Audit Objective
Determine whether the Bradford Central School District (District) officials ensured online banking transactions were appropriate and secure.
Key Findings
While we found online banking transactions were appropriate, District officials did not secure access to online banking. In addition to sensitive information technology (IT) control weaknesses that we confidentially communicated to District officials, officials did not:
- Ensure that authorized access to online bank accounts was limited.
- Have an adequate online banking policy and procedures.
- Monitor computer use with the acceptable use policy.
Key Recommendations
- Limit online banking access to only those individuals authorized by the Board.
- Update the electronic banking policy and disseminate it to all authorized online banking users.
- Designate a computer for online banking transactions.
- Periodically monitor computer use to ensure compliance with the acceptable use policy.
District officials agreed with our recommendations and indicated they will take corrective action.