EXECUTIVE ORDER NO. 038
THE METROPOLITAN GOVERNMENT OF NASHVILLE AND DAVIDSON COUNTY
Karl F. Dean , Mayor
SUBJECT: Information Security Management Policy and Steering Committee
I, Karl Dean, Mayor of the Metropolitan Government of Nashville and Davidson County, by virtue of the power and authority vested in me, do hereby find, direct, and order the following:
I. The Metropolitan Government of Nashville and Davidson County (“Metropolitan Government”) is required to maintain the confidentiality and integrity of information systems and high standards of information security; and
II. Executive Order 004 established two advisory boards, the Information Technology Advisory Board (ITAB) (providing advice on information technology service management and information technology standards and best practices) and the Information Security Advisory Board (ISAB) (providing advice on information security management standards and best practices); and
III. There is now a need to establish the Metropolitan Government’s Information Security Management Policy (ISM Policy) to address the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction now and in the future as changes occur; and
IV. The Director of Information Technology Services (Director) has recommended an ISM Policy based on the needs of the Metropolitan Government and the advice of the ISAB; and
V. That ISM Policy, attached as Exhibit A to this Executive Order, is now ordered and established by this Executive Order and shall continue to be in effect until modified by a subsequent Executive Order; and
VI. There is hereby created an Information Security Steering Committee (Steering Committee) to review and advise the Director on system-wide information security policies, standards, and practices for the Metropolitan Government. The functions, membership and meetings shall be as follows:
1. Recommending alterations or changes to the Director of minimum security requirements for Metropolitan Government departments, agencies, and boards.
2. Recommending to the Director performance measures to determine the effectiveness of Metropolitan Government policies, procedures, plans, standards, guidelines, and controls designed to meet or exceed the objectives identified in the ISM Policy.
3. Reviewing as requested by the Director and then recommending to the Director whether the ISM Policy would be violated by or should be revised for an individual, department, or group requesting an exception.
1. The Steering Committee shall have seven (7) permanent voting members and four (4) revolving voting members.
a. The seven (7) permanent members of the Steering Committee shall be officials of the Metropolitan Government, as follows:
• Director of Information Systems
• The Chief of Police
• The Sheriff
• The Director of Justice Integration Systems
• The Director of Law
• The Director of Finance
• The Director of Schools
b. Four (4) revolving members of the Steering Committee shall be officials or employees of the Metropolitan Government selected by the Mayor. The term of these four members shall be two (2) years and each shall serve until their replacement is appointed by the Mayor.
2. All members shall be able to select designees to appear and vote at meetings of the Steering Committee.
3. The Steering Committee shall elect one of its members to serve as its Chair and another to serve as its Vice-Chair.
1. The Steering Committee shall hold meetings as requested by the Director or the Mayor.
2. A quorum shall consist of six (6) voting members.
3. The Steering Committee shall make such bylaws as it deems necessary.
4. The Steering Committee shall submit recommendations to the Director or the Mayor.
Ordered, Effective and Issued:
Karl F. Dean
Date: March 26, 2010