An official website of the Commonwealth of Massachusetts

Log in links for this page

This page, Audit of the Executive Office of Public Safety and Security, is offered by

Audit Audit of the Executive Office of Public Safety and Security

Audit examined the agency's process for managing the IT hardware connected to its network and whether it had a program in place to detect, manage, and patch potential system and software vulnerabilities.

Organization: Office of the State Auditor
Date published: September 27, 2018

Executive Summary

In accordance with Section 12 of Chapter 11 of the Massachusetts General Laws, the Office of the State Auditor has conducted an audit of the Executive Office of Public Safety and Security (EOPSS). The purpose of this audit was to review and evaluate controls over selected information technology (IT) operations and activities for the period October 1, 2017 through March 31, 2018.

In this performance audit, we examined EOPSS’s processes for managing the IT hardware connected to its network and determined whether EOPSS had a program in place to detect, manage, and patch potential system and software vulnerabilities.

Based on our audit, we have concluded that EOPSS has established adequate controls and practices in the areas we reviewed that were related to our audit objectives. We did not identify any significant deficiencies in those areas.

A PDF copy of the audit of the Executive Office of Public Safety and Security is available here.

List of Abbreviations

CIS Control

Center for Internet Security Critical Security Control

EOPSS

Executive Office of Public Safety and Security

EOTSS

Executive Office of Technology Services and Security

IT

information technology

NIST

National Institute of Standards and Technology

OTIS

Office of Technology Information Services

Contact

Feedback