Illinois Administrative Code
Title 80 - PUBLIC OFFICIALS AND EMPLOYEES
Part 4000 - MANDATORY CYBERSECURITY TRAINING
Subpart B - TRAINING REQUIREMENTS AND RESPONSIBILITIES
Section 4000.205 - Responsibility of Employees and Employer Agencies, Boards and Commissions

Universal Citation: 80 IL Admin Code ยง 4000.205

Current through Register Vol. 48, No. 38, September 20, 2024

a) Each agency, board and commission with an employee required to complete cybersecurity training shall designate an internal contact to monitor and track compliance with the cybersecurity training requirements.

b) The agency, board or commission shall promptly notify DoIT of its selection, including contact information for that Designated Contact. This information shall be submitted at security.training@illinois.gov.

c) To facilitate delivery of training materials, each agency, board and commission with employees required to complete annual cybersecurity training shall maintain a list identifying each employee who is required to complete annual cybersecurity training. The Designated Contact shall notify DoIT of the number of employees in its agency required to complete cybersecurity training.

d) Upkeep of the employee list referenced in subsection (a) is the sole responsibility of the employer agency, board or commission.

1) The Designated Contact shall provide to DoIT the employee list, as well as the email address of each employee, and any further information DoIT may request, no later than 30 calendar days prior to the training launch. DoIT's notice of the training will include what information the Designated Contact is required to provide.

2) The Designated Contact shall be responsible for providing paper copies of the training materials to those employees within his or her agency who do not have State-issued computers.

3) The Designated Contact shall annually provide to DoIT the list of those employees who have completed cybersecurity training.

e) Each agency, board and commission is responsible for responding to audit requests for information regarding completion of cybersecurity training within that specific agency, board or commission.

f) Each employee is responsible for ensuring that he or she is able to timely complete the mandatory cybersecurity training in person, online, or in paper form. In the event that the training is not completed, disciplinary action may be enforced by the employee's supervising agency.

Disclaimer: These regulations may not be the most recent version. Illinois may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.