Statutes, codes, and regulations
Texas Codes
GOVERNMENT CODETitle 10 - GENERAL GOVERNMENTSubtitle B - INFORMATION AND PLANNINGChapter 2054 - INFORMATION RESOURCES
Subchapter D - INFORMATION RESOURCES MANAGERS
Section 2054.077 - Vulnerability Reports

Tex. Gov't Code § 2054.077

Download
PDF
Current with legislation from the 2023 Regular and Special Sessions signed by the Governor as of November 21, 2023.
Section 2054.077 - Vulnerability Reports
(a) In this section, a term defined by Section 33.01, Penal Code, has the meaning assigned by that section.
(b) The information security officer of a state agency shall prepare or have prepared a report, including an executive summary of the findings of the biennial report, not later than June 1 of each even-numbered year, assessing the extent to which a computer, a computer program, a computer network, a computer system, a printer, an interface to a computer system, including mobile and peripheral devices, computer software, or data processing of the agency or of a contractor of the agency is vulnerable to unauthorized access or harm, including the extent to which the agency's or contractor's electronically stored information is vulnerable to alteration, damage, erasure, or inappropriate use.
(c) Except as provided by this section, a vulnerability report and any information or communication prepared or maintained for use in the preparation of a vulnerability report is confidential and is not subject to disclosure under Chapter 552.
(d) The information security officer shall provide an electronic copy of the vulnerability report on its completion to:
(1) the department;
(2) the state auditor;
(3) the agency's executive director;
(4) the agency's designated information resources manager; and
(5) any other information technology security oversight group specifically authorized by the legislature to receive the report.
(e) Separate from the executive summary described by Subsection (b), a state agency shall prepare a summary of the agency's vulnerability report that does not contain any information the release of which might compromise the security of the state agency's or state agency contractor's computers, computer programs, computer networks, computer systems, printers, interfaces to computer systems, including mobile and peripheral devices, computer software, data processing, or electronically stored information. The summary is available to the public on request.

Tex. Gov't. Code § 2054.077

Amended by Acts 2021, Texas Acts of the 87th Leg. - Regular Session, ch. 856,Sec. 9, eff. 9/1/2021.
Amended by Acts 2019, Texas Acts of the 86th Leg.- Regular Session, ch. 509,Sec. 13, eff. 9/1/2019.
Amended by Acts 2017, Texas Acts of the 85th Leg. - Regular Session, ch. 683,Sec. 7, eff. 9/1/2017.
Amended By Acts 2009, 81st Leg., R.S., Ch. 183, Sec. 5, eff. 9/1/2009.