Urban Choice Charter School - Information Technology (2019M-240)

Issued Date
June 12, 2020

[read complete report - pdf]

Audit Objective

Determine whether the Board and School officials ensured information technology (IT) assets were safeguarded.

Key Findings

  • A former employee’s user account was used to process 510 financial transactions after her resignation.
  • School officials did not adopt IT policies or a disaster recovery plan.
  • IT users were not provided with IT security awareness training.

Sensitive information technology (IT) control weaknesses were communicated confidentially to officials.

Key Recommendations

  • Immediately disable user accounts of former employees and ensure all IT users have and use their own user accounts when accessing the network and specialized software applications.
  • Adopt comprehensive IT policies and procedures and a disaster recovery plan.
  • Provide IT users with IT security awareness training.