Content created by Office of the Chief Information Officer (OCIO)
Disclaimer: Unlinked policies are deemed sensitive and not made available to the public.
View ZIP version of Agency IT Policy Archive
Policy Name | Effective Date | Policy Number |
---|---|---|
HHS Policy for Enterprise Architecture | 10/08/2024 | HHS-OCIO-OES-2024-10-005 |
HHS Policy for Risk-based Decisions | 07/12/2024 | HHS-OCIO-OIS-2024-07-004 |
HHS Policy for Internet and Email Security | April 2024 | HHS-OCIO-OIS-2024-04-003 |
HHS Policy for Cybersecurity Awareness and Training | March 2024 | HHS-OCIO-OIS-2024-03-002 |
HHS Policy for Records Management | February 2024 | HHS-OCIO-CDO-2024-02-001 |
Policy for Privacy Impact Assessments | September 2023 | HHS-OCIO-OIS-2023-09-005 |
HHS Policy for Litigation Holds | August 2023 | HHS-OCIO-CDO-2023-08-004 |
HHS Policy For Data Loss Prevention | May 2023 | HHS-OCIO-OIS-2022-05-003 |
HHS Policy for Rules of Behavior for Use of Information and IT Resources | February 2023 | HHS-OCIO-OIS-2023-02-002 |
HHS IRM Policy for Comments from and Responses to Operating Divisions on Newly Developed policies and CIO Council and ITIRB Clearance Documents | February 2003 | HHS-IRM-2003-0001 |
HHS Policy for the Common Data Use Agreement (DUA) Structure and Repository | January 2023 | HHS-OCIO-CDO-2023-01-001 |
HHS Policy for Encryption of Computing Devices and Information | December 2022 | HHS-OCIO-OIS-2022-12-001 |
HHS Policy for Securing Artificial Intelligence (AI) Technology | December 2021 | HHS-OCIO-OIS-2021-12-007 |
HHS Policy for Information Security and Privacy Protection | November 2021 | HHS-OCIO-OIS-2021-11-006 |
HHS Policy for Information Technology Portfolio Management (PfM) | September 2021 | HHS-OCIO-OES-2021-09-005 |
HHS Policy For The Transition To Internet Protocol Version 6 (Ipv6) | August 2021 | HHS-OCIO-OES-2021-08-004 |
HHS Policy for the Implementation of DHS Directive on Vulnerability Disclosure | May 2021 | HHS-OCIO-OIS-2021-05-003 |
Complete Transition to IPv6 Memorandum | April 2021 | N/A |
HHS Policy for the Implementation of Trusted Internet Connections (TIC) | March 2021 | HHS-OCIO-OIS-2021-03-002 |
HHS Policy for Information Technology Procurements - Security And Privacy Language | March 2021 | HHS-OCIO-OIS-2021-03-001 |
HHS Policy for IT System Inventory Management | December 2020 | HHS-OCIO-OES-2020-12-011 |
HHS Policy for Cyber Supply Chain Risk Management | August 2020 | HHS-OCIO-OIS-2020-08-010 |
HHS Policy for Information Technology Asset Management (ITAM) | August 2020 | HHS-OCIO-OCPO-2020-08-008 |
HHS Policy for Vulnerability Management | August 2020 | HHS-OCIO-OIS-2020-08-009 |
HHS Policy for Section 508 Compliance and Accessibility of Information and Communications Technology (ICT) | July 2020 | HHS-OCIO-OES-2020-07-007 |
HHS Policy for Information Technology Acquisition Reviews (ITAR) | June 2020 | HHS-OCIO-OES-2020-06-006 |
HHS Policy for Preparing for and Responding to a Breach of Personally Identifiable Information (PII) | May 2020 | HHS-OCIO-PIM-2020-05-003 |
HHS Policy for Domain Name System (DNS) and Domain Name System Security Extensions (DNSSEC) Services | October 2019 | HHS-OCIO-OIS-2019-11-011 |
HHS OIS High Value Asset Program Policy | August 2019 | HHS-OCIO-OES-2018-09-006 |
HHS Policy for Mobile Devices and Removable Media | August 2019 | HHS-OCIO-OIS-2019-09-0005 |
HHS Policy for Software Development Secure Coding Practices | August 2019 | HHS-OCIO-OES-2019-08-005 |
HHS IT Policy for Enterprise Performance Life Cycle | November 2016 | HHS-OCIO-2008-004.002 |
HHS OCIO Policy for Information Technology Capital Planning and Investment Control | September 2016 | HHS-OCIO-2016-CPIC-01 |
HHS OCIO Policy for Social Media Technologies | March 2012 | HHS-OCIO-2010-0003.1 |
HHS Policy for Electronic Stewardship | June 2011 | HHS-OCIO-2011-0002.001 |
HHS OCIO Policy for Networx Program Designated Agency Representatives | June 2010 | HHS-OCIO-2010-0005 |
HHS OCIO Policy for Information Technology Policy Development | November 2006 | HHS-OCIO-2006-0004 |