Audit Audit of the Executive Office of Housing and Economic Development—Review of Cybersecurity Awareness Training

The audit called on the Executive Office of Housing and Economic Development (EOHED) to improve its oversight of cybersecurity awareness training for employees. During the audit, which examined the period of May 14, 2018 through June 30, 2019, 45 employees did not complete required cybersecurity awareness training.

Organization:	Office of the State Auditor
Date published:	November 24, 2020

Executive Summary

In accordance with Section 12 of Chapter 11 of the Massachusetts General Laws, the Office of the State Auditor has conducted an audit of the Executive Office of Housing and Economic Development (EOHED) covering the period May 14, 2018 through June 30, 2019. The purpose of this audit was to determine whether, during our audit period, EOHED ensured that all its information system users¹ in the Human Resources Compensation Management System (HR/CMS) managed by the state Human Resources Division completed the required cybersecurity awareness training.

Below is a summary of our finding and recommendation, with links to each page listed.

Finding 1	EOHED did not ensure that all information system users in HR/CMS completed the required cybersecurity awareness training.
Recommendation	EOHED should establish effective monitoring controls over its cybersecurity awareness training to ensure that all its information system users complete it in accordance with the standards of the Executive Office of Technology Services and Security and that EOHED maintains documentation of the completion of this training.

A PDF copy of the audit of the Executive Office of Housing and Economic Development—Review of Cybersecurity Awareness Training is available here.

1. These users include full-time, part-time, and temporary employees, interns, and contractors with access to EOHED information systems.

Downloads

Open PDF file, 902.06 KB, Audit of the Executive Office of Housing and Economic Development—Review of Cybersecurity Awareness Training (English, PDF 902.06 KB)

Contact

Phone

Main (617) 727-2075

Online

Auditor@MassAuditor.gov

Fax

(617) 727-3014

Address

Massachusetts State House
Room 230
Boston, MA 02133

Directions

Help Us Improve Mass.gov with your feedback

Did you find what you were looking for on this webpage?

Yes

If you have any suggestions for the website, please let us know. How can we improve the page?

Please do not include personal or contact information.

The feedback will only be used for improving the website. If you need assistance, please contact the State Auditor. Please limit your input to 500 characters.

Please remove any contact information or personal data from your feedback.

If you need assistance, please contact the State Auditor.

Please let us know how we can improve this page.