Texas Register
TITLE 1 ADMINISTRATION
PART 10DEPARTMENT OF INFORMATION RESOURCES
CHAPTER 202INFORMATION SECURITY STANDARDS
RULE §202.2Security Standards Policy
ISSUE 06/14/2002
ACTION Final/Adopted
Preamble Texas Admin Code Rule
It is the policy of the State of Texas that:

  (1)Information resources residing in the various agencies of state government are strategic and vital assets belonging to the people of Texas. These assets must be available and protected commensurate with the value of the assets. Measures shall be taken to protect these assets against unauthorized access, disclosure, modification or destruction, whether accidental or deliberate, as well as to assure the availability, integrity, utility, authenticity, and confidentiality of information. Access to state information resources must be appropriately managed.

  (2)All agencies are required to have an information resources security program consistent with these standards, and the agency head is responsible for the protection of information resources.

  (3)All individuals are accountable for their actions relating to information resources. Information resources shall be used only for intended purposes as defined by the agency and consistent with applicable laws.

  (4)Risks to information resources must be managed. The expense of security safeguards must be commensurate with the value of the assets being protected.

  (5)The integrity of data, its source, its destination, and processes applied to it must be assured. Changes to data must be made only in an authorized manner.

  (6)Information resources must be available when needed. Continuity of information resources supporting critical governmental services must be ensured in the event of a disaster or business disruption.

  (7)Security requirements shall be identified, documented, and addressed in all phases of development or acquisition of information resources.

  (8)Agencies must ensure adequate controls and separation of duties for tasks that are susceptible to fraudulent or other unauthorized activity.

This agency hereby certifies that the adoption has been reviewed by legal counsel and found to be a valid exercise of the agency's legal authority.

Filed with the Office of the Secretary of State on May 28, 2002

TRD-200203271

Renee Mauzy

General Counsel

Department of Information Resources

Effective date: June 17, 2002

Proposal publication date: March 22, 2002

For further information, please call: (512) 475-2153

 

Next Page       Previous Page

Link to Texas Secretary of State Home Page | link to Texas Register home page | link to Texas Administrative Code home page | link to Open Meetings home page