Laserfiche WebLink
County of Hawaii <br />Introduction <br />To better understand the standards and procedures in place related to the management <br />of IT assets, questionnaires were requested and completed by key DIT personnel. The <br />questionnaires covered the following topics: <br />• Hardware Lifecycle <br />• Hardware Inventory <br />• Hardware Security <br />• Software Lifecycle <br />• Software Inventory <br />• Software Security <br />We reviewed and discussed the responses from the questionnaires through interviews with <br />the Director of Information Technology, Information Systems Program Managers, Information <br />Systems Analysts with the Help Desk and Network Divisions, and the Director of Finance. <br />On-site inspections of DIT facilities were performed to observe the physical security controls <br />in place to safeguard IT assets. <br />We performed walkthroughs of the automated network and software inventory system and the <br />automated software deployment tool used by DIT and reviewed output reports. A review of the <br />County's Microsoft Volume Licensing portals was also performed to validate software <br />entitlements. <br />To review DIT's management of the Windows XP upgrade project, we interviewed the Director <br />of IT to understand the project scope, project governance, and the extent of DIT's involvement. <br />We also interviewed the designated project manager to understand how DIT communicated <br />the project to the departments and other stakeholders. The designated project manager also <br />described the physical inventory process and results, details on price negotiation, the method <br />to determine purchase counts, and any issues that were raised throughout the upgrade project. <br />An interview with the helpdesk personnel was conducted to understand the process of how <br />computers are physically received, tracked, configured, deployed, and added to the fixed assets <br />inventory. We obtained the agendas for the meetings DIT conducted with the department <br />liaisons, related e-mail correspondences, inventory schedules that were distributed and <br />collected from the department liaisons, physical inventory results, official Request for Quotes <br />and Response Details Report Bids from vendors, and the signed Notices to Proceed. <br />To gain an understanding of industry best practices related to the management of IT assets, <br />we reviewed the Best Practices Library published by the International Association of Information <br />Technology Asset Managers ("IAITAM"). The volumes we reviewed included Acquisition <br />Management, Asset Identification, Disposal Management, Documentation Management, <br />Financial Management, and Policy Management. <br />3 <br />