System Status Report

🔴 Behind Schedule

System	Current Version	Required By	Risk	Details
ESRI ArcGIS Enterprise	10.9.1	11.3 by May 2026 EOL: May 31, 2026	HIGH	CVE-2023-25830, CVE-2024-25694, CVE-2024-25696 Web AppBuilder deprecated in 12.0
Microsoft Active Directory	Server 2019	Server 2022/2025 Mainstream support ended	HIGH	CVE-2020-1472 (Zerologon) patches required Missing 32k page database, DMSA features
ES&S ExpressVote XL	v2.4.0.0	Updated software Required by Mar 2024	MEDIUM	Settlement requires software upgrade + conditions for use 2019 & 2023 incidents documented
Cybersecurity Posture	Undisclosed	SLGCP Grant Eligible	HIGH	No public cybersecurity plan disclosed PA eligible for $10.4M FFY2023, $5.2M FFY2022

System	Initiative	Timeline	Status	Details
Digital Inclusion Program	Device Giveaway & Digital Navigator	Ongoing 2026	Active	Named 2025 Digital Inclusion Trailblazer by NDIA Refurbished county devices to residents
2026 Capital Improvements	IT Capital Projects	Adopted Dec 4, 2025	Approved	Part of $503M budget, no tax increase Specific IT items in Capital Plan section
CDBG Technology Grants	Community Development Block Grant	Opens Mar 3, 2025	Scheduled	Application closes May 22, 2025 May include technology infrastructure projects
BEAD Broadband Program	Broadband Equity & Deployment	2024-2028	In Progress	Federal infrastructure funding for broadband PA DCED 2024-2025 provisional approvals
Election Security	Risk-Limiting Audits	2025-2026 Elections	Active	County participates in PA DoS RLA program 2024 primary audited successfully

System	Current State	Last Verified	Notes
Tyler Enterprise ERP (Munis)	Operational	Jan 2026	Financials, HR, Payroll, Procurement active 68+ PA county Munis installations
Controller Audit Function	Compliant	Jan 22, 2025	Peer review: "adequately designed and operating effectively" Reviewed Jan 2022 - Dec 2024 period
Cisco Network Infrastructure	Operational	Jan 2026	Catalyst 9300 switches deployed VLAN segmentation in place

Gap Area	Industry Standard	Risk	Recommendation
Zero Trust Architecture	CISA Zero Trust Maturity Model	HIGH	No public ZTA roadmap. Federal mandate for agencies by 2024.
Cloud Migration Strategy	Hybrid Cloud / SaaS	MEDIUM	Tyler ERP offers SaaS. No disclosed migration plan.
SIEM/SOC Capabilities	24/7 Security Operations	HIGH	No public SOC or SIEM disclosed. MS-ISAC available free to PA locals.
Disaster Recovery Testing	Annual DR drills documented	MEDIUM	No public DR test results. COOP plan status unknown.
IT Staffing Assessment	IT FTE per 100 employees	MEDIUM	IT staffing levels not disclosed. Industry benchmark: 3-5%.
ArcGIS Enterprise 12.0 Planning	Migrate from Web AppBuilder	HIGH	ESRI deprecating Web AppBuilder in 12.0. Experience Builder migration needed.

ES&S software upgrade deadline (Mar)

Primary election audit - passed

Digital Inclusion Trailblazer award

Cybersecurity grant application (missed?)

BEAD broadband planning

Controller vacancy (Jan 5)

Audit peer review passed

ArcGIS 11.3 upgrade needed

CDBG grant cycle (Mar-May)

Windows Server assessment

ArcGIS 10.9.1 EOL (May 31)

ArcGIS Pro 3.6 release (Oct)

Controller appointment needed

Zero Trust assessment

Cloud strategy development

Audit Area	Period	Finding	Status
P-Card Transactions	Sep 2022 - Sep 2023	Receipts uploaded, no policy circumvention. Fixed-asset threshold exceptions noted.	Favorable
ACL Vendors & Checks	Jul 2023 - Jun 2024	Two duplicate payments to PA L&I identified (different vendor names). Refunds requested.	Remediation
Check Numbering	Jul 2023 - Jun 2024	Gaps attributed to voided stubs or assignment errors. No material issues.	Explained
Law Library Cash	2024	No receipts processed in last year. Bank reconciliations delayed.	Exception