Summary
| Report Number: | 2004-071 |
| Report Title: | Department of Law Enforcement-Florida Crime Information Center |
| Report Period: | 12/2002-04/2003 |
| Release Date: | 01/06/2004 |
The scope of this audit focused on evaluating selected information technology (IT) functions and determining the effectiveness of general and application controls applicable to FCIC during the period December 2002 through April 2003.
As described below, we noted deficiencies in certain general controls related to FCIC.
Finding No. 1: Improvements were needed in the documentation of program changes made to FCIC. In addition, the Department did not independently review or monitor program move activity.
Finding No. 2: Improvements were needed in the Department’s IT risk management practices and in certain security controls protecting FCIC.
The Commissioner's and Chief Information Officer’s written responses to the audit findings and recommendations are included in their entirety on the Auditor General Web site.