The Office shall:
1. Develop procedures for risk-based assessments that identify vulnerabilities in the information systems that are operated or maintained by state agencies and any potential threats that may exploit such vulnerabilities.
2. Based on the results of risk-based assessments, identify risks to the security of information systems that are operated or maintained by state agencies.
3. Develop best practices for preparing for and mitigating risks to, and otherwise protecting, the security of information systems that are operated or maintained by state agencies.
(Added to NRS by 2017, 1634; A 2019, 2473)