State audit finds concerns with data security, accounting practices in Ozark County

Published: May. 2, 2016 at 10:52 AM CDT
Email This Link
Share on Pinterest
Share on LinkedIn

Missouri State Auditor Nicole Galloway on Monday released an audit of Ozark County. The audit report describes weaknesses in cybersecurity measures and accounting practices in several county offices.

Some offices lacked sufficient password protection controls, including a lack of requirements and the use of shared passwords to access county computers. Other offices failed to appropriately store or maintain backup data, which increases vulnerability to cyber threats and ransomware-style encryption attacks.

"County officials are tasked with work that requires citizens' personal information, from tax records to contact information to bank accounts, but having that information requires appropriate protective measures," Auditor Galloway said. "Our team found many of Ozark County's offices lacked critical safeguards to help prevent the risk of a security breach, so we've recommended changes to help them take steps toward better protecting this information."

The audit also raised concerns with accounting practices across multiple county offices, including a lack of oversight for financial documents prepared by the county collector. Employee hours worked are not always accurately reported to the county clerk's office. In addition, compensatory time for sheriff employees is tracked separately from other county offices and not always in line with county policy or federal labor standards.

The complete audit report, which received an overall rating of "fair," can be found online at