Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · North Dakota · Title 54 · Chapter 54-10 — State Auditor

54-10-28. Information technology responsibilities.

371 words·~2 min read·/nd/title-54/chapter-54-10-state-auditor/54-10-28·

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

The state auditor may:
1. Conduct information technology compliance reviews, as determined necessary by the
information technology committee, by conducting individual agency audits of
information technology management, information technology planning, compliance
with information technology plans, and compliance with information technology
standards and policies and conducting statewide agency audits of compliance with
specific information technology standards and policies.
2. Consult with the information technology department on audits of compliance with
information technology plans and compliance with information technology standards
and policies.
3. Participate in the information technology department's enterprise architecture process
for developing information technology standards and policies. 4. Monitor major information technology projects for compliance with project
management and information technology standards and policies. 5. Present results of information technology compliance reviews to the information
technology committee.
54-10-29. Audits of computer systems - Penalty. 1. The state auditor may:
a. Pursuant to the powers and duties outlined in this chapter, conduct a review and
assessment of computer systems and related security systems. Computer
systems subject to this section include the computer systems of a state agency or
political subdivision that is subject to audit by the state auditor. Tests conducted in
connection with this review and assessment may include an assessment of
system vulnerability, network penetration, potential security breach, and
susceptibility to cyber attack or cyber fraud.
b. Disclose any findings to the chief information officer of the state or to any state
official or legislative committee. Working papers and preliminary drafts of reports
created in connection with the review of computer systems and the security of the
systems are exempt from section 44-04-18. Those parts of findings and working
papers that identify the methods of the state auditor or that may cause or
perpetuate vulnerability of the computer system reviewed are exempt from
section 44-04-18 and protected from disclosure until the state auditor directs
otherwise.
c. Procure the services of a specialist in information security systems or other
contractors deemed necessary in conducting a review under this section. The
procurement of these services is exempt from the requirements of chapter
54-44.4. 2. An outside contractor hired to provide services in the review of the security of a
computer system is subject to the confidentiality provisions of this section and section
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.