FAC Explorer

Audit 300776

FY End
2023-06-30
Total Expended
$2.97M
Findings
10
Programs
5
Organization: Pennsylvania College of Art & Design (PA)
Year: 2023 Accepted: 2024-03-29
Auditor: Tait Weller

Organization Exclusion Status:

Findings

ID Ref Severity Repeat Requirement
389890 2023-001 Significant Deficiency - C
389891 2023-002 Significant Deficiency - N
389892 2023-002 Significant Deficiency - N
389893 2023-002 Significant Deficiency - N
389894 2023-002 Significant Deficiency - N
966332 2023-001 Significant Deficiency - C
966333 2023-002 Significant Deficiency - N
966334 2023-002 Significant Deficiency - N
966335 2023-002 Significant Deficiency - N
966336 2023-002 Significant Deficiency - N

Programs

ALN Program Spent Major Findings
84.268 Federal Direct Student Loans $2.29M Yes 2
84.063 Federal Pell Grant Program $616,545 Yes 1
84.007 Federal Supplemental Educational Opportunity Grants $26,434 Yes 1
84.033 Federal Work-Study Program $18,700 Yes 1
17.258 Wia Adult Program $17,594 - 0

Contacts

Name Title Type
JY4FMRSWRNQ6 Michael Molla Auditee
7173967833 Ken Badasarian Auditor
No contacts on file

Notes to SEFA

Title: GENERAL INFORMATION Accounting Policies: The accompanying schedules of expenditures of federal awards are presented on the accrual basis of accounting. The information in these schedules is presented in accordance with the requirements of Title 2 U.S. Code of Federal Regulations Part 200, “Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards,” Therefore, some amounts presented in these schedules may differ from amounts presented in, or used in the preparation of the financial statements. De Minimis Rate Used: N Rate Explanation: The College did not elect to use the 10% de minimis indirect cost rate. The accompanying schedule of expenditures of federal awards presents the activity of all federal award programs of Pennsylvania College of Art & Design (the “College”). All awards received directly from federal agencies as well as financial assistance passed through other governmental agencies or non-profit organizations are included on the schedule.
Title: SUBRECIPIENTS Accounting Policies: The accompanying schedules of expenditures of federal awards are presented on the accrual basis of accounting. The information in these schedules is presented in accordance with the requirements of Title 2 U.S. Code of Federal Regulations Part 200, “Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards,” Therefore, some amounts presented in these schedules may differ from amounts presented in, or used in the preparation of the financial statements. De Minimis Rate Used: N Rate Explanation: The College did not elect to use the 10% de minimis indirect cost rate. The College did not pass any awards through to subrecipients.
Title: MATCHING CONTRIBUTIONS Accounting Policies: The accompanying schedules of expenditures of federal awards are presented on the accrual basis of accounting. The information in these schedules is presented in accordance with the requirements of Title 2 U.S. Code of Federal Regulations Part 200, “Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards,” Therefore, some amounts presented in these schedules may differ from amounts presented in, or used in the preparation of the financial statements. De Minimis Rate Used: N Rate Explanation: The College did not elect to use the 10% de minimis indirect cost rate. The amounts reported in the accompanying Schedule of Expenditures of Federal Awards do not include matching contributions made by the College. The College made matching contributions to the following federal awards: Federal Work-Study Program $8,811 Federal Supplemental Educational Opportunity Grants Program 6,233 $15,044

Finding Details

Finding 2023-001
Significant Deficiency – Federal Direct Loan Cash Management Program: Federal Direct Loan Program Assistance Listing Number: 84.268 Federal Award Identification Number: P268K234070 Federal Agency: U.S. Department of Education Federal Award Year: June 30, 2023 Condition: During the Spring semester, the College did not minimize the time between funds transferred and disbursement to students’ accounts. Criteria: The Advance Payment Method requires that the College disburse the requested funds no later than three business days following receipt of funds received from the Education Department. Context: A review of the entire population of drawdowns for the Student Financial Aid cluster for the entire year was performed and as such, the sample is statistically valid. Cause: The College did not follow the procedures for requesting federal funds and disbursing them to student accounts timely. Effect: The College did not disburse federal funds drawn down to the students’ accounts until approximately five weeks after drawdown. Questioned costs: 1,244,713 Recommendation: The College should review its procedures related to the request and disbursement of federal funds, including controls over compliance, to ensure they are following the advance payment method and establish controls to ensure it complies with the federal requirement. Views of Responsible Officials and Planned Corrective Actions: Management agrees with this finding and will ensure staff with compliance responsibilities are appropriately trained and understand the requirements of the program.
Finding 2023-002
Significant Deficiency – Gramm-Leach Bliley Act Compliance Program: Student Financial Aid Cluster Assistance Listing Number: 84.007; 84.033; 84.063; 84.268 Federal Award Year: June 30, 2023 Condition: The College did not comply with all elements included in the standards for safeguarding customer information as defined under 16 CFR 314.4. Criteria: 16 CFR 314 requires the College to develop, implement and maintain reasonable administrative technical, and physical safeguards to protect the security, confidentiality, and integrity of customer information. Cause: The College experienced turnover in its information technology director. Effect: The College was not fully compliant with all elements of 16 CFR 314.4 that became effective as of June 9, 2023. Specifically, the College was not in compliance with subparagraphs (a), (b)(1), (c)(1), (c)(2), (c)(4) through (8), (d)(2), (e), (f)(3), (h), and (i). Questioned costs: Not Applicable Recommendation: The College should take action to establish the above elements of an information security program so it will be in full compliance with this requirement. Views of Responsible Officials and Planned Corrective Actions: Management agrees with this finding and will modify the design of its existing security program so the College is in full compliance with this requirement.
Finding 2023-002
Significant Deficiency – Gramm-Leach Bliley Act Compliance Program: Student Financial Aid Cluster Assistance Listing Number: 84.007; 84.033; 84.063; 84.268 Federal Award Year: June 30, 2023 Condition: The College did not comply with all elements included in the standards for safeguarding customer information as defined under 16 CFR 314.4. Criteria: 16 CFR 314 requires the College to develop, implement and maintain reasonable administrative technical, and physical safeguards to protect the security, confidentiality, and integrity of customer information. Cause: The College experienced turnover in its information technology director. Effect: The College was not fully compliant with all elements of 16 CFR 314.4 that became effective as of June 9, 2023. Specifically, the College was not in compliance with subparagraphs (a), (b)(1), (c)(1), (c)(2), (c)(4) through (8), (d)(2), (e), (f)(3), (h), and (i). Questioned costs: Not Applicable Recommendation: The College should take action to establish the above elements of an information security program so it will be in full compliance with this requirement. Views of Responsible Officials and Planned Corrective Actions: Management agrees with this finding and will modify the design of its existing security program so the College is in full compliance with this requirement.
Finding 2023-002
Significant Deficiency – Gramm-Leach Bliley Act Compliance Program: Student Financial Aid Cluster Assistance Listing Number: 84.007; 84.033; 84.063; 84.268 Federal Award Year: June 30, 2023 Condition: The College did not comply with all elements included in the standards for safeguarding customer information as defined under 16 CFR 314.4. Criteria: 16 CFR 314 requires the College to develop, implement and maintain reasonable administrative technical, and physical safeguards to protect the security, confidentiality, and integrity of customer information. Cause: The College experienced turnover in its information technology director. Effect: The College was not fully compliant with all elements of 16 CFR 314.4 that became effective as of June 9, 2023. Specifically, the College was not in compliance with subparagraphs (a), (b)(1), (c)(1), (c)(2), (c)(4) through (8), (d)(2), (e), (f)(3), (h), and (i). Questioned costs: Not Applicable Recommendation: The College should take action to establish the above elements of an information security program so it will be in full compliance with this requirement. Views of Responsible Officials and Planned Corrective Actions: Management agrees with this finding and will modify the design of its existing security program so the College is in full compliance with this requirement.
Finding 2023-002
Significant Deficiency – Gramm-Leach Bliley Act Compliance Program: Student Financial Aid Cluster Assistance Listing Number: 84.007; 84.033; 84.063; 84.268 Federal Award Year: June 30, 2023 Condition: The College did not comply with all elements included in the standards for safeguarding customer information as defined under 16 CFR 314.4. Criteria: 16 CFR 314 requires the College to develop, implement and maintain reasonable administrative technical, and physical safeguards to protect the security, confidentiality, and integrity of customer information. Cause: The College experienced turnover in its information technology director. Effect: The College was not fully compliant with all elements of 16 CFR 314.4 that became effective as of June 9, 2023. Specifically, the College was not in compliance with subparagraphs (a), (b)(1), (c)(1), (c)(2), (c)(4) through (8), (d)(2), (e), (f)(3), (h), and (i). Questioned costs: Not Applicable Recommendation: The College should take action to establish the above elements of an information security program so it will be in full compliance with this requirement. Views of Responsible Officials and Planned Corrective Actions: Management agrees with this finding and will modify the design of its existing security program so the College is in full compliance with this requirement.
Finding 2023-001
Significant Deficiency – Federal Direct Loan Cash Management Program: Federal Direct Loan Program Assistance Listing Number: 84.268 Federal Award Identification Number: P268K234070 Federal Agency: U.S. Department of Education Federal Award Year: June 30, 2023 Condition: During the Spring semester, the College did not minimize the time between funds transferred and disbursement to students’ accounts. Criteria: The Advance Payment Method requires that the College disburse the requested funds no later than three business days following receipt of funds received from the Education Department. Context: A review of the entire population of drawdowns for the Student Financial Aid cluster for the entire year was performed and as such, the sample is statistically valid. Cause: The College did not follow the procedures for requesting federal funds and disbursing them to student accounts timely. Effect: The College did not disburse federal funds drawn down to the students’ accounts until approximately five weeks after drawdown. Questioned costs: 1,244,713 Recommendation: The College should review its procedures related to the request and disbursement of federal funds, including controls over compliance, to ensure they are following the advance payment method and establish controls to ensure it complies with the federal requirement. Views of Responsible Officials and Planned Corrective Actions: Management agrees with this finding and will ensure staff with compliance responsibilities are appropriately trained and understand the requirements of the program.
Finding 2023-002
Significant Deficiency – Gramm-Leach Bliley Act Compliance Program: Student Financial Aid Cluster Assistance Listing Number: 84.007; 84.033; 84.063; 84.268 Federal Award Year: June 30, 2023 Condition: The College did not comply with all elements included in the standards for safeguarding customer information as defined under 16 CFR 314.4. Criteria: 16 CFR 314 requires the College to develop, implement and maintain reasonable administrative technical, and physical safeguards to protect the security, confidentiality, and integrity of customer information. Cause: The College experienced turnover in its information technology director. Effect: The College was not fully compliant with all elements of 16 CFR 314.4 that became effective as of June 9, 2023. Specifically, the College was not in compliance with subparagraphs (a), (b)(1), (c)(1), (c)(2), (c)(4) through (8), (d)(2), (e), (f)(3), (h), and (i). Questioned costs: Not Applicable Recommendation: The College should take action to establish the above elements of an information security program so it will be in full compliance with this requirement. Views of Responsible Officials and Planned Corrective Actions: Management agrees with this finding and will modify the design of its existing security program so the College is in full compliance with this requirement.
Finding 2023-002
Significant Deficiency – Gramm-Leach Bliley Act Compliance Program: Student Financial Aid Cluster Assistance Listing Number: 84.007; 84.033; 84.063; 84.268 Federal Award Year: June 30, 2023 Condition: The College did not comply with all elements included in the standards for safeguarding customer information as defined under 16 CFR 314.4. Criteria: 16 CFR 314 requires the College to develop, implement and maintain reasonable administrative technical, and physical safeguards to protect the security, confidentiality, and integrity of customer information. Cause: The College experienced turnover in its information technology director. Effect: The College was not fully compliant with all elements of 16 CFR 314.4 that became effective as of June 9, 2023. Specifically, the College was not in compliance with subparagraphs (a), (b)(1), (c)(1), (c)(2), (c)(4) through (8), (d)(2), (e), (f)(3), (h), and (i). Questioned costs: Not Applicable Recommendation: The College should take action to establish the above elements of an information security program so it will be in full compliance with this requirement. Views of Responsible Officials and Planned Corrective Actions: Management agrees with this finding and will modify the design of its existing security program so the College is in full compliance with this requirement.
Finding 2023-002
Significant Deficiency – Gramm-Leach Bliley Act Compliance Program: Student Financial Aid Cluster Assistance Listing Number: 84.007; 84.033; 84.063; 84.268 Federal Award Year: June 30, 2023 Condition: The College did not comply with all elements included in the standards for safeguarding customer information as defined under 16 CFR 314.4. Criteria: 16 CFR 314 requires the College to develop, implement and maintain reasonable administrative technical, and physical safeguards to protect the security, confidentiality, and integrity of customer information. Cause: The College experienced turnover in its information technology director. Effect: The College was not fully compliant with all elements of 16 CFR 314.4 that became effective as of June 9, 2023. Specifically, the College was not in compliance with subparagraphs (a), (b)(1), (c)(1), (c)(2), (c)(4) through (8), (d)(2), (e), (f)(3), (h), and (i). Questioned costs: Not Applicable Recommendation: The College should take action to establish the above elements of an information security program so it will be in full compliance with this requirement. Views of Responsible Officials and Planned Corrective Actions: Management agrees with this finding and will modify the design of its existing security program so the College is in full compliance with this requirement.
Finding 2023-002
Significant Deficiency – Gramm-Leach Bliley Act Compliance Program: Student Financial Aid Cluster Assistance Listing Number: 84.007; 84.033; 84.063; 84.268 Federal Award Year: June 30, 2023 Condition: The College did not comply with all elements included in the standards for safeguarding customer information as defined under 16 CFR 314.4. Criteria: 16 CFR 314 requires the College to develop, implement and maintain reasonable administrative technical, and physical safeguards to protect the security, confidentiality, and integrity of customer information. Cause: The College experienced turnover in its information technology director. Effect: The College was not fully compliant with all elements of 16 CFR 314.4 that became effective as of June 9, 2023. Specifically, the College was not in compliance with subparagraphs (a), (b)(1), (c)(1), (c)(2), (c)(4) through (8), (d)(2), (e), (f)(3), (h), and (i). Questioned costs: Not Applicable Recommendation: The College should take action to establish the above elements of an information security program so it will be in full compliance with this requirement. Views of Responsible Officials and Planned Corrective Actions: Management agrees with this finding and will modify the design of its existing security program so the College is in full compliance with this requirement.