Based on industry standards and best practices, the Statewide Information Security Manual is the foundation for security in the state of North Carolina. It provides state agencies with a baseline for managing information security and making risk-based decisions.
These policies were developed with the assistance of subject matter experts and peer-reviewed by agency representatives using NIST 800-53 revision 5 controls as the framework. The policies align to 18 NIST control families, including previous policies and addressing NIST 800-53 control gaps, as appropriate.
Document Entity Terms Last Updated January 20, 2022N.C. Department of Information Technology
P.O. Box 17209
Raleigh, NC 27619-7209
Other websites maintained by the N.C. Department of Information Technology: