Here’s a reasonable rule for conducting business: Be sure that you and your employees understand the policy for using company computers and that compliance safeguards are in place.
The need for such clear operating guidelines was underscored last fall when news broke that state Department of Local Affairs employees had been given a green light by director Susan Kirkpatrick to use their work computers for ordering World Series tickets online. Kirkpatrick rescinded her OK the same day.
But this activity shone a spotlight on the agency. Subsequent media inquiries suggested — wrongly, as it turned out — that the computers at the State Emergency Operations Center (under the aegis of the Department of Local Affairs) also may have been used for other dubious activities, including visiting pornographic sites.
Thankfully, our state’s system of checks and balances worked to bring a reasonable and fairly expeditious resolution to this embarrassing episode. The Legislative Audit Committee, under the leadership of Rep. Jim Kerr, R-Littleton, asked the state auditor’s office to look into the worrisome stories.
The state auditor’s detailed report (released Monday and available at www.leg.state.co.us/OSA/coauditor1.nsf/) reveals nothing egregious in the day-to-day computer operations of the emergency operations center. Generally, the audit says the center was careless last fall but notes that “since then the department has strengthened existing controls and implemented additional controls” that “are appropriate and reasonable.”
The 21-page audit meticulously outlines the use of the SEOC computers and how the false perception that employees were visiting unsavory websites came have come about. For one thing, the agency did not have a Web-filtering system installed (it now does). In addition, the report said, the media’s use of so-called Internet “cookie” reports, which store information about visited websites, did not accurately reflect which sites actually were hit.
The auditors also are reasonable in their assessment of the problem, noting that employees should be given some limited personal use of the computers much like workers at most businesses are given access to company telephones when, let’s say, making a doctor’s appointment.
One sensible action is reassuring: All employees now are required annually to read and sign a policy regarding use of SEOC computers.
Unfortunately, there continues to be some bickering by members of the Legislative Audit Committee over how effectively Kirkpatrick has responded to the problems.
This is strictly partisan positioning. The blunders were identified and remedied.
The state auditor’s office is satisfied. It’s time to move on.
