Organization: | Office of the State Auditor |
---|---|
Date published: | October 10, 2018 |
Executive Summary
In accordance with Section 12 of Chapter 11 of the Massachusetts General Laws, the Office of the State Auditor has conducted an audit of the Executive Office for Administration and Finance (EOAF). The purpose of this audit was to review and evaluate controls over selected information technology (IT) operations and activities for the period October 1, 2017 through March 31, 2018.
In this performance audit, we examined EOAF’s processes for managing the IT hardware connected to its network and determined whether EOAF had a program in place to detect, manage, and patch potential system and software vulnerabilities.
Based on our audit, we have concluded that EOAF has established adequate controls and practices in the areas we reviewed that were related to our audit objectives. We did not identify any significant deficiencies in those areas.
A PDF copy of the audit of the Executive Office for Administration and Finance is available here.
List of Abbreviations
CIS Control |
Center for Internet Security Critical Security Control |
EAMS |
Employee Access Management System |
EOAF |
Executive Office for Administration and Finance |
EOTSS |
Executive Office of Technology Services and Security |
IT |
information technology |
NIST |
National Institute of Standards and Technology |
Table of Contents
Contact
Phone
Online
Fax
Address
Room 230
Boston, MA 02133