Publications: Information Technology

Report cover showing Vancouver Island University campus

Board Oversight of Cybersecurity Risk Management at Vancouver Island University

August 2023
Across B.C., each university’s board of governors has a critical role in overseeing cybersecurity risk management. They review strategies to protect IT systems and personal data, and they hold university management accountable for those strategies. This audit focused on the board of Vancouver Island University and its oversight of cybersecurity risk management at VIU. 
cover page showing woman working at home with laptop computer

Managing Cybersecurity in the Telework Environment

March 2022
The number of B.C. government teleworkers grew 20-fold after the COVID-19 pandemic started​. Teleworking has many benefits but it can also pose increased risk to sensitive government data. Our audit focused on the Office of the Chief Information Officer's responsibility for cybersecurity risk management in the government telework environment. It looked at the OCIO's strategic activities, such as risk assessment, telework-related policies, data protection measures, and cybersecurity training and guidance.   

Management of Medical Device Cybersecurity at the Provincial Health Services Authority

February 2021
This audit examined whether the Provincial Health Services Authority (PHSA) is effectively managing medical device cybersecurity risk to protect patients.

IT Asset Management in B.C. Government

January 2021
This audit assessed whether the government is managing IT assets in accordance with good cybersecurity practices. It focused on five ministries: citizens’ services, finance, health, education, and natural resource.

The B.C. Government’s Internal Directory Account Management

August 2019
In this audit, we looked at whether five selected ministries, and their related branches and agencies, had designed and implemented key controls for protecting government information and information assets from unauthorized access.

Detection and Response to Cybersecurity Threats on BC Hydro’s Industrial Control Systems

March 2019
In this audit, we looked at whether BC Hydro was effectively managing its cybersecurity risk by detecting, and responding to, cybersecurity incidents on its industrial control systems, which form an integral part of its electric power infrastructure.

Master Supplier File Maintenance

January 2019
In this audit we determined whether the Ministry of Finance maintains secure, valid, complete and accurate supplier information in the Corporate Accounting System.

Pages