VIRGINIA LAW PORTAL

• Code of Virginia
• Virginia Administrative Code
• Constitution of Virginia
• Charters
• Authorities
• Compacts
• Uncodified Acts
• RIS Users (account required)

SEARCHABLE DATABASES

• Bills & Resolutions
  session legislation
• Bill Summaries
  session summaries
• Reports to the General Assembly
  House and Senate documents
• Legislative Liaisons
  State agency contacts

ACROSS SESSIONS

• Subject Index: Since 1995
• Bills & Resolutions: Since 1994
• Summaries: Since 1994

Developed and maintained by the Division of Legislative Automated Systems.

2006 SESSION

• history | hilite | pdf | print version

SENATE JOINT RESOLUTION NO. 51 Directing the Auditor of Public Accounts to report on the adequacy of the security of state government databases and data communications from unauthorized uses. Report.   Agreed to by the Senate, February 14, 2006 Agreed to by the House of Delegates, March 6, 2006  

WHEREAS, information collected and managed by state agencies and public institutions of higher education through the means of computer networks and the Internet contains personal information and other identifying particulars regarding individuals who come into contact with the government; and

WHEREAS, the personal information that is stored or accessed in government databases includes real or personal property holdings, education, financial transactions, medical history, ancestry, religion, political ideology, criminal or employment records, finger and voice prints, photographs, the record of an individual's presence, registration, or membership in organizations or activities, or  admission to an institution; and

WHEREAS, the Chief Information Officer for the Commonwealth is required to direct the development of policies, procedures, and standards for assessing security risks, determining the appropriate security measures, and performing security audits of government databases; and to conduct periodic security audits; and

WHEREAS, the Auditor of Public Accounts has reported that the Chief Information Officer has not developed sufficient statewide policies, procedures, and standards; the Auditor has further reported on the lack of policies, procedures, and standards for assessing security risks, determining appropriate security measures, and insufficient security of databases at institutions of higher education and executive branch agencies; and

WHEREAS, despite these reports, institutions of higher education and executive branch agencies continue to provide insufficient security, and the threat of unauthorized and unlawful access to government databases and data communications is ever increasing as new vulnerabilities are discovered and old vulnerabilities are being exploited in new ways; and

WHEREAS, in light of the potential harm to citizens caused by a breach of security measures, there is a need to conduct a comprehensive review of the adequacy of the security of state government databases and data communications from unauthorized uses; now, therefore, be it

RESOLVED by the Senate, the House of Delegates concurring, That the Auditor of Public Accounts be directed to study the adequacy of the security of state government databases and data communications from unauthorized uses.

All agencies of the Commonwealth shall provide assistance to the Auditor for this study, upon request.

The Auditor of Public Accounts shall complete his study by November 30, 2006, and the Auditor shall submit to the Division of Legislative Automated Systems an executive summary of his findings and recommendations no later than the first day of the 2007 Regular Session of the General Assembly. The executive summary shall state whether the Auditor intends to submit to the General Assembly and the Governor a report of his findings and recommendations for publication as a House or Senate document. The executive summary and report shall be submitted as provided in the procedures of the Division of Legislative Automated Systems for the processing of legislative documents and reports and shall be posted on the General Assembly's website.