 


 HR 4921 ENR: STB Information Security Improvement Act
U.S. House of Representatives

text/xml
EN
Pursuant to Title 17 Section 105 of the United States Code, this file is not subject to copyright protection and is in the public domain.



IB 
One Hundred Fifteenth Congress of the United States of AmericaAt the Second SessionBegun and held at the City of Washington on Wednesday, the third day of January, two thousand and eighteen 
H. R. 4921 
 
AN ACT 
To require the Surface Transportation Board to implement certain recommendations of the Inspector General of the Department of Transportation. 
 
 
1.Short titleThis Act may be cited as the STB Information Security Improvement Act.  2.Requirements (a)In generalThe Surface Transportation Board (in this section referred to as the STB) shall develop a timeline and plan to implement the recommendations of the Inspector General of the Department of Transportation in Report No. FI2018002, including improvements— 
(1)to identify controls, including risk management, weakness remediation, and security authorization;  (2)to protect controls, including configuration management, user identity and access management, and security training;  
(3)to detect controls, including continuous monitoring;  (4)to respond controls, including incident handling and reporting;  
(5)to recover controls for contingency planning; and  (6)any additional tools that will improve the implementation of the recommendations.  
(b)Implementation 
(1)In generalNot later than 180 days after the date of enactment of this Act, the STB shall submit the plan and timeline developed under subsection (a) to the Committee on Transportation and Infrastructure of the House of Representatives and the Committee on Commerce of the Senate.  (2)ReportThe STB shall report annually to such Committees on the progress on implementation of the recommendations until the implementation is complete.  
(3)Plan implementationThe STB shall designate an individual to implement the plan developed under subsection (a).  3.No additional funds authorizedNo additional funds are authorized to carry out the requirements of this Act. Such requirements shall be carried out using amounts otherwise authorized.  
 Speaker of the House of Representatives.Vice President of the United States and President of the Senate.
