Security Assessment and Authorization Policy

SEC-02 was 141.10(1.2.1,1.5)


Purpose: This policy describes when a WaTech security design review is required and agency's responsibilities for security design reviews. The system authorization process considers the risks of operating that system and the controls applied to mitigate those risks. The Security Design Review documents a system’s compliance with state security standards prior to deployment.