Cybersecurity Continuing Education Guidelines

Image header; lock; cell; internet;computer

Texas Department of Information Resources requires cybersecurity continuing professional education (1-6 hours each fiscal year) for all state agency personnel that qualify as an Information Resource Employees (IRE) each fiscal year. This is in addition to the Annual Cybersecurity Training provided by IT@Sam.

Who is an IRE?

IREs are employees (even student employees) who perform administrative, security, governance or compliance activities on information technology systems. Examples of these activities are: adding/removing system users, configuring system settings, modifying system permissions, designation as an information system owner and more.

IREs are NOT limited to IT@Sam staff.

Get Started

Step 1: If you qualify as an IRE, use the chart below to determine your Information Resource Employee level (1-3) and the number of hours of cybersecurity continuing education required each fiscal year.

Classification Description Education Requirement
IRE Level 1 All IREs 1 hour*
IRE Level 2 IREs with administrative privileges or responsibilities. 3 hours*
IRE Level 3 Information security or cybersecurity staff. 6 hours*

*If you are a new employee, your hours are reduced based on your hire date. However, the next fiscal year you will be required to obtain the full amount.

Step 2: Participate in continuing education activities each year.

Step 3: Certify that you have obtained your required continuing education hours.


IREs should retain proof of participation for each education activity. Use the below resources to ensure you meet the qualifying criteria per state law:

  • DIR Continuing Education Guidelines for Cybersecurity
  • Continuing education information
  • Don't forget to certify your continuing education