Minnesota Legislature
SF 2845
as introduced - 91st Legislature (2019 - 2020) Posted on 04/26/2019 09:53am
Current Version - as introduced
1.5 1.6 1.7 1.8 1.9 1.10
1.11 1.12 1.13 1.14 1.15
1.16 1.17 1.18 1.19 1.20 1.21
A bill for an act
relating to state government; requirements for state information technology security;
amending Minnesota Statutes 2018, section 16E.03, by adding subdivisions.
BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF MINNESOTA:
Section 1.
Minnesota Statutes 2018, section 16E.03, is amended by adding a subdivision
to read:
new text begin Subd. 11. new text end
new text begin Web application security development. new text end
new text begin
The chief information officer must
establish web application security development standards that require web application threat
modeling and support the following web application platforms: XML, (.NET), JAVA, and
PHP.
new text end
Sec. 2.
Minnesota Statutes 2018, section 16E.03, is amended by adding a subdivision to
read:
new text begin Subd. 12. new text end
new text begin Open source software library. new text end
new text begin
The chief information officer must develop
open source third-party software library policies and use standards to ensure software is
free of vulnerabilities and originates from credible sources.
new text end
Sec. 3.
Minnesota Statutes 2018, section 16E.03, is amended by adding a subdivision to
read:
new text begin Subd. 13. new text end
new text begin Web application threat modeling. new text end
new text begin
The chief information officer must
incorporate web application threat modeling within Agile software processes and incorporate
design, development, testing, deployment, postdeployment, and retirement during the entire
life cycle of a web application.
new text end