Organization: | Office of the State Auditor |
---|---|
Date published: | October 11, 2019 |
Executive Summary
In accordance with Section 12 of Chapter 11 of the Massachusetts General Laws, the Office of the State Auditor has conducted an audit of the Executive Office of Education (EOE). The purpose of this audit was to determine whether EOE effectively monitored its information technology (IT) contracts during the period July 1, 2016 through June 30, 2018.
In this performance audit, we examined EOE’s processes for managing its IT contracts to ensure that the terms of the contracts were met.
Below is a summary of our findings and recommendations, with links to each page listed.
EOE did not always establish performance metrics or effectively measure the performance of its IT vendors. |
|
|
|
EOE did not ensure that all of its third-party contracts contained essential security provisions. |
|
EOE should establish policies and procedures that require that all IT contracts it negotiates with IT vendors comply with the Executive Office of Technology Services and Security’s “Third-Party Information Security Standard.” |
Post-Audit Action
After we completed our audit work, EOE officials informed us that the agency had added a “Third-Party Information Security Standard” to its internal control plan.
Table of Contents
Downloads
Contact
Phone
Online
Fax
Address
Room 230
Boston, MA 02133