|Office of the State Auditor
|August 11, 2020
In accordance with Section 12 of Chapter 11 of the Massachusetts General Laws, the Office of the State Auditor has conducted a performance audit of Holyoke Community College (HCC) for the period July 1, 2017 through March 31, 2019.
In this performance audit, we reviewed HCC’s information security training and awareness practices to determine whether system users had completed information security training and signed acceptable use policies.
Below is a summary of our findings and recommendations, with links to each page listed.
HCC did not ensure that required information security training was completed or retain copies of signed acceptable use policies.
1. According to the SysAdmin, Audit, Network, and Security Institute, acceptable use policies outline the acceptable use of computer equipment by an organization’s computer system users.