DoIT ACT, Policies & Rules
DoIT Act, Policies, & Rules
DoIT Act
NMAC DoIT Rules
- NMAC 1.12.1 – General Provisions
- NMAC 1.12.3 – Electronic Mail Third-Party Relay
- NMAC 1.12.4 – MAGnet Network Aggregation
- NMAC 1.12.5 – Oversight of Information Technology Projects
- NMAC 1.12.6 – Architectural Configuration Requirements
- NMAC 1.12.7 – Electronic Authentication
- NMAC 1.12.8 – Notification of Internet Protocol Addresses
- NMAC 1.12.9 – Project Certification of Technology Projects
- NMAC 1.12.10 – Internet, Intranet, Email, and Digital Network Usage
- NMAC 1.12.11 – Enterprise Architecture (includes Password Policy)
- NMAC 1.12.12 – Application Software Selection
- NMAC 1.12.20 – Information Security Operation Management
Executive Orders
- Executive Order No. 2008-011
- NM Employees Healthcare Order
DoIT IT and Cyber-related Policies
- 361-700 Information Security Policy
- 361-701 Acceptable Use of IT Resources Policy
- 361-702 Anti Malware Virus Policy
- 361-703 IT Change Management Policy
- 361-704 Data Classification Policy
- 361-705 Domain Name Management Policy
- 361-706 Firewall Policy
- 361-707 Incident Response Policy
- 361-708 Information Systems Logging and Monitoring Policy
- 361-709 Information Risk Assessment Policy
- 361-710 Enterprise Mobile Device Security and Usage Policy
- 361-711 IT Network Device Configuration Policy
- 361-712 Patching and Updating Policy
- 361-713 Physical Access Control Policy
- 361-714 Remote Network Access Policy
- 361-715 Security Awareness Training Policy
- 361-716 Systems Configuration Policy
- 361-718 Vulnerability Management and Assessment Policy
- 361-719 Wireless Security Policy
Telecommunications Standards
PM Express
Architectural Configuration Regulations (ACRs)
Glossary:
Guidelines:
Standards:
- S-STD-001 – Authentication and Directory Services
- S-STD-002 – Configuration Management
- S-STD-003 – IT Risk Management
- S-POL-003 – Security Training and Awareness
- N-STD-004 – Firewall