 |
Florida Administrative Code (Last Updated: April 18, 2024) |
 |
60. Department of Management Services |
|
60FF. Technology Program |
|
60FF-1. State Communications Definitions; Usage Qualifications; Exemptions And Clearances |
1(1) 2All Customers shall submit a Notice of Security Concern Regarding any Network Solution that is in use, or the Customer intends to use, and not in compliance with Rule 3160FF-3.004, 32F.A.C. This requirement to submit a notice is not obviated by the submittal of a corresponding notice by a vendor.
52(2) 53All vendors selling or implementing Network Solutions that are not provided as a part of SUNCOM services for use by SUNCOM Customers 75shall submit a 78Notice of Security Concern to the Department and the purchasing Customer prior to entering into associated agreements or contracts, or accepting associated purchase orders if prior to impending engagement or during engagement, the vendor is aware that Network Solution is not, or is not expected to be in compliance with Rule 12960FF-3.004, 130F.A.C. 131This requirement to submit a notice is not obviated by the submittal of a corresponding notice by a Customer.
150(1513) 152The Notice of Security Concern Regarding a Network Solution shall:
162(a) 163Follow the submittal standards established under Rule 17060FF-1.004, 171F.A.C.;
172(b) 173Contain a description of the Network Solution;
180(c) 181Contain descriptions of all the circumstances where the Network Solution does not comply with Rule 19660FF-3.004, 197F.A.C., and;
1991. 200The security measures currently in place to address the Security Exposures and;
2122. 213The security guidelines that have been made available from the Network Solution provider to Customer, and measures that are and expected to be in place to address the Security Exposures and;
2443. 245Highlighted liability provisions that are applicable to these security conditions in complete copies of the related contracts, agreements and purchase orders.
266(d) 267Contain a statement specifying how long the Customer intends to use the Network Solution.
281(4) 282Customers and vendors using or implementing Network Solutions that are in violation of Rule 29660FF-3.004, 297F.A.C., shall provide the Department the following:
304(a) 305All related information requested by the Department.
312(b) 313Upon request from the Department, all the cooperation, access and authorities described in Rule 32760FF-3.006, 328F.A.C.
329Specific Authority 282.102(9) FS. Law Implemented 282.102(2), (8), (12), 282.103, 282340.104, 282.105, 282.106, 282.107 344FS. History–New 6-34723485-08.
