2022 ? 001 Financial Responsibility Ratio (Student Financial Aid Cluster ? All programs) Criteria According to 34 CFR 668. 171(b)(1), an institution is considered to be financially responsible if the institution?s Equity, Primary Reserve, and Net Income ratios yield a composite score of at least 1.5. Condition The University?s composite score as of June 30, 2022 was below 1.5. Cause Noncompliance was caused by the University?s financial condition. Effect The University is not considered to be financially responsible. Questioned Cost There is no questioned cost related to this finding. Context During review of the University?s financial responsibility ratio calculation, we noted that it?s composite score as of June 30, 2022 was below 1.5. Identification as a Repeat Finding This finding is a repeat of finding 2021-001 and 2020-001 in the immediately prior two audits. Recommendation We recommend the University take appropriate steps to improve its financial condition to be compliant. Views of Responsible Officials We agree with the recommendation.
2022 ? 002 Gramm-Leach-Bliley Act (Student Financial Aid Cluster ? All programs) Criteria Under the University?s Program Participation Agreement and the Gramm-Leach-Bliley Act (GLBA), schools must protect student financial aid information, with particular attention to information provided to institutions by the Department or otherwise obtained in support of the administration of the federal student financial aid. According to 16 CFR 314.4(b), a school must identify reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of customer information that could result in the unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information, and assess the sufficiency of any safeguards in place to control these risks. At a minimum, such a risk assessment should include consideration of risks in each relevant area of your operations, including: 1. Employee training and management; 2. Information systems, including network and software design, as well as information processing, storage, transmission, and disposal; and 3. Detecting, preventing, and responding to attacks, intrusions, or other systems failures. Condition Although the University has documented various IT policies around access, they are not comprehensive enough to cover the Gramm-Leach-Bliley Act requirements around the process of identifying the internal and external risks to data security. Cause The University has not conducted a formal risk assessment since January 2021. Effect Student information may be at risk of unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information. Questioned Costs There were no questioned costs related to this finding. Context During our review of the University?s Information Technology system, we noted through inquiry that a formal risk assessment of the University?s documented safeguards had not been performed since January 2021. Recommendation We recommend that the University re-engage the outside resource to independently perform and develop a formal risk assessment, along with recommendations for remediation of any open items and/or deficiencies. Views of Responsible Officials We agree with the recommendation.
2022 ? 001 Financial Responsibility Ratio (Student Financial Aid Cluster ? All programs) Criteria According to 34 CFR 668. 171(b)(1), an institution is considered to be financially responsible if the institution?s Equity, Primary Reserve, and Net Income ratios yield a composite score of at least 1.5. Condition The University?s composite score as of June 30, 2022 was below 1.5. Cause Noncompliance was caused by the University?s financial condition. Effect The University is not considered to be financially responsible. Questioned Cost There is no questioned cost related to this finding. Context During review of the University?s financial responsibility ratio calculation, we noted that it?s composite score as of June 30, 2022 was below 1.5. Identification as a Repeat Finding This finding is a repeat of finding 2021-001 and 2020-001 in the immediately prior two audits. Recommendation We recommend the University take appropriate steps to improve its financial condition to be compliant. Views of Responsible Officials We agree with the recommendation.
2022 ? 002 Gramm-Leach-Bliley Act (Student Financial Aid Cluster ? All programs) Criteria Under the University?s Program Participation Agreement and the Gramm-Leach-Bliley Act (GLBA), schools must protect student financial aid information, with particular attention to information provided to institutions by the Department or otherwise obtained in support of the administration of the federal student financial aid. According to 16 CFR 314.4(b), a school must identify reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of customer information that could result in the unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information, and assess the sufficiency of any safeguards in place to control these risks. At a minimum, such a risk assessment should include consideration of risks in each relevant area of your operations, including: 1. Employee training and management; 2. Information systems, including network and software design, as well as information processing, storage, transmission, and disposal; and 3. Detecting, preventing, and responding to attacks, intrusions, or other systems failures. Condition Although the University has documented various IT policies around access, they are not comprehensive enough to cover the Gramm-Leach-Bliley Act requirements around the process of identifying the internal and external risks to data security. Cause The University has not conducted a formal risk assessment since January 2021. Effect Student information may be at risk of unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information. Questioned Costs There were no questioned costs related to this finding. Context During our review of the University?s Information Technology system, we noted through inquiry that a formal risk assessment of the University?s documented safeguards had not been performed since January 2021. Recommendation We recommend that the University re-engage the outside resource to independently perform and develop a formal risk assessment, along with recommendations for remediation of any open items and/or deficiencies. Views of Responsible Officials We agree with the recommendation.
2022 ? 001 Financial Responsibility Ratio (Student Financial Aid Cluster ? All programs) Criteria According to 34 CFR 668. 171(b)(1), an institution is considered to be financially responsible if the institution?s Equity, Primary Reserve, and Net Income ratios yield a composite score of at least 1.5. Condition The University?s composite score as of June 30, 2022 was below 1.5. Cause Noncompliance was caused by the University?s financial condition. Effect The University is not considered to be financially responsible. Questioned Cost There is no questioned cost related to this finding. Context During review of the University?s financial responsibility ratio calculation, we noted that it?s composite score as of June 30, 2022 was below 1.5. Identification as a Repeat Finding This finding is a repeat of finding 2021-001 and 2020-001 in the immediately prior two audits. Recommendation We recommend the University take appropriate steps to improve its financial condition to be compliant. Views of Responsible Officials We agree with the recommendation.
2022 ? 002 Gramm-Leach-Bliley Act (Student Financial Aid Cluster ? All programs) Criteria Under the University?s Program Participation Agreement and the Gramm-Leach-Bliley Act (GLBA), schools must protect student financial aid information, with particular attention to information provided to institutions by the Department or otherwise obtained in support of the administration of the federal student financial aid. According to 16 CFR 314.4(b), a school must identify reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of customer information that could result in the unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information, and assess the sufficiency of any safeguards in place to control these risks. At a minimum, such a risk assessment should include consideration of risks in each relevant area of your operations, including: 1. Employee training and management; 2. Information systems, including network and software design, as well as information processing, storage, transmission, and disposal; and 3. Detecting, preventing, and responding to attacks, intrusions, or other systems failures. Condition Although the University has documented various IT policies around access, they are not comprehensive enough to cover the Gramm-Leach-Bliley Act requirements around the process of identifying the internal and external risks to data security. Cause The University has not conducted a formal risk assessment since January 2021. Effect Student information may be at risk of unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information. Questioned Costs There were no questioned costs related to this finding. Context During our review of the University?s Information Technology system, we noted through inquiry that a formal risk assessment of the University?s documented safeguards had not been performed since January 2021. Recommendation We recommend that the University re-engage the outside resource to independently perform and develop a formal risk assessment, along with recommendations for remediation of any open items and/or deficiencies. Views of Responsible Officials We agree with the recommendation.
2022 ? 001 Financial Responsibility Ratio (Student Financial Aid Cluster ? All programs) Criteria According to 34 CFR 668. 171(b)(1), an institution is considered to be financially responsible if the institution?s Equity, Primary Reserve, and Net Income ratios yield a composite score of at least 1.5. Condition The University?s composite score as of June 30, 2022 was below 1.5. Cause Noncompliance was caused by the University?s financial condition. Effect The University is not considered to be financially responsible. Questioned Cost There is no questioned cost related to this finding. Context During review of the University?s financial responsibility ratio calculation, we noted that it?s composite score as of June 30, 2022 was below 1.5. Identification as a Repeat Finding This finding is a repeat of finding 2021-001 and 2020-001 in the immediately prior two audits. Recommendation We recommend the University take appropriate steps to improve its financial condition to be compliant. Views of Responsible Officials We agree with the recommendation.
2022 ? 002 Gramm-Leach-Bliley Act (Student Financial Aid Cluster ? All programs) Criteria Under the University?s Program Participation Agreement and the Gramm-Leach-Bliley Act (GLBA), schools must protect student financial aid information, with particular attention to information provided to institutions by the Department or otherwise obtained in support of the administration of the federal student financial aid. According to 16 CFR 314.4(b), a school must identify reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of customer information that could result in the unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information, and assess the sufficiency of any safeguards in place to control these risks. At a minimum, such a risk assessment should include consideration of risks in each relevant area of your operations, including: 1. Employee training and management; 2. Information systems, including network and software design, as well as information processing, storage, transmission, and disposal; and 3. Detecting, preventing, and responding to attacks, intrusions, or other systems failures. Condition Although the University has documented various IT policies around access, they are not comprehensive enough to cover the Gramm-Leach-Bliley Act requirements around the process of identifying the internal and external risks to data security. Cause The University has not conducted a formal risk assessment since January 2021. Effect Student information may be at risk of unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information. Questioned Costs There were no questioned costs related to this finding. Context During our review of the University?s Information Technology system, we noted through inquiry that a formal risk assessment of the University?s documented safeguards had not been performed since January 2021. Recommendation We recommend that the University re-engage the outside resource to independently perform and develop a formal risk assessment, along with recommendations for remediation of any open items and/or deficiencies. Views of Responsible Officials We agree with the recommendation.
2022 ? 001 Financial Responsibility Ratio (Student Financial Aid Cluster ? All programs) Criteria According to 34 CFR 668. 171(b)(1), an institution is considered to be financially responsible if the institution?s Equity, Primary Reserve, and Net Income ratios yield a composite score of at least 1.5. Condition The University?s composite score as of June 30, 2022 was below 1.5. Cause Noncompliance was caused by the University?s financial condition. Effect The University is not considered to be financially responsible. Questioned Cost There is no questioned cost related to this finding. Context During review of the University?s financial responsibility ratio calculation, we noted that it?s composite score as of June 30, 2022 was below 1.5. Identification as a Repeat Finding This finding is a repeat of finding 2021-001 and 2020-001 in the immediately prior two audits. Recommendation We recommend the University take appropriate steps to improve its financial condition to be compliant. Views of Responsible Officials We agree with the recommendation.
2022 ? 002 Gramm-Leach-Bliley Act (Student Financial Aid Cluster ? All programs) Criteria Under the University?s Program Participation Agreement and the Gramm-Leach-Bliley Act (GLBA), schools must protect student financial aid information, with particular attention to information provided to institutions by the Department or otherwise obtained in support of the administration of the federal student financial aid. According to 16 CFR 314.4(b), a school must identify reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of customer information that could result in the unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information, and assess the sufficiency of any safeguards in place to control these risks. At a minimum, such a risk assessment should include consideration of risks in each relevant area of your operations, including: 1. Employee training and management; 2. Information systems, including network and software design, as well as information processing, storage, transmission, and disposal; and 3. Detecting, preventing, and responding to attacks, intrusions, or other systems failures. Condition Although the University has documented various IT policies around access, they are not comprehensive enough to cover the Gramm-Leach-Bliley Act requirements around the process of identifying the internal and external risks to data security. Cause The University has not conducted a formal risk assessment since January 2021. Effect Student information may be at risk of unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information. Questioned Costs There were no questioned costs related to this finding. Context During our review of the University?s Information Technology system, we noted through inquiry that a formal risk assessment of the University?s documented safeguards had not been performed since January 2021. Recommendation We recommend that the University re-engage the outside resource to independently perform and develop a formal risk assessment, along with recommendations for remediation of any open items and/or deficiencies. Views of Responsible Officials We agree with the recommendation.
2022 ? 001 Financial Responsibility Ratio (Student Financial Aid Cluster ? All programs) Criteria According to 34 CFR 668. 171(b)(1), an institution is considered to be financially responsible if the institution?s Equity, Primary Reserve, and Net Income ratios yield a composite score of at least 1.5. Condition The University?s composite score as of June 30, 2022 was below 1.5. Cause Noncompliance was caused by the University?s financial condition. Effect The University is not considered to be financially responsible. Questioned Cost There is no questioned cost related to this finding. Context During review of the University?s financial responsibility ratio calculation, we noted that it?s composite score as of June 30, 2022 was below 1.5. Identification as a Repeat Finding This finding is a repeat of finding 2021-001 and 2020-001 in the immediately prior two audits. Recommendation We recommend the University take appropriate steps to improve its financial condition to be compliant. Views of Responsible Officials We agree with the recommendation.
2022 ? 002 Gramm-Leach-Bliley Act (Student Financial Aid Cluster ? All programs) Criteria Under the University?s Program Participation Agreement and the Gramm-Leach-Bliley Act (GLBA), schools must protect student financial aid information, with particular attention to information provided to institutions by the Department or otherwise obtained in support of the administration of the federal student financial aid. According to 16 CFR 314.4(b), a school must identify reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of customer information that could result in the unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information, and assess the sufficiency of any safeguards in place to control these risks. At a minimum, such a risk assessment should include consideration of risks in each relevant area of your operations, including: 1. Employee training and management; 2. Information systems, including network and software design, as well as information processing, storage, transmission, and disposal; and 3. Detecting, preventing, and responding to attacks, intrusions, or other systems failures. Condition Although the University has documented various IT policies around access, they are not comprehensive enough to cover the Gramm-Leach-Bliley Act requirements around the process of identifying the internal and external risks to data security. Cause The University has not conducted a formal risk assessment since January 2021. Effect Student information may be at risk of unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information. Questioned Costs There were no questioned costs related to this finding. Context During our review of the University?s Information Technology system, we noted through inquiry that a formal risk assessment of the University?s documented safeguards had not been performed since January 2021. Recommendation We recommend that the University re-engage the outside resource to independently perform and develop a formal risk assessment, along with recommendations for remediation of any open items and/or deficiencies. Views of Responsible Officials We agree with the recommendation.
2022 ? 001 Financial Responsibility Ratio (Student Financial Aid Cluster ? All programs) Criteria According to 34 CFR 668. 171(b)(1), an institution is considered to be financially responsible if the institution?s Equity, Primary Reserve, and Net Income ratios yield a composite score of at least 1.5. Condition The University?s composite score as of June 30, 2022 was below 1.5. Cause Noncompliance was caused by the University?s financial condition. Effect The University is not considered to be financially responsible. Questioned Cost There is no questioned cost related to this finding. Context During review of the University?s financial responsibility ratio calculation, we noted that it?s composite score as of June 30, 2022 was below 1.5. Identification as a Repeat Finding This finding is a repeat of finding 2021-001 and 2020-001 in the immediately prior two audits. Recommendation We recommend the University take appropriate steps to improve its financial condition to be compliant. Views of Responsible Officials We agree with the recommendation.
2022 ? 002 Gramm-Leach-Bliley Act (Student Financial Aid Cluster ? All programs) Criteria Under the University?s Program Participation Agreement and the Gramm-Leach-Bliley Act (GLBA), schools must protect student financial aid information, with particular attention to information provided to institutions by the Department or otherwise obtained in support of the administration of the federal student financial aid. According to 16 CFR 314.4(b), a school must identify reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of customer information that could result in the unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information, and assess the sufficiency of any safeguards in place to control these risks. At a minimum, such a risk assessment should include consideration of risks in each relevant area of your operations, including: 1. Employee training and management; 2. Information systems, including network and software design, as well as information processing, storage, transmission, and disposal; and 3. Detecting, preventing, and responding to attacks, intrusions, or other systems failures. Condition Although the University has documented various IT policies around access, they are not comprehensive enough to cover the Gramm-Leach-Bliley Act requirements around the process of identifying the internal and external risks to data security. Cause The University has not conducted a formal risk assessment since January 2021. Effect Student information may be at risk of unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information. Questioned Costs There were no questioned costs related to this finding. Context During our review of the University?s Information Technology system, we noted through inquiry that a formal risk assessment of the University?s documented safeguards had not been performed since January 2021. Recommendation We recommend that the University re-engage the outside resource to independently perform and develop a formal risk assessment, along with recommendations for remediation of any open items and/or deficiencies. Views of Responsible Officials We agree with the recommendation.
2022 ? 001 Financial Responsibility Ratio (Student Financial Aid Cluster ? All programs) Criteria According to 34 CFR 668. 171(b)(1), an institution is considered to be financially responsible if the institution?s Equity, Primary Reserve, and Net Income ratios yield a composite score of at least 1.5. Condition The University?s composite score as of June 30, 2022 was below 1.5. Cause Noncompliance was caused by the University?s financial condition. Effect The University is not considered to be financially responsible. Questioned Cost There is no questioned cost related to this finding. Context During review of the University?s financial responsibility ratio calculation, we noted that it?s composite score as of June 30, 2022 was below 1.5. Identification as a Repeat Finding This finding is a repeat of finding 2021-001 and 2020-001 in the immediately prior two audits. Recommendation We recommend the University take appropriate steps to improve its financial condition to be compliant. Views of Responsible Officials We agree with the recommendation.
2022 ? 002 Gramm-Leach-Bliley Act (Student Financial Aid Cluster ? All programs) Criteria Under the University?s Program Participation Agreement and the Gramm-Leach-Bliley Act (GLBA), schools must protect student financial aid information, with particular attention to information provided to institutions by the Department or otherwise obtained in support of the administration of the federal student financial aid. According to 16 CFR 314.4(b), a school must identify reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of customer information that could result in the unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information, and assess the sufficiency of any safeguards in place to control these risks. At a minimum, such a risk assessment should include consideration of risks in each relevant area of your operations, including: 1. Employee training and management; 2. Information systems, including network and software design, as well as information processing, storage, transmission, and disposal; and 3. Detecting, preventing, and responding to attacks, intrusions, or other systems failures. Condition Although the University has documented various IT policies around access, they are not comprehensive enough to cover the Gramm-Leach-Bliley Act requirements around the process of identifying the internal and external risks to data security. Cause The University has not conducted a formal risk assessment since January 2021. Effect Student information may be at risk of unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information. Questioned Costs There were no questioned costs related to this finding. Context During our review of the University?s Information Technology system, we noted through inquiry that a formal risk assessment of the University?s documented safeguards had not been performed since January 2021. Recommendation We recommend that the University re-engage the outside resource to independently perform and develop a formal risk assessment, along with recommendations for remediation of any open items and/or deficiencies. Views of Responsible Officials We agree with the recommendation.
2022 ? 001 Financial Responsibility Ratio (Student Financial Aid Cluster ? All programs) Criteria According to 34 CFR 668. 171(b)(1), an institution is considered to be financially responsible if the institution?s Equity, Primary Reserve, and Net Income ratios yield a composite score of at least 1.5. Condition The University?s composite score as of June 30, 2022 was below 1.5. Cause Noncompliance was caused by the University?s financial condition. Effect The University is not considered to be financially responsible. Questioned Cost There is no questioned cost related to this finding. Context During review of the University?s financial responsibility ratio calculation, we noted that it?s composite score as of June 30, 2022 was below 1.5. Identification as a Repeat Finding This finding is a repeat of finding 2021-001 and 2020-001 in the immediately prior two audits. Recommendation We recommend the University take appropriate steps to improve its financial condition to be compliant. Views of Responsible Officials We agree with the recommendation.
2022 ? 002 Gramm-Leach-Bliley Act (Student Financial Aid Cluster ? All programs) Criteria Under the University?s Program Participation Agreement and the Gramm-Leach-Bliley Act (GLBA), schools must protect student financial aid information, with particular attention to information provided to institutions by the Department or otherwise obtained in support of the administration of the federal student financial aid. According to 16 CFR 314.4(b), a school must identify reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of customer information that could result in the unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information, and assess the sufficiency of any safeguards in place to control these risks. At a minimum, such a risk assessment should include consideration of risks in each relevant area of your operations, including: 1. Employee training and management; 2. Information systems, including network and software design, as well as information processing, storage, transmission, and disposal; and 3. Detecting, preventing, and responding to attacks, intrusions, or other systems failures. Condition Although the University has documented various IT policies around access, they are not comprehensive enough to cover the Gramm-Leach-Bliley Act requirements around the process of identifying the internal and external risks to data security. Cause The University has not conducted a formal risk assessment since January 2021. Effect Student information may be at risk of unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information. Questioned Costs There were no questioned costs related to this finding. Context During our review of the University?s Information Technology system, we noted through inquiry that a formal risk assessment of the University?s documented safeguards had not been performed since January 2021. Recommendation We recommend that the University re-engage the outside resource to independently perform and develop a formal risk assessment, along with recommendations for remediation of any open items and/or deficiencies. Views of Responsible Officials We agree with the recommendation.
2022 ? 001 Financial Responsibility Ratio (Student Financial Aid Cluster ? All programs) Criteria According to 34 CFR 668. 171(b)(1), an institution is considered to be financially responsible if the institution?s Equity, Primary Reserve, and Net Income ratios yield a composite score of at least 1.5. Condition The University?s composite score as of June 30, 2022 was below 1.5. Cause Noncompliance was caused by the University?s financial condition. Effect The University is not considered to be financially responsible. Questioned Cost There is no questioned cost related to this finding. Context During review of the University?s financial responsibility ratio calculation, we noted that it?s composite score as of June 30, 2022 was below 1.5. Identification as a Repeat Finding This finding is a repeat of finding 2021-001 and 2020-001 in the immediately prior two audits. Recommendation We recommend the University take appropriate steps to improve its financial condition to be compliant. Views of Responsible Officials We agree with the recommendation.
2022 ? 002 Gramm-Leach-Bliley Act (Student Financial Aid Cluster ? All programs) Criteria Under the University?s Program Participation Agreement and the Gramm-Leach-Bliley Act (GLBA), schools must protect student financial aid information, with particular attention to information provided to institutions by the Department or otherwise obtained in support of the administration of the federal student financial aid. According to 16 CFR 314.4(b), a school must identify reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of customer information that could result in the unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information, and assess the sufficiency of any safeguards in place to control these risks. At a minimum, such a risk assessment should include consideration of risks in each relevant area of your operations, including: 1. Employee training and management; 2. Information systems, including network and software design, as well as information processing, storage, transmission, and disposal; and 3. Detecting, preventing, and responding to attacks, intrusions, or other systems failures. Condition Although the University has documented various IT policies around access, they are not comprehensive enough to cover the Gramm-Leach-Bliley Act requirements around the process of identifying the internal and external risks to data security. Cause The University has not conducted a formal risk assessment since January 2021. Effect Student information may be at risk of unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information. Questioned Costs There were no questioned costs related to this finding. Context During our review of the University?s Information Technology system, we noted through inquiry that a formal risk assessment of the University?s documented safeguards had not been performed since January 2021. Recommendation We recommend that the University re-engage the outside resource to independently perform and develop a formal risk assessment, along with recommendations for remediation of any open items and/or deficiencies. Views of Responsible Officials We agree with the recommendation.
2022 ? 001 Financial Responsibility Ratio (Student Financial Aid Cluster ? All programs) Criteria According to 34 CFR 668. 171(b)(1), an institution is considered to be financially responsible if the institution?s Equity, Primary Reserve, and Net Income ratios yield a composite score of at least 1.5. Condition The University?s composite score as of June 30, 2022 was below 1.5. Cause Noncompliance was caused by the University?s financial condition. Effect The University is not considered to be financially responsible. Questioned Cost There is no questioned cost related to this finding. Context During review of the University?s financial responsibility ratio calculation, we noted that it?s composite score as of June 30, 2022 was below 1.5. Identification as a Repeat Finding This finding is a repeat of finding 2021-001 and 2020-001 in the immediately prior two audits. Recommendation We recommend the University take appropriate steps to improve its financial condition to be compliant. Views of Responsible Officials We agree with the recommendation.
2022 ? 002 Gramm-Leach-Bliley Act (Student Financial Aid Cluster ? All programs) Criteria Under the University?s Program Participation Agreement and the Gramm-Leach-Bliley Act (GLBA), schools must protect student financial aid information, with particular attention to information provided to institutions by the Department or otherwise obtained in support of the administration of the federal student financial aid. According to 16 CFR 314.4(b), a school must identify reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of customer information that could result in the unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information, and assess the sufficiency of any safeguards in place to control these risks. At a minimum, such a risk assessment should include consideration of risks in each relevant area of your operations, including: 1. Employee training and management; 2. Information systems, including network and software design, as well as information processing, storage, transmission, and disposal; and 3. Detecting, preventing, and responding to attacks, intrusions, or other systems failures. Condition Although the University has documented various IT policies around access, they are not comprehensive enough to cover the Gramm-Leach-Bliley Act requirements around the process of identifying the internal and external risks to data security. Cause The University has not conducted a formal risk assessment since January 2021. Effect Student information may be at risk of unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information. Questioned Costs There were no questioned costs related to this finding. Context During our review of the University?s Information Technology system, we noted through inquiry that a formal risk assessment of the University?s documented safeguards had not been performed since January 2021. Recommendation We recommend that the University re-engage the outside resource to independently perform and develop a formal risk assessment, along with recommendations for remediation of any open items and/or deficiencies. Views of Responsible Officials We agree with the recommendation.
2022 ? 001 Financial Responsibility Ratio (Student Financial Aid Cluster ? All programs) Criteria According to 34 CFR 668. 171(b)(1), an institution is considered to be financially responsible if the institution?s Equity, Primary Reserve, and Net Income ratios yield a composite score of at least 1.5. Condition The University?s composite score as of June 30, 2022 was below 1.5. Cause Noncompliance was caused by the University?s financial condition. Effect The University is not considered to be financially responsible. Questioned Cost There is no questioned cost related to this finding. Context During review of the University?s financial responsibility ratio calculation, we noted that it?s composite score as of June 30, 2022 was below 1.5. Identification as a Repeat Finding This finding is a repeat of finding 2021-001 and 2020-001 in the immediately prior two audits. Recommendation We recommend the University take appropriate steps to improve its financial condition to be compliant. Views of Responsible Officials We agree with the recommendation.
2022 ? 002 Gramm-Leach-Bliley Act (Student Financial Aid Cluster ? All programs) Criteria Under the University?s Program Participation Agreement and the Gramm-Leach-Bliley Act (GLBA), schools must protect student financial aid information, with particular attention to information provided to institutions by the Department or otherwise obtained in support of the administration of the federal student financial aid. According to 16 CFR 314.4(b), a school must identify reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of customer information that could result in the unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information, and assess the sufficiency of any safeguards in place to control these risks. At a minimum, such a risk assessment should include consideration of risks in each relevant area of your operations, including: 1. Employee training and management; 2. Information systems, including network and software design, as well as information processing, storage, transmission, and disposal; and 3. Detecting, preventing, and responding to attacks, intrusions, or other systems failures. Condition Although the University has documented various IT policies around access, they are not comprehensive enough to cover the Gramm-Leach-Bliley Act requirements around the process of identifying the internal and external risks to data security. Cause The University has not conducted a formal risk assessment since January 2021. Effect Student information may be at risk of unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information. Questioned Costs There were no questioned costs related to this finding. Context During our review of the University?s Information Technology system, we noted through inquiry that a formal risk assessment of the University?s documented safeguards had not been performed since January 2021. Recommendation We recommend that the University re-engage the outside resource to independently perform and develop a formal risk assessment, along with recommendations for remediation of any open items and/or deficiencies. Views of Responsible Officials We agree with the recommendation.
2022 ? 001 Financial Responsibility Ratio (Student Financial Aid Cluster ? All programs) Criteria According to 34 CFR 668. 171(b)(1), an institution is considered to be financially responsible if the institution?s Equity, Primary Reserve, and Net Income ratios yield a composite score of at least 1.5. Condition The University?s composite score as of June 30, 2022 was below 1.5. Cause Noncompliance was caused by the University?s financial condition. Effect The University is not considered to be financially responsible. Questioned Cost There is no questioned cost related to this finding. Context During review of the University?s financial responsibility ratio calculation, we noted that it?s composite score as of June 30, 2022 was below 1.5. Identification as a Repeat Finding This finding is a repeat of finding 2021-001 and 2020-001 in the immediately prior two audits. Recommendation We recommend the University take appropriate steps to improve its financial condition to be compliant. Views of Responsible Officials We agree with the recommendation.
2022 ? 002 Gramm-Leach-Bliley Act (Student Financial Aid Cluster ? All programs) Criteria Under the University?s Program Participation Agreement and the Gramm-Leach-Bliley Act (GLBA), schools must protect student financial aid information, with particular attention to information provided to institutions by the Department or otherwise obtained in support of the administration of the federal student financial aid. According to 16 CFR 314.4(b), a school must identify reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of customer information that could result in the unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information, and assess the sufficiency of any safeguards in place to control these risks. At a minimum, such a risk assessment should include consideration of risks in each relevant area of your operations, including: 1. Employee training and management; 2. Information systems, including network and software design, as well as information processing, storage, transmission, and disposal; and 3. Detecting, preventing, and responding to attacks, intrusions, or other systems failures. Condition Although the University has documented various IT policies around access, they are not comprehensive enough to cover the Gramm-Leach-Bliley Act requirements around the process of identifying the internal and external risks to data security. Cause The University has not conducted a formal risk assessment since January 2021. Effect Student information may be at risk of unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information. Questioned Costs There were no questioned costs related to this finding. Context During our review of the University?s Information Technology system, we noted through inquiry that a formal risk assessment of the University?s documented safeguards had not been performed since January 2021. Recommendation We recommend that the University re-engage the outside resource to independently perform and develop a formal risk assessment, along with recommendations for remediation of any open items and/or deficiencies. Views of Responsible Officials We agree with the recommendation.
2022 ? 001 Financial Responsibility Ratio (Student Financial Aid Cluster ? All programs) Criteria According to 34 CFR 668. 171(b)(1), an institution is considered to be financially responsible if the institution?s Equity, Primary Reserve, and Net Income ratios yield a composite score of at least 1.5. Condition The University?s composite score as of June 30, 2022 was below 1.5. Cause Noncompliance was caused by the University?s financial condition. Effect The University is not considered to be financially responsible. Questioned Cost There is no questioned cost related to this finding. Context During review of the University?s financial responsibility ratio calculation, we noted that it?s composite score as of June 30, 2022 was below 1.5. Identification as a Repeat Finding This finding is a repeat of finding 2021-001 and 2020-001 in the immediately prior two audits. Recommendation We recommend the University take appropriate steps to improve its financial condition to be compliant. Views of Responsible Officials We agree with the recommendation.
2022 ? 002 Gramm-Leach-Bliley Act (Student Financial Aid Cluster ? All programs) Criteria Under the University?s Program Participation Agreement and the Gramm-Leach-Bliley Act (GLBA), schools must protect student financial aid information, with particular attention to information provided to institutions by the Department or otherwise obtained in support of the administration of the federal student financial aid. According to 16 CFR 314.4(b), a school must identify reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of customer information that could result in the unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information, and assess the sufficiency of any safeguards in place to control these risks. At a minimum, such a risk assessment should include consideration of risks in each relevant area of your operations, including: 1. Employee training and management; 2. Information systems, including network and software design, as well as information processing, storage, transmission, and disposal; and 3. Detecting, preventing, and responding to attacks, intrusions, or other systems failures. Condition Although the University has documented various IT policies around access, they are not comprehensive enough to cover the Gramm-Leach-Bliley Act requirements around the process of identifying the internal and external risks to data security. Cause The University has not conducted a formal risk assessment since January 2021. Effect Student information may be at risk of unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information. Questioned Costs There were no questioned costs related to this finding. Context During our review of the University?s Information Technology system, we noted through inquiry that a formal risk assessment of the University?s documented safeguards had not been performed since January 2021. Recommendation We recommend that the University re-engage the outside resource to independently perform and develop a formal risk assessment, along with recommendations for remediation of any open items and/or deficiencies. Views of Responsible Officials We agree with the recommendation.
2022 ? 001 Financial Responsibility Ratio (Student Financial Aid Cluster ? All programs) Criteria According to 34 CFR 668. 171(b)(1), an institution is considered to be financially responsible if the institution?s Equity, Primary Reserve, and Net Income ratios yield a composite score of at least 1.5. Condition The University?s composite score as of June 30, 2022 was below 1.5. Cause Noncompliance was caused by the University?s financial condition. Effect The University is not considered to be financially responsible. Questioned Cost There is no questioned cost related to this finding. Context During review of the University?s financial responsibility ratio calculation, we noted that it?s composite score as of June 30, 2022 was below 1.5. Identification as a Repeat Finding This finding is a repeat of finding 2021-001 and 2020-001 in the immediately prior two audits. Recommendation We recommend the University take appropriate steps to improve its financial condition to be compliant. Views of Responsible Officials We agree with the recommendation.
2022 ? 002 Gramm-Leach-Bliley Act (Student Financial Aid Cluster ? All programs) Criteria Under the University?s Program Participation Agreement and the Gramm-Leach-Bliley Act (GLBA), schools must protect student financial aid information, with particular attention to information provided to institutions by the Department or otherwise obtained in support of the administration of the federal student financial aid. According to 16 CFR 314.4(b), a school must identify reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of customer information that could result in the unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information, and assess the sufficiency of any safeguards in place to control these risks. At a minimum, such a risk assessment should include consideration of risks in each relevant area of your operations, including: 1. Employee training and management; 2. Information systems, including network and software design, as well as information processing, storage, transmission, and disposal; and 3. Detecting, preventing, and responding to attacks, intrusions, or other systems failures. Condition Although the University has documented various IT policies around access, they are not comprehensive enough to cover the Gramm-Leach-Bliley Act requirements around the process of identifying the internal and external risks to data security. Cause The University has not conducted a formal risk assessment since January 2021. Effect Student information may be at risk of unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information. Questioned Costs There were no questioned costs related to this finding. Context During our review of the University?s Information Technology system, we noted through inquiry that a formal risk assessment of the University?s documented safeguards had not been performed since January 2021. Recommendation We recommend that the University re-engage the outside resource to independently perform and develop a formal risk assessment, along with recommendations for remediation of any open items and/or deficiencies. Views of Responsible Officials We agree with the recommendation.
2022 ? 001 Financial Responsibility Ratio (Student Financial Aid Cluster ? All programs) Criteria According to 34 CFR 668. 171(b)(1), an institution is considered to be financially responsible if the institution?s Equity, Primary Reserve, and Net Income ratios yield a composite score of at least 1.5. Condition The University?s composite score as of June 30, 2022 was below 1.5. Cause Noncompliance was caused by the University?s financial condition. Effect The University is not considered to be financially responsible. Questioned Cost There is no questioned cost related to this finding. Context During review of the University?s financial responsibility ratio calculation, we noted that it?s composite score as of June 30, 2022 was below 1.5. Identification as a Repeat Finding This finding is a repeat of finding 2021-001 and 2020-001 in the immediately prior two audits. Recommendation We recommend the University take appropriate steps to improve its financial condition to be compliant. Views of Responsible Officials We agree with the recommendation.
2022 ? 002 Gramm-Leach-Bliley Act (Student Financial Aid Cluster ? All programs) Criteria Under the University?s Program Participation Agreement and the Gramm-Leach-Bliley Act (GLBA), schools must protect student financial aid information, with particular attention to information provided to institutions by the Department or otherwise obtained in support of the administration of the federal student financial aid. According to 16 CFR 314.4(b), a school must identify reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of customer information that could result in the unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information, and assess the sufficiency of any safeguards in place to control these risks. At a minimum, such a risk assessment should include consideration of risks in each relevant area of your operations, including: 1. Employee training and management; 2. Information systems, including network and software design, as well as information processing, storage, transmission, and disposal; and 3. Detecting, preventing, and responding to attacks, intrusions, or other systems failures. Condition Although the University has documented various IT policies around access, they are not comprehensive enough to cover the Gramm-Leach-Bliley Act requirements around the process of identifying the internal and external risks to data security. Cause The University has not conducted a formal risk assessment since January 2021. Effect Student information may be at risk of unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information. Questioned Costs There were no questioned costs related to this finding. Context During our review of the University?s Information Technology system, we noted through inquiry that a formal risk assessment of the University?s documented safeguards had not been performed since January 2021. Recommendation We recommend that the University re-engage the outside resource to independently perform and develop a formal risk assessment, along with recommendations for remediation of any open items and/or deficiencies. Views of Responsible Officials We agree with the recommendation.
2022 ? 001 Financial Responsibility Ratio (Student Financial Aid Cluster ? All programs) Criteria According to 34 CFR 668. 171(b)(1), an institution is considered to be financially responsible if the institution?s Equity, Primary Reserve, and Net Income ratios yield a composite score of at least 1.5. Condition The University?s composite score as of June 30, 2022 was below 1.5. Cause Noncompliance was caused by the University?s financial condition. Effect The University is not considered to be financially responsible. Questioned Cost There is no questioned cost related to this finding. Context During review of the University?s financial responsibility ratio calculation, we noted that it?s composite score as of June 30, 2022 was below 1.5. Identification as a Repeat Finding This finding is a repeat of finding 2021-001 and 2020-001 in the immediately prior two audits. Recommendation We recommend the University take appropriate steps to improve its financial condition to be compliant. Views of Responsible Officials We agree with the recommendation.
2022 ? 002 Gramm-Leach-Bliley Act (Student Financial Aid Cluster ? All programs) Criteria Under the University?s Program Participation Agreement and the Gramm-Leach-Bliley Act (GLBA), schools must protect student financial aid information, with particular attention to information provided to institutions by the Department or otherwise obtained in support of the administration of the federal student financial aid. According to 16 CFR 314.4(b), a school must identify reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of customer information that could result in the unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information, and assess the sufficiency of any safeguards in place to control these risks. At a minimum, such a risk assessment should include consideration of risks in each relevant area of your operations, including: 1. Employee training and management; 2. Information systems, including network and software design, as well as information processing, storage, transmission, and disposal; and 3. Detecting, preventing, and responding to attacks, intrusions, or other systems failures. Condition Although the University has documented various IT policies around access, they are not comprehensive enough to cover the Gramm-Leach-Bliley Act requirements around the process of identifying the internal and external risks to data security. Cause The University has not conducted a formal risk assessment since January 2021. Effect Student information may be at risk of unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information. Questioned Costs There were no questioned costs related to this finding. Context During our review of the University?s Information Technology system, we noted through inquiry that a formal risk assessment of the University?s documented safeguards had not been performed since January 2021. Recommendation We recommend that the University re-engage the outside resource to independently perform and develop a formal risk assessment, along with recommendations for remediation of any open items and/or deficiencies. Views of Responsible Officials We agree with the recommendation.
2022 ? 001 Financial Responsibility Ratio (Student Financial Aid Cluster ? All programs) Criteria According to 34 CFR 668. 171(b)(1), an institution is considered to be financially responsible if the institution?s Equity, Primary Reserve, and Net Income ratios yield a composite score of at least 1.5. Condition The University?s composite score as of June 30, 2022 was below 1.5. Cause Noncompliance was caused by the University?s financial condition. Effect The University is not considered to be financially responsible. Questioned Cost There is no questioned cost related to this finding. Context During review of the University?s financial responsibility ratio calculation, we noted that it?s composite score as of June 30, 2022 was below 1.5. Identification as a Repeat Finding This finding is a repeat of finding 2021-001 and 2020-001 in the immediately prior two audits. Recommendation We recommend the University take appropriate steps to improve its financial condition to be compliant. Views of Responsible Officials We agree with the recommendation.
2022 ? 002 Gramm-Leach-Bliley Act (Student Financial Aid Cluster ? All programs) Criteria Under the University?s Program Participation Agreement and the Gramm-Leach-Bliley Act (GLBA), schools must protect student financial aid information, with particular attention to information provided to institutions by the Department or otherwise obtained in support of the administration of the federal student financial aid. According to 16 CFR 314.4(b), a school must identify reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of customer information that could result in the unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information, and assess the sufficiency of any safeguards in place to control these risks. At a minimum, such a risk assessment should include consideration of risks in each relevant area of your operations, including: 1. Employee training and management; 2. Information systems, including network and software design, as well as information processing, storage, transmission, and disposal; and 3. Detecting, preventing, and responding to attacks, intrusions, or other systems failures. Condition Although the University has documented various IT policies around access, they are not comprehensive enough to cover the Gramm-Leach-Bliley Act requirements around the process of identifying the internal and external risks to data security. Cause The University has not conducted a formal risk assessment since January 2021. Effect Student information may be at risk of unauthorized disclosure, misuse, alteration, destruction, or other compromise of such information. Questioned Costs There were no questioned costs related to this finding. Context During our review of the University?s Information Technology system, we noted through inquiry that a formal risk assessment of the University?s documented safeguards had not been performed since January 2021. Recommendation We recommend that the University re-engage the outside resource to independently perform and develop a formal risk assessment, along with recommendations for remediation of any open items and/or deficiencies. Views of Responsible Officials We agree with the recommendation.