BILL ANALYSIS                                                                                                                                                                                                    



          SENATE COMMITTEE ON APPROPRIATIONS
                             Senator Ricardo Lara, Chair
                            2015 - 2016  Regular  Session

          AB 1841 (Irwin) - Cybersecurity incident response plan and  
          standards
          
           ----------------------------------------------------------------- 
          |                                                                 |
          |                                                                 |
          |                                                                 |
           ----------------------------------------------------------------- 
          |--------------------------------+--------------------------------|
          |                                |                                |
          |Version: August 2, 2016         |Policy Vote: G.O. 12 - 0, JUD.  |
          |                                |          7 - 0                 |
          |                                |                                |
          |--------------------------------+--------------------------------|
          |                                |                                |
          |Urgency: No                     |Mandate: No                     |
          |                                |                                |
          |--------------------------------+--------------------------------|
          |                                |                                |
          |Hearing Date: August 11, 2016   |Consultant: Debra Cooper        |
          |                                |                                |
           ----------------------------------------------------------------- 


          *********** ANALYSIS ADDENDUM - SUSPENSE FILE ***********
             The following information is revised to reflect amendments 
                     adopted by the committee on August 11, 2016






          Bill  
          Summary:  AB 1841 would require the Department of Technology  
          (CDT), in conjunction with the Office of Emergency Services  
          (OES), by July 1, 2018, to update the Technology Recovery Plan  
          element of the State Administrative Manual to ensure the  
          inclusion of cybersecurity strategy incident response standards  
          for each state agency.


          Fiscal  
          Impact:  
           Minor and absorbable costs to CDT and OES for updating the  







          AB 1841 (Irwin)                                        Page 1 of  
          ?
          
          
            Technology Recovery Plan. (GF and Special Fund)


           Unknown, but likely absorbable costs to each state agency to  
            update and report on its Technology Recovery Plan. (GF)




          Author  
          Amendments:  
           Strikes language requiring OES to transmit to the Legislature  
            a cybersecurity incident response plan. 

           Strikes language requiring OES to develop cybersecurity  
            incident response standards for state agencies and language  
            requiring state agencies to transmit critical infrastructure  
            information to OES. 

           Requires CDT, in conjunction with OES, to update the  
            Technology Recovery Plan element of the State Administrative  
            Manual to ensure the inclusion of cybersecurity strategy  
            incident response standards for each state agency to secure  
            its critical infrastructure controls and critical  
            infrastructure information.

           Requires each state agency to report on its compliance with  
            the updated standards by July 1, 2019, and authorizes CDT, in  
            conjunction with OES, to provide suggestions for state  
            agencies to improve compliance with the standards.




                                      -- END --