To designate a new person as your agency’s Primary Risk Manager, please use the SORM 101 form:
- DESIGNATION OF AGENCY PRIMARY RISK MANAGER – SORM 101 (Word)
- DESIGNATION OF AGENCY PRIMARY RISK MANAGER – SORM 101 (PDF)
Forms may be submitted via email or fax to:
Fax: Attn: SORM Information Technology (512) 370-9197
All statewide clients can log-in to the SORM Risk Management Information System (RMIS) using a pre-assigned user ID and password. The agency’s designated Primary Risk Manager has the ability and responsibility for approving and creating user profiles and managing security levels for the RMIS tool. The RMIS system is secured to prevent unauthorized data entry. For security reasons, SORM has a strict policy regarding whom at state agencies will be granted access to the Security and Contact Systems. SORM will only grant read and write access to the Security and Contact Systems to the person at each state agency who is designated as the Primary Risk Manager.
Span of Control
Generally speaking, each agency will have personnel specifically designated to access specific functions of the Risk Management Information System on behalf of that agency. A state agency may enter and retrieve data for their agency only unless specific authorization to access other agencies’ information has been granted by SORM. In the situation where an agency representative is responsible for more than one agency, the agency Primary Risk Manager must be notified of this fact and the agencies under the client’s purview as established by law or memorandum of understanding. In this situation, a single user ID and password will suffice for the governing agency to exercise the appropriate span of control.
Clients are expected to keep their passwords secure and not share it with other personnel. In the event that a compromise of the client’s password is suspected, the client should immediately log into the system and create a new password for the account.
Disclosure: Subject Information
Information designated as proprietary or confidential that may come to an employee’s or officer’s knowledge is to be held in strict confidence. No information disclosed in a proceeding or investigation may be disclosed except as provided in the Open Records Act, Texas Governmental Code, Chapter 552. The Act prohibits the distribution of information deemed confidential under its terms, by the constitution, a statute, or a judicial decision.
Any questions regarding disclosure of any information, confidential or otherwise, should be directed to SORM’s Chief of Legal Services or the Executive Director.
All restricted computer information, such as passwords and access rights, received by an employee is confidential. Employees must abide by all written conditions and restrictions imposed by SORM.
In order to access SORM’s RMIS site and all of it’s sub-systems, your browser must support 128-bit SSL encryption for protection of data during transmission over the Internet.
Misuse of Official Information
Unauthorized disclosure of confidential information may be punishable by up to six months imprisonment and/or a $1,000 fine under Tex. Gov’t Code §552.352. Failure to observe data security processes and restrictions may constitute a breach of computer security punishable as a first degree felony under Tex. Pen. Code §33.02. Copyrighted material, including content on the State Office of Risk Management Website, is protected by copyright law and may not to be copied for any reason without permission from SORM, the copyright owner.
Thank you for your cooperation and if you should have any questions regarding SORM RMIS Security, please contact SORM IT Support at: SORMITSupportRequests@sorm.texas.gov.