This bill clarifies the authority of the State Auditor to conduct information system audits and the confidential status of information system audit findings and workpapers.

It clarifies that the State Auditor has access to information in electronic form or in another form and without limitation on copying and removing records from departments, agencies and commissions.

It clarifies the discretion of the State Auditor to release nonconfidential audit working papers to the public before any final audit report.

It allows the State Auditor to disclose, without any breach of confidentiality or change in their nonpublic status, confidential audit working papers to the Office of the State Controller, the Office of the Treasurer of State, affected state entities and other state entities if the audited department, commission or agency agrees to the disclosure.

It makes investigatory records, including tips and complaints and information provided by an individual, related to possible violations of statute, rule or regulation nonpublic.

It makes classified, confidential, secret and nonpublic any information resulting from a review by the State Auditor that indicates a computer system is vulnerable or security over the system is lacking.

It gives the State Auditor the power to compel the production of evidence.