51,436 sections across 3,184 New Mexico regulatory chapters.
R.1.12.6-1.12.6.7 DEFINITIONS
0.3K chars
As used in this rule: A. architectural configuration requirement (ACR) means the technical specifications for information architecture and computer system purchases for executive agencies; B. IAS means any information architecture subcommittee of the commission.
R.1.12.6-1.12.6.8 STANDARDS FOR ACRs
0.3K chars
ACRs will be based on an evaluation of an item's: A. life cycle; B. system interoperability and data accessibility; C. technical quality; D. training compatibility; E. wide use; F. company financial stability; and G. ability to advance government efficiency.
R.1.12.6-1.12.6.9 PROPOSED ACRs
0.4K chars
A. An IAS may submit a proposal for an ACR to the office. B. The office shall evaluate the proposal for compliance with the state information architecture and the state strategic plan and shall report its findings and recommendations to the commission. C. The commission may rejec…
R.1.12.7-1.12.7.1 ISSUING AGENCY
0.1K chars
State Commission of Public Records and State Records Administrator
R.1.12.7-1.12.7.10 ELECTRONIC SIGNATURE, SECURITY PROCEDURE AND SIGNING PROCESS
1.6K chars
A. An electronic signature is used to indicate a person's intent to associate themselves in some way to information or to a reason for signing (e.g., agreeing to the terms of a contract, acknowledging receipt of information, etc.) with legal effect. Any sound, symbol, or process …
R.1.12.7-1.12.7.11 LEGAL REQUIREMENT FOR A SIGNATURE
0.4K chars
A transaction is governed by a law or regulation that requires the presence of a signature before it will be considered legally effective. A state agency must review the law applicable to each proposed transaction to determine if it requires that the transaction be "signed." If t…
R.1.12.7-1.12.7.12 TRANSACTION-BASED NEED FOR A SIGNATURE
0.9K chars
If there is no legal requirement for a signature on a particular type of transaction a state agency may undertake a further analysis to evaluate the desirability of incorporating a signature requirement into the transaction. An electronic signature may be desirable, even when not…
R.1.12.7-1.12.7.13 REQUIREMENTS FOR LEGALLY BINDING ELECTRONIC SIGNATURE
6.1K chars
Where an electronic signature is required by law or otherwise deemed desirable, it is critical that the electronic signature and the associated signing process satisfy all of the applicable legal requirements. Generally, creating a valid and enforceable electronic signature requi…
R.1.12.7-1.12.7.14 BUSINESS ANALYSIS AND RISK ASSESSMENT
3.2K chars
A. The selection of an electronic signature process is a business decision involving more than technical consideration. State agencies are strongly encouraged to complete and document a business analysis and risk assessment. The extent, level of detail, and format of the business…
R.1.12.7-1.12.7.15 ELECTRONIC FORM OF SIGNATURE
5.1K chars
A.Low risk transactions.(1) For low risk transactions, any form of signature is acceptable. This includes clicking an on screen button, checking an on-screen box, typing ones name, using a PIN number, or any other reasonable method, so long as it is clear to the signer that such …
R.1.12.7-1.12.7.2 SCOPE
0.2K chars
To implement the electronic signature authority pursuant to the Public Records Act, Section 14-3-15.2 NMSA 1978 and the New Mexico Uniform Electronic Transactions Act, Section 14-16-1 et seq NMSA 1978.
R.1.12.7-1.12.7.3 STATUTORY AUTHORITY
0.1K chars
Public Records Act, Section 14-3-15.2 NMSA 1978; Uniform Electronic Transactions Act, Section 14-16-1 et seq NMSA 1978.
R.1.12.7-1.12.7.4 DURATION
0.0K chars
Permanent
R.1.12.7-1.12.7.5 EFFECTIVE DATE
0.1K chars
July 1, 2015, unless a later date is cited at the end of a section.
R.1.12.7-1.12.7.6 OBJECTIVE
0.3K chars
To establish standards for state agencies regarding the use of electronic signatures for legal signing purposes as authorized under the provisions of the Uniform Electronic Transactions Act. These rules are an adaption of the Use of Electronic Signatures in federal Organization T…
R.1.12.7-1.12.7.7 DEFINITIONS
11.5K chars
For purposes of this part, all terms defined in the Uniform Electronic Transactions Act, Section 14-16-1 et seq NMSA 1978 have the meanings set forth in statute. Additionally, the following terms shall have the following meanings: A. Terms beginning with the letter "A": (1) "Agre…
R.1.12.7-1.12.7.8 GENERAL OVERVIEW
1.6K chars
A.A signature, whether electronic or on paper, is the means by which a person indicates an intent to associate oneself with a document in a manner that has legal significance (e.g., to adopt or approve a specific statement regarding, or reason for signing, a document). It constit…
R.1.12.7-1.12.7.9 ELECTRONIC SIGNATURES COMPARED TO DIGITAL SIGNATURES
0.7K chars
A. "Electronic signature" is the term used for the electronic equivalent of a handwritten signature. It is a generic, technology- neutral term that refers to the universe of all of the various methods by which one can "sign" an electronic record. Although all electronic signature…
R.1.12.8-1.12.8.1 ISSUING AGENCY
0.0K chars
Information Technology Commission.
R.1.12.8-1.12.8.10 RESPONSIBILITIES OF THE CIO
0.1K chars
A. The CIO will maintain a listing of all IP addresses and access protocols by agency. B. The listing will be protected as confidential information.
R.1.12.8-1.12.8.11 REPONSIBILITY OF THE COMMISSION
0.2K chars
The Security and Privacy Advisory Committee will recommend to the Commission for their approval access protocols, in addition to those defined in 1.12.8.7 NMAC, subject to this rule.
R.1.12.8-1.12.8.12 NOTICE OF ADDITIONAL ACCESS PROTOCOLS
0.5K chars
Except in response to an active threat, within five (5) working days of approval by the Commission of additional access protocols subject to this rule, the Office shall: A. post a notice of approved access protocols subject to this rule on the Internet at its internet address; B.…
R.1.12.8-1.12.8.13 EXEMPTION
0.0K chars
There are no exemptions from this rule.
R.1.12.8-1.12.8.2 SCOPE
0.1K chars
This rule applies to all state agencies, boards, and commissions to whom the General Services Department provides Internet access.
R.1.12.8-1.12.8.3 STATUTORY AUTHORITY
0.0K chars
NMSA 1978 Section 15-1C-5.
R.1.12.8-1.12.8.4 DURATION
0.0K chars
Permanent.
R.1.12.8-1.12.8.5 EFFECTIVE DATE
0.1K chars
March 15, 2002 unless a later date is cited at the end of a section.
R.1.12.8-1.12.8.6 OBJECTIVE
0.1K chars
The purpose of this rule is to provide the underlying data necessary to provide Internet security for state agencies, boards and commissions.
R.1.12.8-1.12.8.7 DEFINITIONS
1.5K chars
As used in this rule: A. access protocols means the standard set of protocols and ports for all types of access as defined by the Internet Architecture Board of the Internet Society International Board; including, but not limited to: http, https, remote terminal (telnet), simple …
R.1.12.8-1.12.8.8 RESPONSIBILITIES OF STATE AGENCIES
0.4K chars
A. Agencies shall submit to the Director of ISD-OC and the CIO a written listing (preferably in an Excel spreadsheet) of all agency IP addresses and the access protocols of all network devices that allow access to the public Internet. B. Agencies shall inform the Director of ISD-…
R.1.12.8-1.12.8.9 RESPONSIBILITIES OF ISD-OC
0.1K chars
ISD-OC will deny access from and to the public Internet for access protocols not specifically reported to ISD-OC and the CIO.
R.1.12.9-1.12.9.1 ISSUING AGENCY
0.0K chars
Information Technology Commission.
R.1.12.9-1.12.9.10 CERTIFICATION PROCESS
2.7K chars
A. PCC certification generally. At a minimum, project certification shall be required at a project's initiation, during its implementation and closeout. The PCC may require additional certification phases, events or deliverables based on the progress, complexity, risk or size of …
R.1.12.9-1.12.9.11 AGENCY RESPONSIBILITIES
1.3K chars
A. An executive agency shall: (1) prepare a written project certification report prior to certification for large projects that are equal to or exceeding $1,00,000, high-risk projects or at the request of the PCC; (2) schedule a certification review and provide documentation in a…
R.1.12.9-1.12.9.12 PROJECT PLANS
2.4K chars
A. Plan Required. An agency shall prepare, in accordance with instructions contained in the project management guidelines and best practices document prepared by eth office, a project plan for every IT project regardless of its scope or cost. The agency project manager shall docu…
R.1.12.9-1.12.9.2 SCOPE
0.1K chars
This rule applies to certification of all information technology projects or programs undertaken by executive agencies.
R.1.12.9-1.12.9.3 STATUTORY AUTHORITY
0.0K chars
Sections 15-1C-5 and 15-1C-8 NMSA, 1978.
R.1.12.9-1.12.9.4 DURATION
0.0K chars
Permanent.
R.1.12.9-1.12.9.5 EFFECTIVE DATE
0.1K chars
October 17, 2005, unless a later date is cited at the end of a section.
R.1.12.9-1.12.9.6 OBJECTIVE
0.1K chars
The purpose of this rule is to set forth executive agency information technology project certification responsibilities.
R.1.12.9-1.12.9.7 DEFINITIONS
3.0K chars
A. "Agency" means a state organizational entity of the executive branch, used interchangeably with department. B. "Certification" means a process that releases project funds. The ITC certifies projects except as otherwise provided for in Section 1.12.9.10(c). The PCC is the subco…
R.1.12.9-1.12.9.8 RESPONSIBILITIES OF THE PCC
0.8K chars
The PCC is a subcommittee of the ITC and shall perform the following responsibilities. A. Have the authority to recommend certification of information technology projects that meet one or more of the following:(1) mission criticality; (2) project cost equal to or exceeding $1,000…
R.1.12.9-1.12.9.9 PCC MEMBERSHIP
0.2K chars
A. The PCC shall consist of members of the ITC appointed by the ITC chair. B. The ITC chair shall appoint the chair of the PCC. C. The PCC will select a vice chair from its membership.
R.1.13.10-1.13.10.1 ISSUING AGENCY
0.0K chars
State Records Administrator.
R.1.13.10-1.13.10.10 RECORDS CENTER ACCESS AND WITHDRAWAL OF RECORDS REQUIREMENTS
1.4K chars
A. Access to records stored in the records center shall be authorized in writing by the records custodian, chief records officer or records liaison officer. B. Public access to records stored at the records center is prohibited. All requests for inspection of records shall be dir…
R.1.13.10-1.13.10.11 STORAGE OF RECORDS WITH A FINITE RETENTION AT THE RECORDS CENTER
1.8K chars
A. The records management division provides storage to agencies for inactive public records. Non-record materials shall not be submitted for storage in the records center. B. Records involved in pending litigation, an audit or investigation are not eligible for transfer to the re…
R.1.13.10-1.13.10.12 STORAGE OF PERMANENT PAPER RECORDS
0.8K chars
A. Records with a retention of permanent shall include a records index on a form approved by the administrator. B. A copy of the records index form shall be placed in the storage box. An electronic copy of the records index form shall be submitted with the corresponding storage t…
R.1.13.10-1.13.10.13 RESERVED
0.0K chars
R.1.13.10-1.13.10.14 STORAGE OF MICROFILM
0.4K chars
A. For storage requirements, refer to 1.13.10.11 and 1.13.10.12 NMAC. B. All state agencies and any public entity shall have an approved microphotography plan on file with the records management division before master microfilm can be stored. For microfilm plan requirements, refe…
R.1.13.10-1.13.10.15 STORAGE OF ELECTRONIC MEDIA
1.8K chars
A. An agency shall have an approved imaging plan on file with the administrator before electronic media can be stored at the state records center. For information on imaging plans see 1.14.2 NMAC, Microphotography Systems, Microphotography Standards. B. An agency shall complete a…