(+) ‘ SABOTAGE OF DATA POSSIBLE’
The Auditor concludes the review of the county’s ICT situation revealed there was no formal approved ICT policy in place as at June 30, 2015. This includes data security policy and disaster recovery plans. This means that loss of data through sabotage, hacking and accidental or deliberate damage was possible. He says the expenditure of Sh6.6 million on vehicle repairs was not supported by reports from the drivers and the mechanical engineer on preand post-inspection, including the cost estimates and local service orders.