Log in
My Account
Subscribe 99¢ for 3 months
Newsletter

Today's Digital Newspaper

The Denver Gazette

loader-image
weather icon 56°F
Weather from WeatherAPI

Daily Weather Report
Powered By:

Login
My Account
Subscribe
Newsletter

Archive Information

Carrier Portal

Search

Buy Our Photos

breaking

Federal judge orders Trump administration to fully fund SNAP benefits in November

Denver City Council needs consistent security oversight, auditors say

By December 24, 2023 | updated 2 years ago

Denver City Hall -- Noah (copy)
FILE PHOTO: Denver City and County Building. Denver, like all government agencies, will be closed Monday for New Year's Day, a federal holiday. (Noah Festenstein/The Denver Gazette)
Noah Festenstein/Denver Gazette

The Denver City Council is inconsistent with security-related oversight practices, putting the city’s legislative body at risk for cyberattacks, auditors found.

Some councilmembers’ cybersecurity training also remained incomplete, the auditors said.

Auditors investigated the body’s spending, technology asset management and the transition process for elected councilmembers, according to a news release from the auditor’s office.

“I’m glad we were finally able to conduct this audit,” Denver Auditor Timothy O’Brien said in a statement. “The council’s complete agreement with our recommendations shows the common sense and productive nature of the results.”

Auditors discovered errors in technology equipment tracking and found some councilmembers not completing the city’s mandatory cybersecurity training.

“The city council disregarding city information technology policies and by Technology Services not adequately enforcing them, both entities jeopardize the city’s ability to fully protect the city’s assets, systems, and networks,” the auditors said.

An unnamed councilmember claimed the city’s Technology Services department does not have the authority to decide how the council uses city technology and its network, auditors said.

The City Council is “sharing the citywide resources and have equal responsibility to protect those public resources. Governments don’t run without technology,” O’Brien said.

The City Council, half of which is new, is five months into its term.

Auditor’s found within an inventory report 43 missing Dell, Microsoft, and Apple products, in addition to unreported technology purchases from councilmembers, according to auditor’s.

Auditor’s recommended stronger oversight on how the city processes technology with the council, including better tracking of how the body uses technology, city-issued credit cards, as well as a better understanding of rules for councilmembers purchasing technology.

The council needs to form policies for members to follow, and to formally document polices with Technology Services to avoid security risks, auditors recommended.

“I hope the City Council members will use these recommendations as tools to strengthen their offices’ security and accountability,” O’Brien said.

Denver City Council members and staff and, including other city agencies, “shared their time and knowledge with us during the audit,” auditors added.

Noah Festenstein

Reporter