Organization: | Office of the State Auditor |
---|---|
Date published: | March 26, 2025 |
Executive Summary
In accordance with Section 12 of Chapter 11 of the Massachusetts General Laws, the Office of the State Auditor has conducted a performance audit of Bristol Community College (BRC) for the period March 1, 2020 through June 30, 2023.
The purpose of our audit was to determine the following:
- whether BRC administered the student portion of funding under Section 18004(a)(1) of the Coronavirus Aid, Relief, and Economic Security (CARES) Act in accordance with Sections C, D, and E of the United States Department of Education’s (US DOE’s) Higher Education Emergency Relief Fund (HEERF) Frequently Asked Questions (FAQ) Rollup Document;
- whether BRC administered the student portion of funding under Section 314(a)(1) of the Coronavirus Response and Relief Supplemental Appropriations Act (CRRSAA) and Section 2003(a)(1) of the American Rescue Plan Act (ARPA) in accordance with US DOE’s HEERF ll Public and Private Nonprofit Institution (a)(1) Programs (Catalog of Federal Domestic Assistance [CFDA] 84.425E and 84.425F) FAQ and US DOE’s HEERF lll FAQ Rollup Document;
- whether BRC administered the institutional portion of funding in accordance with US DOE’s HEERF I, II, and III FAQs;
- whether BRC updated its internal control plan to address the COVID-19 pandemic in accordance with the Office of the Comptroller of the Commonwealth’s (CTR’s) “COVID-19 Pandemic Response Internal Controls Guidance,” dated September 30, 2020;
- whether BRC ensured that its employees with access to its Banner1 system completed cybersecurity awareness training in accordance with the requirements noted in Sections 6.2.3 and 6.2.4 of the Executive Office of Technology Services and Security’s Information Security Risk Management Standard IS.010; and
- whether BRC had internal policies and procedures in place for (a) the review and approval of employee settlement agreements, including use of non-disclosure, non-disparagement, or similarly restrictive clauses, and (b) the reporting of monetary employee settlements to CTR in accordance with Sections 5.06 and 5.09 of Title 815 of the Code of Massachusetts Regulations.
Below is a summary of our findings, the effects of those findings, and our recommendations, with links to each page listed.
Finding 1 | BRC did not ensure that all of its employees completed cybersecurity awareness training. |
Effect | If BRC does not ensure that all of its employees complete cybersecurity awareness training, then it may expose itself to an increased risk of cybersecurity attacks and financial and/or reputational losses. |
Recommendations |
|
Finding 2 | BRC did not have a transparent or accountable process related to employee settlement agreements. |
Effect | If BRC does not have a transparent and accountable process to handle employee settlement agreements, especially for those containing non-disclosure, non-disparagement, confidentiality, or similar clauses, then it cannot ensure that employee settlements are handled in an ethical, legal, or appropriate manner. If the BRC board of trustees does not ensure appropriate oversight regarding employee settlements, then the financial stability and reputation of BRC and its employees may be negatively impacted. Furthermore, public dollars could be abused to cover up harassment, discrimination, or other forms of misconduct, while protecting perpetrators of abuse in BRC’s employ, in reality or in appearance. |
Recommendations |
|
1. Banner is the database system for BRC’s administrative activities, accounting, and student files. It is designed to link various integrated modules, including modules for registration, student billing, and financial aid, to BRC’s financial system.
Table of Contents
Downloads
-
Open PDF file, 441.72 KB, Audit Report - Bristol Community College (English, PDF 441.72 KB)
Contact
Phone
Online
Fax
Address
Room 230
Boston, MA 02133