9-2 Information Technology Use and Security Policy Manual - Chapter I: Introduction
Approved by: Board of Supervisors of the County of Sonoma (“County”), and the Boards of Directors of the Northern Sonoma County Air Pollution Control District, the Russian River County Sanitation District, Sonoma Valley County Sanitation District, Occidental County Sanitation District, South Park County Sanitation District, and the Board of Directors of the Sonoma County Agricultural Preservation and Open Space District (collectively referred to hereinafter as “Special Districts”), and the Sonoma County Water Agency (“Agency”), and the Board of Commissioners of the Sonoma County Community Development Commission (“Commission”). The County, Special Districts, Agency and Commission are collectively referred to herein as “Local Agencies” or singularly as “Local Agency.”
Read next: II. Roles and Responsibilities
Information is an asset which, like other important business assets, has value to an organization and consequently needs to be suitably protected. The County of Sonoma has an obligation to the public and is mandated by laws and standards (see Appendix A) to protect the information maintained on Local Agency IT resources from unauthorized use, disclosure, modification, loss or denial.
This Policy manual has been developed to be in alignment with the International Organization for Standardization ISO/IEC 27002 (Code of Practice for Information Security Management framework) and to meet County compliance obligations. This manual together with the IT Professional Policy manual establishes the foundation for information technology and security in the County to assure appropriate and authorized access, usage and integrity of information.