- Office of the State Auditor
Media Contact for Audit Identifies Necessary Improvements to the Department of Conservation and Recreation’s Internal Policies and Procedures
Lauren Feltch Donoghue, Director of Communications
Boston — In an audit released today, State Auditor Suzanne M. Bump determined the Department of Conservation and Recreation (DCR) did not have internal tracking, oversight or enforcement procedures in place to ensure its contractors complied with the workforce participation goal under state law. The audit also identified that DCR did not ensure all contractors submitted Certificates of Payment to monitor contractor compliance with business ownership goals. DCR should develop policies and procedures to effectively monitor the workforce participation goal as well as the business ownership goal for women and minorities pertaining to contractors hired. This performance audit was conducted for the period July 1, 2019 through June 30, 2021.
DCR is responsible for ensuring that woman workers and minority workers, as well as minority-owned business enterprises (MBEs) and woman-owned business enterprises (WBEs), are fairly represented and included in its construction projects. According to the law, the construction contracts of a state agency must include workforce participation goals. DCR is also responsible for ensuring that its contractors achieve a 10.4% business ownership goal for women and minorities on its construction contracts, unless DCR has agreed to a request from the contractor to waive or reduce this percentage.
“I appreciate that DCR is taking necessary action to address our recommendations noted in the report. Written policies and procedures are a critical component of an agency’s internal control system that ensure its activities are conducted consistently, effectively, efficiently, and in compliance with applicable regulations across the organization,” said Auditor Bump.
In addition, DCR did not ensure that all employees completed annual cybersecurity awareness training as required by the Executive Office of Technology Services and Security. When implementing policies and procedures, DCR should incorporate a policy to monitor and document completion of the training annually.
###