Audit of. Software Inventory Procedures

Size: px
Start display at page:

Download "Audit of. Software Inventory Procedures"

Transcription

1 Audit of Software Inventory Procedures April 22, 2003 Report

2 MISSIONSTATEMENT The School Board of Palm Beach County is committed to excellence in education and preparation of all our students with the knowledge, skills, and ethics required for responsible citizenship and productive employment. Arthur C. Johnson, Ph.D. * Superintendent of Schools School Board Members Tom Lynch, Chair William C. Graham Vice Chair* Paulette Burdick* Monroe Benaim, M.D. Mark Hansen Sandra Richmond Debra Robinson, M.D. Audit Committee Members Cindy Adair, Chair Richard Roberts, Vice Chair Georgette B. Carroll Max Davis Kevin James Noah Silver JulieAnn Rico Allison* Shelley Vana * Thais Villanueva* *Ex-Officio Audit Committee Members

3 Audit of Software Inventory Procedures Executive Summary The primary objectives of the audit were to determine the adequacy of District procedures in preventing the use of unlicensed software and protecting the District's computers against virus infection. As of January 2003, the District had approximately 60,000 personal computers (PC) as well as a considerable amount of computer software for both mainframe and microcomputers. The use of computer software generally requires a license from the manufacturer authorizing a certain number of copies of the software to be used. However, unlicensed software can be easily installed onto the computers by current or previous users. Users may also unknowingly use demo versions ofthe software for daily operations. Ifthe Business Software Alliance or Microsoft Corporation finds users violating the licensing requirements, they can levy fines in an amount allowed by law. Due to the easy access to and popularity ofpc software downloaded from the Internet or obtained from other sources, the risk ofvirus infection has exponentially increased. Virus infection can detrimentally destroy or corrupt valuable data and information stored on the computers. The audit produced the following major conclusions: 1. School District Did Not Keep Software Inventory. The District did not maintain software inventory records in accordance with District Directive D-S.143 (5)(h). Without an accurate count of all licensed software used by the District, there is no assurance that unauthorized use and illegal duplication of software is detected and prevented. 2. No Asset Management System to Track Software Location(s) on Hardware Equipment. Without proper inventory, the District could have (1) installed unlicensed software on hardware, or (2) under-licensed software programs due to the failure to purchase/renew the needed number ofsoftware licenses. Under-licensing of software could place the District at risk for liability and litigation from copyright owners. Maintaining accurate PC and software inventories can provide reliable data to the District in prioritizing information technology resources. This can also help ensure efficient and accurate reporting in: 1. Software license compliance tests 2. Microsoft volume licensing

4 3. Disaster recovery planning 4. Financial planning and purchasing 5. Removal or reassignment of PC's 6. Help desk support 7. Windows 2000 or XP migrations 8. Software licensing and maintenance agreements renewals 3. Three Unauthorized and Unlicensed Software Found. Based on the review of computer software installed on 20 selected PC, we found three unauthorized and unlicensed software packages on three computers, at three different locations. Upon our notice, IT immediately removed these three unauthorized software. To ensure that all software installed is properly licensed and authorized, IT should conduct periodic inventory of software. Any unauthorized or unlicensed software found should be removed immediately. 4. Two PC Without Virus Protection. Our review of 20 selected PC also indicated that two ofthem were not installed with anti-virus program. To protect our computers from possible virus infection, all District's PC should be installed with the latest antivirus software. In response to our finding, IT has installed the needed anti-virus program onto the two PC as ofaprilll, A Virus Log Report generated by Network Services for July through December 2002, indicated that the number of viruses detected ranged from a low of99 on December 22, 2002, to a high of 15,542 on November 17,

5 Audit of Software Inventory Procedures Table of Contents ="..= ============================== Page EXECUTIVE SUMMARY PURPOSE AND AUTHORITY SCOPE AND METHODOLOGY BACKGROUND CONCLUSIONS 1. School District Did Not Keep Software Inventory 2 2. No Asset Management System to Track Software Location(s) on Hardware Equipment 3 3. Three Unauthorized and Unlicensed Software Found 4 4. Computer Virus 4 APPENDIX Management's Response 6

6 THE SCHOOL DISTRICTOF PALM BEACH COUNTY. FLORIDA OFFICE OF DISTRICTAUDITOR 3346 FOREST HILL BOULEVARD, SUITE WEST PALM BEACH, FL (561) FAX: (561) LUNG CHIU, CPA DISTRICT AUDITOR ARTHUR C. JOHNSON, Ph.D. SUPERINTENDENT MEMORANDUM TO: FROM: Honorable Chair and Members ofthe School Board Arthur C. Johnson, Ph.D., Superintendent of Schools Chair and Members ofaudit Committee -k"l<:- Lung Chiu, CPA, District Auditor DATE: April 22, 2003 SUBJECT: Audit of Software Inventory Procedures PURPOSE AND AUTHORITY Pursuant to the District's Audit Plan 0/ , we have audited the District's Software Inventory Procedures. The primary objectives ofthe audit were to detennine the adequacy ofdistrict procedures in: Preventing the use of unlicensed software. Protecting the District's computers against virus infection. SCOPE AND METHODOLOGY The audit was perfonned in accordance with Government Auditing Standards by Randy Law, CISA, and Ellen Steinhoff, CISA, during October 21,2002, through January 17,2003. This audit included: Reviewing applicable School Board Policies. Interviewing staff of District departments, and selected elementary, middle, and high schools. Reviewing 20 sampled personal computers at three departments and three schools, for unlicensed software and anti-virus software. Draft findings were sent to the Division of Infonnation Technology for review and comments, and management response is included in the Appendix. We appreciate the AN EQUAL QpPOATUNITY EMPLOYER

7 courtesy and cooperation extended to us by staff during the audit. The final draft report was presented to the Audit Committee at its TBD meeting. BACKGROUND The District has approximately 60,000 personal computers (PC) as well as a considerable amount of computer software for both mainframe and microcomputers. In general, the use of computer software requires a license from the manufacturer authorizing a certain number of copies of the software to be used. To ensure users have the legitimate right to use the software, manufactures contract with special groups to verify the legitimacy of software users. Business Software Alliance (BSA), for example, is a computer industry organization that acts on behalf of software manufacturers against unauthorized use and copying of member company's software. IfBSA or Microsoft Corporation, through its own efforts, finds users not compliant, they will be subject to heavy fines and penalties allowed by law. Unlicensed software can be installed by previous or current users of the equipment. Employees may also unknowingly use demo versions of the software for daily operations. Microcomputers are at risk for virus infection, which can detrimentally destroy or corrupt valuable data and information stored on the computers. Due to the easy access to and popular use of PC software, the risk of infection from computer viruses has exponentially increased while downloading of computer programs from the Internet and other sources become part of our daily activities. CONCLUSIONS 1. School District Did Not Keep Software Inventory. We reviewed the legitimacy of software installed on 20 selected PC at three departments and three schools. Our review indicated that the District did not maintain software inventory records for all the six locations. District Directive D-S.143 (5)(h) states"... The software property designee shall maintain ajile ofall software licenses and locations. Form PBSD 1555, Software Inventory, the school's media center "Unicorn" system, or purchase orders may be used to record the following informationfor all software, regardless value: 1. date and source ofthe software acquisition; 2. location ofeach installation as well as property record number ofthe computer on which each copy ofthe software has been installed; 3. location oforiginal installation disks and existence, if any, ofbackup copies and their location(s); and 4. software product's serial and/or license number. " Without an accurate accounting of all licensed software used by the District, there is no assurance that unauthorized use and illegal duplication of software is detected and prevented. The Software Inventory Form (PBSD 1555) should be filled out and utilized properly. Based on information contained in the Inventory Form, the School 2

8 District should consider creating a database of such inventory record for future reference and prudent management decisions. Management's Response: Concurs. Safeguarding ofassets, including software, regardless ofvalue, is the responsibility ofthe custodian charged with their care. This is usually a Principal or Department head. This is consistent with Florida Statute Inventories ofsoftware should be kept at a local level. Records of software items with an acquisition value of$750 or greater are also maintained in the District'sfixed asset tracking system, FASgov. Information Technology will continue to provide education ofcopyright issues and tracking ofsoftware issues at school technical support training sessions. A bulletin from IT and Capital Assets will be sent to schools and departments reaffirming the importance ofmaintaining records of software transactions and outlining the requirements andprocedures to maintain a site (school/department) based software inventory. (Please see page 7) 2. No Asset Management System to Track Software Location(s) on Hardware Equipment. We were unable to track software to hardware systems. The District has no records of which software is assigned to what and which machine. Without proper inventories, the District could have (1) software licenses that should not have been installed on certain hardware, or (2) under-licensing ofsoftware programs due to the failure to purchase/renew the needed number of software licenses. Under-licensing of software could place the District at risk for liability and litigation from copyright owners. Maintaining accurate PC and software inventories can also provide reliable data to the District in prioritizing information technology resources. This can also help ensure efficient and accurate reporting in: Software license compliance tests Reporting for BSA (Business Software Alliance) or Microsoft audits Microsoft Volume Licensing Disaster recovery plan Financial planning and purchasing Removal or reassignment of PC's Help desk support Windows 2000 or XP migrations Software licensing and maintenance agreements renewals Management's Response: Concurs. A bulletin from IT and Capital Assets will be sent to schools and departments emphasizing the importance ofmaintaining records ofsoftware transactions and outlining the requirements andprocedures to maintain a site (school/department) based software inventory. Inventory ofsoftware items with a value of$750 or greater is kept in the FASgov system with a location listed. (Please see page 7) 3

9 3. Three Unauthorized and Unlicensed Software Found. Our review of computer software installed on 20 selected PC found three unauthorized and unlicensed software packages on three computers at three different locations. We have referred our concern to Information Technology (IT) for immediate corrective actions. District Directive D-S.143 (5)(1) states "District personnel may conduct audits of microcomputers to ensure compliance with all software licenses. Unscheduled audits may be conducted... During the audit, district staffwill also search for computer viruses and eliminate any that are found" However, according to IT, software inventory audits were not performed. To ensure all software installed is properly licensed and authorized, IT should conduct periodic software inventory. Any unauthorized or unlicensed software found should be removed from the District's computers immediately. The District currently has approximately 60,000 PC, and about 30,000 of them are connected to the District's computer network. As a result, software inventory and tracking for these 30,000 PC could be performed through the existing network with enhanced automation system. According to the Gartner Group, Inc., an internationally recognized technology consulting firm, there are a number of best practices that can help organizations prevent the use of unlicensed software and protect against computer viruses. For example, organizations can monitor employees' use of computer applications, periodically inventory the applications, conduct surprise audits of the software installed on microcomputers, use virus detection software, maintain a log of virus infections, and educate employees about the dangers of computer viruses and the need to avoid the use of unlicensed software. As ofapril 11, 2003, staffhad corrected the problem and immediately removed the unlicensed and unauthorized software on all three Pc. Management's Response: Concurs. IT will continue to provide information in workshops and documentation. IT will provide procedures and technical assistance to schools and departments to perform audits and remove unauthorized software. (Please see page 7.) 4. Computer Virus. The District has not developed comprehensive procedures to educate and train employees regarding the use of licensed software and protection against computer viruses. A McAfee Virus Log Report generated by Network Services for July through December 2002, indicated that the number of viruses detected ranged from a low of 99 on December 22,2002, to 15,542 on November 17, Our review of computer software installed on 20 selected PC found that two 4

10 PC did not have the computer virus protection software. To protect our computers from possible virus infection, all District's PC should be installed with the latest antivirus software. As of April 11, 2003, the IT staffhad corrected the problem and promptly installed virus protection on both PC. Management's Response: Concurs. IT staffwill continue to train school and department technical contacts on the use oflicensed software and virus protection via workshops and documentation. (Please see page 7.) - End of Report 5

11 Appendix Management's Response THE SCHOOl DISTRICT JIM SHEEHAN ARTHUR C. JOHNSON, Ph.D. OF PAlM BEACH COUNTY. FLORIDA CHIEF INFORMATION OFFICER SUPERINTENDENT INFORMATION TECHNOLOGY 334S FOREST HILL BOULEVARD WEST PAlM BEACH. FL (561) April 16, 2003 MEMORANDUM TO: FROM: SUBJECT: Lung Chiu, District Auditor John Inglis, Manager Network Services tj~ Draft Audit ofsoftware Inventory prouures After reviewing your draft ofthe Software Inventory Procedures, Network Services is providing you with a written response to your concerns. Per your request, we will indicate whether we concur with your conclusions, corrective actions to be taken, ifnecessary, and targeted completion dates. Please review this document prior to the April 22, 2003 Audit Committee meeting, so that our information can be incorporated. Please contact me ifyou have any other questions. C: Joe Moore, Chief Financial Officer Jim Sheehan, Chief Infonnation Officer Larry Padgett, Director Network Services Greg Ostaffe, Manager-Capital Assets Attachment DISTRICT AUDITOR F:lNelwork Services Admin OrouplAudits\Software audit 1I.doc

12 Appendix Management's Response Management Responses 1. School District Did Not Keep Software Inventory Concur: Safeguarding ofassets, including software, regardless ofvalue, is the responsibility ofthe custodian charged with their care. This is usually a Principal or Department head. This is consistent with Florida Statute Inventories ofsoftware should be kept at a local level. Records ofsoftware items with an acquisition value of $750 or greater are also maintained in the District's fixed asset tracking system, FASgov. Information Technology will continue to provide education ofcopyright issues and tracking ofsoftware issues at school technical support training sessions. Abulletin from IT and Capital Assets will be sent to schools and departments reaffirming the importance ofmaintaining records ofsoftware transactions and outlining the requirements and procedures to maintain a site (school/department) based software inventory. 2. Asset Management System to Track Software Location(s) on Hardware Equipment Concur: A bulletin from IT and Capital Assets will be sent to schools and departments emphasizing the importance ofmaintaining records ofsoftware transactions and outlining the requirements and procedures to maintain a site (school/department) based software inventory. Inventory ofsoftware items with a value of$750 or greater is kept in the F ASgov system with a location listed. 3. Three Unauthorized and Unlicensed Software Found Concur: IT will continue to provide information in workshops and documentation. IT will provide procedures and technical assistance to schools and departments to perform audits and remove unauthorized software. 4. Computer Virus Concur: IT staff will continue to train school and department technical contacts on the use oflicensed software and virus protection via workshops and documentlttion. DISTRICT AUDITOR F:lNctwork Services Admin GrouplAudilslSoftware audil Jl.doc

Audit of. Information Technology Help Desk

Audit of. Information Technology Help Desk Audit of Information Technology Help Desk October 10,2003 Report 2003-15 MISSIONSTATEMENT The School Board of Palm Beach County is committed to excellence in education and preparation ofall our students

More information

Audit of. Boca Raton Middle School's Community School Program

Audit of. Boca Raton Middle School's Community School Program Audit of Boca Raton Middle School's Community School Program November 12,2004 Report 2004-15 MISSIONSTATEMENT The School Board of Palm Beach County is committed to excellence in education and preparation

More information

Audit of Cellular Phones Usage and Charges

Audit of Cellular Phones Usage and Charges Audit of Cellular Phones Usage and Charges May 19,2003 REPORT 2003-9 MISSIONSTATEMENT The School Board of Palm Beach County is committed to excellence in education and preparation of all our students with

More information

Audit of. Procedures for Payroll Deductions

Audit of. Procedures for Payroll Deductions Audit of Procedures for Payroll Deductions September 12, 2003 Report 2003-13 MISSIONSTATEMENT The School Board of Palm Beach County is committed to excellence in education and preparation of all our students

More information

Review of. Freedom Shores Elementary Parent-Teacher Association's Bank Accounts

Review of. Freedom Shores Elementary Parent-Teacher Association's Bank Accounts Review of Freedom Shores Elementary Parent-Teacher Association's Bank Accounts December 7, 2007 Report 2007-17 Review of Freedom Shores Elementary Parent-Teacher Association's Bank Accounts Table of Contents

More information

Audit of. Accounts Payable Procedures

Audit of. Accounts Payable Procedures Audit of Accounts Payable Procedures March 6, 2006 Report 2006-03 Audit of Accounts Payable Procedures Table of Contents Page EXECUTIVE SUMMARY PURPOSE AND AUTHORITY SCOPE' AND METHODOLOGY BACKGROUND 1

More information

Audit of. District s Information Technology Disaster Recovery Plan

Audit of. District s Information Technology Disaster Recovery Plan Audit of District s Information Technology Disaster Recovery Plan April 11, 2014 Report #2014-03 MISSION STATEMENT The School Board of Palm Beach County is committed to providing a world class education

More information

Contract Compliance Audit of. WHLS of Florida, Inc., for Fiscal Year 2006. January 19, 2007

Contract Compliance Audit of. WHLS of Florida, Inc., for Fiscal Year 2006. January 19, 2007 Contract Compliance Audit of WHLS of Florida, Inc., for Fiscal Year 2006 January 19, 2007 Report 2007-03 Contract Compliance Audit of WHLS of Florida, Inc., for Fiscal Year 2006 Table of Contents PURPOSE

More information

Audit of. Information Technology Disaster Recovery. March 11, 2005

Audit of. Information Technology Disaster Recovery. March 11, 2005 Audit of Information Technology Disaster Recovery March 11, 2005 Report 2005-05 MISSION STATEMENT The School Board of Palm Beach County is committed to excellence in education and preparation of all our

More information

Follow-up Audit of. Fees Paid to Construction Managers

Follow-up Audit of. Fees Paid to Construction Managers Follow-up Audit of Fees Paid to Construction Managers June 11, 2015 Report #2015-07 MISSION STATEMENT The School Board of Palm Beach County is committed to providing a world class education with excellence

More information

Audit of Third Party Administration for Workers' Compensation

Audit of Third Party Administration for Workers' Compensation Audit of Third Party Administration for Workers' Compensation March 5, 2004 REPORT 2004-01 Audit of Third Party Administration for Worker's Compensation Table of Contents Page EXECUTIVE SUMMARY PURPOSE

More information

Audit of. Football Stadium Taxes

Audit of. Football Stadium Taxes Audit of Football Stadium Taxes October 15, 2004 Report 2004-11 MISSIONSTATEMENT The School Board of Palm Beach County is committed to excellence in education and preparation of all our students with the

More information

Audit of. Workers Compensation Program

Audit of. Workers Compensation Program Audit of Workers Compensation Program October 23, 2014 Report #2014-06 MISSION STATEMENT The School Board of Palm Beach County is committed to providing a world class education with excellence and equity

More information

AUDITOR GENERAL WILLIAM O. MONROE, CPA

AUDITOR GENERAL WILLIAM O. MONROE, CPA AUDITOR GENERAL WILLIAM O. MONROE, CPA HILLSBOROUGH COUNTY DISTRICT SCHOOL BOARD LAWSON FINANCIALS MODULE Information Technology Audit SUMMARY To support its financial management needs, the Hillsborough

More information

Anchor Bay Schools Software Policy

Anchor Bay Schools Software Policy Anchor Bay Schools Software Policy Table of Contents 1. Statement of Ethics... Page 1 2. Purchasing and Acquisition... Page 1 3. Registration... Page 1 4. Installation of Software... Page 2 5. Individual

More information

4.0 ISSUANCE OF REGULATIONS/STANDARD OPERATING PROCEDURES

4.0 ISSUANCE OF REGULATIONS/STANDARD OPERATING PROCEDURES Policy: 13.09 SUBJECT: SOFTWARE USAGE Supersedes: 2001-2002 DPS Policy Manual, No. 10.10 Computer Hardware/Software and Office Equipment Use, dated July 14, 2000 Effective: February 15, 2005 Page: 1 of

More information

Medford Public Schools Medford, Massachusetts. Software Policy Approved by School Committee

Medford Public Schools Medford, Massachusetts. Software Policy Approved by School Committee Software Policy Approved by School Committee General Statement of Policy The Medford Public Schools licenses the use of computer software from a variety of third parties. Such software is normally copyrighted

More information

Audit of. G-Star School of the Arts For Motion Pictures and Television

Audit of. G-Star School of the Arts For Motion Pictures and Television Audit of G-Star School of the Arts For Motion Pictures and Television September 14, 2007 Report 2007-11 Audit of G-Star School of the Arts for Motion Pictures and Television Table of Contents PURPOSE AND

More information

LOS ANGELES UNIFIED SCHOOL DISTRICT POLICY BULLETIN

LOS ANGELES UNIFIED SCHOOL DISTRICT POLICY BULLETIN TITLE: Compliance with the1976 United States Copyright Law Computer Software ROUTING All Employees All Locations NUMBER: BUL 716.2 ISSUER: Margaret A. Klee, Chief Information Officer Information Technology

More information

Office of the City Auditor. Audit Report. AUDIT OF SOFTWARE LICENSE COMPLIANCE (Report No. A14-010) April 11, 2014. City Auditor. Craig D.

Office of the City Auditor. Audit Report. AUDIT OF SOFTWARE LICENSE COMPLIANCE (Report No. A14-010) April 11, 2014. City Auditor. Craig D. CITY OF DALLAS Dallas City Council Office of the City Auditor Audit Report Mayor Michael S. Rawlings Mayor Pro Tem Tennell Atkins AUDIT OF SOFTWARE LICENSE COMPLIANCE (Report No. A14-010) Deputy Mayor

More information

FOLLOW-UP OF PERSONAL COMPUTER LICENSING REPORT NO. 08-04-107F. City of Albuquerque Office of Internal Audit and Investigations

FOLLOW-UP OF PERSONAL COMPUTER LICENSING REPORT NO. 08-04-107F. City of Albuquerque Office of Internal Audit and Investigations FOLLOW-UP OF PERSONAL COMPUTER LICENSING REPORT NO. City of Albuquerque Office of Internal Audit and Investigations City of Albuquerque Office of Internal Audit and Investigations P.O. BOX 1293 ALBUQUERQUE,

More information

CITY OF WAUKESHA HUMAN RESOURCES POLICY/PROCEDURE POLICY B-20 SOFTWARE USAGE AND STANDARDIZATION

CITY OF WAUKESHA HUMAN RESOURCES POLICY/PROCEDURE POLICY B-20 SOFTWARE USAGE AND STANDARDIZATION CITY OF WAUKESHA HUMAN RESOURCES POLICY/PROCEDURE POLICY B-20 SOFTWARE USAGE AND STANDARDIZATION 1.0 Purpose and Scope of Policy It is the policy of the City of Waukesha (City) to respect all computer

More information

October 2008 Report No. 09-006

October 2008 Report No. 09-006 John Keel, CPA State Auditor An Audit Report on Performance Measures at the Board of Nursing Report No. 09-006 An Audit Report on Performance Measures at the Board of Nursing Overall Conclusion The Board

More information

Computer Security Policy (Interim)

Computer Security Policy (Interim) Computer Security Policy (Interim) Updated May, 2001 Department of Information Systems & Telecommunications Table of Contents 1. SCOPE...1 2. OVERVIEW...1 3. RESPONSIBILITIES...3 4. PHYSICAL SECURITY...4

More information

1.Business Advisor Series

1.Business Advisor Series 1.Business Advisor Series Software Asset Management Ensure license compliance, reduce risk, and increase IT saving Foreword There are software licenses for every type of individual and organization from

More information

THE UNIVERSITY OF TEXAS-PAN AMERICAN OFFICE OF AUDITS & CONSULTING SERVICES. Department of Public Affairs & Security Studies Report No.

THE UNIVERSITY OF TEXAS-PAN AMERICAN OFFICE OF AUDITS & CONSULTING SERVICES. Department of Public Affairs & Security Studies Report No. THE UNIVERSITY OF TEXAS-PAN AMERICAN OFFICE OF AUDITS & CONSULTING SERVICES Report No. 15-06 OFFICE OF INTERNAL AUDITS THE UNIVERSITY OF TEXAS - PAN AMERICAN 1201 West University Drive Edinburg, Texas

More information

Audit of the Software License Compliance

Audit of the Software License Compliance Audit of the Software License Compliance Audit #00-09 Prepared by Office of Inspector General Allen Vann, Inspector General John Lynch, Lead Information Systems Auditor SOUTH FLORIDA WATER MANAGEMENT DISTRICT

More information

Software License Compliance Audit

Software License Compliance Audit Software License Compliance Audit October 24, 2014 Mayor Betsy Price Council Members Sal Espino, District 2 W. B. Zimmerman, District 3 Danny Scarth, District 4 Gyna Bivens, District 5 Jungus Jordan, District

More information

Information Technology Security Policies

Information Technology Security Policies Information Technology Security Policies Randolph College 2500 Rivermont Ave. Lynchburg, VA 24503 434-947- 8700 Revised 01/10 Page 1 Introduction Computer information systems and networks are an integral

More information

Draft Internal Audit Report Software Licensing Audit. December 2009

Draft Internal Audit Report Software Licensing Audit. December 2009 Draft Internal Audit Report Software Licensing Audit December 2009 Contents Page Executive Summary 3 Observations and Recommendations 6 Appendix 1 Audit Framework 9 Appendix 2 - Staff Interviewed 10 Statement

More information

FIRST AND FINAL ADDENDUM RFP FOR ROOFING SERVICES FOR DISASTER RECOVERY ASSISTANCE

FIRST AND FINAL ADDENDUM RFP FOR ROOFING SERVICES FOR DISASTER RECOVERY ASSISTANCE THE SCHOOL DISTRICT SHARON SWAN ARTHUR C. JOHNSON, Ph.D. OF PALM BEACH COUNTY, FLORIDA DIRECTOR SUPERINTENDENT CONSTRUCTION PURCHASING DEPARTMENT 3661 INTERSTATE PARK ROAD NORTH, SUITE 200 RIVIERA BEACH,

More information

Office of the City Auditor. Audit Report. AUDIT OF SELECTED CLIENT SERVER GENERAL CONTROLS (Report No. A08-010 ) May 2, 2008.

Office of the City Auditor. Audit Report. AUDIT OF SELECTED CLIENT SERVER GENERAL CONTROLS (Report No. A08-010 ) May 2, 2008. CITY OF DALLAS Dallas City Council Office of the City Auditor Audit Report Mayor Tom Leppert Mayor Pro Tem Dr. Elba Garcia Deputy Mayor Pro Tem Dwaine Caraway AUDIT OF SELECTED CLIENT SERVER GENERAL CONTROLS

More information

DOT.Comm Oversight Committee Policy

DOT.Comm Oversight Committee Policy DOT.Comm Oversight Committee Policy Enterprise Computing Software Policy Service Owner: DOTComm Operations Effective Date: TBD Review Schedule: Annual Last Review Date: Last Revision Date: Approved by:

More information

Walton County Clerk of the Court s Office Fixed Asset Review. Martha Ingle Clerk of the Courts

Walton County Clerk of the Court s Office Fixed Asset Review. Martha Ingle Clerk of the Courts Walton County Clerk of the Court s Office Fixed Asset Review Martha Ingle Clerk of the Courts Internal Audit Department Johnny Street Internal Audit Manager Report 09-02 May 2009 August 3, 2009 Martha

More information

Virtual Desktop Infrastructure

Virtual Desktop Infrastructure Virtual Desktop Infrastructure Improved manageability and availability spur move to virtualize desktops Many companies have turned to virtualization technologies for their servers and in their data centers

More information

STATE OF NORTH CAROLINA

STATE OF NORTH CAROLINA STATE OF NORTH CAROLINA AUDIT OF THE INFORMATION SYSTEMS GENERAL CONTROLS BRUNSWICK COMMUNITY COLLEGE DECEMBER 2007 OFFICE OF THE STATE AUDITOR LESLIE MERRITT, JR., CPA, CFP STATE AUDITOR AUDIT OF THE

More information

GOVERNANCE AND MANAGEMENT OF CITY COMPUTER SOFTWARE NEEDS IMPROVEMENT. January 7, 2011

GOVERNANCE AND MANAGEMENT OF CITY COMPUTER SOFTWARE NEEDS IMPROVEMENT. January 7, 2011 APPENDIX 1 GOVERNANCE AND MANAGEMENT OF CITY COMPUTER SOFTWARE NEEDS IMPROVEMENT January 7, 2011 Auditor General s Office Jeffrey Griffiths, C.A., C.F.E. Auditor General City of Toronto TABLE OF CONTENTS

More information

City of Venice Information Technology Usage Policy

City of Venice Information Technology Usage Policy City of Venice Information Technology Usage Policy The City of Venice considers information technology (IT) resources to be city resources. It shall be the policy of the city to maintain these resources

More information

Significant Revisions to OMB Circular A-127. Section Revision to A-127 Purpose of Revision Section 1. Purpose

Significant Revisions to OMB Circular A-127. Section Revision to A-127 Purpose of Revision Section 1. Purpose Significant Revisions to OMB Circular A-127 Section Revision to A-127 Purpose of Revision Section 1. Purpose Section 5. Definitions Section 6. Policy Section 7. Service Provider Requirements Section 8.

More information

ELECTRONIC INFORMATION SECURITY A.R.

ELECTRONIC INFORMATION SECURITY A.R. A.R. Number: 2.6 Effective Date: 2/1/2009 Page: 1 of 7 I. PURPOSE In recognition of the critical role that electronic information systems play in City of Richmond (COR) business activities, this policy

More information

THE UNIVERSITY OF TEXAS-PAN AMERICAN OFFICE OF AUDITS & CONSULTING SERVICES. Department of Rehabilitation Report No. 14-15

THE UNIVERSITY OF TEXAS-PAN AMERICAN OFFICE OF AUDITS & CONSULTING SERVICES. Department of Rehabilitation Report No. 14-15 THE UNIVERSITY OF TEXAS-PAN AMERICAN OFFICE OF AUDITS & CONSULTING SERVICES Report No. 14-15 OFFICE OF INTERNAL AUDITS THE UNIVERSITY OF TEXAS - PAN AMERICAN 1201 West University Drive Edinburg, Texas

More information

Audit Report. Information Technology Email Service. May 2014. Angela M. Darragh, CPA, CISA, CFE Audit Director AUDIT DEPARTMENT

Audit Report. Information Technology Email Service. May 2014. Angela M. Darragh, CPA, CISA, CFE Audit Director AUDIT DEPARTMENT Audit Report AUDIT DEPARTMENT Information Technology Email Service May 2014 Angela M. Darragh, CPA, CISA, CFE Audit Director AUDIT COMMITTEE: Commissioner Steve Sisolak Commissioner Chris Giunchigliani

More information

STATE OF NEW YORK OFFICE OF THE STATE COMPTROLLER 110 STATE STREET ALBANY, NEW YORK 12236. February 25, 2011

STATE OF NEW YORK OFFICE OF THE STATE COMPTROLLER 110 STATE STREET ALBANY, NEW YORK 12236. February 25, 2011 THOMAS P. DiNAPOLI COMPTROLLER STATE OF NEW YORK OFFICE OF THE STATE COMPTROLLER 110 STATE STREET ALBANY, NEW YORK 12236 STEVEN J. HANCOX DEPUTY COMPTROLLER DIVISION OF LOCAL GOVERNMENT AND SCHOOL ACCOUNTABILITY

More information

STATE OF NORTH CAROLINA

STATE OF NORTH CAROLINA STATE OF NORTH CAROLINA INFORMATION SYSTEMS AUDIT OFFICE OF INFORMATION TECHNOLOGY SERVICES INFORMATION TECHNOLOGY GENERAL CONTROLS OCTOBER 2014 OFFICE OF THE STATE AUDITOR BETH A. WOOD, CPA STATE AUDITOR

More information

Hardware Inventory Management Greater Boston District

Hardware Inventory Management Greater Boston District Hardware Inventory Management Greater Boston District Audit Report Report Number IT-AR-15-004 March 25, 2015 Highlights Management does not have an accurate inventory of hardware assets connected to the

More information

University of South Wales Software Policies

University of South Wales Software Policies University of South Wales Software Policies Updated 23 rd January 2015 Page 1 University of South Wales - Software Policies The University s software policies are applicable to all software and datasets

More information

Audit Report. University Medical Center HIPAA Compliance. June 2013. Angela M. Darragh, CPA, CISA, CFE Audit Director AUDIT DEPARTMENT

Audit Report. University Medical Center HIPAA Compliance. June 2013. Angela M. Darragh, CPA, CISA, CFE Audit Director AUDIT DEPARTMENT Audit Report AUDIT DEPARTMENT University Medical Center HIPAA Compliance June 2013 Angela M. Darragh, CPA, CISA, CFE Audit Director AUDIT COMMITTEE: Commissioner Steve Sisolak Commissioner Chris Giunchigliani

More information

Information Resources Security Guidelines

Information Resources Security Guidelines Information Resources Security Guidelines 1. General These guidelines, under the authority of South Texas College Policy #4712- Information Resources Security, set forth the framework for a comprehensive

More information

STANDARDIZED SOFTWARE STANDARD BUILD STANDARD PROCEDURES

STANDARDIZED SOFTWARE STANDARD BUILD STANDARD PROCEDURES Approved: Shobna Varma Deputy Director Standard Procedure No.: 242-004 (SP) Responsible Office: Division of Information Technology STANDARDIZED SOFTWARE STANDARD BUILD STANDARD PROCEDURES PURPOSE: The

More information

Auditor General s Office. Governance and Management of City Computer Software Needs Improvement

Auditor General s Office. Governance and Management of City Computer Software Needs Improvement Auditor General s Office Governance and Management of City Computer Software Needs Improvement Transmittal Report Audit Report Management s Response Jeffrey Griffiths, C.A., C.F.E Auditor General, City

More information

DATA CENTER OPERATIONS

DATA CENTER OPERATIONS REPORT NO. 2015-101 FEBRUARY 2015 FLORIDA STATE UNIVERSITY NORTHWEST REGIONAL DATA CENTER DATA CENTER OPERATIONS Information Technology Operational Audit EXECUTIVE DIRECTOR OF THE NORTHWEST REGIONAL DATA

More information

FINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information

FINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information FINAL May 2005 Guideline on Security Systems for Safeguarding Customer Information Table of Contents 1 Introduction 1 1.1 Purpose of Guideline 1 2 Definitions 2 3 Internal Controls and Procedures 2 3.1

More information

How To Audit The Minnesota Department Of Agriculture Network Security Controls Audit

How To Audit The Minnesota Department Of Agriculture Network Security Controls Audit O L A OFFICE OF THE LEGISLATIVE AUDITOR STATE OF MINNESOTA FINANCIAL AUDIT DIVISION REPORT Department of Agriculture Network Security Controls Information Technology Audit July 1, 2010 Report 10-23 FINANCIAL

More information

AUDITOR GENERAL DAVID W. MARTIN, CPA

AUDITOR GENERAL DAVID W. MARTIN, CPA AUDITOR GENERAL DAVID W. MARTIN, CPA AGENCY FOR HEALTH CARE ADMINISTRATION ADMINISTRATIVE ACTIVITIES Operational Audit SUMMARY This operational audit of the Agency for Health Care Administration (Agency)

More information

Information Security Policy and Handbook Overview. ITSS Information Security June 2015

Information Security Policy and Handbook Overview. ITSS Information Security June 2015 Information Security Policy and Handbook Overview ITSS Information Security June 2015 Information Security Policy Control Hierarchy System and Campus Information Security Policies UNT System Information

More information

REPORT NO. 2015-052 DECEMBER 2014 SURPLUS COMPUTER HARD DRIVE DISPOSAL PROCESSES AT SELECTED STATE AGENCIES. Information Technology Operational Audit

REPORT NO. 2015-052 DECEMBER 2014 SURPLUS COMPUTER HARD DRIVE DISPOSAL PROCESSES AT SELECTED STATE AGENCIES. Information Technology Operational Audit REPORT NO. 2015-052 DECEMBER 2014 SURPLUS COMPUTER HARD DRIVE DISPOSAL PROCESSES AT SELECTED STATE AGENCIES Information Technology Operational Audit STATE AGENCY HEADS The Florida Statutes establish the

More information

DRAFT - NMHU POLICIES CONCERNING COMPUTER, NETWORK, AND E-MAIL

DRAFT - NMHU POLICIES CONCERNING COMPUTER, NETWORK, AND E-MAIL The goal of the New Mexico Highlands University (NMHU) Computer & Networking Services (CNS) Group is to support the University in the pursuit of its Mission Statement 1. These policies, guidelines, and

More information

Information Technology Internal Audit Report # 2009-01

Information Technology Internal Audit Report # 2009-01 Information Technology Internal Audit Report # 2009-01 June 2009 September 23, 2009 Mr. Peter Breslin President Board of Education Katonah-Lewisboro Union Free School District One Shady Lane South Salem,

More information

Office of Information Technology E-Government Services

Office of Information Technology E-Government Services New Jersey State Legislature Office of Legislative Services Office of the State Auditor Office of Information Technology E-Government Services February 13, 2001 to November 21, 2001 Richard L. Fair State

More information

Justifying projects in software license compliance

Justifying projects in software license compliance Justifying projects in software license compliance The role of software license compliance within an organization White paper Introduction... 2 Software license compliance the risk... 2 Sources of software

More information

THE UNIVERSITY OF TEXAS-PAN AMERICAN OFFICE OF AUDITS & CONSULTING SERVICES LAPTOP ENCRYPTION. Report No. 13-14

THE UNIVERSITY OF TEXAS-PAN AMERICAN OFFICE OF AUDITS & CONSULTING SERVICES LAPTOP ENCRYPTION. Report No. 13-14 THE UNIVERSITY OF TEXAS-PAN AMERICAN OFFICE OF AUDITS & CONSULTING SERVICES LAPTOP ENCRYPTION Report No. 13-14 OFFICE OF INTERNAL AUDITS THE UNIVERSITY OF TEXAS - PAN AMERICAN 1201 West University Drive

More information

Overview. Responsibility

Overview. Responsibility Overview Property management is an important function at the University. Prudent inventory practices help protect the University s multi-million dollar investment in equipment, provide documentation needed

More information

Network and Workstation Acceptable Use Policy

Network and Workstation Acceptable Use Policy CONTENT: Introduction Purpose Policy / Procedure References INTRODUCTION Information Technology services including, staff, workstations, peripherals and network infrastructures are an integral part of

More information

Server Management-Scans & Patches

Server Management-Scans & Patches THE UNIVERSITY OF TEXAS-PAN AMERICAN OFFICE OF AUDITS & CONSULTING SERVICES Server Management-Scans & Patches Report No. 14-11 OFFICE OF INTERNAL AUDITS THE UNIVERSITY OF TEXAS - PAN AMERICAN 1201 West

More information

Answer: C. Answer: C. Answer: B

Answer: C. Answer: C. Answer: B Question: 1 You are a Software Asset Management (SAM) consultant for Company.com. The company has grown through acquisition for several years. The company does not use a common method for software license

More information

Blocal government bulletin b

Blocal government bulletin b Electronic Records Standards and Procedures Blocal government bulletin b july 1998 Comments or complaints regarding the programs and services of the Texas State Library and Archives Commission may be addressed

More information

MANAGEMENT AUDIT REPORT SECURING CRITICAL DATA CITYWIDE REPORT NO. 09-106. City of Albuquerque Office of Internal Audit and Investigations

MANAGEMENT AUDIT REPORT SECURING CRITICAL DATA CITYWIDE REPORT NO. 09-106. City of Albuquerque Office of Internal Audit and Investigations MANAGEMENT AUDIT REPORT OF SECURING CRITICAL DATA CITYWIDE REPORT NO. 09-106 City of Albuquerque Office of Internal Audit and Investigations Securing Critical Data Citywide Report No. 09-106 Executive

More information

INFORMATION GOVERNANCE POLICY: PROTECTION AGAINST MALICIOUS SOFTWARE

INFORMATION GOVERNANCE POLICY: PROTECTION AGAINST MALICIOUS SOFTWARE INFORMATION GOVERNANCE POLICY: PROTECTION AGAINST MALICIOUS SOFTWARE Original Approved by: Policy and Procedure Ratification Sub-group on 23 October 2007 Version 2.1 Approved by: Information Governance

More information

W H I T E P A P E R : Software Compliance. Understanding and Managing Software Compliance Issues

W H I T E P A P E R : Software Compliance. Understanding and Managing Software Compliance Issues W H I T E P A P E R : Software Compliance Understanding and Managing Software Compliance Issues Lori Henry Thompson Sales Operations Manager CompuCom Systems, Inc. August 2007 Executive Summary The mere

More information

Software Asset Management Guide

Software Asset Management Guide Software Asset Management Guide WHY MANAGE SOFTWARE ASSETS Introduction IN TODAY'S ECONOMY, software is indispensable to every organization, large and small. Thanks to software, businesses are more efficient

More information

Information Technology Operational Audit DEPARTMENT OF STATE. Florida Voter Registration System (FVRS) Report No. 2016-002 July 2015

Information Technology Operational Audit DEPARTMENT OF STATE. Florida Voter Registration System (FVRS) Report No. 2016-002 July 2015 July 2015 Information Technology Operational Audit DEPARTMENT OF STATE Florida Voter Registration System (FVRS) Sherrill F. Norman, CPA Auditor General Secretary of State Section 20.10, Florida Statutes,

More information

Memorandum of Understanding (MOU) Northwest Regional Data Center. School Board of Palm Beach County MOU # NWRM0011

Memorandum of Understanding (MOU) Northwest Regional Data Center. School Board of Palm Beach County MOU # NWRM0011 Memorandum of Understanding (MOU) By and Between Northwest Regional Data Center and School Board of Palm Beach County MOU # NWRM0011 PROJECT: Disaster Recovery/Business Continuity PM: Annie Zhang/Bill

More information

Review of Document Imaging Railroad Unemployment Insurance Act Programs Report No. 01-01, November 17, 2000

Review of Document Imaging Railroad Unemployment Insurance Act Programs Report No. 01-01, November 17, 2000 Review of Document Imaging Railroad Unemployment Insurance Act Programs Report No. 01-01, November 17, 2000 This report represents the results of the Office of Inspector General s (OIG) review of the Railroad

More information

EPA Could Improve Processes for Managing Contractor Systems and Reporting Incidents

EPA Could Improve Processes for Managing Contractor Systems and Reporting Incidents OFFICE OF INSPECTOR GENERAL Audit Report Catalyst for Improving the Environment EPA Could Improve Processes for Managing Contractor Systems and Reporting Incidents Report No. 2007-P-00007 January 11, 2007

More information

Key Considerations for Documentation Management Technology. Learning from Local Experience

Key Considerations for Documentation Management Technology. Learning from Local Experience Key Considerations for Documentation Management Technology Learning from Local Experience Agenda Document Management Systems Key Considerations Types of Document Management Systems Hardware/Software Requirements

More information

Healthcare IT Compliance Service. Services > Overview MaaS360 Healthcare IT Compliance Service

Healthcare IT Compliance Service. Services > Overview MaaS360 Healthcare IT Compliance Service Services > Overview MaaS360 Ensure Technical Safeguards for EPHI are Working Monitor firewalls, anti-virus packages, data encryption solutions, VPN clients and other security applications to ensure that

More information

Department of Public Safety and Correctional Services Information Technology and Communications Division

Department of Public Safety and Correctional Services Information Technology and Communications Division Audit Report Department of Public Safety and Correctional Services Information Technology and Communications Division January 2012 OFFICE OF LEGISLATIVE AUDITS DEPARTMENT OF LEGISLATIVE SERVICES MARYLAND

More information

DATA CENTER OPERATIONS

DATA CENTER OPERATIONS REPORT NO. 2011-082 JANUARY 2011 NORTHWOOD SHARED RESOURCE CENTER DATA CENTER OPERATIONS Information Technology Operational Audit EXECUTIVE DIRECTOR OF THE NORTHWOOD SHARED RESOURCE CENTER Pursuant to

More information

PBGC Information Security Policy

PBGC Information Security Policy PBGC Information Security Policy 1. Purpose. The Pension Benefit Guaranty Corporation (PBGC) Information Security Policy (ISP) defines the security and protection of PBGC information resources. 2. Reference.

More information

June 2008 Report No. 08-038. An Audit Report on The Department of Information Resources and the Consolidation of the State s Data Centers

June 2008 Report No. 08-038. An Audit Report on The Department of Information Resources and the Consolidation of the State s Data Centers John Keel, CPA State Auditor An Audit Report on The Department of Information Resources and the Consolidation of the State s Data Centers Report No. 08-038 An Audit Report on The Department of Information

More information

911 Data Center Operations Performance Audit

911 Data Center Operations Performance Audit 911 Data Center Operations Performance Audit June 2010 Office of the Auditor Audit Services Division City and County of Denver Dennis J. Gallagher Auditor The Auditor of the City and County of Denver is

More information

Quantifying ROI: Building the Business Case for IT and Software Asset Management

Quantifying ROI: Building the Business Case for IT and Software Asset Management Quantifying ROI: Building the Business Case for IT and Software Asset Management Benefits of IT and Software Asset Management In today s increasingly competitive business environment, companies are realizing

More information

SEMINOLE COUNTY COURT ADMINISTRATION 18 TH JUDICIAL CIRCUIT AND SEMINOLE COUNTY ATTORNEY S OFFICE

SEMINOLE COUNTY COURT ADMINISTRATION 18 TH JUDICIAL CIRCUIT AND SEMINOLE COUNTY ATTORNEY S OFFICE SEMINOLE COUNTY COURT ADMINISTRATION 18 TH JUDICIAL CIRCUIT AND SEMINOLE COUNTY ATTORNEY S OFFICE LIMITED REVIEW OF THE COURT-APPOINTED ATTORNEY PROGRAM JUNE 2000 Prepared by: Clerk of the Circuit Court

More information

REPORT NO. 2011-024 OCTOBER 2010 LAKE-SUMTER COMMUNITY COLLEGE. Operational Audit

REPORT NO. 2011-024 OCTOBER 2010 LAKE-SUMTER COMMUNITY COLLEGE. Operational Audit REPORT NO. 2011-024 OCTOBER 2010 LAKE-SUMTER COMMUNITY COLLEGE Operational Audit BOARD OF TRUSTEES AND PRESIDENT Members of the Board of Trustees and President who served during the 2009-10 fiscal year

More information

CITY OF SAN ANTONIO OFFICE OF THE CITY AUDITOR. Follow-up Audit of Information Technology Services Department. IT Contingency Planning

CITY OF SAN ANTONIO OFFICE OF THE CITY AUDITOR. Follow-up Audit of Information Technology Services Department. IT Contingency Planning Follow-up Audit of Information Technology Services Department CITY OF SAN ANTONIO OFFICE OF THE CITY AUDITOR Follow-up Audit of Information Technology Services Department Project No. AU13-F05 October 25,

More information

HOSTED EXCHANGE SERVICES & HOSTED SHAREPOINT SERVICES TERMS AND CONDITIONS

HOSTED EXCHANGE SERVICES & HOSTED SHAREPOINT SERVICES TERMS AND CONDITIONS HOSTED EXCHANGE SERVICES & HOSTED SHAREPOINT SERVICES TERMS AND CONDITIONS This agreement is between you, the subscriber to the Hosted Exchange service and/or Hosted Sharepoint service, and Excalibur Technology

More information

U.S. Department of the Interior Office of Inspector General AUDIT REPORT

U.S. Department of the Interior Office of Inspector General AUDIT REPORT U.S. Department of the Interior Office of Inspector General AUDIT REPORT GENERAL CONTROL ENVIRONMENT OF THE FEDERAL FINANCIAL SYSTEM AT THE RESTON GENERAL PURPOSE COMPUTER CENTER, U.S. GEOLOGICAL SURVEY

More information

We would like to extend our appreciation to the staff that assisted us throughout this audit. Attachment

We would like to extend our appreciation to the staff that assisted us throughout this audit. Attachment Date: June 25, 2014 To: Brenda S. Fischer, City Manager From: Candace MacLeod, City Auditor Subject: Audit of Glendale Fire Department s Payroll Process The City Auditor s Office has completed an audit

More information

The Power to Take Control of Software Assets

The Power to Take Control of Software Assets The Software Asset Management Specialists 781-569-0410 www.aid.com The Power to Take Control of Software Assets The Benefits of SAM: Building the case for Conducting a SAM Assessment and Implementing a

More information

Office of the Chief Internal Auditor. Audit Report. Lap Top Inventory Audit

Office of the Chief Internal Auditor. Audit Report. Lap Top Inventory Audit Office of the Chief Internal Auditor Audit Report Lap Top Inventory Audit January 23, 2015 OFFICE OF THE CHIEF INTERNAL AUDITOR Commission of the South Carolina Department of Transportation The Honorable

More information

System Management. What are my options for deploying System Management on remote computers?

System Management. What are my options for deploying System Management on remote computers? Getting Started, page 1 Managing Assets, page 2 Distributing Software, page 3 Distributing Patches, page 4 Backing Up Assets, page 5 Using Virus Protection, page 6 Security, page 7 Getting Started What

More information

Developing a Records Retention Program

Developing a Records Retention Program Developing a Records Retention Program This site is intended to help you design and implement a records retention program for your organization. Here you will find a basic explanation of a records retention

More information

LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES

LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL for INFORMATION RESOURCES Updated: June 2007 Information Resources Security Manual 1. Purpose of Security Manual 2. Audience 3. Acceptable

More information

OCC 98-3 OCC BULLETIN

OCC 98-3 OCC BULLETIN To: Chief Executive Officers and Chief Information Officers of all National Banks, General Managers of Federal Branches and Agencies, Deputy Comptrollers, Department and Division Heads, and Examining Personnel

More information

University of Hartford. Software Management and Compliance Guidelines

University of Hartford. Software Management and Compliance Guidelines University of Hartford Software Management and Compliance Guidelines This policy is issued in an effort to remind the University community of the importance of complying with that policy and to reiterate

More information

STATE OF CONNECTICUT

STATE OF CONNECTICUT STATE OF CONNECTICUT AUDITORS' REPORT STATE INSURANCE AND RISK MANAGEMENT BOARD FOR THE FISCAL YEARS ENDED JUNE 30, 2001 AND 2002 AUDITORS OF PUBLIC ACCOUNTS KEVIN P. JOHNSTON ROBERT G. JAEKLE Table of

More information

HIPAA COMPLIANCE CALIFORNIA STATE UNIVERSITY, EAST BAY. Audit Report 10-53 October 25, 2010

HIPAA COMPLIANCE CALIFORNIA STATE UNIVERSITY, EAST BAY. Audit Report 10-53 October 25, 2010 HIPAA COMPLIANCE CALIFORNIA STATE UNIVERSITY, EAST BAY Audit Report 10-53 October 25, 2010 Members, Committee on Audit Henry Mendoza, Chair Raymond W. Holdsworth, Vice Chair Nicole M. Anderson Margaret

More information

INFORMATION SECURITY AT THE HEALTH RESOURCES AND SERVICES ADMINISTRATION NEEDS IMPROVEMENT BECAUSE CONTROLS WERE NOT FULLY IMPLEMENTED AND MONITORED

INFORMATION SECURITY AT THE HEALTH RESOURCES AND SERVICES ADMINISTRATION NEEDS IMPROVEMENT BECAUSE CONTROLS WERE NOT FULLY IMPLEMENTED AND MONITORED Department of Health and Human Services OFFICE OF INSPECTOR GENERAL INFORMATION SECURITY AT THE HEALTH RESOURCES AND SERVICES ADMINISTRATION NEEDS IMPROVEMENT BECAUSE CONTROLS WERE NOT FULLY IMPLEMENTED

More information

Maryland Transportation Authority

Maryland Transportation Authority Audit Report Maryland Transportation Authority March 2014 OFFICE OF LEGISLATIVE AUDITS DEPARTMENT OF LEGISLATIVE SERVICES MARYLAND GENERAL ASSEMBLY This report and any related follow-up correspondence

More information