Department of Administrative Services cybersecurity controls assessment

Title from PDF cover (viewed on July 3, 2019)., "DAS is the state's central administrative agency. It supports state agencies by providing management frameworks and infrastructure for information systems and services, procurement, and other functions. Responsibility for cybersecurity is split between DAS, the Office of the State CIO, and the Enterprise Security Office. This audit assessed critical security controls and the information technology (IT) security management practices at the Department of Administrative Services (DAS). We concluded the agency does not have a security management program that identifies necessary actions to ensure systems are appropriately secure, and lacks basic foundational IT controls for all six cybersecurity controls we reviewed. As a result, DAS systems and data may be at risk for unauthorized use, disclosure, or modification"--Page i., Includes letter of response signed by Katy Coba, COO/DAS Director, and Terrence Woods, State Chief Information Officer., This archived document is maintained by the State Library of Oregon as part of the Oregon Documents Depository Program. It is for informational purposes and may not be suitable for legal purposes., Includes bibliographical references., Mode of access: Internet from the Oregon Government Publications Collection., Text in English.
Download pdf
This archived document is maintained by the State Library of Oregon as part of the Oregon Documents Depository Program. It is for informational purposes and may not be suitable for legal purposes.