New Mexico Administrative Code
Title 1 - GENERAL GOVERNMENT ADMINISTRATION
Chapter 12 - INFORMATION TECHNOLOGY
Part 20 - INFORMATION SECURITY OPERATION MANAGEMENT
Section 1.12.20.30 - PUBLIC WEBSITES CONTENT APPROVAL PROCESS

Universal Citation: 1 NM Admin Code 1.12.20.30

Current through Register Vol. 35, No. 18, September 24, 2024

A. Sensitive and confidential information shall not be available through a server accessible to a public network without appropriate safeguards in place as approved in writing by the agency CIO in consultation with the agency legal counsel. The agency ISO shall implement safeguards to ensure user authentication, data confidentiality and integrity, access control, data protection and logging mechanisms.

B. The design of any proposed web service shall be first reviewed and approved in writing by the agency CIO in coordination with DoIT to ensure that the security of the web server, protection of agency networks, performance of the site, integrity, and availability considerations are adequately addressed.

C. Agency websites and agency websites hosted outside the state network shall be tested for security vulnerabilities prior to being put into production by DoIT or a DoIT approved contractor.

D. Agency website content shall first be reviewed by the agency information owner and approved by the agency CIO to ensure that the collection and processing of information meets state security and privacy requirements. Such review shall ensure that the information is adequately protected in transit over public and state networks, in storage, and while being processed.

Disclaimer: These regulations may not be the most recent version. New Mexico may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.