LEGISLATIVE BUDGET BOARD Austin, Texas FISCAL NOTE, 81ST LEGISLATIVE REGULAR SESSION April 14, 2009 TO: Honorable Rodney Ellis, Chair, Senate Committee on Government Organization FROM: John S. O'Brien, Director, Legislative Budget Board IN RE:SB2164 by Ellis (Relating to information technology security practices of state agencies.), As Introduced No significant fiscal implication to the State is anticipated. The bill would allow the Department of Information Resources to access certain criminal history record information maintained by the Department of Public Safety and the Federal Bureau of Investigation. The bill would allow the governing board of DIR to deliberate certain security or infrastructure issues in a closed meeting. The bill would also allow DIR to disclose information related to security or infrastructure issues to a bidder if the governing board determines that providing the information is necessary for the bidder to provide an accurate bid. The bill would require state agencies to provide, upon completion, an electronic copy of its vulnerability report to DIR, the state auditor, the agency's executive director, and any other information technology security oversight group specifically authorized by the legislature to receive the report. The bill would take effect September 1, 2009. It is assumed that any additional duties and responsibilities required by the bill could be absorbed within existing resources. Additionally, in accordance with current Government Code 321.013, all additional duties and responsibilities prescribed by the bill would be proposed in the State Auditor Office's annual audit plan for Legislative Audit Committee approval. Local Government Impact No fiscal implication to units of local government is anticipated. Source Agencies:304 Comptroller of Public Accounts, 308 State Auditor's Office, 313 Department of Information Resources, 405 Department of Public Safety LBB Staff: JOB, EP, KK, MS
LEGISLATIVE BUDGET BOARD
Austin, Texas
FISCAL NOTE, 81ST LEGISLATIVE REGULAR SESSION
April 14, 2009
TO: Honorable Rodney Ellis, Chair, Senate Committee on Government Organization FROM: John S. O'Brien, Director, Legislative Budget Board IN RE:SB2164 by Ellis (Relating to information technology security practices of state agencies.), As Introduced
TO: Honorable Rodney Ellis, Chair, Senate Committee on Government Organization
FROM: John S. O'Brien, Director, Legislative Budget Board
IN RE: SB2164 by Ellis (Relating to information technology security practices of state agencies.), As Introduced
Honorable Rodney Ellis, Chair, Senate Committee on Government Organization
Honorable Rodney Ellis, Chair, Senate Committee on Government Organization
John S. O'Brien, Director, Legislative Budget Board
John S. O'Brien, Director, Legislative Budget Board
SB2164 by Ellis (Relating to information technology security practices of state agencies.), As Introduced
SB2164 by Ellis (Relating to information technology security practices of state agencies.), As Introduced
No significant fiscal implication to the State is anticipated.
No significant fiscal implication to the State is anticipated.
The bill would allow the Department of Information Resources to access certain criminal history record information maintained by the Department of Public Safety and the Federal Bureau of Investigation. The bill would allow the governing board of DIR to deliberate certain security or infrastructure issues in a closed meeting. The bill would also allow DIR to disclose information related to security or infrastructure issues to a bidder if the governing board determines that providing the information is necessary for the bidder to provide an accurate bid. The bill would require state agencies to provide, upon completion, an electronic copy of its vulnerability report to DIR, the state auditor, the agency's executive director, and any other information technology security oversight group specifically authorized by the legislature to receive the report. The bill would take effect September 1, 2009. It is assumed that any additional duties and responsibilities required by the bill could be absorbed within existing resources. Additionally, in accordance with current Government Code 321.013, all additional duties and responsibilities prescribed by the bill would be proposed in the State Auditor Office's annual audit plan for Legislative Audit Committee approval.
The bill would allow the Department of Information Resources to access certain criminal history record information maintained by the Department of Public Safety and the Federal Bureau of Investigation.
The bill would allow the governing board of DIR to deliberate certain security or infrastructure issues in a closed meeting. The bill would also allow DIR to disclose information related to security or infrastructure issues to a bidder if the governing board determines that providing the information is necessary for the bidder to provide an accurate bid.
The bill would require state agencies to provide, upon completion, an electronic copy of its vulnerability report to DIR, the state auditor, the agency's executive director, and any other information technology security oversight group specifically authorized by the legislature to receive the report.
The bill would take effect September 1, 2009.
It is assumed that any additional duties and responsibilities required by the bill could be absorbed within existing resources.
Additionally, in accordance with current Government Code 321.013, all additional duties and responsibilities prescribed by the bill would be proposed in the State Auditor Office's annual audit plan for Legislative Audit Committee approval.
Local Government Impact
No fiscal implication to units of local government is anticipated.
Source Agencies: 304 Comptroller of Public Accounts, 308 State Auditor's Office, 313 Department of Information Resources, 405 Department of Public Safety
304 Comptroller of Public Accounts, 308 State Auditor's Office, 313 Department of Information Resources, 405 Department of Public Safety
LBB Staff: JOB, EP, KK, MS
JOB, EP, KK, MS