Montana Information Security Advisory Council

Montana Information Security Advisory Council

Enter Title

Date: Wednesday, April 12, 2017
Time: 1:00 p.m. to 3:00 p.m.
Location: Cogswell Room 151

Legislative Report to ITMC
Current Threats

Notice: The Department of Administration will make reasonable accommodations for persons with disabilities who wish to participate in the MT-ISAC's public meetings or need an alternative accessible format of this notice. If you require an accommodation, contact the Department of Administration no later than six business days prior to the meeting of interest, to advise us of the nature of the accommodation that you need. Please contact Joe Frohlich at (406) 444-3119 or click on the "Contact Us" mailbox icon. Documents available on this site will generally be posted in PDF, but may include other formats as necessary.

The Information Security Advisory Council works closely with the Information Systems Security Office to enhance security for the State of Montana. For news and other cybersecurity resources, visit: Montana Information Security


Meeting Date

Agendas and Documents


January 11, 2017

Identification and Authentication
Map to Cogswell
Data Loss Prevention Information
RMTD Cyber Insurance Contract Language
Data Loss Prevention Presentation 



February 8, 2017

Acceptable Use - Rules of Behavior
Identification and Authentication 
March 8, 2017  Agenda
ID and Authentication
Acceptable Use
Outreach Letter 
April 12, 2017    
May 10, 2017    
June 14, 2017    
July 12, 2017    
August 9, 2017    
September 13, 2017    
October 11, 2017    
November 8, 2017    
December 13, 2017    






Significant and continued growth of cyber-attacks against state and local governments makes cybersecurity a critical issue for Montana. Recent events have increased the need to enhance security programs, processes, and support in this key area of business to protect citizen information. We protect against crimes on our streets; we must also work to defend Montana citizen information from cyber threats ranging from identity theft to consumer fraud to threats to our physical infrastructure.

Governor Steve Bullock signed an Executive Order to create the Montana Information Security Advisory Council (MT-ISAC) in June of 2015. The Governor appointed fifteen council members and selected the State CIO, Ron Baldwin, as Chair for the 2015 Biennium term that ends June 30, 2017. The first official meeting was held August 19, 2015. To request membership or more information, please use the "Contact Us" icon.

Operating Procedures
Council Members
Archived Meeting Agendas and Minutes


MT-ISAC Approved Documents
Agency Security Policy Template

MT-ISAC Goals and Objectives

POL-Information Security Policy

POL-Information Security Policy - Appendix A (Baseline Security Controls)

POL-Information Security Policy - Appendix B (Security Roles and Responsibilities)

POL-Information Security Policy - Appendix C (Blocked Sites and Rules of System Usage forms)

POL-Information Security Policy - Appendix D (Cyber Security Framework crosswalk to Baseline Security Controls)

28 Rescinded Security Policies

Workgroup List
Disposal of Media Storage- Form
Disposal of Media
Hardening of Devices
Large Cyber Incident Handling Steps
Small Cyber Incident Handling Steps

Additional Resources

NIST Cybersecurity Framework

NIST SP 800-53 Rev 4, Security and Privacy Controls

NIST SP 800-37, Risk Management Framework

State of Montana Policy Management System (MOM)


Blue mailbox contact us icon