BILL ANALYSIS �Ó
SENATE COMMITTEE ON APPROPRIATIONS
Senator Ricardo Lara, Chair
2015 - 2016 Regular Session
AB 1841 (Irwin) - Cybersecurity incident response plan and
standards
-----------------------------------------------------------------
| |
| |
| |
-----------------------------------------------------------------
|--------------------------------+--------------------------------|
| | |
|Version: August 2, 2016 |Policy Vote: G.O. 12 - 0, JUD. |
| | 7 - 0 |
| | |
|--------------------------------+--------------------------------|
| | |
|Urgency: No |Mandate: No |
| | |
|--------------------------------+--------------------------------|
| | |
|Hearing Date: August 11, 2016 |Consultant: Debra Cooper |
| | |
-----------------------------------------------------------------
*********** ANALYSIS ADDENDUM - SUSPENSE FILE ***********
The following information is revised to reflect amendments
adopted by the committee on August 11, 2016
Bill
Summary: AB 1841 would require the Department of Technology
(CDT), in conjunction with the Office of Emergency Services
(OES), by July 1, 2018, to update the Technology Recovery Plan
element of the State Administrative Manual to ensure the
inclusion of cybersecurity strategy incident response standards
for each state agency.
Fiscal
Impact:
Minor and absorbable costs to CDT and OES for updating the
�
AB 1841 (Irwin) Page 1 of
?
Technology Recovery Plan. (GF and Special Fund)
Unknown, but likely absorbable costs to each state agency to
update and report on its Technology Recovery Plan. (GF)
Author
Amendments:
Strikes language requiring OES to transmit to the Legislature
a cybersecurity incident response plan.
Strikes language requiring OES to develop cybersecurity
incident response standards for state agencies and language
requiring state agencies to transmit critical infrastructure
information to OES.
Requires CDT, in conjunction with OES, to update the
Technology Recovery Plan element of the State Administrative
Manual to ensure the inclusion of cybersecurity strategy
incident response standards for each state agency to secure
its critical infrastructure controls and critical
infrastructure information.
Requires each state agency to report on its compliance with
the updated standards by July 1, 2019, and authorizes CDT, in
conjunction with OES, to provide suggestions for state
agencies to improve compliance with the standards.
-- END --