IT Security and Privacy

The 2009 DOC IT Security Program Minimum Implementation Standards are documented in the 2009 DOC IT Security Program Policy (ITSPP) and the Commerce Interim Technical Requirements (CITRs). The 2009 DOC ITSPP is available to DOC staff and contractors through the DOC Intranet. More information concerning the DOC ITSPP can be found on the Office of the Chief Information Officer (OCIO) Intranet page under the (OITSIT) section. Please update bookmarks/favorites.

Update Enclosure to Commerce IT Security Program Policy - Two Factor Authentication and Data Extract Logging (February 2007)
IT Privacy Policy
Electronic Transmission of Personally Identifiable Information (PII)
Data Extract Log and Verify Requirement Memorandum (Word Document) (PDF)

General questions may be directed to the OITSIT staff at ITSecurity@doc.gov.

Questions regarding this section may be directed to the IT Policy, Guidance & Legislation Administrator

OCIO

Policy and Programs

IT Policy, Guidance & Legislation
IT Capital Planning & Investment Control

Enterprise Architecture
E-Government
IT Security
IT Privacy
Project Management
Paperwork Reduction & Information Collection
Good Guidance - Information Quality
Electronic & IT Accessibility
Forms Management

IT Workforce
Records Management

IT Support Services

Commerce IT Groups

CIO Organization