New York State Workers' Compensation Board

 

Skip to Content

Office of the New York State Comptroller

Taxpayers' Guide to State and Local Audits

New York State Workers' Compensation Board
Network Security Controls (Follow-Up)


Issued: February 8, 2012
Link to full audit report 2011-F-29

Purpose
To determine the extent of implementation of the four recommendations included in our initial audit report, Network Security Controls (2009-S-49).

Background
Our initial audit report, which was issued on issued on July 22, 2010, determined that the Board’s management had not taken certain fundamental steps to secure their network, such as completing a risk assessment and data classification. 

Key Findings

  • The Board’s Security Unit has taken many actions to implement the recommendations made. Some tasks still need to be completed to sufficiently protect the Board’s network from security risks. Of the four recommendations, two were implemented and two were partially implemented.

Key Recommendations

  • Officials are given 30 days after the issuance of the follow-up review to provide information on any actions that are planned to address the unresolved issues discussed in this review.

Other Related Audits/Reports of Interest
State University of New York College at Oneonta: Network Security Controls (Follow-Up) 2010-F-44
State Liquor Authority/Division of Alcoholic Beverage Control: Network Security Controls (Follow-Up) 2009-F-45


State Government Accountability Contact Information:
Audit Director: John Buyce
Phone:(518) 474-3271; Email: StateGovernmentAccountability@osc.state.ny.us
Address: Office of the State Comptroller; Division of State Government Accountability; 110 State Street, 11th Floor; Albany, NY 12236