This policy applies to all state agencies; State of Mississippi employees; trusted partners; or any entity, as provided by law, authorized to operate, manage, or use State of Mississippi information and information technology (IT) systems (hereafter referred to collectively as "SOM Assets"). Agency is defined as and includes all the various state agencies, officers, departments, boards, commissions, offices, and institutions of the state (§ 25-53-3(2)(e)).
A. This policy includes a subset of technical requirements that are only applicable to agencies participating in the Enterprise State Network. Agencies that do not participate in the Enterprise State Network, and thus do not have the benefit of the technical controls in place, must develop agency-specific security policies that are: 1. Appropriate to their respective environments, and2. Consistent with the intent of this policy.B. This policy addresses information regardless of what form it takes (i.e., electronic, printed, etc.), what technology is used to handle it, or what purpose(s) it serves.C. This policy encompasses systems, automated and manual for which the agencies have administrative responsibility, including systems managed or hosted by third parties on behalf of the agencies. Miss. Code Ann. § 25-53-201.