REPORT DIGEST

 

DEPARTMENT OF CENTRAL MANAGEMENT SERVICES, BUREAU OF COMMUNICATIONS AND COMPUTER SERVICES

SERVICE ORGANIZATION REVIEW

For the Year Ended June 30, 2011

 

Release Date: July 2011

 

State of Illinois, Office of the Auditor General

WILLIAM G. HOLLAND, AUDITOR GENERAL

 

To obtain a copy of the Report contact:

Office of the Auditor General, Iles Park Plaza, 740 E. Ash Street, Springfield, IL 62703

(217)    782-6046 or TTY (888) 261-2887

 

This Report Digest and Full Report are also available on the worldwide web at www.auditor.illinois.gov

­­­­­­­­­­­____________________________

 

INTRODUCTION

 

This report covers our Service Organization Review of the Department of Central Management Services – Bureau of Communications and Computer Services for the year ended June 30, 2011. 

 

The Department of Central Management Services’ (Department) Bureau of Communications and Computer Services carries out statutory responsibilities relating to data processing and telecommunication services.  To fulfill its responsibilities, the Department operates the Central Computer Facility (CCF), the Communications Center, and branch facilities.  Through its facilities, the Department provides data processing services to approximately 102 user agencies.

 

The Department functions as a service organization providing computing and telecommunication resources for State agencies’ use.  The Department and the agencies that use the Department’s computer resources share the responsibility for maintaining the processing integrity, availability, and security of computerized data and functions.

 

The Department has defined and documented policies and procedures to restrict physical access to facilities and defined systems.  However, we found the controls over verifying the identity of an individual prior to resetting their password and the granting, modifying or revoking physical access badges had not been effectively implemented and, therefore, were not operating effectively throughout the period July 1, 2010 to June 30, 2011.  With the exception of these matters, the procedures were generally sufficient to provide reasonable assurance that relevant control objectives were achieved. 

 

 

WILLIAM G. HOLLAND

Auditor General