REPORT DIGEST

DEPARTMENT OF

CENTRAL MANAGEMENT
SERVICES
BUREAU OF COMMUNICATION AND COMPUTER SERVICES

THIRD PARTY REVIEW

For the Year Ended:
June 30, 2001

Release Date:
July 2, 2001

Logo.gif (1870 bytes)

State of Illinois

Office of the Auditor General

WILLIAM G. HOLLAND

AUDITOR GENERAL

To obtain a copy of the
Report contact:
Office of the Auditor General
Attn: Records Manager
Iles Park Plaza
740 E. Ash Street
Springfield, IL 62703
(217) 782-6046 or TDD (217) 524-4646
This Report Digest is also available on
the worldwide web at
http://www.state.il.us/auditor

INTRODUCTION

The Department of Central Management Services’ (Department) Bureau of Communication and Computer Services carries out statutory responsibilities relating to data processing and telecommunication services (20 ILCS 405/35.3; 20 ILCS 405/35.7; 20 ILCS 405/35.7a; 20 ILCS 405/35.7c; and 20 ILCS 405/35.8). To fulfill its responsibilities, the Department operates the Central Computer Facility (CCF), the Communications Center, and its branch facility. The branch facility also serves as the primary backup site should a disaster prevent processing at the Central Computer Facility. Through its facilities, the Department provides data processing services to approximately 106 user entities.

The CCF functions as a data processing service center, providing computing and telecommunication resources for State agencies’ use. The Department and the agencies that use the Department’s computer resources share the responsibility for maintaining the integrity and security of computerized data and functions.

We reviewed data processing general controls at the Department primarily during the period from January 16 to April 27, 2001. We performed tests to determine compliance with policies and procedures, conducted interviews, performed observations, and identified specific control objectives and procedures we considered necessary to evaluate the controls.

We also reviewed application controls for systems maintained by the Department for State agencies’ use. The systems reviewed were the Central Payroll, Central Inventory, Central Time and Attendance, and Accounting Information Systems.

The Department’s control procedures and the degree of compliance with the procedures were sufficient to provide reasonable, but not absolute, assurance that relevant control objectives were achieved.

 

ILLINOIS DEPARTMENT OF CENTRAL MANAGEMENT SERVICES
BUREAU OF COMMUNICATION AND COMPUTER SERVICES

 

STATISTICS

2001
Mainframes

4 Units Configured as 14 Systems
Services/Workload

73,259 Nodes Statewide (Terminals, Printers, etc.)
72 Million IMS Transactions per Month
1.6 Million Feet of Laser Printing per Month
232,828 Reel/Cartridge Tape Mounts per Month
State Agency Users

106
CCF Employees

1998 -- 125
1999 -- 131
2000 -- 136 (includes 8 vacancies)
2001 -- 138 (includes 13 vacancies)

Historical Growth Trend*

1975 --
1980 --
1990 --
1995 --
1997 --
1998 --
1999 --
2000 --
2001 --

400
1,700
14,143
34,977
47,618
75,900
96,393
133,752
135,758

 -- Base CPU Hours Billed
-- Base CPU Hours Billed
-- Base CPU Hours Billed
-- Base CPU Hours Billed
-- Base CPU Hours Billed
-- Base CPU Hours Billed
-- Base CPU Hours Billed
-- Base CPU Hours Billed
-- Base CPU Hours Billed
 

* In the month of January for each year listed

Information provided by the Department

AGENCY DIRECTOR AND BUREAU MANAGER
During Audit Period: Director: Michael Schwartz -- Bureau Manager: Frank Cavallaro
Currently: Director: Michael Schwartz -- Bureau Manager: Frank Cavallaro

 

 

 

 

 

 

 

State Government Must Be Prepared

 

 

 

 

 

 

 

 

REPORT SUMMARY

Disaster Contingency Planning

Although the Department has made progress in addressing the disaster contingency needs of the State’s Central Computer Facility, the plans and operational provisions still need to be enhanced to provide assurance that all of the State’s critical applications and network operations can be recovered within required timeframes. The State is placing great reliance on the Department’s ability to provide data processing and network services in the event of a disaster. As such, a comprehensive and thoroughly tested disaster contingency plan and sufficient backup facilities are essential components of recovery efforts.

The Department should continue its efforts to ensure that the necessary components are available to provide for continuation of critical computer operations in the event of a disaster. In addition, the Department should continue to conduct comprehensive tests of the disaster recovery plan on an annual basis.

The Department concurred with our recommendation and stated that during the week of May 7, 2001, the Department conducted the annual comprehensive recovery exercise.

AUDITORS' OPINION

Procedures were generally sufficient to provide reasonable, but not absolute, assurance that relevant general and application control objectives were achieved.

____________________________________

WILLIAM G. HOLLAND, Auditor General

WGH:WJS:ap