services
    • Telecommunications Services
    • Professional Services
    • All Products and Services
  • State Paging Service
  • Unified Messaging
    • Unified Messaging FAQs
• Initiatives & Programs
  • State Technology Transformation (GAIT 2010)
    • Contracts Overview
    • Request for Proposal
    • Service Management Organization (SMO)
    • Service Transition Planning
    • Service Transition Briefings
    • Assessment Briefings - 2007
    • Procurement Briefings - 2008
    • Definitions of Terms
    • FAQs - Workforce
    • FAQs - Service Management Organization
    • Related GAIT 2010 Documents
  • IT Expenditures Report
  • Wireless Communities Georgia
  • State Portal
  • Digital Academy
• Procurement
  • Hardware Contracts
    • 2-Way Radio
    • Advanced Electronic Office Systems/Gammatech
    • Apple Computer
    • Digital Copier Contract
    • Network
    • RISC Workstation
    • Video Conferencing Equipment
    • WSCA
  • Services Contracts
    • Employee Time and Attendance Management Solution
    • Legal Subscription Services
    • On-Site Computer Equipment Maintenance (PC Maintenance)
    • Specialized Consulting Services
    • Portal Development Services
    • Two-Way Radio Maintenance
    • Wireless Communications Devices and Services
  • Software Contracts
    • Oracle Enterprise License Agreement
  • All Contracts - Alphabetical Index
• Governance & Planning
  • Enterprise Information Security
  • Enterprise Policy, Standards & Architecture
    • Application Development
    • IT Management
    • Operations
    • Security
    • All Policies and Standards
  • Enterprise Strategic Planning
  • Enterprise Program and Project Management Office
    • Agency Project Requests
    • Project Management
    • Project Management Methodology Library
• Contact Us
  • Driving Directions
  • Regional Operations Offices

Home > Governance & Planning > Enterprise Information Security

Enterprise Information Security

GTA publishes state’s first Enterprise Information Security Report

October 31, 2008 - The Georgia Technology Authority has published the first comprehensive report on information security programs in state agencies.  The Enterprise Information Security Report for FY 2008 compiles information from 109 state agencies about their security activities under Georgia’s new Information Security Program.

Governor Perdue and the GTA Board of Directors initiated the program in March 2008 with the goals of measuring information security across state agencies and tracking progress from year to year.  Georgians entrust state government with highly sensitive personal information, and the protection of their information must be a high priority.  The state’s program is modeled after the federal program created by the Federal Information Security Management Act of 2002 (FISMA).

The report finds state agencies making significant progress in complying with a comprehensive set of Information Security Policies, Standards and Guidelines.  Along with Governor Perdue’s Executive Order on Information Security Reports, these policies, standards and guidelines are the foundation of the state’s Information Security Program.

Summary of findings

The enterprise report shows agencies in all three branches of state government are making information security a priority.

• 48 of the state’s 64 complex agencies (those with more than just an informational website and e-mail) submitted a complete security inventory of their information systems.
• 16 of those 48 agencies rated at least one of their information systems as high-impact, which means a security incident could potentially result in catastrophic financial damage to the state and/or physical harm to a person.
• 29 percent of high-impact information systems have security plans complying with the state’s new requirements.

State agencies are also training employees to understand their role in information security.  Awareness training is considered the most cost-effective way to improve information security.

• Although training materials were not available until April 2008, agencies reported training 50 percent of their employees by the end of FY 2008.
• 92 percent of employees in the 16 agencies with high-impact systems received security awareness training.

The report includes Plans of Action and Milestones, which establish clearly defined goals for state agencies in 13 different security-related areas.

Questions?  Contact Mr. Mark Reardon, State Information Security Officer.

---

Governor's Executive Order on Information Security Reports

Govenor's News Release on Executive Order

Enterprise Information Security Report for FY 2008

GTA Issues Information Security Reporting Standard

Information Security Guide for State of Georgia Government Executives

Information Security Policies, Standards and Guidelines

Information Security Reports - Frequently Asked Questions

Information Security Reports - Talking Points

Information Security Strategic Plan: 2007-2010

Plans of Action and Milestones

Protect Your Children

Protect Your Computer

Protect Your Identity

Security Awareness Video