New York State Comptroller Thomas P. DiNapoli today announced the following local government audits have been issued.
Officials did not adequately secure and protect the village’s information technology (IT) systems against unauthorized use, access and loss. The board also did not adopt required or sufficient IT policies, provide users with IT security awareness training, or develop a disaster recovery plan. Officials were unaware that employees were accessing websites for nonbusiness purposes because they did not routinely monitor employee Internet use. The IT consultant’s responsibilities were not defined and officials did not have a formal contract with the consultant. In addition, sensitive IT control weaknesses were communicated confidentially to officials.
In a previous report issued in July 21, 2017, auditors identified problems with the board’s oversight over the village’s financial operations. When auditors revisited the village in August 2020 to review progress, they found limited corrective actions had occurred. Of the seven audit recommendations, one recommendation was fully implemented, four recommendations were partially implemented and two recommendations were not implemented.
Find out how your government money is spent at Open Book New York. Track municipal spending, the state's 180,000 contracts, billions in state payments and public authority data. Visit the Reading Room for contract FOIL requests, bid protest decisions and commonly requested data.