Town of East Otto - Information Technology (2018M-156) | Office of the New York State Comptroller

Issued Date

October 19, 2018

Audit Objective

Determine whether the Board ensures that information technology (IT) assets are properly safeguarded and accessed for appropriate Town purposes.

Key Findings

The Board has not:

Adopted an acceptable use policy; we found evidence of personal use on four of the six computers examined.
Adopted a disaster recovery plan or formal backup procedures.

In addition, sensitive IT control weaknesses were communicated confidentially to Town officials.

Key Recommendations

Adopt an acceptable use policy describing inappropriate and acceptable use.
Develop, adopt and implement a disaster recovery plan and formalize backup procedures.

Town officials agreed with our recommendations and indicated they planned to initiate corrective action.

Background

The Town of East Otto (Town) is located in Cattaraugus County. The Town is governed by an elected Town Board (Board), which is composed of a Supervisor and four Council members. The Board is responsible for the general oversight of operations and finances, including security over the Town’s IT system.

Quick Facts
Residents	1,100
2018 Appropriations	$1.2 million
Employees	13
Computers	6

Audit Period

January 1, 2017 – May 15, 2018