Audit  Audit of the Massachusetts Office for Victim Assistance

The audit examined whether MOVA ensured that its employees received the cybersecurity awareness training required by the Executive Office of Technology Services and Security (EOTSS). The audit also examined whether MOVA printed materials explaining victim and witness rights and services and provided the materials to medical facilities, social service organizations, and law enforcement agencies, as required by state law and whether MOVA administered the operations of the Garden of Peace memorial. The audit period was January 1, 2019 through December 31, 2020.

Organization: Office of the State Auditor
Date published: March 4, 2022

Executive Summary

In accordance with Section 12 of Chapter 11 of the Massachusetts General Laws, the Office of the State Auditor has conducted a performance audit of the Massachusetts Office for Victim Assistance (MOVA) for the period January 1, 2019 through December 31, 2020. In this performance audit, we determined whether MOVA printed materials explaining victim and witness rights and services and provided the materials to medical facilities, social service organizations, and law enforcement agencies, as required by Sections 4(a), 4(b), and 4(c) of Chapter 258B of the General Laws. We also determined whether MOVA administered the operations of the Garden of Peace memorial in accordance with Section 4(e) of Chapter 258B of the General Laws.

In addition, as part of the data reliability assessment we performed during the audit, we determined whether MOVA ensured that its employees received the cybersecurity awareness training required by the Executive Office of Technology Services and Security (EOTSS).

Below is a summary of our finding and our recommendation, with links to each page listed.

Finding 1
 

MOVA did not ensure that its employees received cybersecurity awareness training.

Recommendation
 

MOVA should establish policies and procedures that require all of its staff members to receive cybersecurity awareness training.

 

Post-Audit Action

MOVA officials told us that after our audit, they contacted EOTSS and arranged for all MOVA staff members to have cybersecurity awareness training.

A PDF copy of the Audit of the Massachusetts Office for Victim Assistance is available here.

Downloads

Contact

Feedback