Skip to main content
The Official Web Site of the State of South Carolina

Enterprise Governance Risk and Compliance Directives

To access the following directives, click here.

     1. Acceptable Use of Network Services and the Internet 367-09-DD

     2. Confidentiality of Personal Information 167-06-DD

     3. Data Protection and Privacy Policy 367-21-DD

     4. Email Retention Policy 367-14-DD

     5. Human Resource and Security Awareness Policy 367-17-DD

     6. Information Security Policy - Information Systems Acquisitions, Development, and Maintenance 367-23-DD

     7. Information Security Policy - Access Control 367-18-DD

     8. Information Security Policy - Asset Management 367-22-DD

     9. Information Security Policy - Business Continuity Management 367-28-DD

   10. Information Security Policy - IT Compliance 367-24-DD

   11. Information Security Policy - IT Risk Management -367-26-DD

   12. Information Security Policy - IT Risk Strategy -367-25-DD

   13. Information Security Policy - Threat and Vulnerability Management -367-27-DD

   14. Information Security Program Master Policy 367-29-DD

   15. Mobile Device Security Policy 367-15-DD

   16. Physical Access and Environmental Security Policy 367-19-DD

   17. Portable Computing Devices 367-20-DD

   18. Removable Media Security Policy 367-16-DD

   19. Service Provider Data Protection and Privacy Policy 367-12-DD

   20. Wireless Network Policy for Consumer and Guest Internet Access 367-30-DD