2100.1L CIO CHGE 1 GSA Information Technology (IT) Security Policy

• Posted Date: 07/15/2019
• Status: Validated
• Outdated on: 07/15/2026

GENERAL SERVICES ADMINISTRATION

               Washington, DC 20405

 

CIO 2100.1L CHGE 1

July 15, 2019

 

GSA ORDER

SUBJECT:  GSA Information Technology (IT) Security Policy

1. Purpose. This Order outlines the General Services Administration’s (GSA) IT Security Policy.

2. Cancellation. This Order cancels and supersedes GSA Order CIO 2100.1L, GSA Information Technology (IT) Security Policy

3. Explanation of Change. Updates the information concerning password length, complexity and expiration.

4. Applicability.

      a.   This IT Security Policy applies to all GSA Federal employees, contractors, and vendors of GSA, who manage, maintain, operate, or protect GSA systems or data, all GSA IT systems, and any GSA data contained on or processed by IT systems owned and operated by or on the behalf of any of the Services or Staff Offices.

      b.   This policy applies to the Office of Inspector General (OIG) only to the extent that the OIG determines it is consistent with the OIG’s independent authority under the IG Act and it does not conflict with other OIG policies or the OIG mission.

      c.   This policy applies to the Civilian Board of Contract Appeals (CBCA) only to the extent that the CBCA determines it is consistent with the CBCA's independent authority under the Contract Disputes Act and other authorities and it does not conflict with the CBCA's policies or the CBCA mission.

5. Signature.

 

/S/___________________

DAVID SHIVE

Chief Information Officer

Office of GSA IT