Orange County NC Website
Browse       Search
17 <br /> 1 Industry recommendation <br /> 2 The Information Technology environment is characterized by rapid change and there <br /> 3 has been no shortage of headlines about cyber security attacks. While breaches <br /> 4 of large organizations have been very high profile and have received a lot of <br /> 5 press coverage, organizations of all sizes face the same types of threats and are <br /> 6 experiencing similar breaches. Many organizations are still struggling to effectively <br /> 7 address cyber security issues; however, they are no longer ignoring them. During the <br /> 8 performance of our audit of the financial statements of the County, we noted that the <br /> 9 organization is taking measures to prevent such an attack on the County, but is <br /> 10 lacking some elements of a Cyber security Framework or Cyber security Risk <br /> 11 Management Program (CRMP). A functioning CRMP will assist the County with <br /> 12 comprehensively identifying cyber security weaknesses, potential threats and risks, <br /> 13 and controls used to safeguard information and systems. We recommend that <br /> 14 the entity investigate and consider implementation of a Cyber security Risk <br /> 15 Management Program including covering the monitoring and testing of controls in <br /> 16 place. <br /> 17 <br /> 18 New GASB Pronouncements- Implemented This Year <br /> 19 <br /> 20 - GASB Statement No. 75, Accounting and Financial Reporting for <br /> 21 Postemployment Benefits Other Than Pensions, replaces the requirements of <br /> 22 Statement No. 45 and addressed accounting and financial reporting for OPEB <br /> 23 that is provided to the employees of the state and local governmental employers. <br /> 24 This statement established standards for recognizing and measuring liabilities, <br /> 25 deferred outflows of resources, deferred inflows of resources and <br /> 26 expense/expenditures. For defined benefit OPEB, this statement identifies the <br /> 27 methods and assumptions that are required to be used to project benefit <br /> 28 payments, discount projected benefit payments to their actuarial present value, <br /> 29 and attribute that present value to periods of employee service. Note disclosure <br /> 30 and required supplementary information requirements about defined benefit <br /> 31 OPEB are also addressed. <br /> 32 <br /> 33 - Statement No. 74, Financial Reporting for Postemployment Benefit Plans Other <br /> 34 Than Pension Plans. The objective of this statement is to improve the usefulness <br /> 35 of information about postemployment benefits other than pensions (other <br /> 36 postemployment benefits or OPEB) included in the general purpose external <br /> 37 financial reports of state and local governmental OPEB plans for making decisions <br /> 38 and assessing accountability. This statement results from a comprehensive review <br /> 39 of the effectiveness of existing standards of accounting and financial reporting for <br /> 40 all postemployment benefits (pensions and OPEB) with regard to providing <br /> 41 decision- useful information, supporting assessments of accountability and inter- <br /> 42 period equity, and creating additional transparency. <br /> 43 <br /> 44 <br /> 45 - Statement No. 76, The Hierarchy of Generally Accepted Accounting Principles for <br /> 46 State and Local Governments. The objective of this statement is to identify (in the <br /> 47 context of the current governmental financial reporting environment) the hierarchy <br /> 48 of generally accepted accounting principles (GAAP). The "GAAP hierarchy" <br /> 49 consists of the sources of accounting principles used to prepare financial <br />