Department of Administrative Services cybersecurity controls assessment

Title from PDF cover (viewed on July 3, 2019)., "DAS is the state's central administrative agency. It supports state agencies by providing management frameworks and infrastructure for information systems and services, procurement, and other functions. Responsibility for cybersecurity is split between DAS, the Office of the State CIO, and the Enterprise Security Office. This audit assessed critical security controls and the information technology (IT) security management practices at the Department of Administrative Services (DAS). We concluded the agency does not have a security management program that identifies necessary actions to ensure systems are appropriately secure, and lacks basic foundational IT controls for all six cybersecurity controls we reviewed. As a result, DAS systems and data may be at risk for unauthorized use, disclosure, or modification"--Page i., Includes letter of response signed by Katy Coba, COO/DAS Director, and Terrence Woods, State Chief Information Officer., This archived document is maintained by the State Library of Oregon as part of the Oregon Documents Depository Program. It is for informational purposes and may not be suitable for legal purposes., Includes bibliographical references., Mode of access: Internet from the Oregon Government Publications Collection., Text in English.
Download pdf
This archived document is maintained by the State Library of Oregon as part of the Oregon Documents Depository Program. It is for informational purposes and may not be suitable for legal purposes.
Subject(s): n-us-or
Oregon. Department of Administrative Services -- Auditing
Oregon. Department of Administrative Services -- Information technology -- Evaluation
Computer security -- Oregon -- Evaluation
Administrative agencies -- Information technology -- Management
Date Issued: 2019
Title: Department of Administrative Services cybersecurity controls assessment.
Alternative Title: Cybersecurity controls assessment.
Name(s): Oregon Audits Division,, author,, issuing body.
Oregon Department of Administrative Services,, addressee.
Type of Resource: text
Genre: bibliography
Issuance: monographic
Date Issued: 2019
Physical Form: electronic resource
remote
Extent: 1 online resource (14, 5 pages) : color illustrations
Identifier(s): 1107322505 (oclc)
Note(s):

Title from PDF cover (viewed on July 3, 2019).

"DAS is the state's central administrative agency. It supports state agencies by providing management frameworks and infrastructure for information systems and services, procurement, and other functions. Responsibility for cybersecurity is split between DAS, the Office of the State CIO, and the Enterprise Security Office. This audit assessed critical security controls and the information technology (IT) security management practices at the Department of Administrative Services (DAS). We concluded the agency does not have a security management program that identifies necessary actions to ensure systems are appropriately secure, and lacks basic foundational IT controls for all six cybersecurity controls we reviewed. As a result, DAS systems and data may be at risk for unauthorized use, disclosure, or modification"--Page i.

Includes letter of response signed by Katy Coba, COO/DAS Director, and Terrence Woods, State Chief Information Officer.

This archived document is maintained by the State Library of Oregon as part of the Oregon Documents Depository Program. It is for informational purposes and may not be suitable for legal purposes.

Includes bibliographical references.

Mode of access: Internet from the Oregon Government Publications Collection.

Text in English.
Subject(s): n-us-or
Oregon. Department of Administrative Services -- Auditing
Oregon. Department of Administrative Services -- Information technology -- Evaluation
Computer security -- Oregon -- Evaluation
Administrative agencies -- Information technology -- Management
Restrictions on Access: http://rightsstatements.org/vocab/CNE/1.0/
Is Part of Series: Secretary of State audit report ; no. 2019-28.
In Collections: