Laserfiche WebLink
CORRECTIVE ACTION PLAN <br />Financial Statement Findings (Continued): <br />2014-002 Physical Security - Significant Deficiency <br />Recommendation: We recommend that the County develop formal policies over the <br />physical security of IT systems at the Center and to implement them. The server room <br />should be locked and access to keys or codes should be limited to authorized personnel. <br />A fire suppression system should be installed to prevent or limit the loss of data from <br />fire. <br />County's Comment: Although the specific room that houses the servers is left open, the <br />general Civil Defense facility is restricted to authorized personnel. Unauthorized <br />personnel must sign in before being allowed entry into Civil Defense. <br />The County is also researching the effectiveness and cost of several other short- term <br />and long-term solutions to restrict access further. <br />Anticipated Completion Date: Some mitigating controls are currently in place but <br />additional efforts will be ongoing as we strive to improve our internal controls over <br />information technology. <br />Contact Person: Don Jacobs, Director of Information Technology <br />35 <br />