The purposes of this Act are to: (1) provide a comprehensive framework for ensuring the effectiveness of information security controls over information resources that support State agency operations and assets; (2) recognize the critical role of information and information systems in the provision of life, health, safety, and other crucial services to the citizens of the State of Illinois and the risk posed to these services due to the ever-evolving cybersecurity threat; (3) recognize the highly networked nature of the current State of Illinois working environment and provide effective statewide management and oversight of the related information security risks, including coordination of information security efforts across State agencies; (4) provide for the development and maintenance of minimum security controls required to protect State of Illinois information and information systems; (5) provide a mechanism for improved oversight of State agency information security programs, including through automated security tools to continuously diagnose and improve security; (6) recognize that information security risk is both a business and public safety issue, and the acceptance of risk is a decision to be made at the executive levels of State government; and (7) ensure a continued and deliberate effort to reduce the risk posed to the State by cyberattacks and other information security incidents that could impact the information security of the State. the effectiveness of information security controls over information resources that support State agency operations and assets; information systems in the provision of life, health, safety, and other crucial services to the citizens of the State of Illinois and the risk posed to these services due to the ever-evolving cybersecurity threat; current State of Illinois working environment and provide effective statewide management and oversight of the related information security risks, including coordination of information security efforts across State agencies; minimum security controls required to protect State of Illinois information and information systems; State agency information security programs, including through automated security tools to continuously diagnose and improve security; a business and public safety issue, and the acceptance of risk is a decision to be made at the executive levels of State government; and reduce the risk posed to the State by cyberattacks and other information security incidents that could impact the information security of the State.
‹ Prev All Illinois sections Next ›
Lexace provides legal information, not legal advice, and no attorney–client relationship is created. Statute text is provided for general information and may not reflect the most recent amendments; verify against the official state code.