| Authority/Reference(s) | |
|---|---|
| Revision Date | May 29, 2025 |
Policy
To mitigate cybersecurity threats and risks in state government contracting, DFPS requires that contractors, their subcontractors, officers, and employees who access any DFPS systems, networks, or resources complete cybersecurity training annually. Training is provided through Department of Information Resources (DIR).
Contractors must ensure all applicable personnel complete cybersecurity training prior to accessing Criminal Justice Information (CJI) within the first week of hire and before accessing DFPS information systems.
Contractors must complete and submit the certification of completion of training annually by the last business day in June.
To obtain a list of DIR certified trainings, visit the DIR Website.
DFPS staff augmentation contracted employees satisfy cybersecurity training requirements through training facilitated and administered by OIS.
Certification of Cybersecurity Training
Annually in June, contractors must complete and submit Form 4530 DFPS Cybersecurity Training Certification to attest that identified personnel and subcontractors who have access to any DFPS systems, networks, or resources received the required cybersecurity training by the time the certification is submitted.
Contractors are required to maintain documentation that includes:
- Individuals who are required to take the training.
- Documentation of the completed training.
- Name of the entity that performed the training.
- Title of the cybersecurity course.
The 4530 DFPS Cybersecurity Training Certification is submitted to the contract manager annually, by the last business day in June. The certification must be signed by the contractor's:
- Contract signatory, or designee; or
- Human resources director.