REPORT DIGEST

 

DEPARTMENT OF

CENTRAL MANAGEMENT

SERVICES

BUREAU OF COMMUNICATION AND COMPUTER SERVICES

 

 

THIRD PARTY REVIEW

For the Year Ended:

June 30, 2004

 

 

 

 

Release Date:

July 1, 2004

 

 

 

 

State of Illinois

Office of the Auditor General

WILLIAM G. HOLLAND

AUDITOR GENERAL

 

To obtain a copy of the

Report contact:

Office of the Auditor General

Iles Park Plaza

740 E. Ash Street

Springfield, IL 62703

(217) 782-6046 or TTY 1-888-261-2887

 

 

This Report Digest is also available on

the worldwide web at

http://www.state.il.us/auditor

 

 

INTRODUCTION

 

      The Department of Central Management Services’ (Department) Bureau of Communication and Computer Services carries out statutory responsibilities relating to data processing and telecommunication services (20 ILCS 405/405-10; 20 ILCS 405/405-20; 20 ILCS 405/405-250; 20 ILCS 405/405-255; and 20 ILCS 405/405-260). To fulfill its responsibilities, the Department operates the Central Computer Facility (CCF), the Communications Center, and branch facilities in Springfield. A Springfield branch facility also serves as the primary backup site should a disaster prevent processing at the CCF. Through its facilities, the Department provides data processing services to approximately 101 user entities.

 

      The CCF functions as a data processing service center, providing computing and telecommunication resources for State agencies’ use.  The Department and the agencies that use the Department’s computer resources share the responsibility for maintaining the integrity and security of computerized data and functions.

 

      We reviewed data processing general controls at the Department primarily during the period from December 10, 2003 to May 14, 2004.  We performed tests to determine compliance with policies and procedures, conducted interviews, performed observations, and identified specific control objectives and procedures we considered necessary to evaluate the controls.

 

      We also reviewed application controls for systems maintained by the Department for State agencies’ use.  The systems reviewed were the Central Payroll, Central Inventory, Central Time and Attendance, and Accounting Information Systems.

 

      The Department’s control procedures and the degree of compliance with the procedures were sufficient to provide reasonable, but not absolute, assurance that relevant control objectives were achieved.

 

 

 

 

 

To view an online version of the complete report, go to http://www.state.il.us/auditor/special.htm

 

 

 

 

 

         ILLINOIS DEPARTMENT OF CENTRAL MANAGEMENT SERVICES

              BUREAU OF COMMUNICATION AND COMPUTER SERVICES

 

 

 

STATISTICS

 

2004

 

  Mainframes

    4 Units Configured as 14 Production Systems

 

  Services/Workload

 

                          

                          

 

 

    40,749 Nodes Statewide (Terminals, Printers, etc.)

    84.5 Million IMS Transactions per Month

    1.4 Million Feet of Laser Printing per Month

    317,369 Reel/Cartridge Tape Mounts per Month

 

  State Agency Users

    101

 

  Bureau Employees 

                            

 

    2001  --  380

    2002  --  387

    2003  --  307

    2004  --  303

 

  Historical Growth Trend*

 

 

2001  --

2002  -- 

2003  --2004  -- 

 

1,557

2,040

  2,700

  3,614

 

MIPS

 

--  MIPS

--  MIPS

--  MIPS

--  MIPS

 

--  Million Instructions Per Second

 

     *  In the month of April for each year listed

 

                                   

Information provided by the Department - Unaudited

 

 

AGENCY DIRECTOR AND DEPUTY DIRECTOR/BUREAU MANAGER

 

  

  During Audit Period:  Director:   Michael Rumman

  Deputy Director/Bureau Manager: Alan Burgard (7/1/2003 to 12/7/2003), Jay Carlson

  (12/8/2003) 

 

   Currently:  Director:   Michael Rumman  --    Deputy Director/Bureau Manager:   Jay Carlson

 

 

 

 





 

 

 

 

 

 

 

 

 


State Government Must Be Prepared

 

 

 

 

 

 

 

 

 

 

 

REPORT SUMMARY

 

 

 

Disaster Contingency Planning

 

The Department has developed strategies to address the disaster contingency needs of the State’s Central Computer Facility; however, the plans and operational provisions need to be enhanced to provide assurance that all of the State’s critical applications and network operations can be recovered within required timeframes.  The State is placing great reliance on the Department’s ability to provide data processing and network services in the event of a disaster. As such, comprehensive and thoroughly tested disaster contingency plans are an essential component of recovery efforts.

 

The Department should ensure the necessary components (plans, equipment, and facilities) are available to provide for continuation of critical computer operations in the event of a disaster.  In addition, the Department should conduct comprehensive tests of the plans on an annual basis. 

 

The Department concurred with our recommendation.  In addition, the Department stated it would continue to evaluate and enhance business continuity planning and preparedness.

 

 

 AUDITORS' OPINION

 

Procedures were generally sufficient to provide reasonable, but not absolute, assurance that relevant general and application control objectives were achieved. 

 

 

 

 

 

                                  

                              ____________________________________                                           

                                  WILLIAM G. HOLLAND, Auditor General              

 

WGH:WJS:ap