Bill Text: IL HB5547 | 2017-2018 | 100th General Assembly | Introduced
NOTE: There are more recent revisions of this legislation. Read Latest Draft
Bill Title: Amends the Illinois State Auditing Act. Provides that on a biennial basis, the Auditor General shall conduct a performance audit of State agencies and their cybersecurity programs and practices, with a particular focus on agencies holding large volumes of personal information. Provides for the subjects to be assessed by the audit. Provides for the issuance of an audit report.
Spectrum: Partisan Bill (Democrat 8-0)
Status: (Passed) 2018-08-17 - Public Act . . . . . . . . . 100-0914 [HB5547 Detail]
Download: Illinois-2017-HB5547-Introduced.html
Bill Title: Amends the Illinois State Auditing Act. Provides that on a biennial basis, the Auditor General shall conduct a performance audit of State agencies and their cybersecurity programs and practices, with a particular focus on agencies holding large volumes of personal information. Provides for the subjects to be assessed by the audit. Provides for the issuance of an audit report.
Spectrum: Partisan Bill (Democrat 8-0)
Status: (Passed) 2018-08-17 - Public Act . . . . . . . . . 100-0914 [HB5547 Detail]
Download: Illinois-2017-HB5547-Introduced.html
| ||||||||||||||||||||
| ||||||||||||||||||||
| ||||||||||||||||||||
| ||||||||||||||||||||
| ||||||||||||||||||||
| 1 | AN ACT concerning finance.
| |||||||||||||||||||
| 2 | Be it enacted by the People of the State of Illinois,
| |||||||||||||||||||
| 3 | represented in the General Assembly:
| |||||||||||||||||||
| 4 | Section 5. The Illinois State Auditing Act is amended by | |||||||||||||||||||
| 5 | adding Section 3-2.4 as follows:
| |||||||||||||||||||
| 6 | (30 ILCS 5/3-2.4 new) | |||||||||||||||||||
| 7 | Sec. 3-2.4. Cybersecurity audit. | |||||||||||||||||||
| 8 | (a) On a biennial basis, the Auditor General shall conduct | |||||||||||||||||||
| 9 | a performance audit of State agencies and their cybersecurity | |||||||||||||||||||
| 10 | programs and practices, with a particular focus on agencies | |||||||||||||||||||
| 11 | holding large volumes of personal information. | |||||||||||||||||||
| 12 | (b) The audit required under this Section shall, at a | |||||||||||||||||||
| 13 | minimum, assess the following: | |||||||||||||||||||
| 14 | (1) the effectiveness of State agency cybersecurity | |||||||||||||||||||
| 15 | practices; | |||||||||||||||||||
| 16 | (2) the risks or vulnerabilities of the cybersecurity | |||||||||||||||||||
| 17 | systems used by State agencies; | |||||||||||||||||||
| 18 | (3) the types of information that are most susceptible | |||||||||||||||||||
| 19 | to attack; | |||||||||||||||||||
| 20 | (4) ways to improve cybersecurity and eliminate | |||||||||||||||||||
| 21 | vulnerabilities to State cybersecurity systems; and | |||||||||||||||||||
| 22 | (5) any other information concerning the cybersecurity | |||||||||||||||||||
| 23 | of State agencies that the Auditor General deems necessary | |||||||||||||||||||
| |||||||
| |||||||
| 1 | and proper. | ||||||
| 2 | (c) Upon completion of an audit required under this | ||||||
| 3 | Section, a report of the audit shall be issued in accordance | ||||||
| 4 | with the provisions of Section 3-14, and a copy of the report | ||||||
| 5 | shall also be delivered to the head of each audited State | ||||||
| 6 | agency.
| ||||||
