Lisa Calderon
- Democratic
- Assemblymember
- District 56
Author
Existing law establishes the Office of Information Security, within the Department of Technology, to, among other things, ensure the confidentiality, integrity, and availability of state systems and applications. Existing law requires the Chief of the Office of Information Security to establish an information security program that includes, among other things, creating, updating, and publishing information security and privacy policies, standards, and procedures for state agencies, and requires state agencies, as described, to certify to the office that the agency is in compliance with those policies, standards, and procedures. Existing law authorizes the office to, among other things, conduct or require to be conducted an independent security assessment of every state agency, department, or office, as specified. This bill would require the office, on or before January 1, 2026, to develop a Baseline Information Security Score metric to estimate the information security status of applicable state agencies, departments, and offices, and would require the metric to utilize readily available information, including, among other things, compliance certifications submitted to the office and results of relevant independent security assessments completed as described above. The bill would also require the office, beginning January 1, 2027, and annually on or before January 1 thereafter, to calculate a Baseline Information Security Score based on the above-described metric for each applicable state agency, department, and office. The bill would make related findings and declarations.
In committee: Held under submission.
From committee: Do pass and re-refer to Com. on APPR with recommendation: To Consent Calendar. (Ayes 14. Noes 0.) (June 25). Re-referred to Com. on APPR.
In Senate. Read first time. To Com. on RLS. for assignment.
Read third time. Passed. Ordered to the Senate. (Ayes 72. Noes 0. Page 5633.)
Read second time. Ordered to third reading.
From committee: Do pass. (Ayes 15. Noes 0.) (May 16).
In committee: Set, first hearing. Referred to APPR. suspense file.
Read second time and amended.
From committee: Amend, and do pass as amended and re-refer to Com. on APPR. with recommendation: To Consent Calendar. (Ayes 11. Noes 0.) (April 23).
In committee: Hearing postponed by committee.
From committee chair, with author's amendments: Amend, and re-refer to Com. on P. & C.P. Read second time and amended.
From printer. May be heard in committee March 17.
Read first time. To print.
| Bill Text Versions | Format |
|---|---|
| AB2777 | HTML |
| 02/15/24 - Introduced | |
| 03/19/24 - Amended Assembly | |
| 04/25/24 - Amended Assembly |
| Document | Format |
|---|---|
| 04/20/24- Assembly Privacy and Consumer Protection | |
| 05/06/24- Assembly Appropriations | |
| 05/20/24- ASSEMBLY FLOOR ANALYSIS | |
| 06/21/24- Senate Governmental Organization | |
| 08/02/24- Senate Appropriations |
Data on Open States is updated periodically throughout the day from the official website of the California State Legislature.
If you notice any inconsistencies with these official sources, feel free to file an issue.