My WebLink
|
Help
|
About
|
Sign Out
Home
2014-COH - Single Audit of Federal Financial Assistance Programs
PublicDocuments
>
Legislative Auditor
>
Audit Reports
>
Single Audit Reports
>
2014-COH - Single Audit of Federal Financial Assistance Programs
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
7/13/2015 3:33:40 PM
Creation date
7/13/2015 2:39:32 PM
Metadata
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
40
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
County of Hawaii, State of Hawaii <br />SCHEDULE OF FINDINGS AND QUESTIONED COSTS (Continued) <br />Fiscal Year Ended June 30, 2014 <br />SECTION II - FINANCIAL STATEMENT FINDINGS (Continued) <br />Ref. <br />No. Internal Control Findings <br />2014-002 Physical Security - Significant Deficiency <br />Condition: The servers for the Eden and IAS systems are located in a room at the Civil <br />Defense Center (Center). During our visit to the Center, we noted the following <br />conditions: <br />Security over the servers is compromised as the door to the room housing these <br />servers is left open due to cooling concerns. Anyone with access to the Civil <br />Defense Center could potentially access the server room. <br />A fire suppression system was not installed. <br />Criteria: Physical access to servers and other sensitive areas is appropriately restricted to <br />authorized personnel. Devices are used to secure sensitive equipment and storage <br />media from the risk of damage from fire. <br />Cause: The County has not formally documented policies and procedures over the physical <br />security of IT systems at the Center nor effectively designed these controls. <br />Effect: Unauthorized access to the server room could result in unauthorized use, <br />modification, damage or loss of data. The absence of a five suppression system <br />could increase the likelihood of the loss or destruction of data due to fire. <br />Recommendation <br />We recommend that the County develop formal policies over the physical security of IT systems <br />at the Center and to implement them. The server room should be locked and access to keys or <br />codes should be limited to authorized personnel. A fire suppression system should be installed <br />to prevent or limit the loss of data from fire. <br />27 <br />
The URL can be used to link to this page
Your browser does not support the video tag.