ISA-2016-2000

The objective of this information systems audit was to assess the general and business process application controls that Administrative Office of the Courts (AOC) maintained as an organization providing services to the North Carolina Court System. The audit found that staff in 11 of 25 County Clerk of Superior Court Offices possessed system access rights inconsistent with proper segregation of duties. The improper segregation of duties increased the risk that errors, unauthorized transactions, and fraud could have occurred and remained undetected. Details about this finding are provided in the Audit Finding, Recommendations, and Response section of the report. The audit also found security deficiencies considered reportable under generally accepted government auditing standards. These deficiencies were reported to AOC by separate letter in accordance with these standards. Those items should be kept confidential as provided by North Carolina General Statute 132-6.1(c). AOC agreed with our findings and recommendations.