GSA IT Security Policies
To make sure we are protecting GSA systems from hackers and other cyber attacks at all times, each of us plays an important part in this security effort. The policies linked on this page will help you understand these efforts.
GSA Orders Related to Information Technology Security
IT Security Policy - 2100.1M CIO GSA Information Technology (IT) Security Policy [PDF - 793 KB] (March 26, 2021)
The newly updated IT Security Policy outlines all aspects of IT security that are required to keep GSA’s assets protected. Objectives of the policy are to ensure the confidentiality, integrity and availability of all IT resources by employing security controls and managing risk.
GSA Information Technology (IT) Rules of Behavior - CIO 2104.1B [PDF - 247 KB] (April 2, 2019)
This Order sets forth GSA's policy on user responsibilities for the secure use of the agency's IT assets. The General Rules of Behavior implement federal policies and GSA Directives and are included in GSA mandatory training.