Jail Management System - Maricopa County

More documents

Recommendations

Info

Executive Summary IT Control Environment (Page 7) The Maricopa County Sheriff’s Office (MCSO) information technology (IT) control environment generally follows industry standards in key areas. Network Security (Page 9) We tested network security controls in four key areas: (1) The Criminal Justice Network, (2) password management, (3) remote access security, and (4) patch management. Strong network security controls reduce the likelihood of system vulnerabilities and breaches. Due to the sensitive nature of this work, we provided MCSO management with detailed findings in a separate report. Personnel Screening and Access Reviews (Page 10) MCSO personnel screening, security awareness training, and account access review processes could be improved. Incomplete personnel screening and training processes may leave MCSO vulnerable to potential abuse of sensitive data. Undocumented user access procedures increase the risk that unauthorized users may inappropriately access or modify criminal justice information. MCSO should consider strengthening personnel screening policies, provide user awareness training, and conduct user access reviews. Change Management (Page 12) MCSO does not have a formalized change management process for authorizing, testing, and approving the Jail Management System (JMS) changes. JMS developers have unrestricted access to the application. If unauthorized or untested changes are introduced into JMS, they could create data integrity and system availability issues. MCSO should strengthen its change management controls. IT Strategic Planning and Project Management (Page 13) MCSO does not have a formal IT strategic plan or project management process that effectively aligns IT resource spending with MCSO’s core mission. A strategic plan helps ensure that critical IT projects are completed efficiently and economically. MCSO should consider developing an IT strategic plan and project management framework. IT Policies and Procedures (Page 15) MCSO does not have formal JMS security policies and procedures that should address Criminal Justice Information Services Security Policy requirements. Formalized IT procedures can help MCSO implement security and other control activities during personnel absences and turnover. MCSO should develop formalized JMS IT policies and procedures. Maricopa County Internal Audit 1 Jail Management System–May 2012
Introduction Background The Jail Management System (JMS) is the primary computer system used by the Maricopa County Sheriff’s Office (MCSO) to manage jail operations and inmates. JMS includes information on booking, fingerprinting, food services, housing, transportation, health, inmate property, and bonding. Jail Management System Organization The MCSO Technology Bureau (MCSO IT) is responsible for maintaining and supporting all MCSO business systems, including JMS. MCSO has approximately 3,500 employees and operates 24 hours a day, 7 days a week. MCSO IT’s 65 employees are responsible for ensuring that critical applications like JMS are available to support those operations. Below is the MCSO IT organization chart: Inmate Telephone System (ITS) Administrator Commander Business Applications Services Jail Management System Deputy Director Commander Desktop & Client Support Commander Mainframe Operations & Technical Support Commander Telecom Technology JMS Migration Team MCSO IT began developing JMS in 1990 and moved it into production in 1995. JMS runs on a mainframe, a powerful computer used for critical applications and bulk data processing. MCSO employees enter information into JMS throughout an inmate’s incarceration. JMS includes judicial information (inmate charges, holds, court dispositions, and bond and fine amounts) and administrative information (personal property inventory, locker assignment, housing location, restrictions, and emergency medical information). MCSO processes approximately 105 million transactions per year through the JMS system. Maricopa County Internal Audit 2 Jail Management System–May 2012
Page 1 and 2: A Report to the Board of Supervisor
Page 3: 301 West Jefferson St Suite 660 Phx
Page 7 and 8: JMS Environment Because JMS is a mi
Page 9 and 10: (Blank Page) Maricopa County Intern
Page 11 and 12: Condition Through observation, limi
Page 13 and 14: Issue 3 Personnel Screening and Acc
Page 15 and 16: Issue 4 Change Management Summary M
Page 17 and 18: Recommendations MCSO should conside
Page 19 and 20: Sheriff’s Office Response Maricop
Page 21 and 22: Jail Management System (JMS) Sherif

Jail Management System - Maricopa County

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?