New Department Heads - Office of the Comptroller

Skip to Main Content

An official website of the Commonwealth of Massachusetts

Congratulations!

The Commonwealth is fortunate to have you among its leadership.

We in the Office of the Comptroller look forward to working with you.

In addition to your mission-based responsibilities, you have responsibility for the financial management and fiscal oversight of your agency. This critical oversight falls upon you under state finance law and the decentralized CTR Statewide Enterprise Systems Security Access Management Policy.

Under the policies of the Office of the Comptroller, while retaining overall responsibility, you may delegate the day-to-day responsibilities among certain members of your leadership team and staff utilizing the CTR Department Head Signature Authorization Policy.

For details regarding the responsibilities of the key contacts, please review the CTR Key State Law Compliance Roles and Responsibilities Policy.

This process will allow you and your delegates to use electronic signatures.

The CTR Department Head Signature Authorization Policy outlines what’s required to delegate signature authorization and to use electronic signatures for transactions in the Commonwealth’s statewide enterprise accounting and financial reporting system, Mosaic. Once the department head has delegated this authority, your agency’s department security officer must enter the Mosaic transaction UDOC to grant this level of authorization.

Enterprise systems security roles will remain in place during any transition period when a new department head is appointed but should be updated and ratified as appropriate as soon as the department head assumes their responsibilities.

Your Immediate Attention Is Required

Within 30 days, please complete the following forms and return them to the Office of the Comptroller (CTR). The Office of the Comptroller will send the necessary forms via DocuSign for you to complete.

Forms and Explanations

DocuSign Envelope 1: Key Contact Listing Form and Mosaic Security Certification

The Key Contact Listing Form

If there are no changes, the first line on the form should be checked and the form signed by the department head.
If there are changes, please check the second line on the form. Please include the name and the email address of the individual at the agency who can complete the Key Contact Update Form(s). The department head along with the Key Contact Designee will be required to review and sign the Key Contact Update Form(s).

Mosaic Security Certification

To be reviewed and completed by the department head. This certification must be signed by the department head, attesting their responsibilities as receiving Mosaic security in relation to your role as a department head.

DocuSign Envelope 2: The Key Contact Update Form

The Key Contact Update Form

Each Department designates individuals to represent their agency regarding business with the Office of the Comptroller. We notify these people about new developments or requirements in state finance law, regulations, or policy.

This form is optional and is only needed if there are updates, which will be noted in Envelope 1. Once the form is completed it will be sent to the designee(s) for review and signature. It will then move onto the department head for review and signature.

Please designate or confirm the following individuals using this form.

Department Head (yourself)
Chief Fiscal Officer
General Counsel
Department Security Officer
Internal Control Officer
Payroll Director
Mosaic Liaison
Generally Accepted Accounting Principles (GAAP) Liaison
Single Audit Liaison
Security Officer
Backup Security Officer

View descriptions of the above roles.

Instructions and a video webinar are available for this process at the CTR Intranet Electronic Signatures page [MAGNet or Commonwealth-issued VPN required].

NOTE: Appointments to these key contact roles cannot be made to contractors, contract employees, non-employees, and should not be shared among multiple departments.

The form also asks for two key points-of-contact for two-way communications with the BEST Program.

BEST Chief Point of Contact for Agency
For communications, coordination of meetings, information dissemination, and on-going feedback. This point-of-contact (POC) would be CC’ed on any communications sent to the Technical POC or other agency staff working with the Project.
BEST Technical Point of Contact
For coordination of input on items such as your agency’s software applications and interfaced data, other data exchanges, business intelligence/analytics, and reporting needs, impacts on agency systems, operational protocols, and security concerns.

DocuSign Envelope 3: Security Review

The security approval certifies that department heads have reviewed and approved enterprise system security reports.

Within 30 days of assuming the position, each new department head must conduct a security approval. The form will first go to your designated Department Security Officer for review and approval. If you have questions regarding the form, please speak with your designated Department Security Officer.

Once you have conducted this review, certify, sign, and return the Department Head Approval of Statewide Enterprise Systems Security Access Form, which the Office of the Comptroller will make available to you through DocuSign.

View our CTR Statewide Enterprise Systems Security Policy for more information.

The Business Enterprise Systems Transformation Program

The Business Enterprise Systems Transformation (BEST) Program is a multi-year initiative to support a wide-range of improvements in business operations across all agencies in all branches of state government.

The Program will replace existing statewide financial and human resources systems with a comprehensive software solution and will bring changes reflecting best practices in operations and management. Enhancements will include improved functionality and usability, increased security, and modern technology. Users of existing systems will participate in the planning, design, and transition to the new system and play a critical role in its success.

VISIT THE BEST PROGRAM

Additional CTR Resources

CTR Policies

This is a public-facing repository of all Office of the Comptroller policies pertaining to state finance, financial records retention, payroll, budgets, enterprise systems, and enterprise security.

CTR Regulations

815 CMR applies to the fiscal transactions of the Commonwealth.

Fiscal Year Memos

Fiscal Year Memos contain policy/procedure information issued for the Commonwealth of Massachusetts for a specific fiscal year.

Expenditure Classification Handbook

This Handbook includes the object code descriptions and instructions regarding the encumbering and expenditure of all funds and is used for all expenditures of the Commonwealth.

Conducting Best Value Procurements

Guidance to Executive Departments on conducting competitive procurements, purchasing, and contract management requirements for goods and services, including use of the COMMBUYS.

VIEW ON MASS.GOV

CTR Cyber

The Office of the Comptroller has developed CTR Cyber to identify key cybersecurity internal controls for Commonwealth of Massachusetts departments, and to promote cybersecurity awareness and cyber vigilance for everyone in these organizations.

Internal Controls

Tthe Comptroller is responsible for developing internal control guidelines for Commonwealth departments.

Chapter 647 of the Acts of 1989: Internal Control Legislation

An act relative to improving internal controls within state agencies.

VIEW ON MASS.GOV

Close/Open Calendar

Information regarding compliance and deadlines relating the close and open of a fiscal year.

VISIT ON CTR INTRANET

CTR Weekly Update

CTR issues weekly communications on guidance, new initiatives, and other news to Mosaic and HR/CMS users, and key department contacts.

VISIT ON CTR INTRANET

CTR Statewide Learning

CTR provides training on state finance related topics for employees of state agencies.

VISIT ON CTR INTRANET