FAC Explorer

Audit 3206

FY End
2023-07-31
Total Expended
$7.79M
Findings
8
Programs
4
Organization: Midwestern Baptist Theological Seminary, Inc. (CO)
Year: 2023 Accepted: 2023-11-14
Auditor: Capincrouse LLP

Organization Exclusion Status:

Findings

ID Ref Severity Repeat Requirement
1839 2023-001 - - N
1840 2023-001 - - N
1841 2023-001 - - N
1842 2023-001 - - N
578281 2023-001 - - N
578282 2023-001 - - N
578283 2023-001 - - N
578284 2023-001 - - N

Programs

ALN Program Spent Major Findings
84.268 Federal Direct Student Loans $6.06M Yes 1
84.063 Federal Pell Grant Program $1.48M Yes 1
84.033 Federal Work-Study Program $137,265 Yes 1
84.007 Federal Supplemental Educational Opportunity Grants $112,500 Yes 1

Contacts

Name Title Type
K7HDPXZ7EAC1 Jeffrey Huinda Auditee
8164143700 Chris Dukate, CPA Auditor
No contacts on file

Notes to SEFA

Title: RELATIONSHIP TO FINANCIAL STATEMENTS Accounting Policies: The accompanying schedule of expenditures of federal awards (the schedule) includes the federal grant activity of Midwestern Baptist Theological Seminary, Inc. (Seminary) under programs of the federal government for the year ended July 31, 2023. The information in the schedule is presented in accordance with the requirements of the Title 2 U.S. Code of Federal Regulations Part 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance). Therefore, some amounts presented in the schedule may differ from amounts presented in, or used in the preparation of, the basic financial statements. Expenditures in the schedule are reported on the accrual basis of accounting. Such expenditures are recognized following the cost principles contained in the Uniform Guidance, wherein certain types of expenditures are not allowable or are limited as to reimbursement. Negative amounts shown on the schedule represent adjustments or credits made in the normal course of business to amounts reported as expenditures in prior years. If the Seminary is required to match certain federal assistance, as defined by the grant agreements, no such matching has been included as expenditures in the schedule. De Minimis Rate Used: N Rate Explanation: The auditee did not use the de minimis cost rate See the Notes to the SEFA for chart/table
Title: SUBRECIPIENTS, NON-CASH ASSISTANCE, FEDERAL INSURANCE, LOANS, AND LOAN GUARANTEES Accounting Policies: The accompanying schedule of expenditures of federal awards (the schedule) includes the federal grant activity of Midwestern Baptist Theological Seminary, Inc. (Seminary) under programs of the federal government for the year ended July 31, 2023. The information in the schedule is presented in accordance with the requirements of the Title 2 U.S. Code of Federal Regulations Part 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance). Therefore, some amounts presented in the schedule may differ from amounts presented in, or used in the preparation of, the basic financial statements. Expenditures in the schedule are reported on the accrual basis of accounting. Such expenditures are recognized following the cost principles contained in the Uniform Guidance, wherein certain types of expenditures are not allowable or are limited as to reimbursement. Negative amounts shown on the schedule represent adjustments or credits made in the normal course of business to amounts reported as expenditures in prior years. If the Seminary is required to match certain federal assistance, as defined by the grant agreements, no such matching has been included as expenditures in the schedule. De Minimis Rate Used: N Rate Explanation: The auditee did not use the de minimis cost rate The Seminary did not provide any federal funds to subrecipients nor did they receive any federal non-cash assistance, insurance, loans, or loan guarantees.

Finding Details

Finding 2023-001
Gramm-Leach-Bliley Act (GLBA) Compliance DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, and 84.033 - Student Financial Assistance Cluster Federal Award Identification #: 2022-2023 Financial Aid Year Condition: The Seminary did not sufficiently comply with all the updated requirements of GLBA. Criteria: 16 CFR 314.3, 16 CFR 314.4 Questioned Costs: $-0- Context: The Seminary has put forth significant effort towards GLBA compliance. The remaining areas are on the Seminary’s road map to codify and document or approve exceptions. • Update the written information security program to address all updated areas from the 2023 legislation change including safeguards specified in the legislation. • Implement multi-factor authentication on all systems containing personally identifiable information (PII) or approve in writing qualified exceptions. • Provide a written, annual report to the board covering all areas of GLBA. Cause: The Seminary has been working through legacy systems and exploring options that are feasible to implement and maintain appropriate security posture. Effect: The Seminary has additional documentation to perform to ensure all updated components are addressed and any residual risk is approved by the board. This will reduce unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable Recommendation: We recommend the Seminary allocate sufficient resources to document and/or implement all remaining requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2023-001
Gramm-Leach-Bliley Act (GLBA) Compliance DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, and 84.033 - Student Financial Assistance Cluster Federal Award Identification #: 2022-2023 Financial Aid Year Condition: The Seminary did not sufficiently comply with all the updated requirements of GLBA. Criteria: 16 CFR 314.3, 16 CFR 314.4 Questioned Costs: $-0- Context: The Seminary has put forth significant effort towards GLBA compliance. The remaining areas are on the Seminary’s road map to codify and document or approve exceptions. • Update the written information security program to address all updated areas from the 2023 legislation change including safeguards specified in the legislation. • Implement multi-factor authentication on all systems containing personally identifiable information (PII) or approve in writing qualified exceptions. • Provide a written, annual report to the board covering all areas of GLBA. Cause: The Seminary has been working through legacy systems and exploring options that are feasible to implement and maintain appropriate security posture. Effect: The Seminary has additional documentation to perform to ensure all updated components are addressed and any residual risk is approved by the board. This will reduce unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable Recommendation: We recommend the Seminary allocate sufficient resources to document and/or implement all remaining requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2023-001
Gramm-Leach-Bliley Act (GLBA) Compliance DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, and 84.033 - Student Financial Assistance Cluster Federal Award Identification #: 2022-2023 Financial Aid Year Condition: The Seminary did not sufficiently comply with all the updated requirements of GLBA. Criteria: 16 CFR 314.3, 16 CFR 314.4 Questioned Costs: $-0- Context: The Seminary has put forth significant effort towards GLBA compliance. The remaining areas are on the Seminary’s road map to codify and document or approve exceptions. • Update the written information security program to address all updated areas from the 2023 legislation change including safeguards specified in the legislation. • Implement multi-factor authentication on all systems containing personally identifiable information (PII) or approve in writing qualified exceptions. • Provide a written, annual report to the board covering all areas of GLBA. Cause: The Seminary has been working through legacy systems and exploring options that are feasible to implement and maintain appropriate security posture. Effect: The Seminary has additional documentation to perform to ensure all updated components are addressed and any residual risk is approved by the board. This will reduce unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable Recommendation: We recommend the Seminary allocate sufficient resources to document and/or implement all remaining requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2023-001
Gramm-Leach-Bliley Act (GLBA) Compliance DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, and 84.033 - Student Financial Assistance Cluster Federal Award Identification #: 2022-2023 Financial Aid Year Condition: The Seminary did not sufficiently comply with all the updated requirements of GLBA. Criteria: 16 CFR 314.3, 16 CFR 314.4 Questioned Costs: $-0- Context: The Seminary has put forth significant effort towards GLBA compliance. The remaining areas are on the Seminary’s road map to codify and document or approve exceptions. • Update the written information security program to address all updated areas from the 2023 legislation change including safeguards specified in the legislation. • Implement multi-factor authentication on all systems containing personally identifiable information (PII) or approve in writing qualified exceptions. • Provide a written, annual report to the board covering all areas of GLBA. Cause: The Seminary has been working through legacy systems and exploring options that are feasible to implement and maintain appropriate security posture. Effect: The Seminary has additional documentation to perform to ensure all updated components are addressed and any residual risk is approved by the board. This will reduce unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable Recommendation: We recommend the Seminary allocate sufficient resources to document and/or implement all remaining requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2023-001
Gramm-Leach-Bliley Act (GLBA) Compliance DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, and 84.033 - Student Financial Assistance Cluster Federal Award Identification #: 2022-2023 Financial Aid Year Condition: The Seminary did not sufficiently comply with all the updated requirements of GLBA. Criteria: 16 CFR 314.3, 16 CFR 314.4 Questioned Costs: $-0- Context: The Seminary has put forth significant effort towards GLBA compliance. The remaining areas are on the Seminary’s road map to codify and document or approve exceptions. • Update the written information security program to address all updated areas from the 2023 legislation change including safeguards specified in the legislation. • Implement multi-factor authentication on all systems containing personally identifiable information (PII) or approve in writing qualified exceptions. • Provide a written, annual report to the board covering all areas of GLBA. Cause: The Seminary has been working through legacy systems and exploring options that are feasible to implement and maintain appropriate security posture. Effect: The Seminary has additional documentation to perform to ensure all updated components are addressed and any residual risk is approved by the board. This will reduce unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable Recommendation: We recommend the Seminary allocate sufficient resources to document and/or implement all remaining requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2023-001
Gramm-Leach-Bliley Act (GLBA) Compliance DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, and 84.033 - Student Financial Assistance Cluster Federal Award Identification #: 2022-2023 Financial Aid Year Condition: The Seminary did not sufficiently comply with all the updated requirements of GLBA. Criteria: 16 CFR 314.3, 16 CFR 314.4 Questioned Costs: $-0- Context: The Seminary has put forth significant effort towards GLBA compliance. The remaining areas are on the Seminary’s road map to codify and document or approve exceptions. • Update the written information security program to address all updated areas from the 2023 legislation change including safeguards specified in the legislation. • Implement multi-factor authentication on all systems containing personally identifiable information (PII) or approve in writing qualified exceptions. • Provide a written, annual report to the board covering all areas of GLBA. Cause: The Seminary has been working through legacy systems and exploring options that are feasible to implement and maintain appropriate security posture. Effect: The Seminary has additional documentation to perform to ensure all updated components are addressed and any residual risk is approved by the board. This will reduce unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable Recommendation: We recommend the Seminary allocate sufficient resources to document and/or implement all remaining requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2023-001
Gramm-Leach-Bliley Act (GLBA) Compliance DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, and 84.033 - Student Financial Assistance Cluster Federal Award Identification #: 2022-2023 Financial Aid Year Condition: The Seminary did not sufficiently comply with all the updated requirements of GLBA. Criteria: 16 CFR 314.3, 16 CFR 314.4 Questioned Costs: $-0- Context: The Seminary has put forth significant effort towards GLBA compliance. The remaining areas are on the Seminary’s road map to codify and document or approve exceptions. • Update the written information security program to address all updated areas from the 2023 legislation change including safeguards specified in the legislation. • Implement multi-factor authentication on all systems containing personally identifiable information (PII) or approve in writing qualified exceptions. • Provide a written, annual report to the board covering all areas of GLBA. Cause: The Seminary has been working through legacy systems and exploring options that are feasible to implement and maintain appropriate security posture. Effect: The Seminary has additional documentation to perform to ensure all updated components are addressed and any residual risk is approved by the board. This will reduce unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable Recommendation: We recommend the Seminary allocate sufficient resources to document and/or implement all remaining requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2023-001
Gramm-Leach-Bliley Act (GLBA) Compliance DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, and 84.033 - Student Financial Assistance Cluster Federal Award Identification #: 2022-2023 Financial Aid Year Condition: The Seminary did not sufficiently comply with all the updated requirements of GLBA. Criteria: 16 CFR 314.3, 16 CFR 314.4 Questioned Costs: $-0- Context: The Seminary has put forth significant effort towards GLBA compliance. The remaining areas are on the Seminary’s road map to codify and document or approve exceptions. • Update the written information security program to address all updated areas from the 2023 legislation change including safeguards specified in the legislation. • Implement multi-factor authentication on all systems containing personally identifiable information (PII) or approve in writing qualified exceptions. • Provide a written, annual report to the board covering all areas of GLBA. Cause: The Seminary has been working through legacy systems and exploring options that are feasible to implement and maintain appropriate security posture. Effect: The Seminary has additional documentation to perform to ensure all updated components are addressed and any residual risk is approved by the board. This will reduce unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable Recommendation: We recommend the Seminary allocate sufficient resources to document and/or implement all remaining requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.