antivirus application audit

Audit Finds Oregon Lacking Regulatory Oversight And Proper Security.

Last week, Oregon Secretary of State Dennis Richardson published his office’s audit of The Oregon Liquor Control Commission (OLCC). The audit uncovered a number of inadequacies with the regulatory agency, most notably the problems with their tracking system, designed to prevent cannabis form being sold on the black market.

The report highlights the need for Oregon to implement a more robust tracking system, citing reliance on self-reporting, overall poor data quality and allowing untracked inventory for newly licensed businesses. The audit also found an insufficient number of inspectors and unresolved security issues. According to The Oregonian, the OLCC only has 18 inspectors, roughly one for every 83 licensed businesses.

Auditors also found inadequacies in the application system, saying the OLCC doesn’t monitor third-party service providers and doesn’t have a process in place for reconciling data between the licensing and tracking systems. The audit found there is a risk that decisions made for the program could be based on unreliable data. It also found a risk of unauthorized access to the systems, due to a lack of managing user accounts.

Oregon Secretary of State Dennis Richardson
Oregon Secretary of State Dennis Richardson

This audit’s publication is very timely. Most notably because U.S. Attorney Billy Williams, who called Oregon’s black market problem “formidable,” convened a summit this week to examine how Oregon can prevent cannabis being exported to other states. According to the Oregonian, Williams said Oregon has an “identifiable and formidable overproduction and diversion problem.” The audit’s findings highlighting security issues are also very timely, given that in the same week, Oregon’s neighbor to the North, Washington, experienced a security breach in its own tracking system.

The problems with the Oregon tracking system’s security features are numerous, the audit says. They found that the OLCC lacks a good security plan, IT assets aren’t tracked well, there are no processes to determine vulnerabilities, servers and workstations not using supported operating systems and a lack of appropriately managing antivirus solutions. “Long-standing information security issues remain unresolved, including insufficient and outdated policies and procedures necessary to safeguard information assets,” reads the report’s summary.

The audit proposes 17 recommendations for the state to bolster its regulatory oversight. Those recommendations intend to address undetected compliance violations, weaknesses in application management, IT security weaknesses and weaknesses in disaster recovery and media backup testing. You can read the full audit here.

The post Audit Finds Oregon Lacking Regulatory Oversight and Proper Security appeared first on Cannabis Industry Journal.

Aaron Biros

analysis analytics and Bureau for Public Health business cannabis cbd compliance consumer cultivation government growing industry law legal legalization legalize legislation license marijuana market medical medicine METRC Office of Medical Cannabis OMC platform product provider quality regulation regulations Regulatory retail safety sale seed software state system test The West Virginia Department of Health and Human Resources to trace traceability track Virginia West Virginia

Metrc Gets West Virginia Contract

activism analysis analytics ASA awareness brand branding Britain British business Business Analysis camapgin cannabidiol cannabis cbd communications company compliance consumer demographic digital engagement England English expert Federal government great growing industry Kaj Kajal law legal legalization legalize legislation license marijuana market marketing matter medical medicine NICE opportunities PR product Product Development progress public quality reform regulation regulations Regulatory relations retail Shah social media subject UK United Kingdom

The UK Cannabis Industry Needs New PR Strategies

adam jacques analysis analytical chemistry analytics business Business Analysis cannabinoid cannabis cbd Christian West clear CMGL Collaborative Laboratories for Environmental Analysis and Remediation cultivate cultivation Cultivation & Growing Curtis Mathes Grow Lights effects expression flavonoids genetics growing hemp horticultural indoor industry lab laboratories Laboratories & Analytics laboratory labs LC-QTOF-MS LED legalization legalize legislation license light lighting Liquid Chromatography Quadrupole Time-of-Flight Mass Spectrometry manipulation marijuana market Matthew Spurlock phytochemical Phytochrome plant product Product Development Professor Kevin Schug Quality regulations research researcher researching Robert Manes science shimadzu spectrum terpenes test Testing University of Texas at Arlington University of Texas at El Paso UT Zacariah Hildenbrand ZED Therapeutics

UT-Arlington and UT-El Paso to Evaluate Phytochrome Manipulation in Hemp