Search
Arkport Central School District – Network Access Controls (2021M-162)
… School District (District) officials ensured network access controls were secure. Key Findings District officials did not ensure that the District’s network access controls were secure. District officials did not … Central School District District officials ensured network access controls were secure …
https://www.osc.ny.gov/local-government/audits/school-district/2022/01/28/arkport-central-school-district-network-access-controls-2021m-162Duanesburg Central School District – Information Technology (2021M-40)
… Regularly review network and local user accounts for appropriate permissions and disable those that are …
https://www.osc.ny.gov/local-government/audits/school-district/2021/11/19/duanesburg-central-school-district-information-technology-2021m-40Haldane Central School District – Information Technology (2021M-84)
… did not: Disable 74 unneeded network user accounts of the 300 accounts we examined. The 74 accounts included …
https://www.osc.ny.gov/local-government/audits/school-district/2021/11/05/haldane-central-school-district-information-technology-2021m-84Town of Hempstead – Information Technology Access Controls (2021M-158)
… to help safeguard IT systems against unauthorized access. The Board and Town officials did not: Develop and adopt … confidentially to officials. Key Recommendations The Board should: Adopt comprehensive IT security policies … with our recommendations and indicated that they were in the process of implementing corrective action. …
https://www.osc.ny.gov/local-government/audits/town/2022/08/19/town-hempstead-information-technology-access-controls-2021m-158Town of Lansing – Information Technology (2022M-66)
… information technology (IT) systems were adequately secured and protected against unauthorized use, access and … Town officials did not ensure IT systems were adequately secured and protected against unauthorized use, access and … ensured information technology IT systems were adequately secured and protected against unauthorized use access and loss …
https://www.osc.ny.gov/local-government/audits/town/2022/07/08/town-lansing-information-technology-2022m-66Mount Pleasant Central School District – Information Technology User Accounts (2021M-31)
… officials did not establish adequate controls over the District’s user accounts to prevent unauthorized use, … and/or loss. Officials did not: Monitor compliance with the District’s acceptable use policy (AUP). Adequately manage … and implement procedures to monitor compliance with the AUP. Develop written procedures for managing system …
https://www.osc.ny.gov/local-government/audits/school-district/2021/07/16/mount-pleasant-central-school-district-information-technology-userRichfield Springs Central School District - Fixed Assets (2019M-140)
… policies were not comprehensive or being followed. Out of 206 fixed assets reviewed, 64 were unable to be located, … tags and four had the incorrect asset tag numbers. Out of 158 fixed assets listed as being disposed, 143 lacked … update policies to include proper sanitation and disposal of electronic devices. Ensure inventory records are accurate …
https://www.osc.ny.gov/local-government/audits/school-district/2019/09/20/richfield-springs-central-school-district-fixed-assets-2019m-140Poughkeepsie City School District - Payroll (2019M-110)
… Determine whether District officials ensured that payroll payments and leave accruals were accurate, properly … bargaining agreements (CBAs) are not comprehensive, and payroll and personnel policies are outdated. Eleven retirees … with them. Develop and implement procedures to ensure that payroll payments are made in accordance with contracts and …
https://www.osc.ny.gov/local-government/audits/school-district/2019/12/13/poughkeepsie-city-school-district-payroll-2019m-110Examples from GASB Statement 34 - Statement of Fiduciary Net Assets
… Fiduciary Net Assets Fiduciary Funds December 31, 2002 Employee Retirement Plan Private-Purpose Trusts Agency Funds … 80,000 Municipal bonds 6,528,019 Corporate bonds 16,320,047 Corporate stocks … NET ASSETS: Held in trust for pension benefits and other purposes $65,796,103 $ 80,776 …
https://www.osc.ny.gov/local-government/publications/examples-gasb-statement-34-statement-fiduciary-net-assetsTravel Advisory No. 8
… : The United States General Services Administration (GSA) issued updated meal and incidental expenses (M&IE) per diem rates for the period October 1, 2024 through September 30, …
https://www.osc.ny.gov/state-agencies/advisories/travel-advisory/8-gfo-updates-meals-and-incidental-expenses-breakdownEthics Oversight (2020-MS-1)
… Towns: Clay [pdf] , Colonie [pdf] , Greece [pdf] , Oyster Bay [pdf] , Ramapo [pdf] , Southampton [pdf] , Tonawanda …
https://www.osc.ny.gov/local-government/audits/statewide-audit/2020/12/30/ethics-oversight-2020-ms-1Required Reporting
… and Tax Cap Compliance Constitutional Tax Limit Foreign Fire Insurance Tax Data Verification (replaces the MA-144) … Reporting Manuals (ARM): County, City, Town, Village [pdf] Fire Districts [pdf] School Districts [pdf] …
https://www.osc.ny.gov/local-government/required-reportingNewark Central School District – Employee Benefits (2024M-40)
… $16,230, which District officials paid after we brought it to their attention. Seven employees’ separation payments … calculated and adequate documentation is maintained to support the calculations and eligibility requirements. …
https://www.osc.ny.gov/local-government/audits/school-district/2024/07/19/newark-central-school-district-employee-benefits-2024m-40East Williston Union Free School District – Management of Nonstudent Network User Accounts (2022M-171)
… adequately managed and monitored nonstudent network user accounts to help prevent unauthorized use, access and … did not adequately manage and monitor nonstudent network user accounts to help prevent unauthorized use, access and loss. In addition to sensitive information technology (IT) control …
https://www.osc.ny.gov/local-government/audits/school-district/2023/06/16/east-williston-union-free-school-district-management-nonstudent-networkAmherst Central School District – Network User Account Access and Application User Accounts and Permissions (2023M-5)
… and permissions in financial and student information applications. Key Findings District officials did not … and permissions in financial and student information applications. As a result, there is a significant risk that … permissions in the financial and student information applications. Key Recommendations Ensure that unnecessary …
https://www.osc.ny.gov/local-government/audits/school-district/2023/06/02/amherst-central-school-district-network-user-account-access-andSalmon River Central School District – Foster Care Student Tuition (2022M-168)
… Audit Objective Determine whether Salmon River Central School District (District) officials accurately paid tuition for foster care students enrolled at other school districts. Key Findings District officials did not … care students enrolled care students enrolled at other school districts. Officials made payment errors for 14 (45 …
https://www.osc.ny.gov/local-government/audits/school-district/2023/02/10/salmon-river-central-school-district-foster-care-student-tuition-2022mTown of Hempstead – Compensatory Time (2021M-64)
… accurately accrued and accounted for compensatory (comp) time. Key Findings Town officials did not ensure comp time hours were accurately accrued and accounted for. As … result, officials do not have adequate assurance that all comp time is appropriately earned, accurately recorded and …
https://www.osc.ny.gov/local-government/audits/town/2021/09/10/town-hempstead-compensatory-time-2021m-64Hunter-Tannersville Central School District – Network User Accounts and Information Technology Contingency Planning (2022M-125)
… user accounts or develop a written IT contingency plan. In addition to sensitive IT control weaknesses that were …
https://www.osc.ny.gov/local-government/audits/school-district/2022/11/10/hunter-tannersville-central-school-district-network-user-accounts-andCayuga County – Security of Electronic Public Health Department Personal, Private and Sensitive Information (2022M-146)
… Key Findings County officials did not adequately protect the Department’s electronic data containing PPSI. In addition … we found: Electronic data containing PPSI on 32 of the 61 County-owned Department IT devices we examined, in … Establish a data classification inventory that assigns the appropriate security level to each type of data. Develop …
https://www.osc.ny.gov/local-government/audits/county/2022/12/02/cayuga-county-security-electronic-public-health-department-personal-private-andPotsdam Central School District – Network User Account Controls and Information Technology Contingency Planning (2022M-104)
… confidentially communicated to officials, we found that: Of the District’s 1,909 network user accounts 1,896 network …
https://www.osc.ny.gov/local-government/audits/school-district/2022/12/02/potsdam-central-school-district-network-user-account-controls-and