Department of Administrative Services cybersecurity controls assessment
Subject(s): | n-us-or Oregon. Department of Administrative Services -- Auditing Oregon. Department of Administrative Services -- Information technology -- Evaluation Computer security -- Oregon -- Evaluation Administrative agencies -- Information technology -- Management |
---|---|
Date Issued: | 2019 |
Title: | Department of Administrative Services cybersecurity controls assessment. |
|
---|---|---|
Alternative Title: | Cybersecurity controls assessment. | |
Name(s): |
Oregon Audits Division,, author,, issuing body. Oregon Department of Administrative Services,, addressee. |
|
Type of Resource: | text | |
Genre: | bibliography | |
Issuance: | monographic | |
Date Issued: | 2019 | |
Physical Form: |
electronic resource remote |
|
Extent: | 1 online resource (14, 5 pages) : color illustrations | |
Identifier(s): | 1107322505 (oclc) | |
Note(s): |
Title from PDF cover (viewed on July 3, 2019). "DAS is the state's central administrative agency. It supports state agencies by providing management frameworks and infrastructure for information systems and services, procurement, and other functions. Responsibility for cybersecurity is split between DAS, the Office of the State CIO, and the Enterprise Security Office. This audit assessed critical security controls and the information technology (IT) security management practices at the Department of Administrative Services (DAS). We concluded the agency does not have a security management program that identifies necessary actions to ensure systems are appropriately secure, and lacks basic foundational IT controls for all six cybersecurity controls we reviewed. As a result, DAS systems and data may be at risk for unauthorized use, disclosure, or modification"--Page i. Includes letter of response signed by Katy Coba, COO/DAS Director, and Terrence Woods, State Chief Information Officer. This archived document is maintained by the State Library of Oregon as part of the Oregon Documents Depository Program. It is for informational purposes and may not be suitable for legal purposes. Includes bibliographical references. Mode of access: Internet from the Oregon Government Publications Collection. Text in English. |
|
Subject(s): |
n-us-or Oregon. Department of Administrative Services -- Auditing Oregon. Department of Administrative Services -- Information technology -- Evaluation Computer security -- Oregon -- Evaluation Administrative agencies -- Information technology -- Management |
|
Restrictions on Access: | http://rightsstatements.org/vocab/CNE/1.0/ | |
Is Part of Series: | Secretary of State audit report ; no. 2019-28. | |
In Collections: |