FAC Explorer

Audit 296385

FY End
2023-06-30
Total Expended
$2.90M
Findings
18
Programs
6
Organization: San Diego Christian College (CA)
Year: 2023 Accepted: 2024-03-21
Auditor: Capincrouse LLP

Organization Exclusion Status:

Findings

ID Ref Severity Repeat Requirement
382780 2023-004 Material Weakness - N
382781 2023-004 Material Weakness - N
382782 2023-004 Material Weakness - N
382783 2023-004 Material Weakness - N
382784 2023-004 Material Weakness - N
382785 2023-004 Material Weakness - N
382786 2023-005 - - C
382787 2023-005 - - C
382788 2023-005 - - C
959222 2023-004 Material Weakness - N
959223 2023-004 Material Weakness - N
959224 2023-004 Material Weakness - N
959225 2023-004 Material Weakness - N
959226 2023-004 Material Weakness - N
959227 2023-004 Material Weakness - N
959228 2023-005 - - C
959229 2023-005 - - C
959230 2023-005 - - C

Programs

ALN Program Spent Major Findings
84.268 Federal Direct Student Loans $1.81M Yes 1
84.063 Federal Pell Grant Program $734,811 Yes 1
84.038 Federal Perkins Loan Program $268,472 Yes 1
84.007 Federal Supplemental Educational Opportunity Grants $48,876 Yes 2
84.007 Covid-19 Federal Supplemental Educational Opportunity Grants $34,188 Yes 2
84.033 Federal Work-Study Program $736 Yes 2

Contacts

Name Title Type
LZV4HLFF3843 Kayleigh Reyes Auditee
6192018761 Nathan Salsbery, CPA Auditor
No contacts on file

Notes to SEFA

Title: RELATIONSHIP TO FINANCIAL STATEMENTS Accounting Policies: The accompanying schedule of expenditures of federal awards (the schedule) includes the federal grant activity of San Diego Christian College under programs of the federal government for the year ending June 30, 2023. The information in the schedule is presented in accordance with the requirements of the Title 2 U.S. Code of Federal Regulations Part 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance). Therefore, some amounts presented in the schedule may differ from amounts presented in, or used in the preparation of, the basic financial statements. Expenditures in the schedule are reported on the accrual basis of accounting. Such expenditures are recognized following the cost principles contained in the Uniform Guidance, wherein certain types of expenditures are not allowable or are limited as to reimbursement. Negative amounts shown on the schedule represent adjustments or credits made in the normal course of business to amounts reported as expenditures in prior years. If San Diego Christian College is required to match certain federal assistance, as defined by the grant agreements, no such matching has been included as expenditures in the schedule. De Minimis Rate Used: N Rate Explanation: The auditee did not use the de minimis cost rate See the Notes to the SEFA for chart/table
Title: SUBRECIPIENTS, NON-CASH ASSISTANCE, FEDERAL INSURANCE, LOANS, AND LOAN GUARANTEES Accounting Policies: The accompanying schedule of expenditures of federal awards (the schedule) includes the federal grant activity of San Diego Christian College under programs of the federal government for the year ending June 30, 2023. The information in the schedule is presented in accordance with the requirements of the Title 2 U.S. Code of Federal Regulations Part 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance). Therefore, some amounts presented in the schedule may differ from amounts presented in, or used in the preparation of, the basic financial statements. Expenditures in the schedule are reported on the accrual basis of accounting. Such expenditures are recognized following the cost principles contained in the Uniform Guidance, wherein certain types of expenditures are not allowable or are limited as to reimbursement. Negative amounts shown on the schedule represent adjustments or credits made in the normal course of business to amounts reported as expenditures in prior years. If San Diego Christian College is required to match certain federal assistance, as defined by the grant agreements, no such matching has been included as expenditures in the schedule. De Minimis Rate Used: N Rate Explanation: The auditee did not use the de minimis cost rate San Diego Christian College did not provide any federal funds to subrecipients nor did they receive any federal non-cash assistance, insurance, loans, or loan guarantees.
Title: FEDERAL PERKINS LOAN PROGRAM Accounting Policies: The accompanying schedule of expenditures of federal awards (the schedule) includes the federal grant activity of San Diego Christian College under programs of the federal government for the year ending June 30, 2023. The information in the schedule is presented in accordance with the requirements of the Title 2 U.S. Code of Federal Regulations Part 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance). Therefore, some amounts presented in the schedule may differ from amounts presented in, or used in the preparation of, the basic financial statements. Expenditures in the schedule are reported on the accrual basis of accounting. Such expenditures are recognized following the cost principles contained in the Uniform Guidance, wherein certain types of expenditures are not allowable or are limited as to reimbursement. Negative amounts shown on the schedule represent adjustments or credits made in the normal course of business to amounts reported as expenditures in prior years. If San Diego Christian College is required to match certain federal assistance, as defined by the grant agreements, no such matching has been included as expenditures in the schedule. De Minimis Rate Used: N Rate Explanation: The auditee did not use the de minimis cost rate See the Notes to the SEFA for chart/table
Title: ZONE ALTERNATIVE COMPLIANCE Accounting Policies: The accompanying schedule of expenditures of federal awards (the schedule) includes the federal grant activity of San Diego Christian College under programs of the federal government for the year ending June 30, 2023. The information in the schedule is presented in accordance with the requirements of the Title 2 U.S. Code of Federal Regulations Part 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance). Therefore, some amounts presented in the schedule may differ from amounts presented in, or used in the preparation of, the basic financial statements. Expenditures in the schedule are reported on the accrual basis of accounting. Such expenditures are recognized following the cost principles contained in the Uniform Guidance, wherein certain types of expenditures are not allowable or are limited as to reimbursement. Negative amounts shown on the schedule represent adjustments or credits made in the normal course of business to amounts reported as expenditures in prior years. If San Diego Christian College is required to match certain federal assistance, as defined by the grant agreements, no such matching has been included as expenditures in the schedule. De Minimis Rate Used: N Rate Explanation: The auditee did not use the de minimis cost rate San Diego Christian College is currently operating under the Provisional Certification Alternative for failure to meet the Department of Educationʼs standards of financial responsibility. As part of the audit procedures, San Diego Christian Collegeʼs compliance with the Zone Alternative including their administration of the heightened cash monitoring payment method, disbursing aid and paying out credit balances before requesting reimbursement and timely notification requirements was tested. Non-compliance with the requirements was noted. See current year finding 2023-005
Title: COVID-19 TITLE IV TRANSFERS Accounting Policies: The accompanying schedule of expenditures of federal awards (the schedule) includes the federal grant activity of San Diego Christian College under programs of the federal government for the year ending June 30, 2023. The information in the schedule is presented in accordance with the requirements of the Title 2 U.S. Code of Federal Regulations Part 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance). Therefore, some amounts presented in the schedule may differ from amounts presented in, or used in the preparation of, the basic financial statements. Expenditures in the schedule are reported on the accrual basis of accounting. Such expenditures are recognized following the cost principles contained in the Uniform Guidance, wherein certain types of expenditures are not allowable or are limited as to reimbursement. Negative amounts shown on the schedule represent adjustments or credits made in the normal course of business to amounts reported as expenditures in prior years. If San Diego Christian College is required to match certain federal assistance, as defined by the grant agreements, no such matching has been included as expenditures in the schedule. De Minimis Rate Used: N Rate Explanation: The auditee did not use the de minimis cost rate As allowed by the CARES Act sections 3503 and 3504 in response to COVID-19, San Diego Christian College transfered $34,188 of their unexpected Federal Work-Study allocation to the Federal Supplemental Educational Opportunity Grants Program (FSEOG) and used those funds to award COVID-19 emergency FSEOG financial aid grants to students.

Finding Details

Finding 2023-004
Gramm-Leach-Bliley Act (GLBA) Compliance Material Weakness DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, and 84.038 Student Financial Assistance Cluster Federal Award Identification #: 2022-2023 Financial Aid Year Condition: San Diego Christian College did not sufficiently comply with the updated requirements of GLBA. Criteria: 16 CFR 314.3, 16 CFR 314.4 Questioned Costs: $0 Context: San Diego Christian College has not sufficiently documented its written information security programs, its security risk assessment and safeguards, including general threats, not implemented multi-factor authentication on all systems containing personally identifiable information (PII). San Diego Christian College has not implemented continuous monitoring, such as penetration testing and vulnerability scanning. Additionally, San Diego Christian College has not sufficiently implemented an incident response plan, and has not provided a written, annual report to the board. Furthermore, San Diego Christian College has not formalized its employee training program. Cause: San Diego Christian College has limited resources and has allocated certain staff time and dollars as available to address and document compliance with the requirements of GLBA. Effect: San Diego Christian College has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable Recommendation: We commend San Diego Christian College for the work completed on GLBA. We recommend San Diego Christian College allocate sufficient resources to address the remaining requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2023-004
Gramm-Leach-Bliley Act (GLBA) Compliance Material Weakness DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, and 84.038 Student Financial Assistance Cluster Federal Award Identification #: 2022-2023 Financial Aid Year Condition: San Diego Christian College did not sufficiently comply with the updated requirements of GLBA. Criteria: 16 CFR 314.3, 16 CFR 314.4 Questioned Costs: $0 Context: San Diego Christian College has not sufficiently documented its written information security programs, its security risk assessment and safeguards, including general threats, not implemented multi-factor authentication on all systems containing personally identifiable information (PII). San Diego Christian College has not implemented continuous monitoring, such as penetration testing and vulnerability scanning. Additionally, San Diego Christian College has not sufficiently implemented an incident response plan, and has not provided a written, annual report to the board. Furthermore, San Diego Christian College has not formalized its employee training program. Cause: San Diego Christian College has limited resources and has allocated certain staff time and dollars as available to address and document compliance with the requirements of GLBA. Effect: San Diego Christian College has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable Recommendation: We commend San Diego Christian College for the work completed on GLBA. We recommend San Diego Christian College allocate sufficient resources to address the remaining requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2023-004
Gramm-Leach-Bliley Act (GLBA) Compliance Material Weakness DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, and 84.038 Student Financial Assistance Cluster Federal Award Identification #: 2022-2023 Financial Aid Year Condition: San Diego Christian College did not sufficiently comply with the updated requirements of GLBA. Criteria: 16 CFR 314.3, 16 CFR 314.4 Questioned Costs: $0 Context: San Diego Christian College has not sufficiently documented its written information security programs, its security risk assessment and safeguards, including general threats, not implemented multi-factor authentication on all systems containing personally identifiable information (PII). San Diego Christian College has not implemented continuous monitoring, such as penetration testing and vulnerability scanning. Additionally, San Diego Christian College has not sufficiently implemented an incident response plan, and has not provided a written, annual report to the board. Furthermore, San Diego Christian College has not formalized its employee training program. Cause: San Diego Christian College has limited resources and has allocated certain staff time and dollars as available to address and document compliance with the requirements of GLBA. Effect: San Diego Christian College has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable Recommendation: We commend San Diego Christian College for the work completed on GLBA. We recommend San Diego Christian College allocate sufficient resources to address the remaining requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2023-004
Gramm-Leach-Bliley Act (GLBA) Compliance Material Weakness DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, and 84.038 Student Financial Assistance Cluster Federal Award Identification #: 2022-2023 Financial Aid Year Condition: San Diego Christian College did not sufficiently comply with the updated requirements of GLBA. Criteria: 16 CFR 314.3, 16 CFR 314.4 Questioned Costs: $0 Context: San Diego Christian College has not sufficiently documented its written information security programs, its security risk assessment and safeguards, including general threats, not implemented multi-factor authentication on all systems containing personally identifiable information (PII). San Diego Christian College has not implemented continuous monitoring, such as penetration testing and vulnerability scanning. Additionally, San Diego Christian College has not sufficiently implemented an incident response plan, and has not provided a written, annual report to the board. Furthermore, San Diego Christian College has not formalized its employee training program. Cause: San Diego Christian College has limited resources and has allocated certain staff time and dollars as available to address and document compliance with the requirements of GLBA. Effect: San Diego Christian College has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable Recommendation: We commend San Diego Christian College for the work completed on GLBA. We recommend San Diego Christian College allocate sufficient resources to address the remaining requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2023-004
Gramm-Leach-Bliley Act (GLBA) Compliance Material Weakness DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, and 84.038 Student Financial Assistance Cluster Federal Award Identification #: 2022-2023 Financial Aid Year Condition: San Diego Christian College did not sufficiently comply with the updated requirements of GLBA. Criteria: 16 CFR 314.3, 16 CFR 314.4 Questioned Costs: $0 Context: San Diego Christian College has not sufficiently documented its written information security programs, its security risk assessment and safeguards, including general threats, not implemented multi-factor authentication on all systems containing personally identifiable information (PII). San Diego Christian College has not implemented continuous monitoring, such as penetration testing and vulnerability scanning. Additionally, San Diego Christian College has not sufficiently implemented an incident response plan, and has not provided a written, annual report to the board. Furthermore, San Diego Christian College has not formalized its employee training program. Cause: San Diego Christian College has limited resources and has allocated certain staff time and dollars as available to address and document compliance with the requirements of GLBA. Effect: San Diego Christian College has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable Recommendation: We commend San Diego Christian College for the work completed on GLBA. We recommend San Diego Christian College allocate sufficient resources to address the remaining requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2023-004
Gramm-Leach-Bliley Act (GLBA) Compliance Material Weakness DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, and 84.038 Student Financial Assistance Cluster Federal Award Identification #: 2022-2023 Financial Aid Year Condition: San Diego Christian College did not sufficiently comply with the updated requirements of GLBA. Criteria: 16 CFR 314.3, 16 CFR 314.4 Questioned Costs: $0 Context: San Diego Christian College has not sufficiently documented its written information security programs, its security risk assessment and safeguards, including general threats, not implemented multi-factor authentication on all systems containing personally identifiable information (PII). San Diego Christian College has not implemented continuous monitoring, such as penetration testing and vulnerability scanning. Additionally, San Diego Christian College has not sufficiently implemented an incident response plan, and has not provided a written, annual report to the board. Furthermore, San Diego Christian College has not formalized its employee training program. Cause: San Diego Christian College has limited resources and has allocated certain staff time and dollars as available to address and document compliance with the requirements of GLBA. Effect: San Diego Christian College has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable Recommendation: We commend San Diego Christian College for the work completed on GLBA. We recommend San Diego Christian College allocate sufficient resources to address the remaining requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2023-005
Noncompliance with HCM 1 Monitoring DEPARTMENT OF EDUCATION ALN #: 84.033; 84.007 Federal Award Identification #: 2022-2023 Financial Aid Year Condition: San Diego Christian College did not disburse Federal Work Study (FWS) and Federal Supplemental Educational Opportunity Grant (FSEOG) aid before drawing down the funds for the spring 2023 semester Criteria: 34 CFR 668.162 (a), 34 CFR 668.162 (d) Questioned Costs: $0 Context: San Diego Christian College inadvertently drew the full 2022-2023 authorization for FWS and FSEOG in December 2022 before the Spring semester began. This resulted in excess cash on hand and non-compliance with Heightened Cash Monitoring, which San Diego Christian College is currently on for cash management. However, San Diego Christian College did comply with these requirements for FDL and Pell during the fiscal year. Cause: Turnover in staffing. Effect: Non-compliance with cash management requirement to minimize the time between drawing the Title IV funds and disbursing those funds to students. Non-compliance with HCM requirements for FWS and FSEOG. FWS funds of approximately $34,000 were held for 6 months and FSEOG funds of approximately $25,000 were held for 1 month. Identification as repeat finding, if applicable: N/A Recommendation: While San Diego Christian College has procedures for complying with HCM for FDL and Pell, we recommend that a similar process be implemented for FSEOG and FWS to ensure the funds aren't drawn until disbursed to students. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2023-005
Noncompliance with HCM 1 Monitoring DEPARTMENT OF EDUCATION ALN #: 84.033; 84.007 Federal Award Identification #: 2022-2023 Financial Aid Year Condition: San Diego Christian College did not disburse Federal Work Study (FWS) and Federal Supplemental Educational Opportunity Grant (FSEOG) aid before drawing down the funds for the spring 2023 semester Criteria: 34 CFR 668.162 (a), 34 CFR 668.162 (d) Questioned Costs: $0 Context: San Diego Christian College inadvertently drew the full 2022-2023 authorization for FWS and FSEOG in December 2022 before the Spring semester began. This resulted in excess cash on hand and non-compliance with Heightened Cash Monitoring, which San Diego Christian College is currently on for cash management. However, San Diego Christian College did comply with these requirements for FDL and Pell during the fiscal year. Cause: Turnover in staffing. Effect: Non-compliance with cash management requirement to minimize the time between drawing the Title IV funds and disbursing those funds to students. Non-compliance with HCM requirements for FWS and FSEOG. FWS funds of approximately $34,000 were held for 6 months and FSEOG funds of approximately $25,000 were held for 1 month. Identification as repeat finding, if applicable: N/A Recommendation: While San Diego Christian College has procedures for complying with HCM for FDL and Pell, we recommend that a similar process be implemented for FSEOG and FWS to ensure the funds aren't drawn until disbursed to students. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2023-005
Noncompliance with HCM 1 Monitoring DEPARTMENT OF EDUCATION ALN #: 84.033; 84.007 Federal Award Identification #: 2022-2023 Financial Aid Year Condition: San Diego Christian College did not disburse Federal Work Study (FWS) and Federal Supplemental Educational Opportunity Grant (FSEOG) aid before drawing down the funds for the spring 2023 semester Criteria: 34 CFR 668.162 (a), 34 CFR 668.162 (d) Questioned Costs: $0 Context: San Diego Christian College inadvertently drew the full 2022-2023 authorization for FWS and FSEOG in December 2022 before the Spring semester began. This resulted in excess cash on hand and non-compliance with Heightened Cash Monitoring, which San Diego Christian College is currently on for cash management. However, San Diego Christian College did comply with these requirements for FDL and Pell during the fiscal year. Cause: Turnover in staffing. Effect: Non-compliance with cash management requirement to minimize the time between drawing the Title IV funds and disbursing those funds to students. Non-compliance with HCM requirements for FWS and FSEOG. FWS funds of approximately $34,000 were held for 6 months and FSEOG funds of approximately $25,000 were held for 1 month. Identification as repeat finding, if applicable: N/A Recommendation: While San Diego Christian College has procedures for complying with HCM for FDL and Pell, we recommend that a similar process be implemented for FSEOG and FWS to ensure the funds aren't drawn until disbursed to students. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2023-004
Gramm-Leach-Bliley Act (GLBA) Compliance Material Weakness DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, and 84.038 Student Financial Assistance Cluster Federal Award Identification #: 2022-2023 Financial Aid Year Condition: San Diego Christian College did not sufficiently comply with the updated requirements of GLBA. Criteria: 16 CFR 314.3, 16 CFR 314.4 Questioned Costs: $0 Context: San Diego Christian College has not sufficiently documented its written information security programs, its security risk assessment and safeguards, including general threats, not implemented multi-factor authentication on all systems containing personally identifiable information (PII). San Diego Christian College has not implemented continuous monitoring, such as penetration testing and vulnerability scanning. Additionally, San Diego Christian College has not sufficiently implemented an incident response plan, and has not provided a written, annual report to the board. Furthermore, San Diego Christian College has not formalized its employee training program. Cause: San Diego Christian College has limited resources and has allocated certain staff time and dollars as available to address and document compliance with the requirements of GLBA. Effect: San Diego Christian College has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable Recommendation: We commend San Diego Christian College for the work completed on GLBA. We recommend San Diego Christian College allocate sufficient resources to address the remaining requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2023-004
Gramm-Leach-Bliley Act (GLBA) Compliance Material Weakness DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, and 84.038 Student Financial Assistance Cluster Federal Award Identification #: 2022-2023 Financial Aid Year Condition: San Diego Christian College did not sufficiently comply with the updated requirements of GLBA. Criteria: 16 CFR 314.3, 16 CFR 314.4 Questioned Costs: $0 Context: San Diego Christian College has not sufficiently documented its written information security programs, its security risk assessment and safeguards, including general threats, not implemented multi-factor authentication on all systems containing personally identifiable information (PII). San Diego Christian College has not implemented continuous monitoring, such as penetration testing and vulnerability scanning. Additionally, San Diego Christian College has not sufficiently implemented an incident response plan, and has not provided a written, annual report to the board. Furthermore, San Diego Christian College has not formalized its employee training program. Cause: San Diego Christian College has limited resources and has allocated certain staff time and dollars as available to address and document compliance with the requirements of GLBA. Effect: San Diego Christian College has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable Recommendation: We commend San Diego Christian College for the work completed on GLBA. We recommend San Diego Christian College allocate sufficient resources to address the remaining requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2023-004
Gramm-Leach-Bliley Act (GLBA) Compliance Material Weakness DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, and 84.038 Student Financial Assistance Cluster Federal Award Identification #: 2022-2023 Financial Aid Year Condition: San Diego Christian College did not sufficiently comply with the updated requirements of GLBA. Criteria: 16 CFR 314.3, 16 CFR 314.4 Questioned Costs: $0 Context: San Diego Christian College has not sufficiently documented its written information security programs, its security risk assessment and safeguards, including general threats, not implemented multi-factor authentication on all systems containing personally identifiable information (PII). San Diego Christian College has not implemented continuous monitoring, such as penetration testing and vulnerability scanning. Additionally, San Diego Christian College has not sufficiently implemented an incident response plan, and has not provided a written, annual report to the board. Furthermore, San Diego Christian College has not formalized its employee training program. Cause: San Diego Christian College has limited resources and has allocated certain staff time and dollars as available to address and document compliance with the requirements of GLBA. Effect: San Diego Christian College has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable Recommendation: We commend San Diego Christian College for the work completed on GLBA. We recommend San Diego Christian College allocate sufficient resources to address the remaining requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2023-004
Gramm-Leach-Bliley Act (GLBA) Compliance Material Weakness DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, and 84.038 Student Financial Assistance Cluster Federal Award Identification #: 2022-2023 Financial Aid Year Condition: San Diego Christian College did not sufficiently comply with the updated requirements of GLBA. Criteria: 16 CFR 314.3, 16 CFR 314.4 Questioned Costs: $0 Context: San Diego Christian College has not sufficiently documented its written information security programs, its security risk assessment and safeguards, including general threats, not implemented multi-factor authentication on all systems containing personally identifiable information (PII). San Diego Christian College has not implemented continuous monitoring, such as penetration testing and vulnerability scanning. Additionally, San Diego Christian College has not sufficiently implemented an incident response plan, and has not provided a written, annual report to the board. Furthermore, San Diego Christian College has not formalized its employee training program. Cause: San Diego Christian College has limited resources and has allocated certain staff time and dollars as available to address and document compliance with the requirements of GLBA. Effect: San Diego Christian College has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable Recommendation: We commend San Diego Christian College for the work completed on GLBA. We recommend San Diego Christian College allocate sufficient resources to address the remaining requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2023-004
Gramm-Leach-Bliley Act (GLBA) Compliance Material Weakness DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, and 84.038 Student Financial Assistance Cluster Federal Award Identification #: 2022-2023 Financial Aid Year Condition: San Diego Christian College did not sufficiently comply with the updated requirements of GLBA. Criteria: 16 CFR 314.3, 16 CFR 314.4 Questioned Costs: $0 Context: San Diego Christian College has not sufficiently documented its written information security programs, its security risk assessment and safeguards, including general threats, not implemented multi-factor authentication on all systems containing personally identifiable information (PII). San Diego Christian College has not implemented continuous monitoring, such as penetration testing and vulnerability scanning. Additionally, San Diego Christian College has not sufficiently implemented an incident response plan, and has not provided a written, annual report to the board. Furthermore, San Diego Christian College has not formalized its employee training program. Cause: San Diego Christian College has limited resources and has allocated certain staff time and dollars as available to address and document compliance with the requirements of GLBA. Effect: San Diego Christian College has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable Recommendation: We commend San Diego Christian College for the work completed on GLBA. We recommend San Diego Christian College allocate sufficient resources to address the remaining requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2023-004
Gramm-Leach-Bliley Act (GLBA) Compliance Material Weakness DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, and 84.038 Student Financial Assistance Cluster Federal Award Identification #: 2022-2023 Financial Aid Year Condition: San Diego Christian College did not sufficiently comply with the updated requirements of GLBA. Criteria: 16 CFR 314.3, 16 CFR 314.4 Questioned Costs: $0 Context: San Diego Christian College has not sufficiently documented its written information security programs, its security risk assessment and safeguards, including general threats, not implemented multi-factor authentication on all systems containing personally identifiable information (PII). San Diego Christian College has not implemented continuous monitoring, such as penetration testing and vulnerability scanning. Additionally, San Diego Christian College has not sufficiently implemented an incident response plan, and has not provided a written, annual report to the board. Furthermore, San Diego Christian College has not formalized its employee training program. Cause: San Diego Christian College has limited resources and has allocated certain staff time and dollars as available to address and document compliance with the requirements of GLBA. Effect: San Diego Christian College has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable Recommendation: We commend San Diego Christian College for the work completed on GLBA. We recommend San Diego Christian College allocate sufficient resources to address the remaining requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2023-005
Noncompliance with HCM 1 Monitoring DEPARTMENT OF EDUCATION ALN #: 84.033; 84.007 Federal Award Identification #: 2022-2023 Financial Aid Year Condition: San Diego Christian College did not disburse Federal Work Study (FWS) and Federal Supplemental Educational Opportunity Grant (FSEOG) aid before drawing down the funds for the spring 2023 semester Criteria: 34 CFR 668.162 (a), 34 CFR 668.162 (d) Questioned Costs: $0 Context: San Diego Christian College inadvertently drew the full 2022-2023 authorization for FWS and FSEOG in December 2022 before the Spring semester began. This resulted in excess cash on hand and non-compliance with Heightened Cash Monitoring, which San Diego Christian College is currently on for cash management. However, San Diego Christian College did comply with these requirements for FDL and Pell during the fiscal year. Cause: Turnover in staffing. Effect: Non-compliance with cash management requirement to minimize the time between drawing the Title IV funds and disbursing those funds to students. Non-compliance with HCM requirements for FWS and FSEOG. FWS funds of approximately $34,000 were held for 6 months and FSEOG funds of approximately $25,000 were held for 1 month. Identification as repeat finding, if applicable: N/A Recommendation: While San Diego Christian College has procedures for complying with HCM for FDL and Pell, we recommend that a similar process be implemented for FSEOG and FWS to ensure the funds aren't drawn until disbursed to students. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2023-005
Noncompliance with HCM 1 Monitoring DEPARTMENT OF EDUCATION ALN #: 84.033; 84.007 Federal Award Identification #: 2022-2023 Financial Aid Year Condition: San Diego Christian College did not disburse Federal Work Study (FWS) and Federal Supplemental Educational Opportunity Grant (FSEOG) aid before drawing down the funds for the spring 2023 semester Criteria: 34 CFR 668.162 (a), 34 CFR 668.162 (d) Questioned Costs: $0 Context: San Diego Christian College inadvertently drew the full 2022-2023 authorization for FWS and FSEOG in December 2022 before the Spring semester began. This resulted in excess cash on hand and non-compliance with Heightened Cash Monitoring, which San Diego Christian College is currently on for cash management. However, San Diego Christian College did comply with these requirements for FDL and Pell during the fiscal year. Cause: Turnover in staffing. Effect: Non-compliance with cash management requirement to minimize the time between drawing the Title IV funds and disbursing those funds to students. Non-compliance with HCM requirements for FWS and FSEOG. FWS funds of approximately $34,000 were held for 6 months and FSEOG funds of approximately $25,000 were held for 1 month. Identification as repeat finding, if applicable: N/A Recommendation: While San Diego Christian College has procedures for complying with HCM for FDL and Pell, we recommend that a similar process be implemented for FSEOG and FWS to ensure the funds aren't drawn until disbursed to students. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2023-005
Noncompliance with HCM 1 Monitoring DEPARTMENT OF EDUCATION ALN #: 84.033; 84.007 Federal Award Identification #: 2022-2023 Financial Aid Year Condition: San Diego Christian College did not disburse Federal Work Study (FWS) and Federal Supplemental Educational Opportunity Grant (FSEOG) aid before drawing down the funds for the spring 2023 semester Criteria: 34 CFR 668.162 (a), 34 CFR 668.162 (d) Questioned Costs: $0 Context: San Diego Christian College inadvertently drew the full 2022-2023 authorization for FWS and FSEOG in December 2022 before the Spring semester began. This resulted in excess cash on hand and non-compliance with Heightened Cash Monitoring, which San Diego Christian College is currently on for cash management. However, San Diego Christian College did comply with these requirements for FDL and Pell during the fiscal year. Cause: Turnover in staffing. Effect: Non-compliance with cash management requirement to minimize the time between drawing the Title IV funds and disbursing those funds to students. Non-compliance with HCM requirements for FWS and FSEOG. FWS funds of approximately $34,000 were held for 6 months and FSEOG funds of approximately $25,000 were held for 1 month. Identification as repeat finding, if applicable: N/A Recommendation: While San Diego Christian College has procedures for complying with HCM for FDL and Pell, we recommend that a similar process be implemented for FSEOG and FWS to ensure the funds aren't drawn until disbursed to students. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.