This page, Audit of Quinsigamond Community College, is offered by
Office of the State Auditor

Audit

Audit Audit of Quinsigamond Community College

Our office conducted a performance audit of Quinsigamond Community College (QCC) for the period March 1, 2020, through June 30, 2023. When examining employee settlement agreements entered into by QCC, we extended the audit period to January 1, 2019 through December 30, 2023.

Organization:	Office of the State Auditor
Date published:	April 4, 2025

Executive Summary

In accordance with Section 12 of Chapter 11 of the Massachusetts General Laws, the Office of the State Auditor has conducted a performance audit of Quinsigamond Community College (QCC) for the period March 1, 2020, through June 30, 2023. When examining employee settlement agreements entered into by QCC, we extended the audit period to January 1, 2019 through December 30, 2023.

The purpose of our audit was to determine the following:

whether QCC administered the student portion of funding under Section 18004(a)(1) of the Coronavirus Aid, Relief, and Economic Security (CARES) Act in accordance with Sections C, D, and E of the United States Department of Education’s (US DOE’s) Higher Education Emergency Relief Fund (HEERF) Frequently Asked Questions (FAQ) Rollup Document;
whether QCC administered the institutional portion of funding under Section 18004(a)(1) of the CARES Act in accordance with Section F of US DOE’s HEERF FAQ Rollup Document;
whether QCC administered the student portion of funding under Section 314(a)(1) of the Coronavirus Response and Relief Supplemental Appropriations Act (CRRSAA) in accordance with US DOE’s HEERF II Public and Private Nonprofit Institution (a)(1) Programs ([Catalog of Federal Domestic Assistance (CFDA)] 84.425E and 84.425F) FAQ;
whether QCC administered the institutional portion of funding under Section 314(a)(1) of the CRRSAA in accordance with US DOE’s HEERF II Public and Private Nonprofit Institution (a)(1) Programs (CFDA 84.425E and 84.425F) FAQ;
whether QCC administered the student portion of funding under Section 2003(a)(1) of the American Rescue Plan Act (ARPA) in accordance with Section B of US DOE’s HEERF III FAQ;
whether QCC administered the institutional portion of funding under Section 2003(a)(1) of the ARPA in accordance with Section C of US DOE’s HEERF III FAQ;
whether QCC updated its internal control plan to address the COVID-19 pandemic in accordance with the Office of the Comptroller of the Commonwealth’s (CTR’s) “COVID-19 Pandemic Response Internal Controls Guidance,” dated September 30, 2020;
whether QCC ensured that its employees received cybersecurity awareness training in accordance with the requirements noted in Sections 6.2.3 and 6.2.4 of the Executive Office of Technology Services and Security’s Information Security Risk Management Standard IS.010, effective October 15, 2018; and
whether QCC had internal policies and procedures in place for (a) the review and approval of employee settlement agreements, including the language used, and (b) the reporting of employee settlement agreements to CTR and whether QCC followed these policies and procedures and used non-disclosure, non-disparagement, or similarly restrictive clauses as part of employee settlement agreement language for settlements that it entered into from January 1, 2019 through December 30, 2023.

Below is a summary of our findings, the effects of those findings, and our recommendations, with links to each page listed.


Finding 1	QCC did not ensure that all employees completed cybersecurity awareness training both when hired and annually thereafter.
Effect	Without educating all employees on their responsibility of protecting the security of information assets, QCC may be exposed to a higher risk of cybersecurity attacks and financial and/or reputational losses.
Recommendations	QCC should ensure that all employees complete annual cybersecurity awareness training and that all newly hired employees complete the initial training within the first 30 days of orientation. QCC should design and implement a monitoring control to track the completion of cybersecurity awareness training.
Finding 2	QCC lacked certain information system general controls over its campus-wide administrative database and financial system, as well as human resources hardcopy records.
Effect	Deficiencies in information system general controls can lead to potential operational issues, which could negatively impact QCC’s reputation, information system security, and/or financial stability.
Recommendations	QCC should revisit and enhance its information systems general controls surrounding the campus-wide administrative database and financial system, as well as human resources records. QCC should establish a policy to monitor the accuracy of data, the removal of terminated employees from the data systems, and record retention.
Finding 3	QCC did not have a documented, transparent, or accountable process related to employee settlement agreements, including those containing non-disclosure, non-disparagement, or similarly restrictive clauses.
Effect	If QCC does not have a documented, transparent, and accountable process to handle employee settlement agreements, especially those containing non-disclosure, non-disparagement, or similarly restrictive clauses, then it cannot ensure that employee settlement agreements are handled in an ethical, legal, or appropriate manner. Also, by not maintaining a comprehensive “watch list,” QCC may rehire a former employee with a provision in the settlement stating not to rehire.
Recommendations	QCC should develop, document, and implement a policy related to employee settlement agreements, including those with no reemployment clauses. QCC should track and document all complaints that include non-disclosure, non-disparagement, or similarly restrictive clauses in employee settlement agreements.

In addition to the conclusions we reached regarding our audit objectives, we also identified issues not specifically addressed by our objectives. For more information, see Other Matters.

Downloads

Open PDF file, 495.95 KB, Audit Report - Quinsigamond Community College (English, PDF 495.95 KB)

Contact

Phone

Main (617) 727-2075

Online

Auditor@MassAuditor.gov

Fax

(617) 727-3014

Address

Massachusetts State House
Room 230
Boston, MA 02133

Directions

Contact

Office of State Auditor Diana DiZoglio

Phone

Main (617) 727-2075

Online

Auditor@MassAuditor.gov

Fax

(617) 727-3014

Address

Massachusetts State House
Room 230
Boston, MA 02133

Directions

Help Us Improve Mass.gov with your feedback

Did you find what you were looking for on this webpage?

Yes

If you have any suggestions for the website, please let us know. How can we improve the page?

Please do not include personal or contact information.

The feedback will only be used for improving the website. If you need assistance, please contact the State Auditor. Please limit your input to 500 characters.

Please remove any contact information or personal data from your feedback. You will NOT get a response.

If you need assistance, please contact the State Auditor.

Please let us know how we can improve this page.

Please remove any contact information or personal data from your feedback. You will NOT get a response.

If you need assistance, please contact the State Auditor.

Audit Audit of Quinsigamond Community College

Executive Summary

Table of Contents

Downloads

Contact

Office of State Auditor Diana DiZoglio

Phone

Online

Fax

Address

Help Us Improve Mass.gov with your feedback