|
|
|
A BILL TO BE ENTITLED
|
|
AN ACT
|
|
relating to comprehensive information security assessments on |
|
state agency information resources and network systems and digital |
|
data storage and security. |
|
BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF TEXAS: |
|
SECTION 1. Subchapter F, Chapter 2054, Government Code, is |
|
amended by adding Section 2054.136 to read as follows: |
|
Sec. 2054.136. FIVE-YEAR AGENCY INFORMATION SECURITY |
|
ASSESSMENT AND REPORT. (a) At least once every five years, a state |
|
agency shall conduct a comprehensive information security |
|
assessment of the agency's information resources systems, network |
|
systems, digital data storage systems, digital data security |
|
measures, and information resources vulnerabilities. |
|
(b) Not later than December 1 of the year in which a state |
|
agency conducts the information security assessment required under |
|
Subsection (a), the agency shall report the results of the study to |
|
the department, the governor, the lieutenant governor, and the |
|
speaker of the house of representatives. |
|
(c) The department by rule may establish the requirements |
|
for the information security assessment and report required by this |
|
section. |
|
SECTION 2. This Act takes effect September 1, 2017. |