Texas Government Code Section 2054.5191 mandates cybersecurity training for local government employees, elected officials, and appointed officials who have access to a local government computer system or database and use a computer to perform at least 25 percent of their duties.

The training must be certified by the Texas Department of Information Resources (DIR) – both the video above and an audio version – Episode 9d of the “Local Officials: Stronger, Together Podcast” Series https://info.tmlirp.org/stp-podcast – are DIR-approved.

Compliance Certification

Tracking: A local government has two tracking options:

1. A local governmental entity can keep track of participants internally. The easiest and most common method for most entities is to simply keep a written list or use an Excel spreadsheet.
2. To assist a local governmental entity with tracking, DIR has developed an optional tracking tool, Texas by Texas (TxT) https://www.surveygizmo.com/s3/546942.... This method is probably most useful, for example, for a larger entity to track individual completion of hundreds of employees. Individual participants report completion to the TxT application, which sends a report to the entity showing who has completed the training.

Mandatory Reporting: Once a local government entity’s required participants have completed the training, the entity must certify its compliance to DIR using the Cybersecurity Training Certification for State and Local Governments form https://dir.my.site.com/SecurityTrain... by August 31 of each year. (The entity certifies compliance of all its required participants to DIR once per year — individuals do not certify compliance to DIR.)