FAC Explorer

Audit 297576

FY End
2023-06-30
Total Expended
$7.05M
Findings
12
Programs
15
Organization: Southwest Wisconsin Technical College (WI)
Year: 2023 Accepted: 2024-03-26
Auditor: Cliftonlarsonallen LLP

Organization Exclusion Status:

Findings

ID Ref Severity Repeat Requirement
384444 2023-001 Significant Deficiency - P
384445 2023-001 Significant Deficiency - P
384446 2023-001 Significant Deficiency - P
384447 2023-001 Significant Deficiency - P
384448 2023-001 Significant Deficiency - P
384449 2023-001 Significant Deficiency - P
960886 2023-001 Significant Deficiency - P
960887 2023-001 Significant Deficiency - P
960888 2023-001 Significant Deficiency - P
960889 2023-001 Significant Deficiency - P
960890 2023-001 Significant Deficiency - P
960891 2023-001 Significant Deficiency - P

Programs

ALN Program Spent Major Findings
84.063 Federal Pell Grant Program $2.43M Yes 1
84.268 Federal Direct Student Loans $902,573 Yes 1
84.425 Education Stabilization Fund $407,292 - 0
84.048 Career and Technical Education -- Basic Grants to States $120,928 - 0
84.002 Adult Education - Basic Grants to States $67,989 - 0
84.033 Federal Work-Study Program $63,221 Yes 1
84.007 Federal Supplemental Educational Opportunity Grants $60,102 Yes 1
97.044 Assistance to Firefighters Grant $17,043 - 0
81.041 State Energy Program $14,413 - 0
10.319 Farm Business Management and Benchmarking Competitive Grants Program $7,996 - 0
93.575 Child Care and Development Block Grant $5,095 - 0
21.027 Coronavirus State and Local Fiscal Recovery Funds $4,978 Yes 0
10.500 Cooperative Extension Service $4,406 - 0
17.285 Apprenticeship USA Grants $3,342 - 0
10.459 Commodity Partnerships for Small Agricultural Risk Management Education Sessions $540 - 0

Contacts

Name Title Type
LKGSHKF8AQ83 Caleb White Auditee
6088222446 Jordan Boehm Auditor
No contacts on file

Notes to SEFA

Title: BASIS OF PRESENTATION Accounting Policies: Expenditures reported on the Schedule are reported on the accrual basis of accounting. Such expenditures are recognized following the cost principles contained in the Uniform Guidance and the Wisconsin State Single Audit Guidelines for all awards. Under these principles, certain types of expenditures are not allowable or are limited as to reimbursement. Negative amounts shown on the Schedule represent adjustments or credits made in the normal course of business to amounts reported as expenditures in prior years. De Minimis Rate Used: Y Rate Explanation: The District has elected to use the 10% de minimis indirect cost rate allowed under the Uniform Guidance. The accompanying schedule of expenditures of federal and state awards (the Schedule) includes the federal and state award activity of the Southwest Wisconsin Technical College (the District) under programs of the federal government and state agencies for the year ended June 30, 2023. The information in this Schedule is presented in accordance with the requirements of Title 2 U.S. Code of Federal Regulations Part 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance) and the Wisconsin State Single Audit Guidelines. Because the Schedule presents only a selected portion of the operations of the District, it is not intended to and does not present the financial position, changes in net position, or cash flows of the District.
Title: NOTE 4 OVERSIGHT AND COGNIZANT AGENCIES Accounting Policies: Expenditures reported on the Schedule are reported on the accrual basis of accounting. Such expenditures are recognized following the cost principles contained in the Uniform Guidance and the Wisconsin State Single Audit Guidelines for all awards. Under these principles, certain types of expenditures are not allowable or are limited as to reimbursement. Negative amounts shown on the Schedule represent adjustments or credits made in the normal course of business to amounts reported as expenditures in prior years. De Minimis Rate Used: Y Rate Explanation: The District has elected to use the 10% de minimis indirect cost rate allowed under the Uniform Guidance. The District's federal oversight agency for audit is the U.S. Department of Education. The District's state cognizant agency is the Wisconsin Higher Education Aids Board. Grant monies received and disbursed by the University are for specific purposes and are subject to review and audit by the grantor agencies. Such audits may result in requests for reimbursement due to disallowed expenditures. Based upon prior experience, the District does not believe that such disallowances, if any, would have a material effect on the financial position of the District. As of June 30, 2023 management was not aware of any material questioned or disallowed costs as a result of grant audits in process or completed.
Title: FEDERAL DIRECT STUDENT LOAN PROGRAM (DIRECT LOANS) Accounting Policies: Expenditures reported on the Schedule are reported on the accrual basis of accounting. Such expenditures are recognized following the cost principles contained in the Uniform Guidance and the Wisconsin State Single Audit Guidelines for all awards. Under these principles, certain types of expenditures are not allowable or are limited as to reimbursement. Negative amounts shown on the Schedule represent adjustments or credits made in the normal course of business to amounts reported as expenditures in prior years. De Minimis Rate Used: Y Rate Explanation: The District has elected to use the 10% de minimis indirect cost rate allowed under the Uniform Guidance. The Direct Loans (Federal ALN 84.268) is comprised of the following types of loans: Subsidized Stafford Loans: $1,256,576 Unsubsidized Stafford Loan: $902,573 PLUS Loans: $20,115 Total Direct Loans: $2,179,264
Title: RECONCILIATION OF FEDERAL AND STATE AWARDS TO THE BASIC FINANCIAL STATEMENTS Accounting Policies: Expenditures reported on the Schedule are reported on the accrual basis of accounting. Such expenditures are recognized following the cost principles contained in the Uniform Guidance and the Wisconsin State Single Audit Guidelines for all awards. Under these principles, certain types of expenditures are not allowable or are limited as to reimbursement. Negative amounts shown on the Schedule represent adjustments or credits made in the normal course of business to amounts reported as expenditures in prior years. De Minimis Rate Used: Y Rate Explanation: The District has elected to use the 10% de minimis indirect cost rate allowed under the Uniform Guidance. Federal revenue reported in the basic financial statements is reconciled to the Schedule as follows: Reconciliation Federal Revenues Reported on the Schedule of Expenditures of Federal and State Awards: $7,052,638 Miscellaneous - Rounding: (1) Revenues per basic financial statements: $7,052,637 Federal Revenue Reported in the Statement of Revenues, Expenses, and Changes in Net Position: Operating: $2,039,617 Nonoperating: $2,833,756 Direct Student Loans Included on the Schedule of Expenditures of Federal and State Awards: $2,179,264 Total Federal Revenues: $7,052,637 State revenue reported in the financial statements is reconciled to the schedule of expenditures of federal and state awards as follows: Reconciliation State Revenues Reported on the Schedule of Expenditures of Federal and State Awards: $12,259,867 State Revenues Not Reported on the Schedule: $11,651 Revenues per basic financial statements: $12,271,518 State Revenue Reported in the Schedule of Expenditures of Federal and State Awards: Operating: $2,766,472 Nonoperating: $9,505,046 Total State Revenues: $12,271,518

Finding Details

Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224541-2023, P033A224541-2023, P063P222982-2023, & P268K232982-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: • Significant Deficiency in Internal Control over Compliance • Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(4) and (6). The minimum safeguards include eight required written information security program elements. Two of these safeguards were omitted from the District’s written information security program. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of two of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program that addressed two of the minimum safeguards during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224541-2023, P033A224541-2023, P063P222982-2023, & P268K232982-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: • Significant Deficiency in Internal Control over Compliance • Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(4) and (6). The minimum safeguards include eight required written information security program elements. Two of these safeguards were omitted from the District’s written information security program. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of two of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program that addressed two of the minimum safeguards during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224541-2023, P033A224541-2023, P063P222982-2023, & P268K232982-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: • Significant Deficiency in Internal Control over Compliance • Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(4) and (6). The minimum safeguards include eight required written information security program elements. Two of these safeguards were omitted from the District’s written information security program. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of two of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program that addressed two of the minimum safeguards during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224541-2023, P033A224541-2023, P063P222982-2023, & P268K232982-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: • Significant Deficiency in Internal Control over Compliance • Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(4) and (6). The minimum safeguards include eight required written information security program elements. Two of these safeguards were omitted from the District’s written information security program. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of two of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program that addressed two of the minimum safeguards during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224541-2023, P033A224541-2023, P063P222982-2023, & P268K232982-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: • Significant Deficiency in Internal Control over Compliance • Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(4) and (6). The minimum safeguards include eight required written information security program elements. Two of these safeguards were omitted from the District’s written information security program. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of two of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program that addressed two of the minimum safeguards during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224541-2023, P033A224541-2023, P063P222982-2023, & P268K232982-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: • Significant Deficiency in Internal Control over Compliance • Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(4) and (6). The minimum safeguards include eight required written information security program elements. Two of these safeguards were omitted from the District’s written information security program. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of two of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program that addressed two of the minimum safeguards during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224541-2023, P033A224541-2023, P063P222982-2023, & P268K232982-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: • Significant Deficiency in Internal Control over Compliance • Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(4) and (6). The minimum safeguards include eight required written information security program elements. Two of these safeguards were omitted from the District’s written information security program. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of two of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program that addressed two of the minimum safeguards during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224541-2023, P033A224541-2023, P063P222982-2023, & P268K232982-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: • Significant Deficiency in Internal Control over Compliance • Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(4) and (6). The minimum safeguards include eight required written information security program elements. Two of these safeguards were omitted from the District’s written information security program. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of two of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program that addressed two of the minimum safeguards during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224541-2023, P033A224541-2023, P063P222982-2023, & P268K232982-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: • Significant Deficiency in Internal Control over Compliance • Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(4) and (6). The minimum safeguards include eight required written information security program elements. Two of these safeguards were omitted from the District’s written information security program. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of two of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program that addressed two of the minimum safeguards during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224541-2023, P033A224541-2023, P063P222982-2023, & P268K232982-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: • Significant Deficiency in Internal Control over Compliance • Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(4) and (6). The minimum safeguards include eight required written information security program elements. Two of these safeguards were omitted from the District’s written information security program. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of two of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program that addressed two of the minimum safeguards during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224541-2023, P033A224541-2023, P063P222982-2023, & P268K232982-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: • Significant Deficiency in Internal Control over Compliance • Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(4) and (6). The minimum safeguards include eight required written information security program elements. Two of these safeguards were omitted from the District’s written information security program. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of two of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program that addressed two of the minimum safeguards during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.
Finding 2023-001
Federal Agency: U.S. Department of Education Federal Program Name: Student Financial Aid Cluster Assistance Listing Number: 84.007, 84.033, 84.063, & 84.268 Federal Award Identification Number and Year: P007A224541-2023, P033A224541-2023, P063P222982-2023, & P268K232982-2023 Award Period: July 1, 2022 through June 30, 2023 Type of Finding: • Significant Deficiency in Internal Control over Compliance • Other Matters Criteria or specific requirement: The District is responsible for the design and implementation of safeguards to control the risks the institution identifies through its risk assessment (16 CFR 314.4(c)). At a minimum, the institution’s written information security program must address the implementation of the minimum safeguards identified in 16 CFR 314.4(c)(4) and (6). The minimum safeguards include eight required written information security program elements. Two of these safeguards were omitted from the District’s written information security program. The District must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of Federal award. These internal controls should be in compliance with guidance in “Standards for Internal Control in the Federal Government” issued by the Comptroller General of the United States or the “Internal Control Integrated Framework”, issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Condition: For the year ended June 30, 2023, the District did not maintain a written information security program that address the implementation of two of the minimum safeguards identified in 16 CFR 314.4(c)(1) through (8). Questioned costs: None Context: The District did not have a written information security program that addressed two of the minimum safeguards during the year ended June 30, 2023. Cause: The District’s policy reviews for compliance with noted requirements were not completed prior to the year ended June 30, 2023. Effect: The District’s policies and procedures may not comply with all applicable requirements. Repeat Finding: The finding is not a repeat finding. Recommendation: We recommend the District review and update as necessary written information security program(s) to include aspects required by regulations. Views of responsible officials: There is no disagreement with the audit finding.