FAC Explorer

Audit 334328

FY End
2024-05-31
Total Expended
$12.50M
Findings
20
Programs
11
Organization: McMurry University (TX)
Year: 2024 Accepted: 2024-12-20
Auditor: Capincrouse LLP

Organization Exclusion Status:

Findings

ID Ref Severity Repeat Requirement
516389 2024-003 Material Weakness Yes N
516390 2024-003 Material Weakness Yes N
516391 2024-003 Material Weakness Yes N
516392 2024-004 Significant Deficiency - N
516393 2024-004 Significant Deficiency - N
516394 2024-004 Significant Deficiency - N
516395 2024-004 Significant Deficiency - N
516396 2024-004 Significant Deficiency - N
516397 2024-004 Significant Deficiency - N
516398 2024-005 - - L
1092831 2024-003 Material Weakness Yes N
1092832 2024-003 Material Weakness Yes N
1092833 2024-003 Material Weakness Yes N
1092834 2024-004 Significant Deficiency - N
1092835 2024-004 Significant Deficiency - N
1092836 2024-004 Significant Deficiency - N
1092837 2024-004 Significant Deficiency - N
1092838 2024-004 Significant Deficiency - N
1092839 2024-004 Significant Deficiency - N
1092840 2024-005 - - L

Programs

ALN Program Spent Major Findings
84.268 Federal Direct Student Loans $6.89M Yes 2
84.063 Federal Pell Grant Program $3.94M Yes 2
84.031 Higher Education Institutional Aid $529,824 - 0
84.042 Trio Student Support Services $260,479 Yes 1
84.033 Federal Work-Study Program $142,963 Yes 1
84.007 Federal Supplemental Educational Opportunity Grants $138,416 Yes 2
84.425 Covid-19 Education Stabilization Fund Heerf- Governor's Emergency Education Relief Fund $106,622 - 0
84.038 Federal Perkins Loan Program $80,899 Yes 1
47.076 Stem Education (formerly Education and Human Resources) $61,503 - 0
84.379 Teacher Education Assistance for College and Higher Education Grants (teach Grants) $10,373 Yes 1
19.009 Academic Exchange Programs - Undergraduate Programs $4,400 - 0

Contacts

Name Title Type
LY83JLYX63F4 Terry Cass Auditee
3257933817 Junice Jones, CPA Auditor
No contacts on file

Notes to SEFA

Title: RELATIONSHIP TO FINANCIAL STATEMENTS Accounting Policies: The accompanying schedule of expenditures of federal awards (the schedule) includes the federal grant activity of McMurry University (University) under programs of the federal government for the year ended May 31, 2024. The information in the schedule is presented in accordance with the requirements of the Title 2 U.S. Code of Federal Regulations Part 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance). Therefore, some amounts presented in the schedule may differ from amounts presented in, or used in the preparation of, the basic financial statements. Expenditures in the schedule are reported on the accrual basis of accounting. Such expenditures are recognized following the cost principles contained in the Uniform Guidance, wherein certain types of expenditures are not allowable or are limited as to reimbursement. Negative amounts shown on the schedule represent adjustments or credits made in the normal course of business to amounts reported as expenditures in prior years. If the University is required to match certain federal assistance, as defined by the grant agreements, no such matching has been included as expenditures in the schedule. De Minimis Rate Used: Y Rate Explanation: The auditee used the de minimis cost rate. See the Notes to the SEFA for chart/table
Title: SUBRECIPIENTS, NON-CASH ASSISTANCE, FEDERAL INSURANCE, LOANS, AND LOAN GUARANTEES Accounting Policies: The accompanying schedule of expenditures of federal awards (the schedule) includes the federal grant activity of McMurry University (University) under programs of the federal government for the year ended May 31, 2024. The information in the schedule is presented in accordance with the requirements of the Title 2 U.S. Code of Federal Regulations Part 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance). Therefore, some amounts presented in the schedule may differ from amounts presented in, or used in the preparation of, the basic financial statements. Expenditures in the schedule are reported on the accrual basis of accounting. Such expenditures are recognized following the cost principles contained in the Uniform Guidance, wherein certain types of expenditures are not allowable or are limited as to reimbursement. Negative amounts shown on the schedule represent adjustments or credits made in the normal course of business to amounts reported as expenditures in prior years. If the University is required to match certain federal assistance, as defined by the grant agreements, no such matching has been included as expenditures in the schedule. De Minimis Rate Used: Y Rate Explanation: The auditee used the de minimis cost rate. The University did not provide any federal funds to subrecipients nor did they receive any federal non-cash assistance, insurance, loans, or loan guarantees.
Title: FEDERAL PERKINS LOAN PROGRAM Accounting Policies: The accompanying schedule of expenditures of federal awards (the schedule) includes the federal grant activity of McMurry University (University) under programs of the federal government for the year ended May 31, 2024. The information in the schedule is presented in accordance with the requirements of the Title 2 U.S. Code of Federal Regulations Part 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance). Therefore, some amounts presented in the schedule may differ from amounts presented in, or used in the preparation of, the basic financial statements. Expenditures in the schedule are reported on the accrual basis of accounting. Such expenditures are recognized following the cost principles contained in the Uniform Guidance, wherein certain types of expenditures are not allowable or are limited as to reimbursement. Negative amounts shown on the schedule represent adjustments or credits made in the normal course of business to amounts reported as expenditures in prior years. If the University is required to match certain federal assistance, as defined by the grant agreements, no such matching has been included as expenditures in the schedule. De Minimis Rate Used: Y Rate Explanation: The auditee used the de minimis cost rate. See the Notes to the SEFA for chart/table
Title: INSTITUTION ELIGIBILITY LIMITATIONS IN ACCORDANCE WITH 34 CFR 600.7(a)1 Accounting Policies: The accompanying schedule of expenditures of federal awards (the schedule) includes the federal grant activity of McMurry University (University) under programs of the federal government for the year ended May 31, 2024. The information in the schedule is presented in accordance with the requirements of the Title 2 U.S. Code of Federal Regulations Part 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance). Therefore, some amounts presented in the schedule may differ from amounts presented in, or used in the preparation of, the basic financial statements. Expenditures in the schedule are reported on the accrual basis of accounting. Such expenditures are recognized following the cost principles contained in the Uniform Guidance, wherein certain types of expenditures are not allowable or are limited as to reimbursement. Negative amounts shown on the schedule represent adjustments or credits made in the normal course of business to amounts reported as expenditures in prior years. If the University is required to match certain federal assistance, as defined by the grant agreements, no such matching has been included as expenditures in the schedule. De Minimis Rate Used: Y Rate Explanation: The auditee used the de minimis cost rate. To maintain institutional eligibility to participate in the Department of Education’s Title IV financial aid programs, the University is required to comply with 34 CFR 600.7(a)1 which limits the number of correspondence courses, the number of students enrolled in correspondence courses, the number of incarcerated students enrolled and the number of students enrolled without a high school diploma or recognized equivalent. As part of the audit procedures, compliance with these limitations was tested. No non-compliance with the requirements was noted.

Finding Details

Finding 2024-003
Inaccurate and Untimely Returns of Title IV Funds (R2T4) Material Weakness DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063 and 84.007 Federal Award Identification #: 2023-2024 Award Year Condition: When students withdrew either officially or unofficially, the University did not always return unearned Title IV aid timely and return calculations were not done correctly consistently. Additionally, the University was not able to provide support of academic activity for some distance education students who had no passing grades to determine if they began attendance. Criteria: 34 CFR 668.22 Questioned Costs: $18,809 Context: Out of 22 students tested, 8 total students had errors: • 3 students had late returns totaling $7,776 in FDL and Pell. • 6 students had incorrect calculations resulting in $1,568 in FDL and Pell being under-returned and $76 in FDL being over-returned. • 3 distance education students did not have records of academic activity retained by the University. These students received $9,465 in FDL and Pell. These were not corrected during the audit. Cause: Misunderstanding of modular withdrawal R2T4 calculations. Additionally, the University switched systems used to administer distance education programs. Effect: Return of Title IV funds were not performed accurately and timely. Identification as repeat finding, if applicable: 2023-002 Recommendation: We recommend the University perform additional training on R2T4 regulations and implement a second review on R2T4 calculations performed. We also recommend the University retain academic activity for all distance education students without passing grades. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2024-003
Inaccurate and Untimely Returns of Title IV Funds (R2T4) Material Weakness DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063 and 84.007 Federal Award Identification #: 2023-2024 Award Year Condition: When students withdrew either officially or unofficially, the University did not always return unearned Title IV aid timely and return calculations were not done correctly consistently. Additionally, the University was not able to provide support of academic activity for some distance education students who had no passing grades to determine if they began attendance. Criteria: 34 CFR 668.22 Questioned Costs: $18,809 Context: Out of 22 students tested, 8 total students had errors: • 3 students had late returns totaling $7,776 in FDL and Pell. • 6 students had incorrect calculations resulting in $1,568 in FDL and Pell being under-returned and $76 in FDL being over-returned. • 3 distance education students did not have records of academic activity retained by the University. These students received $9,465 in FDL and Pell. These were not corrected during the audit. Cause: Misunderstanding of modular withdrawal R2T4 calculations. Additionally, the University switched systems used to administer distance education programs. Effect: Return of Title IV funds were not performed accurately and timely. Identification as repeat finding, if applicable: 2023-002 Recommendation: We recommend the University perform additional training on R2T4 regulations and implement a second review on R2T4 calculations performed. We also recommend the University retain academic activity for all distance education students without passing grades. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2024-003
Inaccurate and Untimely Returns of Title IV Funds (R2T4) Material Weakness DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063 and 84.007 Federal Award Identification #: 2023-2024 Award Year Condition: When students withdrew either officially or unofficially, the University did not always return unearned Title IV aid timely and return calculations were not done correctly consistently. Additionally, the University was not able to provide support of academic activity for some distance education students who had no passing grades to determine if they began attendance. Criteria: 34 CFR 668.22 Questioned Costs: $18,809 Context: Out of 22 students tested, 8 total students had errors: • 3 students had late returns totaling $7,776 in FDL and Pell. • 6 students had incorrect calculations resulting in $1,568 in FDL and Pell being under-returned and $76 in FDL being over-returned. • 3 distance education students did not have records of academic activity retained by the University. These students received $9,465 in FDL and Pell. These were not corrected during the audit. Cause: Misunderstanding of modular withdrawal R2T4 calculations. Additionally, the University switched systems used to administer distance education programs. Effect: Return of Title IV funds were not performed accurately and timely. Identification as repeat finding, if applicable: 2023-002 Recommendation: We recommend the University perform additional training on R2T4 regulations and implement a second review on R2T4 calculations performed. We also recommend the University retain academic activity for all distance education students without passing grades. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2024-004
Gramm-Leach-Bliley Act (GLBA) Compliance Significant Deficiency DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, 84.038, and 84.379 Federal Award Identification #: 2023-2024 Award Year Condition: The University did not sufficiently comply with the updated requirements of GLBA. Criteria: 16 CFR 314.4 Questioned Costs: $0 Context: The University has not sufficiently documented its security risk assessment and safeguards, including financial aid applications, or implemented multi-factor authentication on all systems containing personally identifiable information (PII). Cause: The University has not allocated sufficient resources to address and document compliance with the requirements of GLBA. Effect: The University has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable. Recommendation: We recommend the University allocate sufficient resources to address all requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2024-004
Gramm-Leach-Bliley Act (GLBA) Compliance Significant Deficiency DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, 84.038, and 84.379 Federal Award Identification #: 2023-2024 Award Year Condition: The University did not sufficiently comply with the updated requirements of GLBA. Criteria: 16 CFR 314.4 Questioned Costs: $0 Context: The University has not sufficiently documented its security risk assessment and safeguards, including financial aid applications, or implemented multi-factor authentication on all systems containing personally identifiable information (PII). Cause: The University has not allocated sufficient resources to address and document compliance with the requirements of GLBA. Effect: The University has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable. Recommendation: We recommend the University allocate sufficient resources to address all requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2024-004
Gramm-Leach-Bliley Act (GLBA) Compliance Significant Deficiency DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, 84.038, and 84.379 Federal Award Identification #: 2023-2024 Award Year Condition: The University did not sufficiently comply with the updated requirements of GLBA. Criteria: 16 CFR 314.4 Questioned Costs: $0 Context: The University has not sufficiently documented its security risk assessment and safeguards, including financial aid applications, or implemented multi-factor authentication on all systems containing personally identifiable information (PII). Cause: The University has not allocated sufficient resources to address and document compliance with the requirements of GLBA. Effect: The University has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable. Recommendation: We recommend the University allocate sufficient resources to address all requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2024-004
Gramm-Leach-Bliley Act (GLBA) Compliance Significant Deficiency DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, 84.038, and 84.379 Federal Award Identification #: 2023-2024 Award Year Condition: The University did not sufficiently comply with the updated requirements of GLBA. Criteria: 16 CFR 314.4 Questioned Costs: $0 Context: The University has not sufficiently documented its security risk assessment and safeguards, including financial aid applications, or implemented multi-factor authentication on all systems containing personally identifiable information (PII). Cause: The University has not allocated sufficient resources to address and document compliance with the requirements of GLBA. Effect: The University has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable. Recommendation: We recommend the University allocate sufficient resources to address all requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2024-004
Gramm-Leach-Bliley Act (GLBA) Compliance Significant Deficiency DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, 84.038, and 84.379 Federal Award Identification #: 2023-2024 Award Year Condition: The University did not sufficiently comply with the updated requirements of GLBA. Criteria: 16 CFR 314.4 Questioned Costs: $0 Context: The University has not sufficiently documented its security risk assessment and safeguards, including financial aid applications, or implemented multi-factor authentication on all systems containing personally identifiable information (PII). Cause: The University has not allocated sufficient resources to address and document compliance with the requirements of GLBA. Effect: The University has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable. Recommendation: We recommend the University allocate sufficient resources to address all requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2024-004
Gramm-Leach-Bliley Act (GLBA) Compliance Significant Deficiency DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, 84.038, and 84.379 Federal Award Identification #: 2023-2024 Award Year Condition: The University did not sufficiently comply with the updated requirements of GLBA. Criteria: 16 CFR 314.4 Questioned Costs: $0 Context: The University has not sufficiently documented its security risk assessment and safeguards, including financial aid applications, or implemented multi-factor authentication on all systems containing personally identifiable information (PII). Cause: The University has not allocated sufficient resources to address and document compliance with the requirements of GLBA. Effect: The University has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable. Recommendation: We recommend the University allocate sufficient resources to address all requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2024-005
Inaccurate TRIO Reporting DEPARTMENT OF EDUCATION ALN #: 84.042A Federal Award Identification #: P042A201146 Condition: The University did not report accurate information on key line items of the Annual Performance Report for all students. Criteria: 34 CFR 646.22(a) Questioned Costs: $0 Context: 10 out of 37 students tested had inaccurate information reported on key line items of the Annual Performance Report. Cause: This was an oversight by the University. Effect: Inaccurate information was reported on the Annual Performance Report. Identification as repeat finding, if applicable: Not applicable. Recommendation: We recommend the University have a review process to ensure each student's information is reconciled between the University's records and the system used to track TRIO participants and populate the Annual Performance Report. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2024-003
Inaccurate and Untimely Returns of Title IV Funds (R2T4) Material Weakness DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063 and 84.007 Federal Award Identification #: 2023-2024 Award Year Condition: When students withdrew either officially or unofficially, the University did not always return unearned Title IV aid timely and return calculations were not done correctly consistently. Additionally, the University was not able to provide support of academic activity for some distance education students who had no passing grades to determine if they began attendance. Criteria: 34 CFR 668.22 Questioned Costs: $18,809 Context: Out of 22 students tested, 8 total students had errors: • 3 students had late returns totaling $7,776 in FDL and Pell. • 6 students had incorrect calculations resulting in $1,568 in FDL and Pell being under-returned and $76 in FDL being over-returned. • 3 distance education students did not have records of academic activity retained by the University. These students received $9,465 in FDL and Pell. These were not corrected during the audit. Cause: Misunderstanding of modular withdrawal R2T4 calculations. Additionally, the University switched systems used to administer distance education programs. Effect: Return of Title IV funds were not performed accurately and timely. Identification as repeat finding, if applicable: 2023-002 Recommendation: We recommend the University perform additional training on R2T4 regulations and implement a second review on R2T4 calculations performed. We also recommend the University retain academic activity for all distance education students without passing grades. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2024-003
Inaccurate and Untimely Returns of Title IV Funds (R2T4) Material Weakness DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063 and 84.007 Federal Award Identification #: 2023-2024 Award Year Condition: When students withdrew either officially or unofficially, the University did not always return unearned Title IV aid timely and return calculations were not done correctly consistently. Additionally, the University was not able to provide support of academic activity for some distance education students who had no passing grades to determine if they began attendance. Criteria: 34 CFR 668.22 Questioned Costs: $18,809 Context: Out of 22 students tested, 8 total students had errors: • 3 students had late returns totaling $7,776 in FDL and Pell. • 6 students had incorrect calculations resulting in $1,568 in FDL and Pell being under-returned and $76 in FDL being over-returned. • 3 distance education students did not have records of academic activity retained by the University. These students received $9,465 in FDL and Pell. These were not corrected during the audit. Cause: Misunderstanding of modular withdrawal R2T4 calculations. Additionally, the University switched systems used to administer distance education programs. Effect: Return of Title IV funds were not performed accurately and timely. Identification as repeat finding, if applicable: 2023-002 Recommendation: We recommend the University perform additional training on R2T4 regulations and implement a second review on R2T4 calculations performed. We also recommend the University retain academic activity for all distance education students without passing grades. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2024-003
Inaccurate and Untimely Returns of Title IV Funds (R2T4) Material Weakness DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063 and 84.007 Federal Award Identification #: 2023-2024 Award Year Condition: When students withdrew either officially or unofficially, the University did not always return unearned Title IV aid timely and return calculations were not done correctly consistently. Additionally, the University was not able to provide support of academic activity for some distance education students who had no passing grades to determine if they began attendance. Criteria: 34 CFR 668.22 Questioned Costs: $18,809 Context: Out of 22 students tested, 8 total students had errors: • 3 students had late returns totaling $7,776 in FDL and Pell. • 6 students had incorrect calculations resulting in $1,568 in FDL and Pell being under-returned and $76 in FDL being over-returned. • 3 distance education students did not have records of academic activity retained by the University. These students received $9,465 in FDL and Pell. These were not corrected during the audit. Cause: Misunderstanding of modular withdrawal R2T4 calculations. Additionally, the University switched systems used to administer distance education programs. Effect: Return of Title IV funds were not performed accurately and timely. Identification as repeat finding, if applicable: 2023-002 Recommendation: We recommend the University perform additional training on R2T4 regulations and implement a second review on R2T4 calculations performed. We also recommend the University retain academic activity for all distance education students without passing grades. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2024-004
Gramm-Leach-Bliley Act (GLBA) Compliance Significant Deficiency DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, 84.038, and 84.379 Federal Award Identification #: 2023-2024 Award Year Condition: The University did not sufficiently comply with the updated requirements of GLBA. Criteria: 16 CFR 314.4 Questioned Costs: $0 Context: The University has not sufficiently documented its security risk assessment and safeguards, including financial aid applications, or implemented multi-factor authentication on all systems containing personally identifiable information (PII). Cause: The University has not allocated sufficient resources to address and document compliance with the requirements of GLBA. Effect: The University has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable. Recommendation: We recommend the University allocate sufficient resources to address all requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2024-004
Gramm-Leach-Bliley Act (GLBA) Compliance Significant Deficiency DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, 84.038, and 84.379 Federal Award Identification #: 2023-2024 Award Year Condition: The University did not sufficiently comply with the updated requirements of GLBA. Criteria: 16 CFR 314.4 Questioned Costs: $0 Context: The University has not sufficiently documented its security risk assessment and safeguards, including financial aid applications, or implemented multi-factor authentication on all systems containing personally identifiable information (PII). Cause: The University has not allocated sufficient resources to address and document compliance with the requirements of GLBA. Effect: The University has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable. Recommendation: We recommend the University allocate sufficient resources to address all requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2024-004
Gramm-Leach-Bliley Act (GLBA) Compliance Significant Deficiency DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, 84.038, and 84.379 Federal Award Identification #: 2023-2024 Award Year Condition: The University did not sufficiently comply with the updated requirements of GLBA. Criteria: 16 CFR 314.4 Questioned Costs: $0 Context: The University has not sufficiently documented its security risk assessment and safeguards, including financial aid applications, or implemented multi-factor authentication on all systems containing personally identifiable information (PII). Cause: The University has not allocated sufficient resources to address and document compliance with the requirements of GLBA. Effect: The University has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable. Recommendation: We recommend the University allocate sufficient resources to address all requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2024-004
Gramm-Leach-Bliley Act (GLBA) Compliance Significant Deficiency DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, 84.038, and 84.379 Federal Award Identification #: 2023-2024 Award Year Condition: The University did not sufficiently comply with the updated requirements of GLBA. Criteria: 16 CFR 314.4 Questioned Costs: $0 Context: The University has not sufficiently documented its security risk assessment and safeguards, including financial aid applications, or implemented multi-factor authentication on all systems containing personally identifiable information (PII). Cause: The University has not allocated sufficient resources to address and document compliance with the requirements of GLBA. Effect: The University has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable. Recommendation: We recommend the University allocate sufficient resources to address all requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2024-004
Gramm-Leach-Bliley Act (GLBA) Compliance Significant Deficiency DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, 84.038, and 84.379 Federal Award Identification #: 2023-2024 Award Year Condition: The University did not sufficiently comply with the updated requirements of GLBA. Criteria: 16 CFR 314.4 Questioned Costs: $0 Context: The University has not sufficiently documented its security risk assessment and safeguards, including financial aid applications, or implemented multi-factor authentication on all systems containing personally identifiable information (PII). Cause: The University has not allocated sufficient resources to address and document compliance with the requirements of GLBA. Effect: The University has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable. Recommendation: We recommend the University allocate sufficient resources to address all requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2024-004
Gramm-Leach-Bliley Act (GLBA) Compliance Significant Deficiency DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, 84.038, and 84.379 Federal Award Identification #: 2023-2024 Award Year Condition: The University did not sufficiently comply with the updated requirements of GLBA. Criteria: 16 CFR 314.4 Questioned Costs: $0 Context: The University has not sufficiently documented its security risk assessment and safeguards, including financial aid applications, or implemented multi-factor authentication on all systems containing personally identifiable information (PII). Cause: The University has not allocated sufficient resources to address and document compliance with the requirements of GLBA. Effect: The University has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as repeat finding, if applicable: Not applicable. Recommendation: We recommend the University allocate sufficient resources to address all requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.
Finding 2024-005
Inaccurate TRIO Reporting DEPARTMENT OF EDUCATION ALN #: 84.042A Federal Award Identification #: P042A201146 Condition: The University did not report accurate information on key line items of the Annual Performance Report for all students. Criteria: 34 CFR 646.22(a) Questioned Costs: $0 Context: 10 out of 37 students tested had inaccurate information reported on key line items of the Annual Performance Report. Cause: This was an oversight by the University. Effect: Inaccurate information was reported on the Annual Performance Report. Identification as repeat finding, if applicable: Not applicable. Recommendation: We recommend the University have a review process to ensure each student's information is reconciled between the University's records and the system used to track TRIO participants and populate the Annual Performance Report. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.