FAC Explorer

Audit 297241

FY End
2023-06-30
Total Expended
$26.29M
Findings
16
Programs
19
Organization: Northeast Wisconsin Technical College District (WI)
Year: 2023 Accepted: 2024-03-25
Auditor: Cliftonlarsonallen LLP

Organization Exclusion Status:

Findings

ID Ref Severity Repeat Requirement
384095 2023-001 Significant Deficiency - P
384096 2023-001 Significant Deficiency - P
384097 2023-001 Significant Deficiency - P
384098 2023-001 Significant Deficiency - P
384099 2023-001 Significant Deficiency - P
384100 2023-001 Significant Deficiency - P
384101 2023-001 Significant Deficiency - P
384102 2023-001 Significant Deficiency - P
960537 2023-001 Significant Deficiency - P
960538 2023-001 Significant Deficiency - P
960539 2023-001 Significant Deficiency - P
960540 2023-001 Significant Deficiency - P
960541 2023-001 Significant Deficiency - P
960542 2023-001 Significant Deficiency - P
960543 2023-001 Significant Deficiency - P
960544 2023-001 Significant Deficiency - P

Programs

ALN Program Spent Major Findings
84.425 Education Stabilization Fund $3.28M Yes 0
93.178 Nursing Workforce Diversity $493,268 - 0
84.007 Federal Supplemental Educational Opportunity Grants $337,433 Yes 1
84.002 Adult Education - Basic Grants to States $279,782 - 0
84.031 Higher Education_institutional Aid $269,033 - 0
81.041 State Energy Program $192,476 - 0
10.311 Beginning Farmer and Rancher Development Program $139,884 - 0
84.033 Federal Work-Study Program $113,165 Yes 1
21.027 Coronavirus State and Local Fiscal Recovery Funds $74,461 - 0
84.335 Child Care Access Means Parents in School $68,970 - 0
84.126 Rehabilitation Services_vocational Rehabilitation Grants to States $64,285 - 0
84.048 Career and Technical Education -- Basic Grants to States $55,744 - 0
81.087 Renewable Energy Research and Development $24,715 - 0
84.063 Federal Pell Grant Program $22,465 Yes 1
47.076 Education and Human Resources $20,233 - 0
97.044 Assistance to Firefighters Grant $17,657 - 0
17.285 Apprenticeship USA Grants $14,583 - 0
84.268 Federal Direct Student Loans $12,452 Yes 1
84.334 Gaining Early Awareness and Readiness for Undergraduate Programs $6,000 - 0

Contacts

Name Title Type
S8HFKCLSML38 Pam Lunde Auditee
9204986980 Jordan Boehm Auditor
No contacts on file

Notes to SEFA

Title: BASIS OF PRESENTATION Accounting Policies: The revenues and expenditures in the schedules are presented in accordance with the accrual basis of accounting and are generally in agreement with revenues and expenditures reported in the District’s 2022-2023 financial statements. Such expenditures are recognized following the cost principles requirements contained in the Uniform Guidance and the Wisconsin State Single Audit Guidelines, wherein certain types of expenditures are not allowable or are limited as to reimbursement. Local Share represents contributions to federal and state programs and includes adjustments for prior year transactions. De Minimis Rate Used: N Rate Explanation: The District has not elected to charge a de minimis rate of 10% of modified total costs. The accompanying Schedules of Expenditures of Federal and State Awards for Northeast Wisconsin Technical College (the District) are presented in accordance with the requirements of Title 2 U.S. Code of Federal Regulations Part 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance) and the State Single Audit Guidelines issued by the Wisconsin Department of Administration. The Schedules of Expenditures of Federal and State Awards include all federal and state awards of the District. Because the schedules present only a selected portion of the operations of the District, it is not intended to and does not present the financial position, changes in net position, or cash flows of the District.
Title: OVERSIGHT AGENCIES Accounting Policies: The revenues and expenditures in the schedules are presented in accordance with the accrual basis of accounting and are generally in agreement with revenues and expenditures reported in the District’s 2022-2023 financial statements. Such expenditures are recognized following the cost principles requirements contained in the Uniform Guidance and the Wisconsin State Single Audit Guidelines, wherein certain types of expenditures are not allowable or are limited as to reimbursement. Local Share represents contributions to federal and state programs and includes adjustments for prior year transactions. De Minimis Rate Used: N Rate Explanation: The District has not elected to charge a de minimis rate of 10% of modified total costs. The federal and state oversight agencies for the District are as follows: Federal - U.S. Department of Education State - Wisconsin Technical College System
Title: RECONCILIATION OF FEDERAL AWARDS Accounting Policies: The revenues and expenditures in the schedules are presented in accordance with the accrual basis of accounting and are generally in agreement with revenues and expenditures reported in the District’s 2022-2023 financial statements. Such expenditures are recognized following the cost principles requirements contained in the Uniform Guidance and the Wisconsin State Single Audit Guidelines, wherein certain types of expenditures are not allowable or are limited as to reimbursement. Local Share represents contributions to federal and state programs and includes adjustments for prior year transactions. De Minimis Rate Used: N Rate Explanation: The District has not elected to charge a de minimis rate of 10% of modified total costs. A reconciliation of federal grant revenues, as presented in the schedule of expenditures of federal awards to federal revenues reported in the District’s financial statements follows: Federal Revenues from Schedule of Expenditures of Federal Awards $ 26,290,371 Federal Direct Student Loan Program Paid Directly to Students ($ 8,190,314) Federal Revenues Recognized in the Statement of Revenues, Expenses, and Changes in Net Position $ 18,100,057 Operating $ 3,435,394 Nonoperating $ 14,664,663 Total $ 18,100,057
Title: RECONCILIATION OF STATE AWARDS Accounting Policies: The revenues and expenditures in the schedules are presented in accordance with the accrual basis of accounting and are generally in agreement with revenues and expenditures reported in the District’s 2022-2023 financial statements. Such expenditures are recognized following the cost principles requirements contained in the Uniform Guidance and the Wisconsin State Single Audit Guidelines, wherein certain types of expenditures are not allowable or are limited as to reimbursement. Local Share represents contributions to federal and state programs and includes adjustments for prior year transactions. De Minimis Rate Used: N Rate Explanation: The District has not elected to charge a de minimis rate of 10% of modified total costs. A reconciliation of state grant revenues, as presented in the schedule of expenditures of state awards to state revenues reported in the District’s financial statements follows: State Revenues from Schedule of Expenditures of State Awards $ 49,396,501 Operating $ 2,731,129 Nonoperating $ 46,604,123 Capital Contributions $ 61,248 Miscellaneous - Rounding 1 Total $ 49,396,501

Finding Details

Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224528-2023, P033A224528-2023, P063P222633- 2023, & P268K222633-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: * Significant Deficiency in Internal Control over Compliance * Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). The minimum safeguards include eight required written information security program elements. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224528-2023, P033A224528-2023, P063P222633- 2023, & P268K222633-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: * Significant Deficiency in Internal Control over Compliance * Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). The minimum safeguards include eight required written information security program elements. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224528-2023, P033A224528-2023, P063P222633- 2023, & P268K222633-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: * Significant Deficiency in Internal Control over Compliance * Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). The minimum safeguards include eight required written information security program elements. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224528-2023, P033A224528-2023, P063P222633- 2023, & P268K222633-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: * Significant Deficiency in Internal Control over Compliance * Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). The minimum safeguards include eight required written information security program elements. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224528-2023, P033A224528-2023, P063P222633- 2023, & P268K222633-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: * Significant Deficiency in Internal Control over Compliance * Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). The minimum safeguards include eight required written information security program elements. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224528-2023, P033A224528-2023, P063P222633- 2023, & P268K222633-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: * Significant Deficiency in Internal Control over Compliance * Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). The minimum safeguards include eight required written information security program elements. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224528-2023, P033A224528-2023, P063P222633- 2023, & P268K222633-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: * Significant Deficiency in Internal Control over Compliance * Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). The minimum safeguards include eight required written information security program elements. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224528-2023, P033A224528-2023, P063P222633- 2023, & P268K222633-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: * Significant Deficiency in Internal Control over Compliance * Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). The minimum safeguards include eight required written information security program elements. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224528-2023, P033A224528-2023, P063P222633- 2023, & P268K222633-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: * Significant Deficiency in Internal Control over Compliance * Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). The minimum safeguards include eight required written information security program elements. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224528-2023, P033A224528-2023, P063P222633- 2023, & P268K222633-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: * Significant Deficiency in Internal Control over Compliance * Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). The minimum safeguards include eight required written information security program elements. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224528-2023, P033A224528-2023, P063P222633- 2023, & P268K222633-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: * Significant Deficiency in Internal Control over Compliance * Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). The minimum safeguards include eight required written information security program elements. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224528-2023, P033A224528-2023, P063P222633- 2023, & P268K222633-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: * Significant Deficiency in Internal Control over Compliance * Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). The minimum safeguards include eight required written information security program elements. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224528-2023, P033A224528-2023, P063P222633- 2023, & P268K222633-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: * Significant Deficiency in Internal Control over Compliance * Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). The minimum safeguards include eight required written information security program elements. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224528-2023, P033A224528-2023, P063P222633- 2023, & P268K222633-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: * Significant Deficiency in Internal Control over Compliance * Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). The minimum safeguards include eight required written information security program elements. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224528-2023, P033A224528-2023, P063P222633- 2023, & P268K222633-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: * Significant Deficiency in Internal Control over Compliance * Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). The minimum safeguards include eight required written information security program elements. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224528-2023, P033A224528-2023, P063P222633- 2023, & P268K222633-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: * Significant Deficiency in Internal Control over Compliance * Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). The minimum safeguards include eight required written information security program elements. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.