The Department of Administration's Intertechnologies Group (Intertech) used ACF2 security features to limit most system-wide clearances to its own information system professionals and certain installed software products. However, an excessive number of these either have widespread access to data or could obtain this level of clearance through weaknesses in the security infrastructure.
Financial-Related Audit Reports address internal control weaknesses and noncompliance issues found during our audits of state departments and agencies. The scope of our work at the Department of Administration was limited to a review of system-wide access to mainframe data.
Office of the Legislative Auditor ♦ Room 140, 658 Cedar St., St. Paul, MN 55155