FAC Explorer

Audit 345096

FY End
2023-09-30
Total Expended
$34.51M
Findings
24
Programs
18
Organization: Hawkeye Area Community Action Program (IA)
Year: 2023 Accepted: 2025-03-06
Auditor: Wipfli LLP

Organization Exclusion Status:

Findings

ID Ref Severity Repeat Requirement
525921 2023-001 Material Weakness - AB
525922 2023-002 Significant Deficiency - L
525923 2023-001 Material Weakness - AB
525924 2023-002 Significant Deficiency - L
525925 2023-001 Material Weakness - AB
525926 2023-002 Significant Deficiency - L
525927 2023-001 Material Weakness - AB
525928 2023-002 Significant Deficiency - L
525929 2023-001 Material Weakness - AB
525930 2023-002 Significant Deficiency - L
525931 2023-001 Material Weakness - AB
525932 2023-002 Significant Deficiency - L
1102363 2023-001 Material Weakness - AB
1102364 2023-002 Significant Deficiency - L
1102365 2023-001 Material Weakness - AB
1102366 2023-002 Significant Deficiency - L
1102367 2023-001 Material Weakness - AB
1102368 2023-002 Significant Deficiency - L
1102369 2023-001 Material Weakness - AB
1102370 2023-002 Significant Deficiency - L
1102371 2023-001 Material Weakness - AB
1102372 2023-002 Significant Deficiency - L
1102373 2023-001 Material Weakness - AB
1102374 2023-002 Significant Deficiency - L

Programs

ALN Program Spent Major Findings
10.569 Emergency Food Assistance Program (food Commodities) $2.05M Yes 2
10.557 Special Supplemental Nutrition Program for Women, Infants, and Children $1.81M Yes 2
93.569 Community Services Block Grant $1.65M - 0
10.558 Child and Adult Care Food Program $1.64M - 0
64.033 Va Supportive Services for Veteran Families Program $1.58M Yes 2
81.042 Weatherization Assistance for Low-Income Persons $859,123 - 0
93.575 Child Care and Development Block Grant $818,937 - 0
14.267 Continuum of Care Program $759,975 - 0
93.600 Head Start $614,586 Yes 2
93.499 Low Income Household Water Assistance Program $557,928 - 0
93.994 Maternal and Child Health Services Block Grant to the States $355,603 - 0
10.568 Emergency Food Assistance Program (administrative Costs) $348,678 Yes 2
93.778 Medical Assistance Program $238,942 - 0
21.024 Community Development Financial Institutions Rapid Response Program (cdfi Rrp) $148,129 - 0
93.568 Low-Income Home Energy Assistance $123,776 - 0
14.231 Emergency Solutions Grant Program $42,952 - 0
14.239 Home Investment Partnerships Program $22,096 - 0
14.218 Community Development Block Grants/entitlement Grants $22,000 - 0

Contacts

Name Title Type
CK1MDQAWQ9G5 Jane Drapeaux Auditee
3193937811 John Hemming Auditor
No contacts on file

Notes to SEFA

Title: Basis of Presentation Accounting Policies: Expenditures reported on the Schedule are reported on the modified accrual basis of accounting. Such expenditures are recognized following the Uniform Guidance wherein certain types of expenditures are not allowable or are limited as to reimbursement. Pass-through entity identifying numbers are presented where available. Inter-Lakes Community Action Partnership, Inc. has not elected to use the 10-percent de minimis indirect cost rate allowed under Uniform Guidance. No amounts have been passed through to subrecipients for the year ended September 30, 2024. De Minimis Rate Used: N Rate Explanation: Hawkeye Area Community Action Program, Inc. has not elected to use the 10-percent de minimis indirect cost rate. Hawkeye Area Community Action Program, Inc. has an approved provisional indirect cost rate. The accompanying schedule of expenditures of federal awards (the “Schedule”) includes the federal award activity of Hawkeye Area Community Action Program, Inc. under programs of the federal government for the year ended September 30, 2023. The information in this Schedule is presented in accordance with the requirements of Title 2 U.S. Code of Federal Regulations Part 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance). Because the Schedule presents only a selected portion of the operations of Hawkeye Area Community Action Program, Inc., it is not intended to and does not present the financial position, changes in net assets or cash flows of Hawkeye Area Community Action Program, Inc.
Title: Subrecipients Accounting Policies: Expenditures reported on the Schedule are reported on the modified accrual basis of accounting. Such expenditures are recognized following the Uniform Guidance wherein certain types of expenditures are not allowable or are limited as to reimbursement. Pass-through entity identifying numbers are presented where available. Inter-Lakes Community Action Partnership, Inc. has not elected to use the 10-percent de minimis indirect cost rate allowed under Uniform Guidance. No amounts have been passed through to subrecipients for the year ended September 30, 2024. De Minimis Rate Used: N Rate Explanation: Hawkeye Area Community Action Program, Inc. has not elected to use the 10-percent de minimis indirect cost rate. Hawkeye Area Community Action Program, Inc. has an approved provisional indirect cost rate. Hawkeye Area Community Action Program, Inc. does not have any subrecipients and therefore has not incurred subrecipient expenditures.

Finding Details

Finding 2023-001
Internal Controls over Electronic Financial Information Criteria or Specific Requirement: 2 CFR part 200 (Uniform Guidance) requires grantees to have effective control over, and accountability for, all funds, property, and other assets. Condition: Subsequent to the fiscal year end, HACAP experienced a security breach of their electronic financial information by an outside party which denied HACAP access to their computer servers. Although several attempts were made to recover the financial information, HAPCAP was unable to retrieve essential electronic financial information needed to complete the audit. With the inability to retrieve the information, HACAP had to recreate the financial information manually causing significant delays in reconciling accounts and completion of the audit. Effect: As a result of the deficiencies in adequately safeguarding of electronic financial information and the inability to recreate the electronic financial information using back-ups systems, a material weakness in internal control over financial reporting exists. Cause: HACAP's internal controls over their electronic financial information did not adequately safeguard their financial information and prevent access from outside parties. In addition, HACAP's back-ups of the electronic financial information were not effective in recreating the financial information necessary to complete the audit. Repeat: No Auditor's Recommendations: We recommend HACAP implement procedures to ensure electronic records are secured and adequately backed-up. View of Responsible Officials: Management agrees with the finding and has developed a written corrective action plan.No findings related to the the financial statements.
Finding 2023-002
Late Audit Submission Criteria or Specific Requirement: 2 CFR section 200.512(a) requires the reporting package and data collection form be submitted to the Federal Audit Clearinghouse the earlier of 30 calendar days after the reports are received from the auditors or nine months after the end of the audit period. Condition: The September 30, 2023 audit and reporting package is being submitted after the required due date. Effect: HACAP is not in compliance with federal regulations regarding audit timing and represents a significant deficiency in internal control over major program reporting. Cause: Due to restricted access to computer servers and having to rebuild electronic records, HACAP audit and data collection submission was not done on time. Repeat: No Auditor's Recommendations: HACAP should take steps to ensure that its financial records are available in a timely manner to allow the audit to begin sufficiently before the audit due date. View of Responsible Officials: Management agrees with the finding and has developed a written corrective action plan.
Finding 2023-001
Internal Controls over Electronic Financial Information Criteria or Specific Requirement: 2 CFR part 200 (Uniform Guidance) requires grantees to have effective control over, and accountability for, all funds, property, and other assets. Condition: Subsequent to the fiscal year end, HACAP experienced a security breach of their electronic financial information by an outside party which denied HACAP access to their computer servers. Although several attempts were made to recover the financial information, HAPCAP was unable to retrieve essential electronic financial information needed to complete the audit. With the inability to retrieve the information, HACAP had to recreate the financial information manually causing significant delays in reconciling accounts and completion of the audit. Effect: As a result of the deficiencies in adequately safeguarding of electronic financial information and the inability to recreate the electronic financial information using back-ups systems, a material weakness in internal control over financial reporting exists. Cause: HACAP's internal controls over their electronic financial information did not adequately safeguard their financial information and prevent access from outside parties. In addition, HACAP's back-ups of the electronic financial information were not effective in recreating the financial information necessary to complete the audit. Repeat: No Auditor's Recommendations: We recommend HACAP implement procedures to ensure electronic records are secured and adequately backed-up. View of Responsible Officials: Management agrees with the finding and has developed a written corrective action plan.No findings related to the the financial statements.
Finding 2023-002
Late Audit Submission Criteria or Specific Requirement: 2 CFR section 200.512(a) requires the reporting package and data collection form be submitted to the Federal Audit Clearinghouse the earlier of 30 calendar days after the reports are received from the auditors or nine months after the end of the audit period. Condition: The September 30, 2023 audit and reporting package is being submitted after the required due date. Effect: HACAP is not in compliance with federal regulations regarding audit timing and represents a significant deficiency in internal control over major program reporting. Cause: Due to restricted access to computer servers and having to rebuild electronic records, HACAP audit and data collection submission was not done on time. Repeat: No Auditor's Recommendations: HACAP should take steps to ensure that its financial records are available in a timely manner to allow the audit to begin sufficiently before the audit due date. View of Responsible Officials: Management agrees with the finding and has developed a written corrective action plan.
Finding 2023-001
Internal Controls over Electronic Financial Information Criteria or Specific Requirement: 2 CFR part 200 (Uniform Guidance) requires grantees to have effective control over, and accountability for, all funds, property, and other assets. Condition: Subsequent to the fiscal year end, HACAP experienced a security breach of their electronic financial information by an outside party which denied HACAP access to their computer servers. Although several attempts were made to recover the financial information, HAPCAP was unable to retrieve essential electronic financial information needed to complete the audit. With the inability to retrieve the information, HACAP had to recreate the financial information manually causing significant delays in reconciling accounts and completion of the audit. Effect: As a result of the deficiencies in adequately safeguarding of electronic financial information and the inability to recreate the electronic financial information using back-ups systems, a material weakness in internal control over financial reporting exists. Cause: HACAP's internal controls over their electronic financial information did not adequately safeguard their financial information and prevent access from outside parties. In addition, HACAP's back-ups of the electronic financial information were not effective in recreating the financial information necessary to complete the audit. Repeat: No Auditor's Recommendations: We recommend HACAP implement procedures to ensure electronic records are secured and adequately backed-up. View of Responsible Officials: Management agrees with the finding and has developed a written corrective action plan.No findings related to the the financial statements.
Finding 2023-002
Late Audit Submission Criteria or Specific Requirement: 2 CFR section 200.512(a) requires the reporting package and data collection form be submitted to the Federal Audit Clearinghouse the earlier of 30 calendar days after the reports are received from the auditors or nine months after the end of the audit period. Condition: The September 30, 2023 audit and reporting package is being submitted after the required due date. Effect: HACAP is not in compliance with federal regulations regarding audit timing and represents a significant deficiency in internal control over major program reporting. Cause: Due to restricted access to computer servers and having to rebuild electronic records, HACAP audit and data collection submission was not done on time. Repeat: No Auditor's Recommendations: HACAP should take steps to ensure that its financial records are available in a timely manner to allow the audit to begin sufficiently before the audit due date. View of Responsible Officials: Management agrees with the finding and has developed a written corrective action plan.
Finding 2023-001
Internal Controls over Electronic Financial Information Criteria or Specific Requirement: 2 CFR part 200 (Uniform Guidance) requires grantees to have effective control over, and accountability for, all funds, property, and other assets. Condition: Subsequent to the fiscal year end, HACAP experienced a security breach of their electronic financial information by an outside party which denied HACAP access to their computer servers. Although several attempts were made to recover the financial information, HAPCAP was unable to retrieve essential electronic financial information needed to complete the audit. With the inability to retrieve the information, HACAP had to recreate the financial information manually causing significant delays in reconciling accounts and completion of the audit. Effect: As a result of the deficiencies in adequately safeguarding of electronic financial information and the inability to recreate the electronic financial information using back-ups systems, a material weakness in internal control over financial reporting exists. Cause: HACAP's internal controls over their electronic financial information did not adequately safeguard their financial information and prevent access from outside parties. In addition, HACAP's back-ups of the electronic financial information were not effective in recreating the financial information necessary to complete the audit. Repeat: No Auditor's Recommendations: We recommend HACAP implement procedures to ensure electronic records are secured and adequately backed-up. View of Responsible Officials: Management agrees with the finding and has developed a written corrective action plan.No findings related to the the financial statements.
Finding 2023-002
Late Audit Submission Criteria or Specific Requirement: 2 CFR section 200.512(a) requires the reporting package and data collection form be submitted to the Federal Audit Clearinghouse the earlier of 30 calendar days after the reports are received from the auditors or nine months after the end of the audit period. Condition: The September 30, 2023 audit and reporting package is being submitted after the required due date. Effect: HACAP is not in compliance with federal regulations regarding audit timing and represents a significant deficiency in internal control over major program reporting. Cause: Due to restricted access to computer servers and having to rebuild electronic records, HACAP audit and data collection submission was not done on time. Repeat: No Auditor's Recommendations: HACAP should take steps to ensure that its financial records are available in a timely manner to allow the audit to begin sufficiently before the audit due date. View of Responsible Officials: Management agrees with the finding and has developed a written corrective action plan.
Finding 2023-001
Internal Controls over Electronic Financial Information Criteria or Specific Requirement: 2 CFR part 200 (Uniform Guidance) requires grantees to have effective control over, and accountability for, all funds, property, and other assets. Condition: Subsequent to the fiscal year end, HACAP experienced a security breach of their electronic financial information by an outside party which denied HACAP access to their computer servers. Although several attempts were made to recover the financial information, HAPCAP was unable to retrieve essential electronic financial information needed to complete the audit. With the inability to retrieve the information, HACAP had to recreate the financial information manually causing significant delays in reconciling accounts and completion of the audit. Effect: As a result of the deficiencies in adequately safeguarding of electronic financial information and the inability to recreate the electronic financial information using back-ups systems, a material weakness in internal control over financial reporting exists. Cause: HACAP's internal controls over their electronic financial information did not adequately safeguard their financial information and prevent access from outside parties. In addition, HACAP's back-ups of the electronic financial information were not effective in recreating the financial information necessary to complete the audit. Repeat: No Auditor's Recommendations: We recommend HACAP implement procedures to ensure electronic records are secured and adequately backed-up. View of Responsible Officials: Management agrees with the finding and has developed a written corrective action plan.No findings related to the the financial statements.
Finding 2023-002
Late Audit Submission Criteria or Specific Requirement: 2 CFR section 200.512(a) requires the reporting package and data collection form be submitted to the Federal Audit Clearinghouse the earlier of 30 calendar days after the reports are received from the auditors or nine months after the end of the audit period. Condition: The September 30, 2023 audit and reporting package is being submitted after the required due date. Effect: HACAP is not in compliance with federal regulations regarding audit timing and represents a significant deficiency in internal control over major program reporting. Cause: Due to restricted access to computer servers and having to rebuild electronic records, HACAP audit and data collection submission was not done on time. Repeat: No Auditor's Recommendations: HACAP should take steps to ensure that its financial records are available in a timely manner to allow the audit to begin sufficiently before the audit due date. View of Responsible Officials: Management agrees with the finding and has developed a written corrective action plan.
Finding 2023-001
Internal Controls over Electronic Financial Information Criteria or Specific Requirement: 2 CFR part 200 (Uniform Guidance) requires grantees to have effective control over, and accountability for, all funds, property, and other assets. Condition: Subsequent to the fiscal year end, HACAP experienced a security breach of their electronic financial information by an outside party which denied HACAP access to their computer servers. Although several attempts were made to recover the financial information, HAPCAP was unable to retrieve essential electronic financial information needed to complete the audit. With the inability to retrieve the information, HACAP had to recreate the financial information manually causing significant delays in reconciling accounts and completion of the audit. Effect: As a result of the deficiencies in adequately safeguarding of electronic financial information and the inability to recreate the electronic financial information using back-ups systems, a material weakness in internal control over financial reporting exists. Cause: HACAP's internal controls over their electronic financial information did not adequately safeguard their financial information and prevent access from outside parties. In addition, HACAP's back-ups of the electronic financial information were not effective in recreating the financial information necessary to complete the audit. Repeat: No Auditor's Recommendations: We recommend HACAP implement procedures to ensure electronic records are secured and adequately backed-up. View of Responsible Officials: Management agrees with the finding and has developed a written corrective action plan.No findings related to the the financial statements.
Finding 2023-002
Late Audit Submission Criteria or Specific Requirement: 2 CFR section 200.512(a) requires the reporting package and data collection form be submitted to the Federal Audit Clearinghouse the earlier of 30 calendar days after the reports are received from the auditors or nine months after the end of the audit period. Condition: The September 30, 2023 audit and reporting package is being submitted after the required due date. Effect: HACAP is not in compliance with federal regulations regarding audit timing and represents a significant deficiency in internal control over major program reporting. Cause: Due to restricted access to computer servers and having to rebuild electronic records, HACAP audit and data collection submission was not done on time. Repeat: No Auditor's Recommendations: HACAP should take steps to ensure that its financial records are available in a timely manner to allow the audit to begin sufficiently before the audit due date. View of Responsible Officials: Management agrees with the finding and has developed a written corrective action plan.
Finding 2023-001
Internal Controls over Electronic Financial Information Criteria or Specific Requirement: 2 CFR part 200 (Uniform Guidance) requires grantees to have effective control over, and accountability for, all funds, property, and other assets. Condition: Subsequent to the fiscal year end, HACAP experienced a security breach of their electronic financial information by an outside party which denied HACAP access to their computer servers. Although several attempts were made to recover the financial information, HAPCAP was unable to retrieve essential electronic financial information needed to complete the audit. With the inability to retrieve the information, HACAP had to recreate the financial information manually causing significant delays in reconciling accounts and completion of the audit. Effect: As a result of the deficiencies in adequately safeguarding of electronic financial information and the inability to recreate the electronic financial information using back-ups systems, a material weakness in internal control over financial reporting exists. Cause: HACAP's internal controls over their electronic financial information did not adequately safeguard their financial information and prevent access from outside parties. In addition, HACAP's back-ups of the electronic financial information were not effective in recreating the financial information necessary to complete the audit. Repeat: No Auditor's Recommendations: We recommend HACAP implement procedures to ensure electronic records are secured and adequately backed-up. View of Responsible Officials: Management agrees with the finding and has developed a written corrective action plan.No findings related to the the financial statements.
Finding 2023-002
Late Audit Submission Criteria or Specific Requirement: 2 CFR section 200.512(a) requires the reporting package and data collection form be submitted to the Federal Audit Clearinghouse the earlier of 30 calendar days after the reports are received from the auditors or nine months after the end of the audit period. Condition: The September 30, 2023 audit and reporting package is being submitted after the required due date. Effect: HACAP is not in compliance with federal regulations regarding audit timing and represents a significant deficiency in internal control over major program reporting. Cause: Due to restricted access to computer servers and having to rebuild electronic records, HACAP audit and data collection submission was not done on time. Repeat: No Auditor's Recommendations: HACAP should take steps to ensure that its financial records are available in a timely manner to allow the audit to begin sufficiently before the audit due date. View of Responsible Officials: Management agrees with the finding and has developed a written corrective action plan.
Finding 2023-001
Internal Controls over Electronic Financial Information Criteria or Specific Requirement: 2 CFR part 200 (Uniform Guidance) requires grantees to have effective control over, and accountability for, all funds, property, and other assets. Condition: Subsequent to the fiscal year end, HACAP experienced a security breach of their electronic financial information by an outside party which denied HACAP access to their computer servers. Although several attempts were made to recover the financial information, HAPCAP was unable to retrieve essential electronic financial information needed to complete the audit. With the inability to retrieve the information, HACAP had to recreate the financial information manually causing significant delays in reconciling accounts and completion of the audit. Effect: As a result of the deficiencies in adequately safeguarding of electronic financial information and the inability to recreate the electronic financial information using back-ups systems, a material weakness in internal control over financial reporting exists. Cause: HACAP's internal controls over their electronic financial information did not adequately safeguard their financial information and prevent access from outside parties. In addition, HACAP's back-ups of the electronic financial information were not effective in recreating the financial information necessary to complete the audit. Repeat: No Auditor's Recommendations: We recommend HACAP implement procedures to ensure electronic records are secured and adequately backed-up. View of Responsible Officials: Management agrees with the finding and has developed a written corrective action plan.No findings related to the the financial statements.
Finding 2023-002
Late Audit Submission Criteria or Specific Requirement: 2 CFR section 200.512(a) requires the reporting package and data collection form be submitted to the Federal Audit Clearinghouse the earlier of 30 calendar days after the reports are received from the auditors or nine months after the end of the audit period. Condition: The September 30, 2023 audit and reporting package is being submitted after the required due date. Effect: HACAP is not in compliance with federal regulations regarding audit timing and represents a significant deficiency in internal control over major program reporting. Cause: Due to restricted access to computer servers and having to rebuild electronic records, HACAP audit and data collection submission was not done on time. Repeat: No Auditor's Recommendations: HACAP should take steps to ensure that its financial records are available in a timely manner to allow the audit to begin sufficiently before the audit due date. View of Responsible Officials: Management agrees with the finding and has developed a written corrective action plan.
Finding 2023-001
Internal Controls over Electronic Financial Information Criteria or Specific Requirement: 2 CFR part 200 (Uniform Guidance) requires grantees to have effective control over, and accountability for, all funds, property, and other assets. Condition: Subsequent to the fiscal year end, HACAP experienced a security breach of their electronic financial information by an outside party which denied HACAP access to their computer servers. Although several attempts were made to recover the financial information, HAPCAP was unable to retrieve essential electronic financial information needed to complete the audit. With the inability to retrieve the information, HACAP had to recreate the financial information manually causing significant delays in reconciling accounts and completion of the audit. Effect: As a result of the deficiencies in adequately safeguarding of electronic financial information and the inability to recreate the electronic financial information using back-ups systems, a material weakness in internal control over financial reporting exists. Cause: HACAP's internal controls over their electronic financial information did not adequately safeguard their financial information and prevent access from outside parties. In addition, HACAP's back-ups of the electronic financial information were not effective in recreating the financial information necessary to complete the audit. Repeat: No Auditor's Recommendations: We recommend HACAP implement procedures to ensure electronic records are secured and adequately backed-up. View of Responsible Officials: Management agrees with the finding and has developed a written corrective action plan.No findings related to the the financial statements.
Finding 2023-002
Late Audit Submission Criteria or Specific Requirement: 2 CFR section 200.512(a) requires the reporting package and data collection form be submitted to the Federal Audit Clearinghouse the earlier of 30 calendar days after the reports are received from the auditors or nine months after the end of the audit period. Condition: The September 30, 2023 audit and reporting package is being submitted after the required due date. Effect: HACAP is not in compliance with federal regulations regarding audit timing and represents a significant deficiency in internal control over major program reporting. Cause: Due to restricted access to computer servers and having to rebuild electronic records, HACAP audit and data collection submission was not done on time. Repeat: No Auditor's Recommendations: HACAP should take steps to ensure that its financial records are available in a timely manner to allow the audit to begin sufficiently before the audit due date. View of Responsible Officials: Management agrees with the finding and has developed a written corrective action plan.
Finding 2023-001
Internal Controls over Electronic Financial Information Criteria or Specific Requirement: 2 CFR part 200 (Uniform Guidance) requires grantees to have effective control over, and accountability for, all funds, property, and other assets. Condition: Subsequent to the fiscal year end, HACAP experienced a security breach of their electronic financial information by an outside party which denied HACAP access to their computer servers. Although several attempts were made to recover the financial information, HAPCAP was unable to retrieve essential electronic financial information needed to complete the audit. With the inability to retrieve the information, HACAP had to recreate the financial information manually causing significant delays in reconciling accounts and completion of the audit. Effect: As a result of the deficiencies in adequately safeguarding of electronic financial information and the inability to recreate the electronic financial information using back-ups systems, a material weakness in internal control over financial reporting exists. Cause: HACAP's internal controls over their electronic financial information did not adequately safeguard their financial information and prevent access from outside parties. In addition, HACAP's back-ups of the electronic financial information were not effective in recreating the financial information necessary to complete the audit. Repeat: No Auditor's Recommendations: We recommend HACAP implement procedures to ensure electronic records are secured and adequately backed-up. View of Responsible Officials: Management agrees with the finding and has developed a written corrective action plan.No findings related to the the financial statements.
Finding 2023-002
Late Audit Submission Criteria or Specific Requirement: 2 CFR section 200.512(a) requires the reporting package and data collection form be submitted to the Federal Audit Clearinghouse the earlier of 30 calendar days after the reports are received from the auditors or nine months after the end of the audit period. Condition: The September 30, 2023 audit and reporting package is being submitted after the required due date. Effect: HACAP is not in compliance with federal regulations regarding audit timing and represents a significant deficiency in internal control over major program reporting. Cause: Due to restricted access to computer servers and having to rebuild electronic records, HACAP audit and data collection submission was not done on time. Repeat: No Auditor's Recommendations: HACAP should take steps to ensure that its financial records are available in a timely manner to allow the audit to begin sufficiently before the audit due date. View of Responsible Officials: Management agrees with the finding and has developed a written corrective action plan.
Finding 2023-001
Internal Controls over Electronic Financial Information Criteria or Specific Requirement: 2 CFR part 200 (Uniform Guidance) requires grantees to have effective control over, and accountability for, all funds, property, and other assets. Condition: Subsequent to the fiscal year end, HACAP experienced a security breach of their electronic financial information by an outside party which denied HACAP access to their computer servers. Although several attempts were made to recover the financial information, HAPCAP was unable to retrieve essential electronic financial information needed to complete the audit. With the inability to retrieve the information, HACAP had to recreate the financial information manually causing significant delays in reconciling accounts and completion of the audit. Effect: As a result of the deficiencies in adequately safeguarding of electronic financial information and the inability to recreate the electronic financial information using back-ups systems, a material weakness in internal control over financial reporting exists. Cause: HACAP's internal controls over their electronic financial information did not adequately safeguard their financial information and prevent access from outside parties. In addition, HACAP's back-ups of the electronic financial information were not effective in recreating the financial information necessary to complete the audit. Repeat: No Auditor's Recommendations: We recommend HACAP implement procedures to ensure electronic records are secured and adequately backed-up. View of Responsible Officials: Management agrees with the finding and has developed a written corrective action plan.No findings related to the the financial statements.
Finding 2023-002
Late Audit Submission Criteria or Specific Requirement: 2 CFR section 200.512(a) requires the reporting package and data collection form be submitted to the Federal Audit Clearinghouse the earlier of 30 calendar days after the reports are received from the auditors or nine months after the end of the audit period. Condition: The September 30, 2023 audit and reporting package is being submitted after the required due date. Effect: HACAP is not in compliance with federal regulations regarding audit timing and represents a significant deficiency in internal control over major program reporting. Cause: Due to restricted access to computer servers and having to rebuild electronic records, HACAP audit and data collection submission was not done on time. Repeat: No Auditor's Recommendations: HACAP should take steps to ensure that its financial records are available in a timely manner to allow the audit to begin sufficiently before the audit due date. View of Responsible Officials: Management agrees with the finding and has developed a written corrective action plan.
Finding 2023-001
Internal Controls over Electronic Financial Information Criteria or Specific Requirement: 2 CFR part 200 (Uniform Guidance) requires grantees to have effective control over, and accountability for, all funds, property, and other assets. Condition: Subsequent to the fiscal year end, HACAP experienced a security breach of their electronic financial information by an outside party which denied HACAP access to their computer servers. Although several attempts were made to recover the financial information, HAPCAP was unable to retrieve essential electronic financial information needed to complete the audit. With the inability to retrieve the information, HACAP had to recreate the financial information manually causing significant delays in reconciling accounts and completion of the audit. Effect: As a result of the deficiencies in adequately safeguarding of electronic financial information and the inability to recreate the electronic financial information using back-ups systems, a material weakness in internal control over financial reporting exists. Cause: HACAP's internal controls over their electronic financial information did not adequately safeguard their financial information and prevent access from outside parties. In addition, HACAP's back-ups of the electronic financial information were not effective in recreating the financial information necessary to complete the audit. Repeat: No Auditor's Recommendations: We recommend HACAP implement procedures to ensure electronic records are secured and adequately backed-up. View of Responsible Officials: Management agrees with the finding and has developed a written corrective action plan.No findings related to the the financial statements.
Finding 2023-002
Late Audit Submission Criteria or Specific Requirement: 2 CFR section 200.512(a) requires the reporting package and data collection form be submitted to the Federal Audit Clearinghouse the earlier of 30 calendar days after the reports are received from the auditors or nine months after the end of the audit period. Condition: The September 30, 2023 audit and reporting package is being submitted after the required due date. Effect: HACAP is not in compliance with federal regulations regarding audit timing and represents a significant deficiency in internal control over major program reporting. Cause: Due to restricted access to computer servers and having to rebuild electronic records, HACAP audit and data collection submission was not done on time. Repeat: No Auditor's Recommendations: HACAP should take steps to ensure that its financial records are available in a timely manner to allow the audit to begin sufficiently before the audit due date. View of Responsible Officials: Management agrees with the finding and has developed a written corrective action plan.