Montana § 2-15-114 Security Responsibilities Of Departments For Data

Montana Statutes

§ 2-15-114 — Security Responsibilities Of Departments For Data

Montana § 2-15-114

Title 2GOVERNMENT STRUCTURE AND ADMINISTRATION

Ch. 15EXECUTIVE BRANCH OFFICERS AND AGENCIES

Part 1General Provisions

This text of Montana § 2-15-114 (Security Responsibilities Of Departments For Data) is published on Counsel Stack Legal Research, covering Montana primary law. Counsel Stack provides free access to over 12 million legal documents including statutes, case law, regulations, and constitutions.

Bluebook

Mont. Code Ann. § 2-15-114 (2026).

Text

2-15-114 . Security responsibilities of departments for data. Each department head is responsible for ensuring an adequate level of security for all data within that department and shall:

(1)develop and maintain written internal policies and procedures to ensure security of data. The internal policies and procedures are confidential information and exempt from public inspection, except that the information must be available to the legislative auditor in performing postauditing duties.

(2)designate an information security manager to administer the department's security program for data;

(3)implement appropriate cost-effective safeguards to reduce, eliminate, or recover from identified threats to data;

(4)ensure that internal evaluations of the security program for data are conducted. Th

Free access — add to your briefcase to read the full text and ask questions with AI

2-15-114 . Security responsibilities of departments for data. Each department head is responsible for ensuring an adequate level of security for all data within that department and shall:
(1) develop and maintain written internal policies and procedures to ensure security of data. The internal policies and procedures are confidential information and exempt from public inspection, except that the information must be available to the legislative auditor in performing postauditing duties.
(2) designate an information security manager to administer the department's security program for data;
(3) implement appropriate cost-effective safeguards to reduce, eliminate, or recover from identified threats to data;
(4) ensure that internal evaluations of the security program for data are conducted. The results of the internal evaluations are confidential and exempt from public inspection, except that the information must be available to the legislative auditor in performing postauditing duties.
(5) include appropriate security requirements, as determined by the department, in the written specifications for the department's solicitation of data and information technology resources; and
(6) include a general description of the existing security program and future plans for ensuring security of data in the agency information technology plan as provided for in 2-17-523 .