Section 3: Maintenance CycleAnchor: #i1032399
The Information Security Policy manual will be reviewed on a yearly basis. When updates are needed they will be issued with a manual notice and be published in the Online Manual system. Send an email to IMD-Security@TxDOT.gov to subscribe to update notices.Anchor: #i1036766
While this manual provides general directions for information security policies, five other manuals provide detailed discussions for information security:
- Information Security Standards manual provides the minimum requirements necessary to remain in compliance with the policies explained in the Information Security Policy manual.
- Information Security Governance manual is for all business units. It provides broad guidance and reasoning on what to consider in the decision-making process.
- Information Security Program manual is based on the Texas CyberSecurity Framework and connects day-to-day operations requirements with TxDOT’s five policies. This manual is a confidential resource for technically-inclined readers.
- Information Security Incidents manual lists the specific standards and techniques TxDOT must meet to detect, respond to, and recover from breaches. Like the Program manual, it is confidential and written for technically-inclined readers. Its distribution is limited to individuals who have a need to know, only.
- Information Security Awareness manual provides requirements and references to acceptable sources that help readers increase their awareness of security issues such as phishing connections, man-in-the-middle schemes, and denial of service attacks. It is written for a wide audience.