Manual Notice: 2017-1

From: Terri Duncan, Information Security Officer

Manual: Information Security Policy Manual

Effective Date: November 15, 2017


This manual issues policies for TxDOT’s information security functions and creates a dynamic program that protects the confidentiality, integrity, and availability of TxDOT’s information resources. This manual consolidates information security policies currently published on several TxDOT websites. New policies are published publicly and made available only through the TxDOT Manuals system.


The new Information Security Policy manual contains five policy statements and their objectives. Chapter 1 provides an introduction, basis of authority, and defines the intended audience. The policies are covered in Chapters 2 through 6. Each chapter starts with the policy statement then

  • identifies objectives that support the policy
  • outlines minimum protocol for meeting objectives
  • assigns responsibilities based on functional roles.


The policies in this Information Security Policy manual supersedes all prior policy statements on information security, including:

  • TxDOT Policy Statement 2-96
  • TxDOT Information Security Manual, issued with Manual Notice 2012-2
  • Security policies published on SharePoint sites.


The policies in this manual apply to all individuals who use or maintain TxDOT-owned data and systems while employed or contracted with TxDOT, regardless of work location. Individuals are responsible for complying with the intent and objectives as described in this manual.


Questions about the policies or their applicability may be directed to: TxDOT's Information Security Officer (ISO) is the chief decision maker for all security related issues. Only the ISO or delegate can address questions on information security policies and how those policies are to be carried out.


This is a new manual. No archives exist.

Previous page  Next page   Title page