Office for the Aging
Network Security Controls (Follow-Up)
Issued: September 6, 2012
Link to full audit report 2012-F-20
Purpose
To assess the extent of implementation, as of August 14, 2012, of the four recommendations included in our initial audit report, Network Security Controls (2010-S-23).
Background
Our initial audit report, which was issued on June 9, 2011, found numerous critical weaknesses on the Office's Network that needed to be corrected.
Key Findings
- Office management has taken little action towards implementing our recommendations for strengthening their network security. Of the four prior audit recommendations, one has been partially implemented, and three have not been implemented.
Key Recommendations
- Office officials are given 30 days after the issuance of the follow-up review to provide information on any actions that are planned to address the unresolved issues discussed in this review.
Other Related Audits/Reports of Interest
New York State Office for the Aging: Network Security Controls Report 2010-S-23
New York State Workers’ Compensation Board: Network Security Controls (Follow-Up) Report 2011-F-29
State University of New York College at Oneonta: Network Security Controls (Follow-Up) Report 2010-F-44
State Government Accountability Contact Information:
Audit Director: John Buyce
Phone: (518) 474-3271; Email: StateGovernmentAccountability@osc.state.ny.us
Address: Office of the State Comptroller; Division of State Government Accountability; 110 State Street, 11th Floor; Albany, NY 12236
