IT Security
Go to the page above to see how to report a suspicious email.
If you need to report a security incident please use the linked form. You will be contacted by the KISO Office.
Examples of a security incident are: Denial of Service attack, intrustion, hacking, website defacement, virus/worm, Trojan, Phishing, Threat/Harassment, Ransomware or other cybersecurity events.
If you have questions, don't know if you should report or not, or would like information about DofA IT Security.
IT Security Policy
Department of Administration follows the KS Information and Security Office (KISO) and KS Information Technical Executive Council (ITEC) policies as well as Kansas Statutes. See these pages for guidelines, education, forms and more on the KISO's website.
Below is just a selection of ITEC policies that may interest employees:
- ITEC 1200 Acceptable Internet Use
- ITEC 7046-P, 7230a (Section 8) Security Awareness Training
- ITEC 7230a (Section 9) Authentication, Accounts, Authorization & Passwords
- ITEC 7230a (Section 10) Systems changes, protections, data
Security Awareness Training for Dept. of Administration
Annual Security Awareness online training is provided to new hires and existing employees. Existing employees must complete the training by the due date set by the agency's CIO each year. New hires must complete the training within 5 days of their hire. For new hires and employees who do not have a computer email address assigned to them, in-person classes are available. Network access will be suspended for those that do not complete the training by the deadlines. Please email DA_IT_SecurityAwareness@ks.gov if you have questions.
