- (a) All authorized users (including, but not limited to, state agency personnel, temporary employees, and employees of independent contractors) of the state agency's information resources, shall formally acknowledge that they will comply with the security policies and procedures of the state agency or they shall not be granted access to information resources. The state agency head or his or her designated representative will determine the method of acknowledgement and how often this acknowledgement must be re-executed by the user to maintain access to state agency information resources.
- (b) Devices designated for public access shall be configured to enforce security policies and procedures without the requirement for formal acknowledgement.
- (c) Each state agency head or his/her designated representative and information security officer shall establish a strategy for the use of written non-disclosure agreements to protect information from disclosure by employees and contractors prior to granting access.
- (d) State agencies shall provide an ongoing information security awareness education program for all users.
- (e) State agencies shall use new employee orientation to introduce information security awareness and inform new employees of information security policies and procedures.
Source Note:The provisions of this §202.27 adopted to be effective November 28, 2004, 29 TexReg 10703.