My WebLink
|
Help
|
About
|
Sign Out
Home
Single Audit of Federal Financial Assistance Programs for Fiscal Year 2015 - 2016
PublicDocuments
>
Finance Department
>
Finance Administration
>
Audit Reports
>
Single Audit of Federal Financial Assistance Programs for Fiscal Year 2015 - 2016
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
2/28/2018 2:48:27 PM
Creation date
2/28/2018 2:48:06 PM
Metadata
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
34
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
Harry Kim <br />Mayor <br />Wil Okabe <br />Managing Director <br />March 29, 2017 <br />County of Hawaii <br />DEPARTMENT OF INFORMATION TECHNOLOGY <br />25 Aupuni Street • Hilo, Hawaii 96720-4252 <br />(808) 932-2960 • Fax (sos) 961-8089 <br />Subject: Corrective Action Plan in response to 2016 Single Audit Internal Control Finding <br />Reference Number 2016-001 <br />Recommendation: <br />Jules Ung <br />Director <br />We recommend that the County develop formal policies over the physical security of IT systems at the <br />Center and to implement them. The server room should be locked and access to keys or codes should <br />be limited to authorized personnel. A fire suppression system should be installed to prevent or limit the <br />loss of data from fire. <br />County's Comment: <br />Management agrees with the finding and recommendations regarding the development of formal <br />policies over the physical security of IT systems. In response, DIT has created and implemented 6 IT <br />policies including: 1) Internet Network Email Policy 2) Password Policy 3) E -Mail Retention Policy 3) <br />Electronic Data Destruction Policy 5) Mobile Device Policy 6) Social Media Policy. These policies outline <br />best practices to protect the County's devices, network, and information systems from unauthorized <br />access, damage, and tampering. <br />However, as in prior years, the County contends that its current policies outlined below serve as <br />mitigating controls that address the findings of the server room. <br />Although the specific room at Civil Defense that houses the servers is left open, the general Civil <br />Defense facility is restricted to authorized personnel and access to the facility itself is limited. <br />Visitors are required to sign in before being allowed entry to Civil Defense and are typically escorted. <br />Although a fire suppression system has not been selected as of yet, the County has implemented <br />mitigating controls to reduce the risk of data loss due to fire and other potential hazards by ensuring <br />that all data is backed up nightly from these servers to a different physical location. <br />In addition, the following plan is also currently being implemented. <br />Researching the possibility of partnering with Civil Defense to construct a new shelter to contain <br />the server room that will be situated adjacent to Civil Defense, with an underground conduit for <br />fiber to preserve the integrity of the County Network during times of disaster. <br />Hawai `i County is an Equal Opportunity Provider and Employer <br />30 <br />
The URL can be used to link to this page
Your browser does not support the video tag.