The URL can be used to link to this page

Home My WebLink About24-2637Docusign Envelope ID: B67B5DBA-020D-49EB-BB02-6C94CD896AED RESOLUTION NO. 24-2637 A RESOLUTION OF THE CITY OF DENTON ESTABLISHING POLICY “INFORMATION SECURITY” TO SET INFORMATION SECURITY STANDARDS FOR ALL CITY OF DENTON TECHNOLOGY USERS; AND DECLARING AN EFFECTIVE DATE. WHEREAS, Administrative Directive “Information Security” (Directive) was approved by the Policy Review Committee November 18, 2024; and WHEREAS, the City of Denton “Information Security” Policy will be in compliance with the National Institute of Standards and Technology (NIST) Specialist Publication (SP): • NIST SP 800-53 – Awareness and Training (AT) • NISTSP 800-12 NIST SP 800-16 • • NIST SP 800-50 NIST SP 800-100 Electronic Code of Federal Regulations (CFR): 5 CFR 930.301 Criminal Justice Information Services (CJIS) 5.9.4 North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) v5 ; and WHEREAS, staff desires to elevate the Directive to a policy of the City; and WHEREAS, the City Manager recommends adoption of an Information Security policy and the City Council desires to adopt such policy; NOW, THEREFORE, THE COUNCIL OF THE CITY OF DENTON HEREBY RESOLVES: SECTION 1. The Policy Statement in “Information Security”, which is incorporated in this section, is hereby adopted as an official policy of the City of Denton: Docusign Envelope ID: B67B5DBA-020D49EB-BB02-6C94CD896AED POLICY PL-RPOSE STATEMENT This policy sets the minimum Information security standards for all City of Denton technology users. Departments can exceed the security requirements to meet busIness and legal needs. but they must meet the minimum standards set by this policy. POLICY • This policy acts as an umbrella document for all other security policies and associated standards. + Protect and maintain the confidentiality, integrity. and availability of information and its infrastructure: • • • • • Manage the risk of security exposure or compromise: Assure a secure and stable Technology Services (TS) environment; Identi8' and respond to unauthorized disclosure; I events involving information asset misuse, loss or Monitor systems for anomalies that might indicate compromise; and Promote and increase the awareness of information security. SECTION 2. This resolution only adopts and approves the “Policy Statement” portion of the Information Security policy as set forth above. The remaining portion of the Information Security policy is an administrative procedure describing the means and methods by which City management implements the Policy Statement. The City Manager is authorized to amend and issue such administrative procedures and directives as deemed necessary to implement the Policy related to personnel and internal operational matters. SECTION 3. The attached policy shall be filed in the official records with the City Secretary. SECTION 4. This resolution shall become effective immediately upon its passage and approval. The motion to approve this resolution was made by Brian Beck and seconded by Brandon Chase McGee. The resolution was passed and approved by the following vote [ 7 – 0 – J : Aye Nay Abstain Absent Mayor Gerard Hudspeth: Vicki Byrd, District 1 :X X Docusign Envelope ID: B67B5DBA-020D49EB-BB02-6C94CD896AED Brian Beck. District 2: Paul Meltzer. District 3 : Joe Holland. District 4: Brandon Chase McGee, At Large Place 5 : X X X X XJill Jester. At Large Place 6: PASSED AND APPROVED this the 4th day of February, 2025. GUR,-\Rb HtJDSPETH. MAYOR ATTEST: LAUREN THODEN, CITY SECRETARY \\\111111///0 Cyau„,n ,m - APPROVED AS TO LEGAL FORM: MACK REINWAND, CITY ATTORNEY