Policy Approach

DoIT operates within a policy framework that establishes guidelines and operational requirements.   Services and products are provided and supported while adhering to standards that facilitate risk awareness, a security based focus and operational consistency while leveraging a wide range of information technology resources. 

The IT Policies included herein document a best practice based approach to conducting the business of state government that relies on information technology based resources in supporting and promoting the missions of various agencies and associated activities related to an effective state government operation. 

DoIT intends to follow, and expects its customers and partners who utilize DoIT provided solutions and associated resources to also adhere to, the policies that support our collective missions in a consistent and secure manner.

DoIT Website Privacy Information

Access to the Department of Innovation & Technology website is provided subject to the terms and conditions found on the Illinois Privacy Information page. Please read these terms carefully as use of this site constitutes acceptance of  these terms.

IT Policies

NameEffective DateRevised Date
Identity Protection Policy​​06.01.2011
Backup Retention Policy03.15.2011  
Data Classification and Protection Policy12.15.2008 01.03.2012
Enterprise Desktop/Laptop Policy12.15.2008 01.03.2012
General Security for Statewide IT Resources Policy12.15.2008 01.01.2010
General Security for Statewide Network Resources Policy12.15.2008 01.01.2010
IT (Information Technology) Recovery Policy10.01.2009      
Recovery Methodology01.01.2010  
IT Resource Access Policy12.01.2007  
Laptop Data Encryption Policy 12.01.2007 01.01.2010
Statewide CMS/BCCS Facility Access Policy12.15.2008 01.01.2010

Supporting Definitions

NameEffective DateRevised Date
DoIT Terminolog Glossary 11.01.2008 10.27.2016 

General Policies

NameEffective DateRevised Date
Change Management Policy12.15.2008 01.03.2012
Data Breach Notification Policy12.01.2007 01.01.2010
Data Breach Support Document08.31.2007  
ESI Retention Policy02.15.2009  
IT Governance Policy12.15.2008 01.03.2012

Mobile Device Security Policy        

       BYOD Mobile Device Video:

09.08.2015 11.10.2016
Wireless Communication Device Policy12.15.2008 01.01.2010