| Authority/Reference(s) | |
|---|---|
| Revision Date | March 30, 2023 |
Policy
To mitigate cybersecurity threats and risks in state government contracting, DFPS requires contractors, and their subcontractors, officers, or employees who have access to state computer systems or databases complete cybersecurity training annually through Department of Information Resources (DIR) when the contractor's personnel and subcontractors have access to these DFPS computer systems:
- PEIRS
- IMPACT
- TARE
- CLASS
To obtain a list of DIR certified trainings, visit the DIR Website.
DFPS Staff Augmentation contracted employees satisfy cybersecurity training requirements through training facilitated and administered by OIS.
Certification of Cybersecurity Training
Annually during the month of June, contractors must complete and submit Form 4530 DFPS Cybersecurity Training Certification to attest that identified personnel and subcontractors who have access to the DFPS systems received the required cybersecurity training at the time of the certification.
Contractors are required to maintain documentation that includes:
- Individuals who are required to take the training
- Documentation of the completed training
- Name of the entity who performed the training
- Title of the cybersecurity course
The 4530 DFPS Cybersecurity Training Certification is submitted to the contract manager on an annual basis, by the last business day in June. The certification must be signed by the contractor's:
- Contract signatory, or designee; or
- Human resources director.