The operating system access controls are not adequate to protect the critical and sensitive information from unauthorized access. See Audit Finding 2, Adequacy of Access Controls Over the Operating System for further information. Due to the sensitive nature of the conditions found in the other weaknesses, we have conveyed these findings to management in a separate letter pursuant to the provision of North Carolina G.S. 147-64.6(c)(18).

First Published