There are no new recommendations to the Department of Service Alberta in this report.
The following recommendations are outstanding and not yet ready for follow-up audits:
IT disaster recovery program: Improve recovery of critical information technology applications—October 2014, no. 5, p. 45
We recommend that the Department of Service Alberta, with support from the Deputy Ministers’ Council:
- identify the most critical IT applications throughout all government entities
- identify the times, after a disaster, that critical IT applications must be recovered
- ensure that there are tested plans and adequate resources to recover critical IT applications within those times
Systems to manage a comprehensive inventory of information technology applications—May 2017, no. 3, p. 51
We recommend that Service Alberta complete its plans to implement a comprehensive inventory system of all IT applications used across government, with supporting processes to maintain the inventory. If required, Service Alberta should seek the necessary authority to complete the project.
Management has identified these recommendations as implemented—to be confirmed with follow-up audits:
Access and security monitoring of the revenue application systems—October 2008, p. 346
We recommend that the Department of Service Alberta ensure adequate logging and monitoring processes are in place in all application systems that host or support financial information and Albertans’ personal information.
System conversion process—October 2008, p. 349
We recommend that the Department of Service Alberta document its review of actual system conversion activities to ensure that they comply with the approved test plan for system conversion and data migration.