Tex.
Gov't Code Section 2054.068
Information Technology Infrastructure Report
(a)
In this section, “information technology” includes information resources and information resources technologies.(b)
The department shall collect from each state agency information on the status and condition of the agency’s information technology infrastructure, including information regarding:(1)
the agency’s information security program;(2)
an inventory of the agency’s servers, mainframes, cloud services, and other information technology equipment;(3)
identification of vendors that operate and manage the agency’s information technology infrastructure; and(4)
any additional related information requested by the department.(c)
A state agency shall provide the information required by Subsection (b) to the department according to a schedule determined by the department.(d)
Not later than November 15 of each even-numbered year, the department shall submit to the governor, chair of the house appropriations committee, chair of the senate finance committee, speaker of the house of representatives, lieutenant governor, and staff of the Legislative Budget Board a consolidated report of the information submitted by state agencies under Subsection (b).(e)
The consolidated report required by Subsection (d) must:(1)
include an analysis and assessment of each state agency’s security and operational risks; and(2)
for a state agency found to be at higher security and operational risks, include a detailed analysis of agency efforts to address the risks and related vulnerabilities.(f)
With the exception of information that is confidential under Chapter 552 (Public Information), including Section 552.139 (Exception: Confidentiality of Government Information Related to Security or Infrastructure Issues for Computers), or other state or federal law, the consolidated report submitted under Subsection (d) is public information and must be released or made available to the public on request. A governmental body as defined by Section 552.003 (Definitions) may withhold information confidential under Chapter 552 (Public Information), including Section 552.139 (Exception: Confidentiality of Government Information Related to Security or Infrastructure Issues for Computers), or other state or federal law that is contained in a consolidated report released under this subsection without the necessity of requesting a decision from the attorney general under Subchapter G (Request for Attorney General Decision), Chapter 552 (Public Information).(g)
This section does not apply to an institution of higher education or university system, as defined by Section 61.003 (Definitions), Education Code.
Source:
Section 2054.068 — Information Technology Infrastructure Report, https://statutes.capitol.texas.gov/Docs/GV/htm/GV.2054.htm#2054.068
(accessed Jun. 5, 2024).