New Mexico Administrative Code
Title 1 - GENERAL GOVERNMENT ADMINISTRATION
Chapter 12 - INFORMATION TECHNOLOGY
Part 20 - INFORMATION SECURITY OPERATION MANAGEMENT
Section 1.12.20.26 - SYSTEM SECURITY CHECKING

Universal Citation: 1 NM Admin Code 1.12.20.26

Current through Register Vol. 35, No. 18, September 24, 2024

A. Systems that process or store sensitive or confidential information or services that provide support for critical services shall undergo technical security reviews by agency system administrators to ensure compliance with implementation standards and rules as promulgated by DoIT and check for vulnerabilities to threats discovered subsequent to the review. Technical reviews of systems and services essential to the support of critical agency functions shall be conducted by agency system administrators at least once every year. Random reviews of all systems and services shall be conducted at least once every 24 months.

B. Any deviations from expected or required results, as defined by the agency CIO or ISO which are detected by the technical security review shall be reported to the agency CIO and the agency ISO and shall be corrected immediately. Agency staff shall also be advised of such deviations and agency shall investigate deviations (including the review of system activity log records, if necessary) and provide results of investigation to agency ISO and CIO.

Disclaimer: These regulations may not be the most recent version. New Mexico may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.