FAC Explorer

Audit 300314

FY End
2023-06-30
Total Expended
$32.26M
Findings
8
Programs
11
Organization: Chatham University (PA)
Year: 2023 Accepted: 2024-03-29
Auditor: Schneider Downs & CO INC

Organization Exclusion Status:

Findings

ID Ref Severity Repeat Requirement
389325 2023-002 Significant Deficiency - N
389326 2023-002 Significant Deficiency - N
389327 2023-002 Significant Deficiency - N
389328 2023-002 Significant Deficiency - N
965767 2023-002 Significant Deficiency - N
965768 2023-002 Significant Deficiency - N
965769 2023-002 Significant Deficiency - N
965770 2023-002 Significant Deficiency - N

Programs

ALN Program Spent Major Findings
84.268 Federal Direct Student Loans $29.11M Yes 1
84.063 Federal Pell Grant Program $1.54M Yes 1
93.732 Mental and Behavioral Health Education and Training Grants $575,210 - 0
10.175 Farmers Market and Local Food Promotion Program (b) $256,283 - 0
59.043 Women's Business Ownership Assistance $197,024 - 0
93.778 Medical Assistance Program $169,991 - 0
84.033 Federal Work-Study Program $156,943 Yes 1
47.074 Biological Sciences $152,802 - 0
84.007 Federal Supplemental Educational Opportunity Grants $48,000 Yes 1
93.243 Substance Abuse and Mental Health Services_projects of Regional and National Significance $38,411 - 0
47.075 Social, Behavioral, and Economic Sciences $21,527 - 0

Contacts

Name Title Type
M9MKPRAMFD85 Lisa Plassio Auditee
4123651149 John Null Auditor
No contacts on file

Notes to SEFA

Title: NOTE 1 - BASIS OF PRESENTATION Accounting Policies: Expenditures reported on the Schedule are reported on the accrual basis of accounting. Such expenditures are recognized following the cost principles contained in the Uniform Guidance, wherein certain types of expenditures are not allowable or are limited as to reimbursement. Pass-through entity identifying numbers are presented where available. De Minimis Rate Used: N Rate Explanation: The University has elected not to use the 10% de minimis indirect cost rate allowed under the Uniform Guidance. The accompanying schedule of expenditures of federal awards (Schedule) includes the federal grant activity of Chatham University (University) under programs of the federal government for the year ended June 30, 2023. The information in this Schedule is presented in accordance with the requirements of Title 2 U.S. Code of Federal Regulations Part 200, Uniform Administrative Requirements, Cost Principles and Audit Requirements for Federal Awards (Uniform Guidance). Because the Schedule presents only a selected portion of the operations of the University, it is not intended to and does not present the consolidated financial position, changes in net assets or cash flows of the University.
Title: NOTE 2 - SUMMARY OF SIGNIFICANT ACCOUNTING POLICY Accounting Policies: Expenditures reported on the Schedule are reported on the accrual basis of accounting. Such expenditures are recognized following the cost principles contained in the Uniform Guidance, wherein certain types of expenditures are not allowable or are limited as to reimbursement. Pass-through entity identifying numbers are presented where available. De Minimis Rate Used: N Rate Explanation: The University has elected not to use the 10% de minimis indirect cost rate allowed under the Uniform Guidance. Expenditures reported on the Schedule are reported on the accrual basis of accounting. Such expenditures are recognized following the cost principles contained in the Uniform Guidance, wherein certain types of expenditures are not allowable or are limited as to reimbursement. Pass-through entity identifying numbers are presented where available.
Title: NOTE 3 - INDIRECT COST RATE Accounting Policies: Expenditures reported on the Schedule are reported on the accrual basis of accounting. Such expenditures are recognized following the cost principles contained in the Uniform Guidance, wherein certain types of expenditures are not allowable or are limited as to reimbursement. Pass-through entity identifying numbers are presented where available. De Minimis Rate Used: N Rate Explanation: The University has elected not to use the 10% de minimis indirect cost rate allowed under the Uniform Guidance. The University has elected not to use the 10% de minimis indirect cost rate allowed under the Uniform Guidance.
Title: NOTE 4 - FEDERAL PERKINS LOAN PROGRAM Accounting Policies: Expenditures reported on the Schedule are reported on the accrual basis of accounting. Such expenditures are recognized following the cost principles contained in the Uniform Guidance, wherein certain types of expenditures are not allowable or are limited as to reimbursement. Pass-through entity identifying numbers are presented where available. De Minimis Rate Used: N Rate Explanation: The University has elected not to use the 10% de minimis indirect cost rate allowed under the Uniform Guidance. The federal student loan programs listed below are administered directly by the University, and balances and transactions relating to these programs are included in the University’s basic consolidated financial statements. Loans outstanding at the beginning of the year and made during the year are included in the federal expenditures presented in the Schedule. The balance of loans outstanding at June 30, 2023 consists of: Federal Perkins Loan Program: 84.038: $383,631
Title: NOTE 5 - FEDERAL DIRECT LOAN PROGRAM Accounting Policies: Expenditures reported on the Schedule are reported on the accrual basis of accounting. Such expenditures are recognized following the cost principles contained in the Uniform Guidance, wherein certain types of expenditures are not allowable or are limited as to reimbursement. Pass-through entity identifying numbers are presented where available. De Minimis Rate Used: N Rate Explanation: The University has elected not to use the 10% de minimis indirect cost rate allowed under the Uniform Guidance. For the Federal Direct Loan Programs, the University is responsible only for the performance of certain administrative duties, therefore the loan balances and transactions for those programs are not included in the University’s consolidated financial statements.

Finding Details

Finding 2023-002
Federal Program Information: Student Financial Assistance Cluster (ALN: Various), U.S. Department of Education. 2022-2023 Federal Award Year. Criteria or Specific Requirement: The Gramm-Leach-Bliley Act (Public Law 106-102) requires financial institutions to explain their information-sharing practices to their customers and to safeguard sensitive data. (16 CFR 314). The audit finding was based on 16 CFR 314.4(f), which requires that the University have a policy that addresses how the institution will oversee its information system service providers. Condition: The University does was not able to demonstrate its compliance with 16 CFR 314.4(f). Cause: The University does not currently have a vendor management review process in place. Effect or potential effect: Without consideration for oversight of its information system service providers, the University’s information system security program may not adequately address the risks that these service providers, and their systems, have on the University’s environment. Questioned Costs: None noted. Context: We were unable to verify that the University has a vendor management review process in place. Identification as a Repeat Finding: This is not a repeat finding. Recommendation: We recommend that policies and procedures be put in place to ensure that regular vendor management reviews on information system service providers are conducted in an appropriate manner. Views of Responsible Officials: Management concurs with this finding. See management’s corrective action plan document.
Finding 2023-002
Federal Program Information: Student Financial Assistance Cluster (ALN: Various), U.S. Department of Education. 2022-2023 Federal Award Year. Criteria or Specific Requirement: The Gramm-Leach-Bliley Act (Public Law 106-102) requires financial institutions to explain their information-sharing practices to their customers and to safeguard sensitive data. (16 CFR 314). The audit finding was based on 16 CFR 314.4(f), which requires that the University have a policy that addresses how the institution will oversee its information system service providers. Condition: The University does was not able to demonstrate its compliance with 16 CFR 314.4(f). Cause: The University does not currently have a vendor management review process in place. Effect or potential effect: Without consideration for oversight of its information system service providers, the University’s information system security program may not adequately address the risks that these service providers, and their systems, have on the University’s environment. Questioned Costs: None noted. Context: We were unable to verify that the University has a vendor management review process in place. Identification as a Repeat Finding: This is not a repeat finding. Recommendation: We recommend that policies and procedures be put in place to ensure that regular vendor management reviews on information system service providers are conducted in an appropriate manner. Views of Responsible Officials: Management concurs with this finding. See management’s corrective action plan document.
Finding 2023-002
Federal Program Information: Student Financial Assistance Cluster (ALN: Various), U.S. Department of Education. 2022-2023 Federal Award Year. Criteria or Specific Requirement: The Gramm-Leach-Bliley Act (Public Law 106-102) requires financial institutions to explain their information-sharing practices to their customers and to safeguard sensitive data. (16 CFR 314). The audit finding was based on 16 CFR 314.4(f), which requires that the University have a policy that addresses how the institution will oversee its information system service providers. Condition: The University does was not able to demonstrate its compliance with 16 CFR 314.4(f). Cause: The University does not currently have a vendor management review process in place. Effect or potential effect: Without consideration for oversight of its information system service providers, the University’s information system security program may not adequately address the risks that these service providers, and their systems, have on the University’s environment. Questioned Costs: None noted. Context: We were unable to verify that the University has a vendor management review process in place. Identification as a Repeat Finding: This is not a repeat finding. Recommendation: We recommend that policies and procedures be put in place to ensure that regular vendor management reviews on information system service providers are conducted in an appropriate manner. Views of Responsible Officials: Management concurs with this finding. See management’s corrective action plan document.
Finding 2023-002
Federal Program Information: Student Financial Assistance Cluster (ALN: Various), U.S. Department of Education. 2022-2023 Federal Award Year. Criteria or Specific Requirement: The Gramm-Leach-Bliley Act (Public Law 106-102) requires financial institutions to explain their information-sharing practices to their customers and to safeguard sensitive data. (16 CFR 314). The audit finding was based on 16 CFR 314.4(f), which requires that the University have a policy that addresses how the institution will oversee its information system service providers. Condition: The University does was not able to demonstrate its compliance with 16 CFR 314.4(f). Cause: The University does not currently have a vendor management review process in place. Effect or potential effect: Without consideration for oversight of its information system service providers, the University’s information system security program may not adequately address the risks that these service providers, and their systems, have on the University’s environment. Questioned Costs: None noted. Context: We were unable to verify that the University has a vendor management review process in place. Identification as a Repeat Finding: This is not a repeat finding. Recommendation: We recommend that policies and procedures be put in place to ensure that regular vendor management reviews on information system service providers are conducted in an appropriate manner. Views of Responsible Officials: Management concurs with this finding. See management’s corrective action plan document.
Finding 2023-002
Federal Program Information: Student Financial Assistance Cluster (ALN: Various), U.S. Department of Education. 2022-2023 Federal Award Year. Criteria or Specific Requirement: The Gramm-Leach-Bliley Act (Public Law 106-102) requires financial institutions to explain their information-sharing practices to their customers and to safeguard sensitive data. (16 CFR 314). The audit finding was based on 16 CFR 314.4(f), which requires that the University have a policy that addresses how the institution will oversee its information system service providers. Condition: The University does was not able to demonstrate its compliance with 16 CFR 314.4(f). Cause: The University does not currently have a vendor management review process in place. Effect or potential effect: Without consideration for oversight of its information system service providers, the University’s information system security program may not adequately address the risks that these service providers, and their systems, have on the University’s environment. Questioned Costs: None noted. Context: We were unable to verify that the University has a vendor management review process in place. Identification as a Repeat Finding: This is not a repeat finding. Recommendation: We recommend that policies and procedures be put in place to ensure that regular vendor management reviews on information system service providers are conducted in an appropriate manner. Views of Responsible Officials: Management concurs with this finding. See management’s corrective action plan document.
Finding 2023-002
Federal Program Information: Student Financial Assistance Cluster (ALN: Various), U.S. Department of Education. 2022-2023 Federal Award Year. Criteria or Specific Requirement: The Gramm-Leach-Bliley Act (Public Law 106-102) requires financial institutions to explain their information-sharing practices to their customers and to safeguard sensitive data. (16 CFR 314). The audit finding was based on 16 CFR 314.4(f), which requires that the University have a policy that addresses how the institution will oversee its information system service providers. Condition: The University does was not able to demonstrate its compliance with 16 CFR 314.4(f). Cause: The University does not currently have a vendor management review process in place. Effect or potential effect: Without consideration for oversight of its information system service providers, the University’s information system security program may not adequately address the risks that these service providers, and their systems, have on the University’s environment. Questioned Costs: None noted. Context: We were unable to verify that the University has a vendor management review process in place. Identification as a Repeat Finding: This is not a repeat finding. Recommendation: We recommend that policies and procedures be put in place to ensure that regular vendor management reviews on information system service providers are conducted in an appropriate manner. Views of Responsible Officials: Management concurs with this finding. See management’s corrective action plan document.
Finding 2023-002
Federal Program Information: Student Financial Assistance Cluster (ALN: Various), U.S. Department of Education. 2022-2023 Federal Award Year. Criteria or Specific Requirement: The Gramm-Leach-Bliley Act (Public Law 106-102) requires financial institutions to explain their information-sharing practices to their customers and to safeguard sensitive data. (16 CFR 314). The audit finding was based on 16 CFR 314.4(f), which requires that the University have a policy that addresses how the institution will oversee its information system service providers. Condition: The University does was not able to demonstrate its compliance with 16 CFR 314.4(f). Cause: The University does not currently have a vendor management review process in place. Effect or potential effect: Without consideration for oversight of its information system service providers, the University’s information system security program may not adequately address the risks that these service providers, and their systems, have on the University’s environment. Questioned Costs: None noted. Context: We were unable to verify that the University has a vendor management review process in place. Identification as a Repeat Finding: This is not a repeat finding. Recommendation: We recommend that policies and procedures be put in place to ensure that regular vendor management reviews on information system service providers are conducted in an appropriate manner. Views of Responsible Officials: Management concurs with this finding. See management’s corrective action plan document.
Finding 2023-002
Federal Program Information: Student Financial Assistance Cluster (ALN: Various), U.S. Department of Education. 2022-2023 Federal Award Year. Criteria or Specific Requirement: The Gramm-Leach-Bliley Act (Public Law 106-102) requires financial institutions to explain their information-sharing practices to their customers and to safeguard sensitive data. (16 CFR 314). The audit finding was based on 16 CFR 314.4(f), which requires that the University have a policy that addresses how the institution will oversee its information system service providers. Condition: The University does was not able to demonstrate its compliance with 16 CFR 314.4(f). Cause: The University does not currently have a vendor management review process in place. Effect or potential effect: Without consideration for oversight of its information system service providers, the University’s information system security program may not adequately address the risks that these service providers, and their systems, have on the University’s environment. Questioned Costs: None noted. Context: We were unable to verify that the University has a vendor management review process in place. Identification as a Repeat Finding: This is not a repeat finding. Recommendation: We recommend that policies and procedures be put in place to ensure that regular vendor management reviews on information system service providers are conducted in an appropriate manner. Views of Responsible Officials: Management concurs with this finding. See management’s corrective action plan document.