Cracks in the Facade: Council Finally Sees Truth Peek Through Darkness of Marion’s IT & Financial Operations

MARION, OH — During the Marion City Council meeting on Monday, February 9, 2026, a routine update on city operations shifted toward accountability when the spotlight fell on the Information Technology (IT) department. Beyond administrative updates, the council grappled with emergency funding for public safety and the ongoing challenge of managing city resources against a backdrop of admitted administrative failures.

Marion IT Director Admits There Has Never Been Tracking of Work Orders or Inventory.

The IT “Black Hole”: No Tickets, No Tracking, No Accountability

The most alarming revelation of the evening occurred during a discussion of Ordinance 2026-005, regarding the city’s cybersecurity policy. In an exchange with Councilman Aaron Rollins, IT Director Jacob Boldin admitted that the department currently operates in a state of administrative “darkness.”

No Accountability System: Boldin confirmed that the city lacks a formal trouble ticketing and asset tracking system.
The Admission: He admitted there is currently no tracking system whatsoever to log when a problem is reported, who is working on it, or when it is resolved.
The Current Workflow: When an IT need arises, staff simply call, email, or text Boldin directly, leaving no digital paper trail or data-driven record for oversight.

Why the Lack of Tracking is a Critical Problem

In an era where municipal services rely almost entirely on digital infrastructure, this admission represents a fundamental breakdown in government accountability. Without a ticketing system, the city faces critical risks:

Zero Accountability for Taxpayer Dollars: Without work logs, the city cannot prove where IT staff spend their time or justify budget increases. Furthermore, this leaves critical software and hardware assets completely untracked.
Security Vulnerabilities: Missing tickets could lead to massive data breaches or system-wide crashes simply because a critical security update was forgotten in an unorganized inbox.

Critical Timing: The Necessity of an Independent Audit Before Migration

It is an industry-standard best practice that an independent forensic firm be contracted before any existing software, such as the New World system, is modified or migrated. Proactive auditing is essential to identify deep-seated misconfigurations, data silos, or latent vulnerabilities before they are permanently carried over into a new environment. For transitions of this magnitude, industry standards dictate that a forensic IT audit should take place in parallel with the new software implementation. This “Concurrent Audit” approach ensures that security protocols and administrative controls are verified as they are built, rather than attempting to diagnose inherited flaws after the fact.

The “Trust but Verify” Mandate

If the City of Marion ultimately decides to utilize Tyler Technologies to “fix” these long-standing issues, it is imperative that an independent Forensic IT Firm still be hired to oversee the repairs. This oversight is a non-negotiable mandate and must include a mandatory Forensic IT audit to trace issues back to their source—which investigative findings have proven to be the initial installation of New World around 2009.

Municipalities like San Diego, CA and Fort Worth, TX have set the precedent by demanding independent forensic audits during system transitions to avoid vendor self-regulation. For Marion, this is the only way to ensure the city does not spend another 15 years paying for a “new” system that inherits “old” failures.

Committee Response: A “Recipe for Disaster”

When asked by Marion Watch for his assessment of the IT department’s admissions, Ralph Smith, Chairman of the Information Systems Committee with a background in information technology, underscored the severity of the situation:

“When an organization, any organization, fails to track successes and failures, it is a recipe for disaster. When an IT Department fails to track incidents, breaching attempts, and other critical components of the business, it is an invitation to hacking, fraudulent activity, and other unwanted interruptions.”

Smith further stated his hope that the Information Systems Committee would “fulfill its fiduciary duty and mandate necessary tracking, training, and reporting requirements” to minimize risks to citizens.

The Denial: Boldin Rejects Allegations of “Sabotage”

During previous council meetings, Boldin was questioned regarding recurring allegations of financial waste and the lack of industry-standard practices—issues that Marion Watch identifies as part of a “silent sabotage” within the department. Despite the recent admission of a total lack of internal tracking, Boldin has used those prior proceedings to flatly deny investigative reports, characterizing the findings as a misunderstanding of the city’s licensing and technical infrastructure. In those instances, he stated:

“What they’re saying happened didn’t happen… it’s just not true.”

However, this denial stands in stark contrast to his recent admission that the department possesses no data or tracking logs to verify its own activity or refute claims of inefficiency or potentially illegal activities with evidence.

Furthermore, this admission stands in stark contrast to the ‘mountain’ of evidence that Marion Watch and its investigative network have uncovered over the years—findings that have been shared extensively with Marion city leadership and state-level officials since coming back online in December 2024.

Marion Watch Recommendation: The Case for a Forensic IT Firm

Marion Watch strongly suggests that the City of Marion immediately hire an independent forensic IT firm to resolve these systemic issues.

Relying on the original vendor, Tyler Technologies (maker of New World), for “fixes” has proven ineffective, as they have been unable or unwilling to rectify core issues during previous attempts.

Furthermore, because the City pays a substantial yearly maintenance fee to Tyler Technologies, the company has possessed the data to know for over a decade that multiple purchased modules were never utilized.

Under the Ohio Revised Code (ORC), the continued expenditure of public funds on non-functional or unused assets is a violation of the “public trust” doctrine and specific statutes governing the fiscal responsibility of municipal officers.

Specifically, the failure to utilize these modules while continuing to pay for them may conflict with:

ORC § 117.28 (Interest in Public Contracts/Findings for Recovery): This allows the State Auditor to issue findings for recovery when public money has been “illegally expended” or “misapplied.” Paying maintenance fees for 15+ years on software that was never installed or used constitutes a gross misapplication of taxpayer dollars.
ORC § 5705.41 (Restriction upon the appropriation and expenditure of money): This section mandates that no subdivision shall make any expenditure of money unless it is authorized by an appropriation measure for a specific, beneficial purpose.

Continuing to use the vendor responsible for this oversight to “audit” the system is not only a breach of industry standards but a potential attempt to obscure a decade of fiscal negligence.

Critical Timing: The Necessity of an Independent Audit Before Migration

It is an industry-standard best practice that an independent forensic firm be contracted before any existing software, such as the New World system, is modified or migrated. Proactive auditing is essential to identify deep-seated misconfigurations, data silos, or latent vulnerabilities before they are permanently “baked into” or carried over to a new environment. For transitions of this magnitude, industry standards dictate that a forensic IT audit must run in parallel with the implementation of new software. This “Concurrent Audit” approach ensures that security protocols and administrative controls are verified as they are built, rather than attempting to diagnose inherited flaws after a system failure occurs.

The proposal to allow New World to conduct its own “system analysis” is fundamentally flawed and presents significant ethical and operational risks:

Conflict of Interest: Utilizing the same entity that designed and maintained the system to audit its failures is a direct breach of industry objectivity standards. An entity cannot impartially investigate its own potential negligence.
History of Litigation: Tyler Technologies has a documented history of litigation regarding software failures that have led to grave real-world consequences, including wrongful arrests and unconstitutional over-incarceration in other jurisdictions.
Data Integrity and Safety: An entrenched vendor, facing potential liability for years of systemic issues, has a natural motive to alter, obscure, or “cleanse” records in an effort of self-preservation. Independent forensic firms provide a “fingerprint-level” analysis of metadata and system logs that is essential for verifying that data has not been manipulated.

The “Trust but Verify” Mandate If the City of Marion ultimately decides to utilize Tyler Technologies to “fix” these long-standing issues, it is imperative that an independent Forensic IT Firm still be hired to oversee the repairs.

This oversight is a mandatory safeguard; without it, the city has no way to verify if the “repairs” are actually addressing the root cause or simply masking symptoms of prior incompetence.

An independent firm acts as a technical referee, ensuring that the city’s digital evidence is preserved and that the vendor is held to a standard of absolute transparency—something the city cannot achieve through a “trust-me” agreement with a vendor that has operated in the dark for over a decade.

Emergency Funding and City Infrastructure

The February 9 meeting also addressed urgent legislative needs beyond the IT department:

Fire Station Acquisition: Council passed Ordinance 2026-017 to finalize the purchase of the Kimmel building. Funds were transferred from the Fire Levy to cover closing costs that the standard first-quarter budget could not accommodate.
Safe Routes to School: Council approved Ordinance 2026-014, a 100% state-paid grant for safety paths along Brightwood, Benjamin Harrison, and Delaware Avenues.
Financial Stabilization: Council approved Ordinance 2026-015 to hire a consultant for “bank-to-book” reconciliations to address a 60-day state deadline for financial recovery.

Conclusion: A Systemic Crisis of Transparency

The February 9 meeting painted a picture of a city struggling to move past “word of mouth” management. While Boldin has dismissed past allegations of waste as “not true,” his department’s inability to produce a single help desk ticket leaves the administration in a position where “trust” is the only available currency.

Watch the whole January 9, 2026 video below:

Works Cited & Silent Sabotage Related Articles(Click Here)

IT Governance and Accountability Standards

Regulatory and Legal Frameworks (Ohio Revised Code)

Ohio Revised Code § 117.28: Report of Audit and Actions Thereon (Findings for Recovery)
- Source: Section 117.28 | Report of audit and actions thereon
- Relevance: Authorizes the Auditor of State to issue a “Finding for Recovery” when public money has been illegally expended or misapplied. This supports the claim that paying 15+ years of maintenance fees for unused software constitutes a misapplication of public funds.
Ohio Revised Code § 5705.41: Restriction upon the Appropriation and Expenditure of Money
- Source: Section 5705.41 | Restriction upon appropriation and expenditure of money
- Relevance: Mandates that municipal subdivisions cannot expend money unless it is authorized by an appropriation measure for a specific, beneficial purpose. This validates the concern that continuing dormant contracts violates fiscal responsibility statutes.

IT Industry Best Practices and Standards

NIST SP 800-86: Guide to Integrating Forensic Techniques into Incident Response
- Source: NIST Special Publication 800-86 (via CISA Recommended Practice)
- Relevance: Establishes the standard for recording and copying data from multiple sources to maintain a chain of custody. It highlights that identifying and labeling data in a timely manner is essential for forensic readiness—contrasting with Marion’s “log-less” environment.
ISO/IEC 27001: Information Security Management Systems (ISMS)
- Source: ISO/IEC 27001 Standard Overview
- Relevance: An international standard requiring thorough risk assessments and established audit trails. It confirms that a lack of asset tracking and ticketing is a violation of global IT security and governance standards.
Gartner: Traceability and Auditable Lineage for Post-Migration Governance
- Source: Data Migration Security Best Practices
- Relevance: Defines “auditable lineage” as non-negotiable for forensic readiness during system migrations. This supports the report’s insistence on a “Concurrent Audit” approach during any New World software transition.

Municipal Precedents and Litigation History

Performance Audit of ERP Implementation – City of San Diego, CA (2024)
- Source: San Diego International Airport Chief Auditor Annual Report FY2024
- Relevance: Demonstrates the use of an independent performance auditor to monitor system implementation (ERP) and ensure contractors stay within budget and scope, specifically using data analytics to examine financial accuracy.
PeopleSoft Procurement Software Audit – City of Fort Worth, TX (2023)
- Source: Fort Worth Internal Audit: PeopleSoft Procurement Software Audit Report
- Relevance: A direct precedent where a city conducted an independent review of automated and manual internal controls within their ERP system, identifying opportunities for improvement that the vendor had not addressed.
Tyler Technologies Litigation (Cook County, IL and North Carolina, 2025)
- Source: Tyler Technologies Inc. contracts cost Illinois taxpayers $250M | Injustice Watch
- Relevance: Documents that a judge in April 2025 allowed litigation to proceed regarding allegations that faulty Tyler Technologies software implementation contributed to wrongful arrests. This supports the ethical and safety concerns regarding vendor self-preservation and record integrity.