Dover Union Free School District - Information Technology (2018M-112)

Issued Date

September 28, 2018

Audit Objective

Determine whether the District’s information technology (IT) system was adequately secured and protected against unauthorized use, access and loss.

Key Findings

Employees accessed websites for social networking, shopping, travel, entertainment and blogging.
District officials did not properly secure the server room.

In addition, sensitive IT control weaknesses were communicated confidentially to District officials.

Key Recommendations

Develop procedures and controls that restrict access to inappropriate websites.
Secure the server room so that only authorized individuals have access.

District officials agreed with our recommendations and indicated they have begun to initiate corrective action.

Background

The Dover Union Free School District (District) serves the Towns of Amenia, Dover, Union Vale and Washington in Dutchess County. The Board of Education (Board) is responsible for managing the District’s operations. The Superintendent of Schools (Superintendent) is responsible for the District’s day-to-day management, budget development and administration.

Quick Facts
Enrollment	1,373
Employees	241
Desktops, laptops and tablets	1,521
Servers	1

Audit Period

July 1, 2016 – February 13, 2018. We expanded our audit scope period through March 14, 2018 to review Internet use.