Summary
In 2012, we audited IT security for the transfer of traffic fines information between the government’s Justice Online Information Network system and its external partners’ systems. We examined the method the department used to receive the data, summarize and report on it and send summaries of fines back to ticketing partners and municipalities.
What we found
We immediately recommended that the department improve the security over data transmitted over the internet. Because of the sensitivity of this finding and the potential for loss of confidential information, we exercised our discretion to not publicly report our finding in 2012.
We tested the design and operating effectiveness of the new JOIN secure transfer system and confirmed that the department has resolved this critical security exposure. We now consider the 2012 recommendation to be implemented.