Jinny Sims, Minister of Citizens’ Services, has released the following statement in response to the Office of the Auditor General of British Columbia’s audit of the B.C. government’s internal directory account management:
“On behalf of the Province of B.C., I want to thank the Office of the Auditor General (OAG) for its work on this important report and for its recommendations, all of which government is accepting.
“Staff in five ministries – Citizens’ Services; Attorney General; Health; Forests, Lands, Natural Resource Operations and Rural Development; and Finance, including its related branches and agencies – have worked with OAG auditors since August 2017 as they prepared this report. The result is a detailed examination of the management of internal directory (IDIR) accounts that government employees and contractors use to provide the services British Columbians rely on.
“Early in 2018, the Office of the Chief Information Officer (OCIO) began working with ministries to clean up dormant IDIR accounts and has made significant progress in this area, having already addressed more than 90% of the accounts identified through this audit. It’s important to note that our existing safeguards had already suspended these accounts. None of these accounts were still active.
“The OCIO is now in the process of implementing the remaining recommendations and will work across government to ensure that ministries understand their role in regularly reviewing employee IDIR accounts and managing them effectively.
“Protection of government systems and the information they contain remains a top priority for the Ministry of Citizens’ Services and the OCIO, especially concerning the personal information belonging to people living throughout the province. Our staff work hard every day to protect government systems.
“We already have key controls in place to help manage access to our systems, including firewalls and around-the-clock monitoring. The work we are currently doing, along with recommendations stemming from the OAG’s report, will further strengthen our safeguards and bolster our protection of vital government information and data.”