(1) The general assembly hereby finds, determines, and declares that:
Communication and information resources in the various public agencies of the stateare strategic and vital assets belonging to the people of Colorado. Coordinated efforts and a sense of urgency are necessary to protect these assets against unauthorized access, disclosure, use, and modification or destruction, whether accidental or deliberate, as well as to assure the confidentiality, integrity, and availability of information.
State government has a duty to Colorado's citizens to ensure that the information thecitizens have entrusted to public agencies is safe, secure, and protected from unauthorized access, unauthorized use, or destruction.
Securing the state's communication and information resources is a statewide imperative requiring a coordinated and shared effort from all departments, agencies, and political subdivisions of the state and a long term commitment to state funding that ensures the success of such efforts.
Risks to communication and information resources must be managed, and the integrity of data and the source, destination, and processes applied to data must be assured.
Information security standards, policies, and guidelines must be promulgated and implemented throughout public agencies to ensure the development and maintenance of minimum information security controls to protect communication and information resources that support the operations and assets of those agencies.
The extensive information security expertise in Colorado's private sector should beutilized for the long-term benefit of Colorado's citizens and public agencies.
Source: L. 2006: Entire part added, p. 1713, § 1, effective June 6.