Medium
| Agency: | Information Technology Department | Report Date: | November 17, 2016 |
| Type: | Service Organization - SOC 2 | LAFRC Date: | July 25, 2017 |
| Issued By: | State Auditor | Period Ending: | June 30, 2016 |
[pdf] Download Report
Findings
- Perform Disaster Recovery Testing on all Core Components
- Destroy Hard Drives in Accordance with Procedures
- Ensure Privileged Accounts are Needed
- Encrypt all Portable Devices
- Ensure Privileged and Non-Privileged Accounts are Included in Groups as Appropriate
- Review Data Center Physical Access
- Provide Job Related Training to Employees