The Hood County Commissioners Court has decided to hire an external IT consulting firm to conduct a thorough audit of the county’s IT infrastructure.
The goal is to ensure the county’s IT practices align with generally accepted procedures, covering network performance, security, incident responses and employee procedures. The decision was reached Tuesday, July 23, after extensive discussions and a 4-1 vote in favor of the audit.
The proposal, introduced by Commissioner Dave Eagle, was met with mixed reactions. Chief Information Officer Drew Wiederkehr expressed his frustration about the proposal being added to the agenda without prior consultation.
“I have no problem with an audit,” Wiederkehr said. “What I don’t understand is why this was thrown on the agenda without even bringing it up to me. That is, again, my burn.”
Supporters of the audit, like Eagle, emphasized the importance of regular and comprehensive reviews. “We can’t put blinders on or ignore potential improvements in IT to protect county assets,” he said.
Public comments also highlighted the value of external assessments. Richard Hoefs, an IT veteran, stressed the importance of having “external eyes looking over our shoulder” to ensure robust IT security.
During the debate, questions arose regarding compliance with Criminal Justice Information Services requirements. It was clarified that anyone accessing CJIS data must be fingerprinted and authorized.
Eagle proposed an amendment to the motion, requiring that any external audit firm must comply with these security clearance requirements. “The RFP must include the fact that the auditors have to be cleared to be able to deal with the level of CJIS,” he stated. This amendment was accepted without objection.
Despite some concerns about the cost and necessity of the audit, the motion was put to a vote and passed.
The court directed the purchasing department to solicit and recommend an external IT consulting firm to conduct the audit to ensure the county’s IT infrastructure remains secure and efficient.
“We have to comply with state and federal rules to have access to that information,” Eagle emphasized. “Ultimately, this audit will help us identify both strengths and areas for improvement.”