The Riverhead Fire District lacked policies dealing with computer security and did not have adequate procedures to cover the hiring of professionals, according to an audit of the district by the State Comptroller’s office covering Jan. 1, 2010 to Sept. 30, 2011.
While agreeing to make several changes cited as needed, fire district officials noted the audit found no serious problems or wasted money. They said several recommended changes already are being implemented.
“The board is pleased to see the report contained no findings or suggestions of fiscal irresponsibility, financial loss or misappropriation ... or suggestions that any public funds entrusted to the district ... were not fully accounted for or not properly used ... ” district fire commissioners said in response to the audit.
The audit, released last month, noted that the fire district lacked adequate procedures for hiring professional services, and spent $787,697 on nine professionals, three without written agreements.
It also noted that the district had no policy covering computer use and no system to notify people of a computer security breach. It also lacked a policy covering remote access to its computers.
The board did have a policy covering emails, but did not routinely audit logs to see who had accessed its computers and for what purpose.
Above: Downtown Riverhead