Skip to Content

Login   Subscribe   Site Index   Contact Us   Google Translate™

NYS Comptroller

THOMAS P. DiNAPOLI

Taxpayers' Guide to State and Local Audits

Audits of Local Governments and School Districts

Town of North East – Internal Controls Over Information Technology (2013M-31)

Released: May 3, 2013 -- [read complete report - pdf]


Purpose of Audit

The purpose of our audit was to assess internal controls over information technology (IT) for the period January 1, 2011, to November 15, 2012.

Background

The Town of North East is located in Dutchess County and has a population of approximately 3,500. The elected Town Board is comprised of four Board members and the Supervisor. The Town’s budget for the 2012 fiscal year was approximately $1 million.

Key Findings

  • The Board does not have a written agreement with one of the Town’s IT service providers and cannot be assured the Town is receiving IT services that meet the Town’s needs and expectations.
  • Although the Board has adopted a breach notification policy, it has not designated responsible parties to implement the policy, nor educated Town officials and employees on the existence of the policy.
  • The Town does not have a disaster recovery plan.

Key Recommendations

  • Ensure that the Board has a written agreement with all third-party IT service providers that clearly defines the services and the related security to be provided to the Town.
  • Educate Town officials and employees about the adopted information breach notification policy and designate the Town officials and/or employees responsible for implementing the policy.
  • Adopt a comprehensive disaster recovery plan.

Local Government and School Accountability Contact Information:

Phone: (518) 474-4037; Email: localgov@osc.state.ny.us
Address: Office of the State Comptroller, Division of Local Government and School Accountability
110 State Street, 12th Floor; Albany, NY 12236