ALBANY – Hunter-Tannersville Central School District officials did not adequately manage or monitor nonstudent network user accounts or develop a written information technology contingency plan, an audit by the state comptroller’s office concluded.
The study looked at the period of July 1, 2020 through July 27, 2021.
The audit also found officials did not disable 31 unneeded network user accounts of the 225 enabled nonstudent accounts. Those included, but were not limited to, accounts of former employees and substitute teachers that were never employed by the district.
As a result, the audit said the district’s risk of unauthorized network access is increased.
It also said the district did not develop- and adopt a comprehensive written IT contingency plan or store back-up data off site.
The audit also conveyed sensitive IT control weaknesses confidentially to officials.
The state report recommended the district develop and communicate comprehensive written procedures for managing and monitoring nonstudent network user account access, and develop and adopt a comprehensive written IT contingency plan and store back-ups off site.
District officials agreed with the recommendations and indicated they ware implementing corrective action.
