Audit 406800

FY End
2022-06-30
Total Expended
$1.96M
Findings
7
Programs
7
Organization: Mesalands Community College (NM)
Year: 2022 Accepted: 2026-07-09

Organization Exclusion Status:

Checking exclusion status...

Findings

ID Ref Severity Repeat Requirement
1223294 2022-006 Material Weakness Yes N
1223295 2022-007 Material Weakness Yes N
1223296 2022-008 Material Weakness Yes P
1223297 2022-005 Material Weakness Yes N
1223298 2022-008 Material Weakness Yes P
1223299 2022-005 Material Weakness Yes P
1223300 2022-008 Material Weakness Yes P

Programs

ALN Program Spent Major Findings
84.031 HIGHER EDUCATION INSTITUTIONAL AID $1.23M Yes 2
84.063 HIGHER EDUCATION INSTITUTIONAL AID $428,870 Yes 3
84.002 ADULT EDUCATION - BASIC GRANTS TO STATES $130,932 Yes 1
84.425 EDUCATION STABILIZATION FUND $99,506 Yes 1
84.268 HIGHER EDUCATION INSTITUTIONAL AID $44,435 Yes 0
84.007 HIGHER EDUCATION INSTITUTIONAL AID $23,400 Yes 0
84.033 HIGHER EDUCATION INSTITUTIONAL AID $5,317 Yes 0

Contacts

Name Title Type
C19DL3XLW4S5 Rachelle Arias Auditee
5754616600 Donna Trujillo Auditor
No contacts on file

Notes to SEFA

The accompanying schedule of expenditures of federal awards ( the Schedule) includes the federal grant activity of the College under programs of the federal government for the year ended June 30, 2022. The information in this Schedule is presented in accordance with the requirements of Title 2 U.S. Code of Federal Regulations Part 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance). Because the Schedule presents only a selected portion of the operations of the College, it is not intended to and does not present the financial position, changes in net assets, or cash flows of the College.
The accompanying Schedule of Expenditures of Federal Awards has been prepared on the accrual basis of accounting. Such expenditures are recognized in accordance with the cost principles in Title 2 U.S. Code of Federal Regulations (CFR) Part 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance), wherein certain types of expenditures are not allowable or are limited as to reimbursement. Negative amounts shown on the Schedule represent adjustments or credits made in the normal course of business to amounts reported as expenditures in prior years.
The College has elected to use the 10% de minimis indirect cost rate allowed under the Uniform Guidance.

Finding Details

2022-006 (2020-004) – Internal Controls and Title IV Administration—Material Weakness Federal Agency: Federal Program: Assistance Listing Nos: Department of Education Title: Student Financial Assistance Cluster 84.007 – Federal Supplemental Education Opportunity Grants (SEOG) 84.033 – Federal Work Study Program (FWS) 84.063 – Federal Pell Grant Program (Pell) 84.268 – Federal Direct Student Loans (FDSL) Federal Award Numbers: P033A208469(SEOG) P033A208469(FWS) P063P204871(PELL) P268K234871(FDSL) Award Period: July 1, 2021 to June 30, 2022 Name of Applicable Pass-Through Entity- Not applicable Condition: A report was provided to auditors that addressed certain aspects of GLBA based on the prior year comment but was incomplete in certain other areas. During our audit procedures, it was noted that the College did not perform a risk assessment that addresses the three areas noted in 16 CFR 314.4 (b) which are (1) Employee training and management; (2) Information systems, including network and software design, as well as information processing, storage, transmission and disposal; and (3) Detecting, preventing and responding to attacks, intrusions, or other systems failures and document safeguards for identified risks. Management’s progress: Management has made some/minimal progress. Criteria or Specific Requirement: The Gramm-Leach-Bliley Act (Public Law 106-102) requires financial institutions to explain their information-sharing practices to their customers and to safeguard sensitive data. (16 CFR 314) The Federal Trade Commission considers Title IV-eligible institutions that participate in Title IV Educational Assistance Programs as “financial institutions” and subject to the Gramm-Leach-Bliley Act (16 CFR 313.3(k)(2)(vi). Questioned Costs: None. Cause: The College did not perform an IT risk assessment tailored specifically to the organization, identify risks, nor address risks identified as required by the Gramm-Leach-Bliley Act. Effect: The students’ personal information could be vulnerable. Recommendation: We recommend that the College designate an individual to oversee the information security function, engage a third party or perform the risk assessment for the three areas required by the Gramm-Leach-Bliley Act and ensure that there are documented safeguards for identified risks. Views of responsible officials and planned corrective actions: The College is implementing a new version of Jenzabar. Updated configuration will include updated security features. The planned completion date for the upgrades to the processes and systems is December 31, 2024. The responsible party is the Information Technology.
2022-007 (2019-005)– Gramm-Leach-Bliley Act (GLBA) —Significant Deficiency Federal Agency: Federal Program: Assistance Listing Nos: Department of Education Title: Student Financial Assistance Cluster 84.007 – Federal Supplemental Education Opportunity Grants 84.033 – Federal Work Study Program 84.063 – Federal Pell Grant Program 84.268 – Federal Direct Student Loans Federal Award Numbers: P033A208469(SEOG) P033A208469(FWS) P063P204871(PELL) P268K234871(FDSL) Award Period: July 1, 2021 to June 30, 2022 Name of Applicable Pass-Through Entity- Not applicable Condition: A report was provided to auditors that addressed certain aspects of GLBA based on the prior year comment but was incomplete in certain other areas. During our audit procedures, it was noted that the College did not perform a risk assessment that addresses the three areas noted in 16 CFR 314.4 (b) which are (1) Employee training and management; (2) Information systems, including network and software design, as well as information processing, storage, transmission and disposal; and (3) Detecting, preventing and responding to attacks, intrusions, or other systems failures and document safeguards for identified risks. Management’s progress: Management has made some/minimal progress. Criteria or specific requirement: The Gramm-Leach-Bliley Act (Public Law 106-102) requires financial institutions to explain their information-sharing practices to their customers and to safeguard sensitive data. (16 CFR 314) The Federal Trade Commission considers Title IV-eligible institutions that participate in Title IV Educational Assistance Programs as “financial institutions” and subject to the Gramm-Leach-Bliley Act (16 CFR 313.3(k)(2)(vi). Questioned costs: None. Cause: The College did not perform an IT risk assessment tailored specifically to the organization, identify risks, nor address risks identified as required by the Gramm-Leach-Bliley Act. Effect: The students’ personal information could be vulnerable. Recommendation: We recommend that the College designate an individual to oversee the information security function, engage a third party or perform the risk assessment for the three areas required by the Gramm-Leach-Bliley Act and ensure that there are documented safeguards for identified risks. Views of responsible officials and planned corrective actions: The College is implementing a new version of Jenzabar. Updated configuration will include updated security features. The planned completion date for the upgrades to the processes and systems is December 31, 2024. The responsible party is the Information Technology Director.
2022-005 (2021-008) – Endowment Documentation-—Material Weakness Federal Agency: Federal Program: Assistance Listing Nos: Department of Education Title: Higher Education Institutional Aid 84.031 Higher Education Institutional Aid Federal Award Number: Not Available Award Period: June 30, 2015-June 30, 2023 Name of Applicable Pass-Through Entity- Not applicable Condition: During the audit, information received from the Foundation as custodian for endowment resources reported a different endowment balance for the Title V endowment than the College recorded. Neither the College nor the Foundation could provide complete information on policies, procedures and support documentation on award requirements or reporting requirements. Management’s progress: The College plans to include the information for the Foundation with its audit which will enable management to reconcile information to ensure correct balances are available for reporting. Criteria or specific requirement: The Title V endowment was funded with federal funds of $125,000 and the Foundation raised and contributed matching funds of $125,000 to make a $250,000 corpus. The endowment corpus is restricted for a 20-year period. The endowment including matching funds is reported on the books of the College. Questioned Costs: None. Cause: It appears the Foundation reported the Title V corpus based on federal funds received and did not include the matching funds as part of the endowment. Effect: Without policies and procedures in place and correct records, management is unable to determine if appropriate funding has been received and may not receive all funding for which it is eligible. Recommendation: We recommend that the records for the endowment be brought in agreement and changes made at RBC as needed. The Foundation Board should adopt the Title V balance as correct at a meeting. Records should be compiled and retained in relation to the Federal grants on an ongoing basis. Views of responsible officials and planned corrective actions: The College plans to include the information for the Foundation with its audit which will enable management to reconcile information to ensure correct balances are available for reporting. The planned completion date for the upgrades to the processes and systems is December 31, 2024. The responsible party is the Finance Director.
2022-008 (2021-016) – Late Submission of Data Collection Form to Federal Audit Clearinghouse—Significant Deficiency Federal Agency: Federal Program: Assistance Listing No.: Department of Education Title: Student Financial Assistance Cluster Title: Higher Education Institutional Aid 84.063, 84.033, 84.007, 84.268, and 84.031 Federal Award Numbers: P033A208469(SEOG) P033A208469(FWS) P063P204871(PELL) P268K234871(FDSL) Award Period: July 1, 2021 to June 30, 2022 Name of Applicable Pass-Through Entity- Not applicable Condition: The College did not submit its data collection form for the year ending June 30, 2020, by the earlier of 30 days after release of the financial statements or nine months after the reporting period. It was submitted after the 30-day period but before the nine-month period. Additionally, the College did not submit its data collection form to the federal audit clearinghouse for the year ended June 30, 2021, by the last due date plus extensions after the end of the audit period. The Data collection form was required to be submitted by September 30, 2022. It was submitted after that date. Management’s progress: Progress with the FY2022 submission. Criteria of specific requirement: Per 200.512 (a)(1) of the Uniform Guidance, the Data Collection Form is required to be completed and submitted to the Federal Audit Clearinghouse within the earlier of 30 days after the issuance of the respective auditor’s reports or within nine months after the end of the audit period. Cause: Late FY2021 audit report and high staff-turnover which led to a late financial close that prevented the audit from being completed timely. Effect: The College was noncompliant with this requirement in relation to its federal funding. The College shall be subject to a high-risk assessment on its next single audit. Recommendation: We recommend that the system of financial close and reporting objectives and risks be identified, and the risks mitigated through strengthening the department. Views of responsible officials and planned corrective actions: The College is implementing a new version of Jenzabar. The new version will simplify processes and operations. Reports will be easier to access and tracking functions will notify users of missed operations. This will help to ensure that processes are running as required and are timely completed. The upgrade and improvements are expected to be implemented by December 31, 2024. The party responsible is the Finance Director.