Enterprise Policies, Standards, and Guidelines

GTA has a legislative responsibility to provide information technology policies and standards for state agencies. As our sources for policies and standards, GTA generally uses industry and federal government best practices, such as the Federal Information Security and Management Act (FISMA) for security, the Information Technology Infrastructure Library (ITIL) for technology infrastructure and the Project Management Book of Knowledge (PMBOK) for project management. In some cases, materials are used as guidelines, with attribution, where more detailed explanations may facilitate agency understanding.

Agency IT departments are expected to be knowledgeable and compliant with all state policies and standards as a means for providing good stewardship of their IT assets. Guidelines are provided when greater detail in guidance may be warranted. Agency compliance is not required for guidelines.

GTA’s statutory authority to establish policies and standards can be found in the Official Code of Georgia Annotated:

• The authority to establish technology policies and standards is in O.C.G.A. 50-25-4(a)(10) and is explained in GTA policy “Information Technology Policies, Standards and Guidelines” PM-04-001.
• The authority to establish security policies and standards is in O.C.G.A. 50-25-4(a)(21) and is explained in GTA policy “Enterprise Information Security Charter” PS-08-005.