My WebLink
|
Help
|
About
|
Sign Out
Home
Single Audit of Federal Financial Assistance Programs for Fiscal Year 2014 - 2015
PublicDocuments
>
Finance Department
>
Finance Administration
>
Audit Reports
>
Single Audit of Federal Financial Assistance Programs for Fiscal Year 2014 - 2015
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
7/14/2016 1:14:01 PM
Creation date
7/14/2016 1:00:25 PM
Metadata
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
33
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
County of Hawai‘i, State of Hawai‘i <br />CORRECTIVE ACTION PLAN <br />Fiscal year Ended June 30, 2015 <br />Financial Statement Findings: <br />2015-001 Information Security Policy <br />Recommendation: <br />Management should develop standardized information security policies and procedures that are <br />followed by all departments and agencies of the County. <br />County’s Comment: <br />At the last quarterly Information Technology (IT) meeting, the reviewing of all agency <br />Information Security policies and developing standardized baseline security policies for all IT <br />groups was discussed by the group, which consists of the County’s IT Department and other <br />County IT sections. Agencies are to provide their security policies for review and a <br />standardized Information Security Policy will be developed and followed by all County <br />departments and agencies. <br />2015-002 Physical Security <br />Recommendation: <br />We recommend that the County develop formal policies over the physical security of IT systems <br />at the Center and to implement them. The server room should be locked and access to keys or <br />codes should be limited to authorized personnel. A fire suppression system should be installed <br />to prevent or limit the loss of data from fire. <br />County’s Comment: <br />As explained in prior years, although the specific room that houses the servers is left open, the <br />general Civil Defense facility is restricted to authorized personnel and access to the facility itself <br />is limited. Visitors are required to sign in before being allowed entry to Civil Defense and are <br />typically escorted. <br />The current air conditioning (AC) capabilities of the Server Room are not adequate to allow for <br />the door to be closed without risking damage to the systems. The system specification <br />requirements for a new AC system are being compiled to replace the existing system, which <br />should allow the Server Room door to be closed and locked. We are considering several <br />possibilities which would enable the County to secure the servers while still allowing airflow for <br />cooling is also being considered. <br />Although a fire suppression system has not been selected as of yet, all data is backed up <br />nightly from these servers to a different physical location to reduce the risk of data loss due to <br />fire and other potential hazards. <br />33 <br />
The URL can be used to link to this page
Your browser does not support the video tag.