Report 2021-602 Recommendation 8 Responses
Report 2021-602: State High-Risk Update—Information Security: The California Department of Technology's Inadequate Oversight Limits the States Ability to Ensure Information Security (Release Date: January 2022)
Recommendation #8 To: Technology, California Department of
To help reporting entities ensure that their teleworking employees are taking appropriate security precautions, CDT should clarify guidance by February 2022 to require all employees using personal devices for state business to implement baseline security measures.
Updates have been made and the announcement released August 2022.
PS 023 - CDT General SIMM Maintenance | CDT (ca.gov)
- Completion Date: August 2022
California State Auditor's Assessment of Status: Fully Implemented
CDT fully implemented this recommendation by updating its guidance in the Telework and Remote Access Security Standard.
Updates have been made and the announcement will be released by July 31, 2022.
- Completion Date: August 2022
California State Auditor's Assessment of Status: Pending
Per CDT's response, it will not fully implement this recommendation until August 2022.
- Auditee did not substantiate its claim of full implementation
Updated telework guidance has been provided on https://telework.govops.ca.gov and is continually updated. In addition, updates to policy language have been completed and currently is in the publishing process; these updates will be issued shortly.
- Estimated Completion Date: June 2022
California State Auditor's Assessment of Status: Pending
Per CDT's response, it expects to fully implement this recommendation by June 2022.
All Recommendations in 2021-602
Agency responses received are posted verbatim.