Texas § 2063.303 VULNERABILITY REPORTS.

Texas Statutes

§ 2063.303 — VULNERABILITY REPORTS.

Texas § 2063.303

Code GVGovernment Code

This text of Texas § 2063.303 (VULNERABILITY REPORTS.) is published on Counsel Stack Legal Research, covering Texas primary law. Counsel Stack provides free access to over 12 million legal documents including statutes, case law, regulations, and constitutions.

Bluebook

Tex. Government Code Code Ann. § 2063.303 (2026).

Text

Sec. 2063.303. VULNERABILITY REPORTS.

(a)In this section, a term defined by Section 33.01 , Penal Code, has the meaning assigned by that section.

(b)The information security officer of a state agency shall prepare or have prepared a report, including an executive summary of the findings of the biennial report, not later than June 1 of each even-numbered year, assessing the extent to which a computer, a computer program, a computer network, a computer system, a printer, an interface to a computer system, including mobile and peripheral devices, computer software, or data processing of the agency or of a contractor of the agency is vulnerable to unauthorized access or harm, including the extent to which the agency's or contractor's electronically stored information is vulnerable to alterat

Free access — add to your briefcase to read the full text and ask questions with AI

Sec. 2063.303. VULNERABILITY REPORTS. (a) In this section, a term defined by Section 33.01 , Penal Code, has the meaning assigned by that section.
(b) The information security officer of a state agency shall prepare or have prepared a report, including an executive summary of the findings of the biennial report, not later than June 1 of each even-numbered year, assessing the extent to which a computer, a computer program, a computer network, a computer system, a printer, an interface to a computer system, including mobile and peripheral devices, computer software, or data processing of the agency or of a contractor of the agency is vulnerable to unauthorized access or harm, including the extent to which the agency's or contractor's electronically stored information is vulnerable to alteration, damage, erasure, or inappropriate use.
(c) Except as provided by this section, a vulnerability report and any information or communication prepared or maintained for use in the preparation of a vulnerability report is confidential and is not subject to disclosure under Chapter 552 .
(d) The information security officer shall provide an electronic copy of the vulnerability report on its completion to:
(1) the command;
(2) the state auditor;
(3) the agency's executive director;
(4) the agency's designated information resources manager; and
(5) any other information technology security oversight group specifically authorized by the legislature to receive the report.
(e) Separate from the executive summary described by Subsection (b), a state agency shall prepare a summary of the agency's vulnerability report that does not contain any information the release of which might compromise the security of the state agency's or state agency contractor's computers, computer programs, computer networks, computer systems, printers, interfaces to computer systems, including mobile and peripheral devices, computer software, data processing, or electronically stored information.
Transferred, redesignated and amended from Government Code, Section 2054.077 by Acts 2025, 89th Leg., R.S., Ch. 331 (H.B. 150 ), Sec. 9, eff. September 1, 2025.
SUBCHAPTER E. CYBERSECURITY PREPARATION AND PLANNING

Legislative History

Added by Acts 2001, 77th Leg., ch. 792, Sec. 1, eff. June 14, 2001. Amended by: Acts 2009, 81st Leg., R.S., Ch. 183 (H.B. 1830 ), Sec. 5, eff. September 1, 2009. Acts 2017, 85th Leg., R.S., Ch. 683 (H.B. 8 ), Sec. 7, eff. September 1, 2017. Acts 2019, 86th Leg., R.S., Ch. 509 (S.B. 64 ), Sec. 13, eff. September 1, 2019. Acts 2021, 87th Leg., R.S., Ch. 856 (S.B. 800 ), Sec. 9, eff. September 1, 2021.