Facebook Twitter

FOR IMMEDIATE RELEASE: November 13, 2014 

Governor’s Office of Information Technology Addresses Audit Findings

DENVER, Colo.—The Governor’s Office of Information Technology (OIT) had an opportunity today to address findings from an audit completed earlier this year by the Colorado Office of the State Auditor.

At a hearing before the Colorado Legislative Audit Committee, leadership from OIT shared the organization’s efforts in recent years and months to strengthen the state’s backup and recovery capabilities in response to key findings from the audit. The OSA audit recommended in part that OIT:
  • Review, update and communicate system backup and recovery policies and establish a way to ensure accountability for implementing policies
  • Enhance backup and recovery controls to mitigate failures
  • Consistently perform restoration and recovery testing
  • Work with agencies to develop system backup and recovery procedures that meet agency needs
OIT Chief Technology Officer David McCurdy says, “OIT has been working for the last four years to strengthen the state’s backup and recovery capabilities.” McCurdy says while OIT has made significant progress in identifying and keeping current the 150 applications deemed critical and essential for the state’s operations, there is much work still to be done to ensure that these applications are recoverable within a manageable timeframe. “Our teams are up to the task. We know it will take a resource and fiscal commitment in the coming years,” he added.

OIT was able to initiate an assessment to evaluate the current backup and recovery infrastructure this past year. The assessment is still in progress and identifies backup and recovery challenges, proposes tactical solutions, begins planning for a long-term backup and recovery strategy, and aligns business requirements with appropriate technologies. While OIT’s assessment focuses on day-to-day backup and recovery operation, it does not include an assessment of disaster recovery processes which is a much more expensive task.

The assessment is currently being completed and reviewed, and next steps for the enterprise Data Protection and Disaster Recovery project are being developed. Colorado’s Secretary of Technology and Chief Information Officer Suma Nallapati says, “We believe we are heading in the right direction to address the issues raised in the audit. And as always, we welcome these honest appraisals of our systems. They make us better stewards for the State of Colorado.”

More information about the audit report can be found by contacting the Office of the State Auditor at state.co.us/auditor.

Media Contact: 
Tauna Lockhart, Chief Communications Officer & PIO
303.764.7731 (work) 
720.933.9193 (cell)