CIO Directives List
A list of the approved CIO Directives.
| Directive # | Title | Issue Date | Type |
|---|---|---|---|
| 07-03 | Revoked: Mandatory Encryption on all Removable Storage Devices | 08/13/2007 | Action |
| 07-04 | CMS Information Security Incident Handling and Breach Analysis/Notification Procedure | 08/21/2007 | Action |
| 07-05 | Revoked: FY 2008 Annual Security Controls Testing | 12/10/2007 | Action |
| 07-02 | Revoked: CMS Chief Iinformation Security Officer (CISO) Forum for Information System Security Officers (ISSO) | 07/12/2007 | Informational |
| 07-05 Attachment A | CMS FISMA Systems | 12/10/2007 | Informational |
| 07-01 | Revoked: Transporting Sensitive Information: Encryption Requirements for Data Leaving CMS Data Centers | 07/12/2007 | Action |
| 08-02 | Utilization of Webinar Technology at CMS | 07/23/2008 | Informational |
| 09-01 | Use of Personally Owned Equipment with CMS Laptops | 05/27/2009 | Informational |
| 08-01 | Revoked: Annual Role-Based Information Security (IS) Training Requirements | 04/04/2008 | Action |
| 07-05 Attachment C | Attestation of Annual Security Controls Testing | 12/10/2007 | Action |
| 07-05 Attachment B | Instructions for Security Control Testing | 12/10/2007 | Action |
| 07-05 Attachment D | ST&E Testing Plan | 12/10/2007 | Action |
| 07-06 | Revoked: Software for Encryption of Agency Information -- Portable Media and E-mail Attachments | 01/09/2007 | Informational |
| 12-03 | Annual Role-Based Information Security Training Requirements | 2012-07-12 | Action |
| 11-01 | CMS Continuous Monitoring Program Implementation | 10/27/2011 | Action |
| 12-02 | Revoked: Minimum Security Configuration Standards | 5/3/2012 | Informational |
| 12-01 | CMS Vulnerability Assessment and Penetration Testing | 3/29/2012 | Action |
| 12-04 | Revocation/Re-Affirmation of Legacy CIO Directives | 2012-10-05 | Informational |
- Page last Modified: 03/10/2012 12:24 PM
- Help with File Formats and Plug-Ins
