An official website of the Commonwealth of Massachusetts

Log in links for this page

This page, Audit of the Executive Office for Administration and Finance, is offered by

Audit Audit of the Executive Office for Administration and Finance

This audit reviews the Executive Office for Administration and Finance's controls over selected information technology operations and activities for the period October 1, 2017 through March 31, 2018.

Organization: Office of the State Auditor
Date published: October 10, 2018

Executive Summary

In accordance with Section 12 of Chapter 11 of the Massachusetts General Laws, the Office of the State Auditor has conducted an audit of the Executive Office for Administration and Finance (EOAF). The purpose of this audit was to review and evaluate controls over selected information technology (IT) operations and activities for the period October 1, 2017 through March 31, 2018.

In this performance audit, we examined EOAF’s processes for managing the IT hardware connected to its network and determined whether EOAF had a program in place to detect, manage, and patch potential system and software vulnerabilities.

Based on our audit, we have concluded that EOAF has established adequate controls and practices in the areas we reviewed that were related to our audit objectives. We did not identify any significant deficiencies in those areas.

A PDF copy of the audit of the Executive Office for Administration and Finance is available here.

List of Abbreviations

CIS Control

Center for Internet Security Critical Security Control

EAMS

Employee Access Management System

EOAF

Executive Office for Administration and Finance

EOTSS

Executive Office of Technology Services and Security

IT

information technology

NIST

National Institute of Standards and Technology

Contact

Feedback