Skip to main content Homepage


 Newsroom Detail

Salem, OR—Oregon Secretary of State Shemia Fagan released an audit today that finds the Oregon Department of Education (ODE) has multiple controls in place to ensure the security of the agency’s web applications. However, auditors identified several gaps that increase risk to the confidentiality, integrity, and availability of data collected by those systems.

“It’s great to see agencies practicing good data stewardship, especially when the data is related to Oregon students,” said Secretary of State Shemia Fagan. “But agencies must also ensure information and services are accessible by all Oregonians, regardless of their disability status. ODE should continue to push for excellence in both areas.”

ODE hosts several web applications containing sensitive student data. Though these systems improve the efficiency of agency and school district operations and data reporting, they inherently increase security risks, as they are designed to facilitate the sharing of sensitive information over the internet. Besides ensuring the security of these web applications, it is also critical to protect the network where applications are hosted to further safeguard these systems and the sensitive data they process and store.

Auditors evaluated ODE’s web application and network security controls and found while many systems and processes are in place to protect the agency’s web applications and supporting infrastructure, several gaps exist that put systems and data at risk.

Auditors also found ODE has made promising efforts to ensure the accessibility of its website content to people with disabilities. However, this body of work would benefit from more clearly established and consistent processes.

Read the full audit on the Secretary of State's website:

Contact Information

Carla Axtman



Your browser is out-of-date! It has known security flaws and may not display all features of this and other websites. Learn how