The Missouri Computer Security Policy (MO CSP) is a set of statewide policies and guidelines created by the Missouri Office of Administration (MOA) to protect the state's information systems and data from unauthorized access, use, disclosure, or destruction. The MO CSP sets out the objectives and requirements for the secure operation of the state's computer systems and data, and is divided into three main policy areas: Physical Security, Network Security, and System Security. Physical Security covers the physical protection of the state's computer systems and data, including the construction of secure facilities, control of access to the physical environment, and the use of physical security devices. Network Security covers the security of the state's computer networks, including the use of encryption technologies, secure communications, and firewall systems. System Security covers the security of the state's computer systems, including the installation of software updates, the use of authentication and authorization technologies, and the implementation of system security policies. The MO CSP also defines the roles and responsibilities of the state's Information Security Officers, and outlines the procedures for responding to security incidents.