Oregon Administrative Rules
Chapter 128 - DEPARTMENT OF ADMINISTRATIVE SERVICES, OFFICE OF THE STATE CHIEF INFORMATION OFFICER
Division 20 - STATE INFORMATION TECHNOLOGY ASSET PROTECTION - COVERED VENDORS
Section 128-020-0025 - Designation Process

Universal Citation: OR Admin Rules 128-020-0025

Current through Register Vol. 63, No. 9, September 1, 2024

(1) Enterprise Information Services shall adopt and implement a policy and procedure that establishes the schedule for review of corporate entities associated with hardware, software, and services against the criteria in OAR 128-020-0020, and under which Enterprise Information Services will update its covered vendor list to reflect designations made pursuant to the Secure and Trusted Communications Networks Act of 2019, 47 USC 1601, et seq, including as amended. If review or other update identifies that a corporate entity is or may be a national security threat, the State Chief Information Officer will determine if the corporate entity should be designated as a covered vendor.

(2) The determination of the State Chief Information Officer will be reflected in an update of the covered vendor list on the publicly accessible Enterprise Information Services website.

Statutory/Other Authority: ORS 276A.300

Statutes/Other Implemented: Or Laws 2023, ch 256 (HB 3127)

Disclaimer: These regulations may not be the most recent version. Oregon may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.