The Colorado Governor’s Office of Information and Technology failed to ensure that state agencies have recovery plans for systems on the state mainframe computer in the event of a disaster, potentially compromising information on taxes, welfare and other critical systems, state auditors said.
Auditors said natural disasters and the rise of terrorism put state computers at risk and the state should have plans to ensure the systems are secure.
Departments that store information on the system include Human Services, Labor and Employment, Public Health and Environment and Revenue. Records on the system include welfare, worker’s compensation, driver’s licenses and taxpayer files.
“These are obviously systems that are extremely critical to the state. This is a very large issue,” said state auditor Sally Symanski.
Auditors said the state has no disaster recovery plan for a number of critical systems including foster care, food stamps and welfare funds. Of the eight plans that departments have developed, none was designed to secure information in case of a disaster.
Chief information officer Michael Locatis said the technology office agreed with most of the recommendations and is working on the problem.