AB 3193: Information security.

Session Year: 2017-2018
House: Assembly

Version:

Existing law establishes the Department of Technology within the Government Operations Agency, headed by the Director of Technology, who is also known as the State Chief Information Officer. Existing law requires the chief to establish an information security program, including, among other things, the creation, updating, and publishing of information security and privacy policies, standards, and procedures the State Administrative Manual. Existing law requires certain state entities to implement and comply with the policies and procedures issued by the office.

This bill would revise the implementation requirement described above to provide that all state agencies, as defined, must implement and comply with the policies and procedures issued by the office.

Existing law requires all contracts for the acquisition of information technology goods or services, whether by lease or purchase, to be made by or under the supervision of the Department of General Services, unless otherwise expressly provided. Under existing law, the department is required to prenegotiate the repetitively used terms and conditions in the states model contract with each interested vendor who bids or proposes on electronic data processing or telecommunications procurements. Under existing law, a bidder or proposer for one of these contracts is required to propose a negotiated change or standard contract language change to the contract within a specified timeframe.This bill would make a nonsubstantive change to that provision.

Discussed in Hearing