Updating the database of the Illinois Compiled Statutes (ILCS) is an ongoing process.
Recent laws may not yet be included in the ILCS database, but they are found on this site as Public
soon after they become law. For information concerning the relationship between statutes and Public Acts, refer to the
Because the statute database is maintained primarily for legislative drafting purposes,
statutory changes are sometimes included in the statute database before they take effect.
If the source note at the end of a Section of the statutes includes a Public Act that has
not yet taken effect, the version of the law that is currently in effect may have already
been removed from the database and you should refer to that Public Act to see the changes
made to the current law.
(30 ILCS 5/3-2.4)
(a) In conjunction with its annual compliance examination program, the Auditor General shall review State agencies and their cybersecurity programs and practices, with a particular focus on agencies holding large volumes of personal information.
(b) The review required under this Section shall, at a minimum, assess the following:
(1) the effectiveness of State agency cybersecurity
(2) the risks or vulnerabilities of the
cybersecurity systems used by State agencies;
(3) the types of information that are most
(4) ways to improve cybersecurity and eliminate
vulnerabilities to State cybersecurity systems; and
(5) any other information concerning the
cybersecurity of State agencies that the Auditor General deems necessary and proper.
(c) Any findings resulting from the testing conducted under this Section shall be included within the applicable State agency's compliance examination report. Each compliance examination report shall be issued in accordance with the provisions of Section 3-14. A copy of the report shall also be delivered to the head of the applicable State agency and posted on the Auditor General's website.
(Source: P.A. 100-914, eff. 1-1-19