Sec. 2054.068. INFORMATION TECHNOLOGY INFRASTRUCTURE REPORT. (a) In this section, "information technology" includes information resources and information resources technologies.
(b) The department shall collect from each state agency information on the status and condition of the agency's information technology infrastructure, including information regarding:
(1) the agency's information security program;
(2) an inventory of the agency's servers, mainframes, cloud services, and other information technology equipment;
(3) identification of vendors that operate and manage the agency's information technology infrastructure; and
(4) any additional related information requested by the department.
(c) A state agency shall provide the information required by Subsection (b) to the department according to a schedule determined by the department.
(d) Not later than November 15 of each even-numbered year, the department shall submit to the governor, chair of the house appropriations committee, chair of the senate finance committee, speaker of the house of representatives, lieutenant governor, and staff of the Legislative Budget Board a consolidated report of the information submitted by state agencies under Subsection (b).
(e) The consolidated report required by Subsection (d) must:
(1) include an analysis and assessment of each state agency's security and operational risks; and
(2) for a state agency found to be at higher security and operational risks, include a detailed analysis of agency efforts to address the risks and related vulnerabilities.
(f) With the exception of information that is confidential under Chapter 552, including Section 552.139, or other state or federal law, the consolidated report submitted under Subsection (d) is public information and must be released or made available to the public on request. A governmental body as defined by Section 552.003 may withhold information confidential under Chapter 552, including Section 552.139, or other state or federal law that is contained in a consolidated report released under this subsection without the necessity of requesting a decision from the attorney general under Subchapter G, Chapter 552.
(g) This section does not apply to an institution of higher education or university system, as defined by Section 61.003, Education Code.
Added by Acts 2017, 85th Leg., R.S., Ch. 555 (S.B. 532), Sec. 2, eff. September 1, 2017.
Amended by:
Acts 2019, 86th Leg., R.S., Ch. 509 (S.B. 64), Sec. 11, eff. September 1, 2019.
Structure Texas Statutes
Subtitle B - Information and Planning
Chapter 2054 - Information Resources
Subchapter C. General Powers and Duties of Department
Section 2054.051. General Duties of Department
Section 2054.052. General Powers of Department
Section 2054.053. Legislative Budget Instructions; Appropriation Requests
Section 2054.054. Client Omnibus Registry and Exchange Data Bases
Section 2054.0541. Statewide Health Care Data Collection System
Section 2054.055. Performance Report
Section 2054.056. Computer Services
Section 2054.0565. Use of Contracts by Other Entities
Section 2054.058. Consideration of Vendor Incentives
Section 2054.059. Cybersecurity
Section 2054.0591. Cybersecurity Report
Section 2054.0592. Cybersecurity Emergency Funding
Section 2054.0593. Cloud Computing State Risk and Authorization Management Program
Section 2054.0594. Information Sharing and Analysis Organization
Section 2054.060. Digital Signature
Section 2054.061. Use of Consultants and Outside Staff
Section 2054.062. Information Resources Technologies Consolidation
Section 2054.063. Electronic Reporting to State Agencies
Section 2054.064. Board Approval of Contracts
Section 2054.065. Review of Certain Contract Solicitations
Section 2054.066. Department Review
Section 2054.067. Posting of Certain Documents Relating to Contract Solicitations
Section 2054.068. Information Technology Infrastructure Report
Section 2054.069. Prioritized Cybersecurity and Legacy System Projects Report
Section 2054.0691. Digital Transformation Guide
Section 2054.070. Central Repository for Publicly Accessible Electronic Data