New York State Workers' Compensation Board
Network Security Controls (Follow-Up)
Issued: February 8, 2012
Link to full audit report 2011-F-29
To determine the extent of implementation of the four recommendations included in our initial audit report, Network Security Controls (2009-S-49).
Our initial audit report, which was issued on issued on July 22, 2010, determined that the Board’s management had not taken certain fundamental steps to secure their network, such as completing a risk assessment and data classification.
- The Board’s Security Unit has taken many actions to implement the recommendations made. Some tasks still need to be completed to sufficiently protect the Board’s network from security risks. Of the four recommendations, two were implemented and two were partially implemented.
- Officials are given 30 days after the issuance of the follow-up review to provide information on any actions that are planned to address the unresolved issues discussed in this review.
Other Related Audits/Reports of Interest
State University of New York College at Oneonta: Network Security Controls (Follow-Up) 2010-F-44
State Liquor Authority/Division of Alcoholic Beverage Control: Network Security Controls (Follow-Up) 2009-F-45
State Government Accountability Contact Information:
Audit Director: John Buyce
Phone:(518) 474-3271; Email: StateGovernmentAccountability@osc.state.ny.us
Address: Office of the State Comptroller; Division of State Government Accountability; 110 State Street, 11th Floor; Albany, NY 12236