Legislature’s audit of State Auditor’s Office finds operational improvements, effective data security measures


Audit issued by legislature is the fourth outside report during Galloway’s term

JEFFERSON CITY, Mo. (April 24, 2018) The Missouri General Assembly today issued an audit of Missouri State Auditor Nicole Galloway’s office and found it to be managed efficiently and effectively. The auditors performed two separate reviews that found the office’s overall operations are managed professionally and cybersecurity measures are effective.

“When I became State Auditor, I used my experience from the private sector to more effectively serve Missourians.” Auditor Galloway said. “My dedicated team works each day to hold government at all levels accountable, and I am proud of our excellent reputation and professionalism.”

An overall review of the State Auditor’s Office’s finances and procedures found the office functions “in a professional, efficient and economical manner.” No recommendations were noted for numerous office functions including procurement, the scope of audits and staffing processes.

The legislature’s audit also called attention to Auditor Galloway’s commitment to running a fiscally conservative office on behalf of taxpayers. Auditor Galloway reduced travel expenses by 30 percent over the past two years and decreased overall office expenditures. She continues to return more of her office’s budget back to taxpayers each year. Auditor Galloway has also worked to more efficiently issue audit reports, and the audit noted a decrease in the average time it takes to issue reports.

A previous report on office operations covering fiscal years 2012-2015 included six recommendations, while the most recent report made four recommendations.

A separate cybersecurity report was also issued and found that the office was meeting standards for 17 categories of cybersecurity functions including data security, detection processes and response planning.

Based on feedback from the report, Auditor Galloway has directed staff to implement more formal procedures for tracking changes to application code for the State Auditor’s Office website. The audit also made the recommendation for the State Auditor’s Office to pursue discussions with the Office of Administration to more formally define information security and information technology roles between the entities. The State Auditor’s Office has already reached out to begin discussions, although it is ultimately up to the Office of Administration whether to accept a formal agreement.

The two reports bring the total reviews issued by outside auditors since Auditor Galloway took office to four. In October 2017, the State Auditor’s Office received the highest rating possible during a review by the National State Auditors Association.

The complete reports are online here and here. In addition to the 2018 audit, legislative audits were previously issued in 2016, 2012 and 2007. A full listing of these legislative audits and recent peer review reports are posted online here.