Statutes, codes, and regulations
Oregon Administrative Code
Chapter 128 - DEPARTMENT OF ADMINISTRATIVE SERVICES, OFFICE OF THE STATE CHIEF INFORMATION OFFICER
Division 20 - STATE INFORMATION TECHNOLOGY ASSET PROTECTION - COVERED VENDORS
Section 128-020-0025 - Designation Process

Or. Admin. Code § 128-020-0025

Download
PDF
Current through Register Vol. 63, No. 11, November 1, 2024
Section 128-020-0025 - Designation Process
(1) Enterprise Information Services shall adopt and implement a policy and procedure that establishes the schedule for review of corporate entities associated with hardware, software, and services against the criteria in OAR 128-020-0020, and under which Enterprise Information Services will update its covered vendor list to reflect designations made pursuant to the Secure and Trusted Communications Networks Act of 2019, 47 USC 1601, et seq, including as amended. If review or other update identifies that a corporate entity is or may be a national security threat, the State Chief Information Officer will determine if the corporate entity should be designated as a covered vendor.
(2) The determination of the State Chief Information Officer will be reflected in an update of the covered vendor list on the publicly accessible Enterprise Information Services website.

Or. Admin. Code § 128-020-0025

OSCIO 1-2024, adopt filed 01/29/2024, effective 2/1/2024

Statutory/Other Authority: ORS 276A.300

Statutes/Other Implemented: Or Laws 2023, ch 256 (HB 3127)