Oregon Administrative Rules
Chapter 128 - DEPARTMENT OF ADMINISTRATIVE SERVICES, OFFICE OF THE STATE CHIEF INFORMATION OFFICER
Division 20 - STATE INFORMATION TECHNOLOGY ASSET PROTECTION - COVERED VENDORS
Section 128-020-0015 - Covered Vendor List

Universal Citation: OR Admin Rules 128-020-0015

Current through Register Vol. 63, No. 9, September 1, 2024

(1) The State Chief Information Officer shall establish a list of covered vendors on its publicly accessible website, inclusive of information sufficient to identify covered products, and the date that each covered vendor was designated as a national security threat. The State Chief Information Officer shall maintain and update this list in accordance with the policies and procedures adopted pursuant to OAR 128-020-0025, Designation Process.

(2) Subject to allowable investigatory, regulatory, or law enforcement exceptions, and all applicable policies and procedures, no covered products of a corporate entity listed as a covered vendor on the list maintained by the State Chief Information Officer under this Division 20 may be installed or downloaded onto a state information technology asset that is under the management or control of a state agency, or used or accessed by a state information technology asset.

Statutory/Other Authority: ORS 276A.300

Statutes/Other Implemented: Or Laws 2023, ch 256 (HB 3127)

Disclaimer: These regulations may not be the most recent version. Oregon may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.