Chamorro Standard Time: Tuesday, December 10, 2024 - 12:46 PM

POLICIES

OTECH Information Technology Policies and Procedures

Policy NoTitlePublish /
Revision Dates
Purpose
OTECH-POL2024-001External Storage Devices Policy2024-07-16To define inherent risk and acceptable use of removable storage devices.
OTECH-POL2021-008Facility Physical Security and Access Control Policy2021-08-30
2022-06-07
2024-03-01
To provide a process that is required to ensure an organized approach to managing cyber incidents within Government of Guam (GovGuam) entities supported by the Office of Technology (OTECH) and to coordinate response and resolution efforts to prevent or limit damage that may be caused.
OTECH-POL2021-007Cyber Incident Response Policy2021-08-31
2024-03-01
To provide a process that is required to ensure an organized approach to managing cyber incidents within Government of Guam (GovGuam) entities supported by the Office of Technology (OTECH) and to coordinate response and resolution efforts to prevent or limit damage that may be caused.
OTECH-POL2021-006Security Awareness Training Policy2021-08-30
2022-03-29
2024-03-01
To bring awareness of security risks associated with information systems and of the applicable federal and agency requirements related to the security of strategic information systems.
OTECH-POL2021-005Password Policy2021-09-06
2024-03-01
To establish controls relating to password requirements of Government of Guam Information Technology (IT) Systems.
OTECH-POL2021-004Email Policy2021-08-06
2024-03-01
To provide guidelines to secure access and usage of Government of Guam e-mail services by its users.
OTECH-POL2021-003Risk Assessment Policy & Procedures2021-08-27
2024-03-01
To provide guidelines for assessing and addressing security risks on Government of Guam (GovGuam) Information Systems.
OTECH-POL2021-002IT System Development Requirements & Security Assessment Standards2021-08-27
2022-01-20
2024-03-01
To provide security control standards for all Government of Guam (GovGuam) Information Systems, to include all GovGuam Information Systems hosted outside of the GovGuam Network (GGWAN).
OTECH-POL2021-001IT Audit & Accountability Policy2021-08-27
2022-03-29
2024-03-01
To provide guidance for the Audit and Accountability (AU) security controls on Government of Guam (GovGuam) information systems.
OTECH-POL2020-005Personally Identifiable Information (PII) Policy2020-03-04
2024-03-01
To establish adequate controls to Government of Guam Information Technology (IT) systems and devices maintained by the Office of Technology (OTECH). As part of daily operational activities, GovGuam staff may have access to citizen or staff PII. This information is generally found in personnel files, citizen data sets, performance reports, program evaluations, grant and contract files, or other sources. Federal law and federal policies require that PII and other sensitive information be secured and protected at all
times.
OTECH-POL2020-004Change Management Policy2020-03-04
2024-03-01
To define responsibilities, policies and procedures for changes to the Government of Guam network.
OTECH-POL2020-003Remote Access Policy2020-03-04
2022-07-05
2024-03-01
2024-05-22
To define rules and requirements for connecting to the Government of Guam’s network from any host.
OTECH-POL2020-002User Access & Control Management Policy2020-03-04
2024-03-01
To establish adequate controls to Government of Guam Information Technology (IT) systems and devices maintained by the Office of Technology (OTECH).
OTECH-POL2020-001IT Hardware and Software Acquisition Policy2020-03-04
2024-03-01
To define the process by which Information Technology (IT) hardware and software are reviewed, purchased and maintained.
OTECH-POL2019-008Personally Owned Device Policy2019-07-26
2024-03-01
To define standards, procedures, and restrictions for end users connecting a personally owned device to the Government of Guam Wide Area Network for business purposes.
OTECH-POL2019-007IT Security Policy End User Protection2019-07-26
2024-03-01
To establish a standard baseline for effective security measures enforced on all end user computing (EUC) hardware connected to the Government of Guam Wide Area Network (GGWAN), as well as any future security requirements for portable storage and mobile device management.
OTECH-POL2019-006Data Destruction & Sanitization Policy2019-07-19
2024-03-01
To provide proper procedures for disposal and disposition of surplus computer hardware and other storage media.
OTECH-POL2019-005Social Media Policy2019-07-18
2024-03-01
To establish a baseline standard for the proper use of social media networks within the Government of Guam Network.
OTECH-POL2017-006Backup Policy and Procedures2017-08-04
2024-03-01
To provide details on the stipulations of data backup and retrieval operations for critical servers.
OTECH-POL2017-005IT Disaster Recovery Plan2017-08-04
2024-03-01
To define protocols and procedures in the event OTECH experiences a disaster.

OTECH Directives, Memos and IT Guidelines

Document No.TitlePublication DatePurpose
Enterprise VPN SecurityGovernment of Guam Virtual Private Network (VPN) Security2022-07-08 Memo establishing enhanced Virtual Private Network (VPN) security for remote access to the Government of Guam Wide Area Network.
GovGuam AUPAcceptable Use of Government Issued Computers, Digital Equipment, and Internet Access2019-07-01 Employee agreement to the terms of the GovGuam Acceptable Use Policy for Government-issued computers, digital equipment and internet access.
Governor’s Directive No.2009-001Bureau of Information Technology2009-04-27Directive tasking the Bureau of Information Technology to identify opportunities for reducing the government’s cost while promoting a more environmentally friendly approach to the deployment of government technology.
Governor’s Circular No. 2008-0073Government of Guam Domain2008-12-19 Circular informing all Government of Guam line agencies of the domain name format and standards.
GovGuam Domain Name DirectiveGovernment of Guam Domain Name DirectiveDirective regarding the new domain naming standard and transition phase requirement.
BIT Directive-AntiVirusBIT Directive – Anti Virus Requirement2008-08-19 Directive requiring all GoveGuam PCs to have active and current anti-virus installed.
Support

OTECH HELP DESK

We provide IT support services to all Government of Guam line agencies. Please send your requests to helpdesk@otech.guam.gov or call 671-638-3808. .

Skip to content