as introduced - 91st Legislature (2019 - 2020) Posted on 04/26/2019 09:53am
A bill for an act
relating to state government; requirements for state information technology security;
amending Minnesota Statutes 2018, section 16E.03, by adding subdivisions.
BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF MINNESOTA:
Minnesota Statutes 2018, section 16E.03, is amended by adding a subdivision
to read:
new text begin
The chief information officer must
establish web application security development standards that require web application threat
modeling and support the following web application platforms: XML, (.NET), JAVA, and
PHP.
new text end
Minnesota Statutes 2018, section 16E.03, is amended by adding a subdivision to
read:
new text begin
The chief information officer must develop
open source third-party software library policies and use standards to ensure software is
free of vulnerabilities and originates from credible sources.
new text end
Minnesota Statutes 2018, section 16E.03, is amended by adding a subdivision to
read:
new text begin
The chief information officer must
incorporate web application threat modeling within Agile software processes and incorporate
design, development, testing, deployment, postdeployment, and retirement during the entire
life cycle of a web application.
new text end