Nonreporting Entities' Information Security Compliance

Mar 30, 2023 - A number of nonreporting entities cited A B  2135 , as of 2022, as a reason for their decision to undergo an ISA. Consistent with CDT ’s requirement that reporting entities undergo ISAs once every two years (with some limited exceptions), nonreporting entities appear to be undergoing ISAs at a comparable rate consistent with the intent of  A B  2135 .
https://lao.ca.gov/Publications/Report/4756

The 2023-24 Budget: Overview of Information Security Proposals

Mar 23, 2023 - For example, Cal-Secure technical capability “coverage percentages ” support the Victim Compensation Board ’s IT staff proposal, while ISA findings by risk profile support the Department of Managed Health Care ’s “Office of Technology and Innovation —IS Resources ” proposal, and finally areas of noncompliance and weaknesses from their plan of action and milestones support the Public Employment Relations Board ’s “Worker ’s Compensation Information System Upgrade ” proposal.
https://lao.ca.gov/Publications/Report/4748