New Mexico Administrative Code
Title 1 - GENERAL GOVERNMENT ADMINISTRATION
Chapter 12 - INFORMATION TECHNOLOGY
Part 20 - INFORMATION SECURITY OPERATION MANAGEMENT
Section 1.12.20.12 - ACCESS CONTROL POLICY

Universal Citation: 1 NM Admin Code 1.12.20.12

Current through Register Vol. 35, No. 18, September 24, 2024

To preserve the integrity, confidentiality, and availability of the system and the data, the agency's information assets shall be protected by logical as well as physical access control mechanisms commensurate with the value and sensitivity of the system, the ease of recovery of the assets and the direness of consequences, legal or otherwise, if the loss or compromise were to occur.

A. Agencies' CIOs are responsible for determining who shall have access to sensitive and protected information resources within the agency. Access privileges shall be granted by the CIO in accordance with the particular user's role and job responsibilities in the agency.

B. Agency enforcement of its access control policy shall be verified during an independent annual risk assessment which shall be performed by DoIT or a DoIT approved contractor.

Disclaimer: These regulations may not be the most recent version. New Mexico may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.