REPORT DIGEST

DEPARTMENT OF CENTRAL MANAGEMENT SERVICES BUREAU OF COMMUNICATION AND COMPUTER SERVICES

THIRD PARTY REVIEW

For the Year Ended:

June 30, 2002

Release Date:
July 2, 2002

Logo.gif (1870 bytes)

State of Illinois
Office of the Auditor General

WILLIAM G. HOLLAND

AUDITOR GENERAL

To obtain a copy of the
Report contact:
Office of the Auditor General
Attn: Records Manager
Iles Park Plaza
740 E. Ash Street
Springfield, IL 62703
(217) 782-6046 or TDD (217) 524-4646

This Report Digest is also available on
the worldwide web at
http://www.state.il.us/auditor

INTRODUCTION

     The Department of Central Management Services’ (Department) Bureau of Communication and Computer Services carries out statutory responsibilities relating to data processing and telecommunication services (20 ILCS 405/10; 20 ILCS 405/20; 20 ILCS 405/250; 20 ILCS 405/255; and 20 ILCS 405/260). To fulfill its responsibilities, the Department operates the Central Computer Facility (CCF), the Communications Center, and its branch facility. The branch facility also serves as the primary backup site should a disaster prevent processing at the CCF. Through its facilities, the Department provides data processing services to approximately 107 user entities.
     The CCF functions as a data processing service center, providing computing and telecommunication resources for State agencies’ use. The Department and the agencies that use the Department’s computer resources share the responsibility for maintaining the integrity and security of computerized data and functions.
     We reviewed data processing general controls at the Department primarily during the period from January 22 to May 13, 2002. We performed tests to determine compliance with policies and procedures, conducted interviews, performed observations, and identified specific control objectives and procedures we considered necessary to evaluate the controls.
     We also reviewed application controls for systems maintained by the Department for State agencies’ use. The systems reviewed were the Central Payroll, Central Inventory, Central Time and Attendance, and Accounting Information Systems.
     The Department’s control procedures and the degree of compliance with the procedures were sufficient to provide reasonable, but not absolute, assurance that relevant control objectives were achieved.

To view an online version of the complete report, go to http://www.state.il.us/auditor/special.htm

 

ILLINOIS DEPARTMENT OF CENTRAL MANAGEMENT SERVICES
BUREAU OF COMMUNICATION AND COMPUTER SERVICES

 

STATISTICS

2002

Mainframes

4 Units Configured as 15 Production Systems

Services/Workload

82,511 Nodes Statewide (Terminals, Printers, etc.)
78 Million IMS Transactions per Month
1.7 Million Feet of Laser Printing per Month
309,680 Reel/Cartridge Tape Mounts per Month

State Agency Users

107

CCF Employees

1999 -- 131
2000 -- 136
2001 -- 138
2002 -- 142

Historical Growth Trend*

1999 --
2000 --
2001 --
2002 --

1,016
1,445
1,557
2,040

-- MIPS
-- MIPS
-- MIPS
-- MIPS
MIPS-- Million Instructions Per Second

* In the month of April for each year listed

Information provided by the Department

AGENCY DIRECTOR AND BUREAU MANAGER
During Audit Period: Director: Michael Schwartz -- Bureau Manager: Frank Cavallaro
Currently: Director: Michael Schwartz -- Bureau Manager: Frank Cavallaro

 

 

 

 

 

 

State Government Must Be Prepared

 

 

 

 

 

 

 

 

 

 

 

 

REPORT SUMMARY

Disaster Contingency Planning

In the past several years, the Department has made progress in addressing the disaster contingency needs of the State’s Central Computer Facility; however, the plans and operational provisions still need to be enhanced to provide assurance that all of the State’s critical applications and network operations can be recovered within required timeframes. The State is placing great reliance on the Department’s ability to provide data processing and network services in the event of a disaster. As such, comprehensive and thoroughly tested disaster contingency plans are an essential component of recovery efforts.

The Department should continue its efforts to ensure that the necessary components (plans, equipment, and facilities) are available to provide for continuation of critical computer operations in the event of a disaster. In addition, the Department should review contingency plans and conduct comprehensive tests of the plans on an annual basis.

The Department concurred with our recommendation and stated the Department will continue to maintain, evaluate, and enhance its preparations for the business continuity of the State's critical Information Technology assets for which it is responsible.

AUDITORS' OPINION

Procedures were generally sufficient to provide reasonable, but not absolute, assurance that relevant general and application control objectives were achieved.

 

          holland_signature.jpg (4965 bytes)

WILLIAM G. HOLLAND, Auditor General

WGH:WJS:ap