Montana Code Annotated
Part 1. General Provisions
2-15-114. Security responsibilities of departments for data

2-15-114. Security responsibilities of departments for data. Each department head is responsible for ensuring an adequate level of security for all data within that department and shall:
(1) develop and maintain written internal policies and procedures to ensure security of data. The internal policies and procedures are confidential information and exempt from public inspection, except that the information must be available to the legislative auditor in performing postauditing duties.
(2) designate an information security manager to administer the department's security program for data;
(3) implement appropriate cost-effective safeguards to reduce, eliminate, or recover from identified threats to data;
(4) ensure that internal evaluations of the security program for data are conducted. The results of the internal evaluations are confidential and exempt from public inspection, except that the information must be available to the legislative auditor in performing postauditing duties.
(5) include appropriate security requirements, as determined by the department, in the written specifications for the department's solicitation of data and information technology resources; and
(6) include a general description of the existing security program and future plans for ensuring security of data in the agency information technology plan as provided for in 2-17-523.
History: En. Sec. 2, Ch. 592, L. 1987; amd. Sec. 22, Ch. 313, L. 2001; amd. Sec. 4, Ch. 114, L. 2003.

<< Previous
Next >>

Structure Montana Code Annotated

Montana Code Annotated

Title 2. Government Structure and Administration

Chapter 15. Executive Branch Officers and Agencies

Part 1. General Provisions

2-15-101. Declaration of policy and purpose

2-15-102. Definitions

2-15-103. Policymaking authority and administrative powers of governor

2-15-104. Structure of executive branch

2-15-105. Attorney general, state auditor, superintendent of public instruction, and secretary of state -- powers as department heads

2-15-106. and 2-15-107 reserved

2-15-108. Gender and racial balance -- report to legislature

2-15-109. and 2-15-110 reserved

2-15-111. Appointment and qualifications of department heads

2-15-112. Duties and powers of department heads

2-15-113. Prior right of department head to agencies and records

2-15-114. Security responsibilities of departments for data

2-15-115. Notice of estimated turnaround time on application for permit or license

2-15-116. through 2-15-120 reserved

2-15-121. Allocation for administrative purposes only

2-15-122. Creation of advisory councils

2-15-123. Administratively created agencies -- prohibition

2-15-124. Quasi-judicial boards

2-15-125. Future agencies and functions

2-15-126. Terminated

2-15-127. Terminated

2-15-128. Terminated

2-15-129. reserved

2-15-130. Compliance with Military Selective Service Act required for employment -- rulemaking

2-15-131. Rights of state personnel

2-15-132. Rights to property

2-15-133. Rules and orders

2-15-134. Legal proceedings

2-15-135. Rights and duties under existing transactions

2-15-136. References

2-15-137. Federal aid

2-15-138. through 2-15-140 reserved

2-15-141. Definitions

2-15-142. Guiding principles and documentation

2-15-143. Training and consultation

2-15-144. through 2-15-148 reserved

2-15-149. Naming of sites and geographic features -- replacement of word "squaw", "half-breed", or "breed" -- advisory group

2-15-150. Terminated

2-15-151. Lewis and Clark bicentennial license plates -- authorization to apply as sponsor -- use of proceeds

2-15-152. through 2-15-154 reserved

2-15-155. State agency board, committee, commission, or advisory council member information to be published

2-15-156. Districts for certain appointments