Oregon Accounting Manual - Accounting And Financial Reporting - State Controller'S Division - 2010

ADVERTISEMENT

Statewide Policy
OREGON ACCOUNTING MANUAL
SUBJECT:
Accounting and Financial Reporting
Number:
10.60.00.PO
State Controller’s Division
DIVISION:
Effective date: August 1, 2010
Chapter:
Internal Control
Part:
Information Technology
APPROVED: John Radford, State Controller
Signature on file at SCD
Authority
ORS 291.015
ORS 293.590
ORS 293.595
Management of Risks, Performance, and Controls in the Information Technology (IT) Environment
.101
Each
agency head
is responsible for establishing, maintaining, and improving internal controls
over the agency’s information technology (IT). An agency must ensure the adequacy of the
design, implementation, and operation of its IT controls to provide an acceptable level of
confidence in agency systems and assurance that:
a. Management’s IT goals and objectives are being accomplished effectively and
efficiently;
b. IT investments and investment strategies are well planned and adequately funded;
c. IT assets are safeguarded; and
management’s
direction,
d. IT
operational
and
investment
strategies
follow
authorization, and security and control policies.
.102
In addition, agencies must comply with all statewide IT security policies and initiatives issued by
the Department of Administrative Services, Enterprise Information Strategy and Policy Division
(DAS-EISPD) and all applicable federal and state laws and regulations pertaining to the
confidentiality, integrity and availability of electronic data, including Oregon Laws 2007, Chapter
759.
.103
State agencies must provide adequate security and control training and other educational support
to employees involved in the design, development, implementation, maintenance, and
management of the IT infrastructure/function, as well as the storage and protection of the
underlying data. A variety of nationally and locally recognized associations and DAS-EISPD
provide training.
Review of IT Controls
Periodically, agency management must review and test the performance of the agency’s internal
.104
controls over information technologies.
.105
Agency management must prepare a report that identifies any significant or material weaknesses
in the agency’s IT controls and gives a status update on IT control weaknesses identified in earlier
reports or noted by internal or external auditors. This report should be available for use by the
10.60.00.PO.1

ADVERTISEMENT

00 votes

Related Articles

Top 20 Happy Easter Cards And Gift Tags To Download For Free
Top Ten Easter Arts And Crafts Activities For Your Kids
Free Easter Coloring Pages And Easter Printables For Your Kids

Related forms

Form Upd Ss-1 - Annual Report Of Unclaimed Property - California State Controller's Office Form Upd Ss-1 - Annual Report Of Unclaimed Property - California State Controller's Office Legal
Safe Deposit Box Inventory Form - State Controller's Office Safe Deposit Box Inventory Form - State Controller's Office Legal
Physician's Return-to-work And Voucher Report - State Of California Physician's Return-to-work And Voucher Report - State Of California Business
Form Nucs-4073 - Emploewr's Quarterly Contribution And Wage Report - State Of Nevada Form Nucs-4073 - Emploewr's Quarterly Contribution And Wage Report - State Of Nevada Legal
Form Dol-4n - Employer's Quarterly Tax And Wage Report - State Of Georgia Form Dol-4n - Employer's Quarterly Tax And Wage Report - State Of Georgia Financial
Form Cri-400 - Instructions For Extension Of Time To File The Renewal Registration Statement And Financial Report - Charitable Organization - Department Of Law & Public Safety Form Cri-400 - Instructions For Extension Of Time To File The Renewal Registration Statement And Financial Report - Charitable Organization - Department Of Law & Public Safety Legal
Form Bfc-1 - Corporation Business Tax Return For Banking And Financial Corporations - State Of New Jersey Form Bfc-1 - Corporation Business Tax Return For Banking And Financial Corporations - State Of New Jersey Financial
Extension Form Cri-400 - Application For Extension Of Time To File The Renewal Registration Statement And Financial Report-charitable Organization Extension Form Cri-400 - Application For Extension Of Time To File The Renewal Registration Statement And Financial Report-charitable Organization Legal
Extension Form Cri-400 - Instructions For Extension Of Time To File The Renewal Registration Statement And Financial Report - Charitable Organization Extension Form Cri-400 - Instructions For Extension Of Time To File The Renewal Registration Statement And Financial Report - Charitable Organization Financial
Instructions For Extension Of Time To File The Renewal Registration Statement And Financial Report - Charitable Organization - Extension Form Cri-400 Instructions For Extension Of Time To File The Renewal Registration Statement And Financial Report - Charitable Organization - Extension Form Cri-400 Legal

Related Categories

Parent category: Legal
Download
Go
Page of 2