Auditor Elaine Howle’s office polled 33 government entities that enjoy looser information security requirements than those for the state’s executive branch. “High risk deficiencies” exist at 21 of those entities, according to the auditor’s office.
While the report did not name the entities, the offices of directly elected officials and the judiciary are not subject to the information security standards mandated by the California Department of Technology.