State’s Unemployment Insurance program has taken steps to improve data reliability, audit finds

   

Press release

Audit last year revealed incorrect calculations and inconsistencies resulted in $2 million in potential inaccuracies; Department makes changes after audit, earns rating of ‘good’

JEFFERSON CITY, Mo. — A report from State Auditor Nicole Galloway shows the Department of Labor and Industrial Relations (DOLIR) has taken steps to correct many of the data reliability problems with the Unemployment Insurance program uncovered in a statewide audit last year. While the review released today recommends DOLIR continue improving data security, the changes made as a result of the audit from last April earned the program a rating of “good.”

“Our previous audit found oversight and accountability problems with the management of federal funds in the Unemployment Insurance program,” Auditor Galloway said. “Department officials took action to remedy the issues we identified and are strengthening the program’s cybersecurity. Once again, Missourians can see that audits get results.”

As part of the audit released today, the State Auditor’s data analytic team examined operating practices and cybersecurity safeguards in the system, which is used to pay unemployment benefits. The audit was a follow-up to a 2018 report on statewide spending of federal funds that showed incorrect calculations and inconsistencies in DOLIR’s Unemployment Insurance program resulted in $2 million in potential inaccuracies.

DOLIR submitted a corrective action plan on each of the findings to the Missouri Office of Administration. That plan was reviewed by the U.S. Department of Labor, which determined that the actions were adequate to correct the issues identified by the State Auditor.

Auditor Galloway’s report did find that DOLIR had not yet fully established controls for the maintenance of user accounts for accessing its unemployment insurance computer program. The audit said DOLIR management could reduce the risk of unauthorized access by increasing its efforts to identify user accounts assigned to former employees, and by providing periodic reminders to agency security coordinators of the importance of promptly removing user access assigned to former employees.

A complete copy of the audit is available here.