FAC Explorer

Corrective Action Plans

Browse how organizations respond to audit findings

Total CAPs
55,924
In database
Filtered Results
9,427
Matching current filters
Showing Page
234 of 378
25 per page

Filters

Clear
Active filters: Significant Deficiency
Finding 377303 (2023-004)
Significant Deficiency 2023
Floyd County Medical Center
IA
Allowable Costs / Cost Principles Eligibility Significant Deficiency § 200.303
Federal Agency Name: Department of Health and Human Services Program Name: COVID‐19 Provider Relief Fund and American Rescue Plan (ARP) Rural Distribution Applicable Federal Award Number and Year – Period 4 TIN #420868216 Federal Financial Assistance Listing #93.498 Compliance Requirement: Activitie...
Federal Agency Name: Department of Health and Human Services Program Name: COVID‐19 Provider Relief Fund and American Rescue Plan (ARP) Rural Distribution Applicable Federal Award Number and Year – Period 4 TIN #420868216 Federal Financial Assistance Listing #93.498 Compliance Requirement: Activities Allowed or Unallowed and Allowable Costs/Cost Principles Finding Summary: The Hospital claimed expenses in the HHS special report for Period 4 that were related to services to be performed after the period of availability. Responsible Individuals: Craig Carstens, CFO Corrective Action Plan: Management agrees with the findings. Management will ensure that all expenses claimed are properly documented and supported by appropriate documentation, including invoices, receipts, and service agreements. Management will provide training and education to relevant staff members responsible for preparing and submitting expense claims to ensure they understand the period of availability and the importance of accurate reporting. Management will implement controls and procedures to prevent similar errors in the future. This may include implementing a review process for expense claims to ensure compliance with reporting requirements. Management will communicate the importance of accurate reporting and adherence to reporting equirements to all relevant staff members. Emphasize the impact of inaccurate reporting on the hospital's reputation and compliance status. Management will Establish a system for ongoing monitoring and oversight of expense reporting processes to identify and address any issues or discrepancies in a timely manner. Anticipated Completion Date: 2/26/2024.
View Audit 295111
Finding 377298 (2023-109)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Subrecipient Monitoring Reporting Significant Deficiency
Responsible Contact Person(s): Kassandra Bullock, Director of Grants Management DeAndrea Williams, Grants Admin Supervisor Joseph Thompson, Grants Compliance Supervisor John Colligan, Director of Finance and Administration Corrective Action Planned: An internal compliance review has been implemented...
Responsible Contact Person(s): Kassandra Bullock, Director of Grants Management DeAndrea Williams, Grants Admin Supervisor Joseph Thompson, Grants Compliance Supervisor John Colligan, Director of Finance and Administration Corrective Action Planned: An internal compliance review has been implemented to ensure accuracy and timely reporting of FFATA data. Data is confirmed prior to upload by the Grants Compliance Team to address errors, missing information, and conflicting dates. Training has occurred via the Federal Funding Accountability and Transparency Act Subaward Reporting System (FSRS) by Grants Admin staff. Additionally all changes in statements of grant awards (SOGA) will be reviewed and reissued when needed and data re-entered to ensure FFATA correlates with SOGA. Estimated Completion Date: 1/26/2024
View Audit 295106
Finding 377290 (2023-107)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Subrecipient Monitoring Matching / Level of Effort / Earmarking Reporting § 200.303
Responsible Contact Person(s): Ida Witherspoon, Chief Financial Officer Corrective Action Planned: Send periodic e-mail reminders to program staff responsible for submitting FFATA data to the Federal Reporting Unit for submission to the federal government. Additional time is needed to fully impleme...
Responsible Contact Person(s): Ida Witherspoon, Chief Financial Officer Corrective Action Planned: Send periodic e-mail reminders to program staff responsible for submitting FFATA data to the Federal Reporting Unit for submission to the federal government. Additional time is needed to fully implement an automated solution. Estimated Completion Date: 10/30/2024
View Audit 295106
Finding 377287 (2023-106)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Subrecipient Monitoring Reporting Significant Deficiency § 200.303
Responsible Contact Person(s): Angela Morse, Director of Benefit Programs Frank Smith, Associate Director of Benefit Programs Corrective Action Planned: DSS will perform an analysis of identified reporting errors to determine causality and the appropriate actions to resolve reporting errors. Additio...
Responsible Contact Person(s): Angela Morse, Director of Benefit Programs Frank Smith, Associate Director of Benefit Programs Corrective Action Planned: DSS will perform an analysis of identified reporting errors to determine causality and the appropriate actions to resolve reporting errors. Additionally, DSS will create a systems modification request to correct errors that are identified as occurring as a result of inaccurate programming in the data modification phase of federal report creation. Estimated Completion Date: 12/31/2024
View Audit 295106
Finding 377280 (2023-103)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Questioned Costs Subrecipient Monitoring Eligibility § 200.303
Responsible Contact Person(s): Angela Morse, Director of Benefit Programs Frank Smith, Associate Director Senior Benefit Programs Denise Surber, EAP Manager - Division of Benefit Programs Corrective Action Planned: DSS will work to provide additional training to local agency eligibility workers on h...
Responsible Contact Person(s): Angela Morse, Director of Benefit Programs Frank Smith, Associate Director Senior Benefit Programs Denise Surber, EAP Manager - Division of Benefit Programs Corrective Action Planned: DSS will work to provide additional training to local agency eligibility workers on how to properly determine and document eligibility determinations in the case management system. Additionally, DSS will consider monitoring local agency eligibility worker’s use of manual overrides to confirm that they properly document eligibility determinations in the case management system. Estimated Completion Date: 12/31/2024
View Audit 295106 Questioned Costs: $1
Finding 376168 (2023-086)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Internal Control / Segregation of Duties Subrecipient Monitoring Significant Deficiency § 200.303
Responsible Contact Person(s): Steve Hanoka, Chief Information Security Officer Corrective Action Planned: This finding was marked as FOIA Exempt (FOIAE) and as a result, the State Comptroller has determined that the resulting corrective actions are FOIAE under §2.2-3705.2 (9.) of the Code of Virgin...
Responsible Contact Person(s): Steve Hanoka, Chief Information Security Officer Corrective Action Planned: This finding was marked as FOIA Exempt (FOIAE) and as a result, the State Comptroller has determined that the resulting corrective actions are FOIAE under §2.2-3705.2 (9.) of the Code of Virginia. Federal awarding agencies and pass-through entities, please see the Appendix titled “Applicable Management Contacts for Findings and Questioned Costs” to request the corrective action planned from the applicable entity. Estimated Completion Date: 4/1/2024
View Audit 295106
Finding 376165 (2023-085)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Internal Control / Segregation of Duties Reporting Significant Deficiency § 200.303
Responsible Contact Person(s): Kevin Platea, Chief Information Officer Corrective Action Planned: DSS has 15 plus applications that are in active oversight; IT Business Administration is in receipt of the required SOC 2, Type 2 reports. However, additional requirements to capture the SOC 1, Type 2 ...
Responsible Contact Person(s): Kevin Platea, Chief Information Officer Corrective Action Planned: DSS has 15 plus applications that are in active oversight; IT Business Administration is in receipt of the required SOC 2, Type 2 reports. However, additional requirements to capture the SOC 1, Type 2 reports have not yet been accomplished. Several SOC reports were not captured by VITA and then provided to DSS for review. Additional requirements to capture SOC 1, Type 2 reports have been identified and VITA is requesting this information of the providers. Estimated Completion Date: 12/31/2024
View Audit 295106
Finding 376162 (2023-072)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Subrecipient Monitoring Reporting Significant Deficiency § 200.303
Responsible Contact Person(s): Naveen Abraham, Chief Core Infrastructure Services Corrective Action Planned: Ensuring that infrastructure suppliers fulfill all contractual requirements with respect to Commonwealth security policies and standards necessitates a programmatic, continuous improvement ap...
Responsible Contact Person(s): Naveen Abraham, Chief Core Infrastructure Services Corrective Action Planned: Ensuring that infrastructure suppliers fulfill all contractual requirements with respect to Commonwealth security policies and standards necessitates a programmatic, continuous improvement approach. VITA has made improved cybersecurity a primary goal and major initiatives have completed and are underway. VITA has established a scoring mechanism, based on the Common Vulnerability Scoring System (CVSS), that delineates the necessary response based on the criticality of the vulnerability (critical, high, and medium). For vulnerabilities with a CVSS score of (critical and high), service level agreement (SLA) 1.1.3 is now in place to measure supplier performance and adjust supplier compensation accordingly through SLA credits and RCDs. For vulnerabilities below the critical and high score, in Q4 of 2023, suppliers started providing data in a quarterly report to the MSI and VITA. The new SLAs combined with the reports of vulnerabilities below the critical and high score are used to ensure suppliers’ contractual compliance. VITA’s data shows that patches for software on the enterprise software list are being applied on an ongoing basis. VITA will work with agencies and suppliers if there are any new technical difficulties or questions about patching. New tools are now available to agencies so that they can monitor and verify the remediation of the vulnerabilities for which infrastructure suppliers are responsible. Dashboards have also been provided to the suppliers so that they can review a shared and common vulnerability list. VITA and the suppliers monitor and review enterprise level logs and security events on behalf of customer agencies through the system dashboard and a 24x7 Security Operations Center. The dashboard is available for access by agencies as of Q4 2023. VITA will continue to monitor and improve the security of infrastructure services through ongoing governance, including the requirements of architecture documentation, system security plans, and audit reports. VITA’s infrastructure services group will work with the VITA security group to confirm that the current state achieves security standards compliance. Estimated Completion Date: 6/30/2024
View Audit 295106
Finding 376159 (2023-066)
Significant Deficiency 2023
Commonwealth of Virginia
VA
HUD Housing Programs Significant Deficiency Internal Control / Segregation of Duties § 200.303
Responsible Contact Person(s): Kevin Platea, Chief Information Officer Stephen Schleck, Associate Director of Enterprise Business Solutions Corrective Action Planned: A Change Request for the case management system was developed 2 years ago and DSS is reviewing the change request to determine a stat...
Responsible Contact Person(s): Kevin Platea, Chief Information Officer Stephen Schleck, Associate Director of Enterprise Business Solutions Corrective Action Planned: A Change Request for the case management system was developed 2 years ago and DSS is reviewing the change request to determine a status. It was agreed by Line of Business and ITS EBS & a vendor (the systems provider) that there will be an iterative approach to completing the record retention and purge rules for implementation in the case management system. Estimated Completion Date: 12/31/2024
View Audit 295106
Finding 376134 (2023-061)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Significant Deficiency Internal Control / Segregation of Duties § 200.303
Responsible Contact Person(s): Diane Carnohan, Chief Information Security Officer Corrective Action Planned: This finding was marked as FOIA Exempt (FOIAE) and as a result, the State Comptroller has determined that the resulting corrective actions are FOIAE under §2.2-3705.2 (9.) of the Code of Virg...
Responsible Contact Person(s): Diane Carnohan, Chief Information Security Officer Corrective Action Planned: This finding was marked as FOIA Exempt (FOIAE) and as a result, the State Comptroller has determined that the resulting corrective actions are FOIAE under §2.2-3705.2 (9.) of the Code of Virginia. Federal awarding agencies and pass-through entities, please see the Appendix titled “Applicable Management Contacts for Findings and Questioned Costs” to request the corrective action planned from the applicable entity. Estimated Completion Date: 6/1/2024
View Audit 295106
Finding 376131 (2023-058)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Significant Deficiency Internal Control / Segregation of Duties § 200.303
Responsible Contact Person(s): Kevin Platea, Chief Information Officer Corrective Action Planned: This finding was marked as FOIA Exempt (FOIAE) and as a result, the State Comptroller has determined that the resulting corrective actions are FOIAE under §2.2-3705.2 (9.) of the Code of Virginia. Fede...
Responsible Contact Person(s): Kevin Platea, Chief Information Officer Corrective Action Planned: This finding was marked as FOIA Exempt (FOIAE) and as a result, the State Comptroller has determined that the resulting corrective actions are FOIAE under §2.2-3705.2 (9.) of the Code of Virginia. Federal awarding agencies and pass-through entities, please see the Appendix titled “Applicable Management Contacts for Findings and Questioned Costs” to request the corrective action planned from the applicable entity. Estimated Completion Date: 12/31/2024
View Audit 295106
Finding 376128 (2023-056)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Internal Control / Segregation of Duties Significant Deficiency § 200.303
Responsible Contact Person(s): Barry Davis, Chief Information Security Officer and Director of Information Security & Risk Management John Vosper, Information Technology Audit Manager Corrective Action Planned: DSS has contracted with a contractor to perform IT audits once every three years on an on...
Responsible Contact Person(s): Barry Davis, Chief Information Security Officer and Director of Information Security & Risk Management John Vosper, Information Technology Audit Manager Corrective Action Planned: DSS has contracted with a contractor to perform IT audits once every three years on an ongoing rotating basis. Estimated Completion Date: 12/31/2023
View Audit 295106
Finding 376125 (2023-055)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Internal Control / Segregation of Duties Special Tests & Provisions Significant Deficiency
Responsible Contact Person(s): Mike Jones, Chief Information Officer Corrective Action Planned: The vendor started the security audit in September 2023 and completed in December 2023. The report was sent to DMAS in February 2024. Next steps- The report needs to be reviewed and the Contract Administ...
Responsible Contact Person(s): Mike Jones, Chief Information Officer Corrective Action Planned: The vendor started the security audit in September 2023 and completed in December 2023. The report was sent to DMAS in February 2024. Next steps- The report needs to be reviewed and the Contract Administrator will work with the vendor to ensure Plan of Action and Milestones (POAMs) are completed to address the risks and control gaps. The Contract Administrator will monitor the vendor to ensure the vendor meets to terms of the contract and submits a security audit every two years. Estimated Completion Date: 6/30/2024
View Audit 295106
Finding 376123 (2023-051)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Significant Deficiency Internal Control / Segregation of Duties § 200.303
Responsible Contact Person(s): David Clark, Information Security Officer Corrective Action Planned: The Information Security Unit has documented a process for the types of changes that trigger a security impact analysis (SIA) as well as a request form for a security impact review. Part of the SIA pr...
Responsible Contact Person(s): David Clark, Information Security Officer Corrective Action Planned: The Information Security Unit has documented a process for the types of changes that trigger a security impact analysis (SIA) as well as a request form for a security impact review. Part of the SIA process will be to determine if pre-implementation testing is required. The Information Security Unit will retain documentation in accordance with the Configuration Management Policy. Once the processes are further defined, the Information Security Unit will update the Configuration Management Policy & Procedures. Estimated Completion Date: 3/31/2024
View Audit 295106
Finding 376120 (2023-049)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Significant Deficiency Internal Control / Segregation of Duties § 200.303
Responsible Contact Person(s): Kevin Platea, Chief Information Officer Corrective Action Planned: This finding was marked as FOIA Exempt (FOIAE) and as a result, the State Comptroller has determined that the resulting corrective actions are FOIAE under §2.2-3705.2 (9.) of the Code of Virginia. Fede...
Responsible Contact Person(s): Kevin Platea, Chief Information Officer Corrective Action Planned: This finding was marked as FOIA Exempt (FOIAE) and as a result, the State Comptroller has determined that the resulting corrective actions are FOIAE under §2.2-3705.2 (9.) of the Code of Virginia. Federal awarding agencies and pass-through entities, please see the Appendix titled “Applicable Management Contacts for Findings and Questioned Costs” to request the corrective action planned from the applicable entity. Estimated Completion Date: 6/30/2024
View Audit 295106
Finding 376117 (2023-043)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Reporting Significant Deficiency Internal Control / Segregation of Duties § 200.303
Responsible Contact Person(s): Barry Davis, Chief Information Security Officer and Director of Information Security & Risk Management Melinda Raines, Director of Human Resources Karen Holt, Human Resources Business Process Consultant Corrective Action Planned: An agency-wide work group will be estab...
Responsible Contact Person(s): Barry Davis, Chief Information Security Officer and Director of Information Security & Risk Management Melinda Raines, Director of Human Resources Karen Holt, Human Resources Business Process Consultant Corrective Action Planned: An agency-wide work group will be established to determine the exact processes need to implement the controls necessary to address this finding. HR and ISRM have identified the need for new reporting and interfaces to regain compliance. DSS had deployed DOA human capital management system and an internal system that will need to have interfaces developed. Estimated Completion Date: 6/30/2024
View Audit 295106
Finding 376114 (2023-036)
Significant Deficiency 2023
Commonwealth of Virginia
VA
HUD Housing Programs Significant Deficiency Internal Control / Segregation of Duties § 200.303
Responsible Contact Person(s): Mike Jones, Chief Information Officer Steve Hanoka, Chief Information Security Officer Corrective Action Planned: The 2023 Annual Access Review for the claims processing system through secure web application surveys began in the 4th Quarter 2023. Three separate surve...
Responsible Contact Person(s): Mike Jones, Chief Information Officer Steve Hanoka, Chief Information Security Officer Corrective Action Planned: The 2023 Annual Access Review for the claims processing system through secure web application surveys began in the 4th Quarter 2023. Three separate surveys were sent to perform access review for DSS, Contractor and DMAS Internal access review. • DSS annual review sent on November 9, 2023 and ended on November 20, 2023 • Contractor review sent on November 30, 2023 and ended on December 15, 2023 • DMAS review sent on December 15, 2023 and ended on January 13, 2024 All 3 surveys requested managers to review their employees access and confirm if it was required or if the access should be revoked. Survey results are available to perform follow up actions. DMAS Security is currently reviewing the survey results and revoking access where requested. Estimated Completion Date: 6/30/2024
View Audit 295106
Finding 376111 (2023-035)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Eligibility HUD Housing Programs Significant Deficiency § 200.303
Responsible Contact Person(s): Barry Davis, Chief Information Security Officer and Director of Information Security & Risk Management Steve McCauley, Assistant Division Director Corrective Action Planned: DSS will perform an annual access review of user accounts for the case management system. Estim...
Responsible Contact Person(s): Barry Davis, Chief Information Security Officer and Director of Information Security & Risk Management Steve McCauley, Assistant Division Director Corrective Action Planned: DSS will perform an annual access review of user accounts for the case management system. Estimated Completion Date: 12/31/2024
View Audit 295106
Finding 376108 (2023-034)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Internal Control / Segregation of Duties Eligibility HUD Housing Programs § 200.303
Responsible Contact Person(s): Angela Morse, Director of Benefit Programs Kavansa Gardner, Information Technology Manager Corrective Action Planned: DSS will perform and document a conflicting access review for the case management system to identify the combinations of roles that could pose separat...
Responsible Contact Person(s): Angela Morse, Director of Benefit Programs Kavansa Gardner, Information Technology Manager Corrective Action Planned: DSS will perform and document a conflicting access review for the case management system to identify the combinations of roles that could pose separation of duties conflicts and ensure compensating controls are in place to mitigate risks arising from those conflicts. Additionally, DSS will work with a vendor to update the role-based security access documentation to reflect all system changes from prior case management system related releases when there are proposed changes to the roles matrix. Estimated Completion Date: 12/31/2024
View Audit 295106
Finding 376080 (2023-022)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Subrecipient Monitoring Significant Deficiency Internal Control / Segregation of Duties § 200.303
Responsible Contact Person(s): Diane Carnohan, Chief Information Security Officer Corrective Action Planned: This finding was marked as FOIA Exempt (FOIAE) and as a result, the State Comptroller has determined that the resulting corrective actions are FOIAE under §2.2-3705.2 (9.) of the Code of Virg...
Responsible Contact Person(s): Diane Carnohan, Chief Information Security Officer Corrective Action Planned: This finding was marked as FOIA Exempt (FOIAE) and as a result, the State Comptroller has determined that the resulting corrective actions are FOIAE under §2.2-3705.2 (9.) of the Code of Virginia. Federal awarding agencies and pass-through entities, please see the Appendix titled “Applicable Management Contacts for Findings and Questioned Costs” to request the corrective action planned from the applicable entity. Estimated Completion Date: 12/31/2024
View Audit 295106
Finding 376077 (2023-015)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Subrecipient Monitoring Significant Deficiency Internal Control / Segregation of Duties § 200.303
Responsible Contact Person(s): Kevin Platea, Chief Information Officer Corrective Action Planned: This finding was marked as FOIA Exempt (FOIAE) and as a result, the State Comptroller has determined that the resulting corrective actions are FOIAE under §2.2-3705.2 (9.) of the Code of Virginia. Fede...
Responsible Contact Person(s): Kevin Platea, Chief Information Officer Corrective Action Planned: This finding was marked as FOIA Exempt (FOIAE) and as a result, the State Comptroller has determined that the resulting corrective actions are FOIAE under §2.2-3705.2 (9.) of the Code of Virginia. Federal awarding agencies and pass-through entities, please see the Appendix titled “Applicable Management Contacts for Findings and Questioned Costs” to request the corrective action planned from the applicable entity. Estimated Completion Date: 12/31/2024
View Audit 295106
Finding 376074 (2023-014)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Subrecipient Monitoring Significant Deficiency Internal Control / Segregation of Duties § 200.303
Responsible Contact Person(s): Barry Davis, Chief Information Security Officer and Director of Information Security & Risk Management Kevin Platea, Chief Information Officer Corrective Action Planned: To improve the governance structure of the agency, ISRM Division Leadership is working with a vendo...
Responsible Contact Person(s): Barry Davis, Chief Information Security Officer and Director of Information Security & Risk Management Kevin Platea, Chief Information Officer Corrective Action Planned: To improve the governance structure of the agency, ISRM Division Leadership is working with a vendor to address the division’s responsibility around defining and communicating the Security and Risk Management program. The goal is to educate the agency System Owners, Data Owners, System Administrators, System User, and Data Custodians as to their roles and responsibilities in managing risk associated with agency data and systems. The Division of ISRM will deliver System Owner training to the Agency Executive Team in April in support of the Commonwealth’s requirement that System Owner’s manage risks associated with their systems. This training will also highlight the importance of Configuration Management and Software and Service Acquisition. The Division of ISRM will also construct and offer training on Configuration Management and Software and Service Acquisition to whichever resources the Agency identifies to own such related processes. The training will be ready to be provided no later than August 1, 2023. Estimated Completion Date: 12/31/2023
View Audit 295106
Finding 376043 (2023-002)
Significant Deficiency 2023
Housing Authority of the City of York
SC
HUD Housing Programs Significant Deficiency Special Tests & Provisions
2023-002 Special Tests and Provisions – Income Targeting Program: U.S. Department of HUD: Section 8 Housing Choice Vouchers (CFDA 14.871) Type of Finding: Significant Deficiency in Internal Control and Other Matter to be Reported Under the Uniform Guidance This is a repeat finding of 2022-0...
2023-002 Special Tests and Provisions – Income Targeting Program: U.S. Department of HUD: Section 8 Housing Choice Vouchers (CFDA 14.871) Type of Finding: Significant Deficiency in Internal Control and Other Matter to be Reported Under the Uniform Guidance This is a repeat finding of 2022-002 from June 30, 2022 (initially reported June 30, 2021) Statement of Condition The Authority did not have adequate controls over income targeting to assure that the Authority is in compliance with this requirement. During our testing, we noted that tenants with incomes that were extremely low accounted for approximately 70% of new admissions during the fiscal year, which is below the minimum required percentage of 75%. Recommendation We recommend the Authority assure that at least 75% of new admissions be in the extremely low-income bracket. This should be monitored throughout the year. The Authority can also select applicants on the waiting list who are extremely low income by bypassing others on the list that don’t meet the requirement and documenting that the person was selected ahead of others to be able to meet the requirement Action Taken: We concur with this finding. We will closely monitor new admissions and focus on applicants on the waiting list who meet the criteria as extremely low income so that the 75% requirement is met. Our lease rate has been decreasing due to a decrease in availability in our area. We have been issuing vouchers every month and have little to no wait on our waiting list. We are also accepting applications every week. We have been unable to exclude persons due to the extremely low-income bracket requirement because we are trying to increase the overall utilization in our voucher program. We have submitted a request to HUD to allow an exception to the income targeting rule and are currently awaiting a response. Effective Date: February 29, 2024 Contact Information Jenny Hammond, Executive Director Housing Authority of the City of York 221 California Street York, SC 29745 (803) 684-7359
View Audit 295068
Finding 376042 (2023-001)
Significant Deficiency 2023
Housing Authority of the City of York
SC
HUD Housing Programs Eligibility Significant Deficiency
Finding No. 2023-001 Eligibility – Tenant Files Program: U.S. Department of HUD: Section 8 Housing Choice Vouchers (CFDA 14.871) Type of Finding: Significant Deficiency in Internal Control and Other Matter to be Reported Under the Uniform Guidance This is a repeat finding of 2022-001...
Finding No. 2023-001 Eligibility – Tenant Files Program: U.S. Department of HUD: Section 8 Housing Choice Vouchers (CFDA 14.871) Type of Finding: Significant Deficiency in Internal Control and Other Matter to be Reported Under the Uniform Guidance This is a repeat finding of 2022-001 from June 30, 2022 (initially reported June 30, 2021) Statement of Condition Out of a total tenant population of approximately 194 vouchers, 20 files were selected for testing. Exceptions were noted as follows: • 1 file where a math error on zero-income calculation resulted in an increase in HAP rent from $709 to $712. • 1 file where a math error on zero-income calculation resulted in a decrease in HAP rent from $961 to $912. • 1 file where social security income was calculated using 2022 amounts despite move-in date in February 2023. As a result, HAP rent decreased from $561 to $546. • 1 file where social security income was calculated using 2022 amounts despite annual re-exam in February 2023. As a result, HAP rent decreased from $709 to $687. In addition to the above, during our new admissions testing (5 tested out of 44 new admissions) we noted the following: • 1 file that did not contain a signed lease agreement. Recommendation The Authority should correct the deficiencies noted in the tested files and utilize an ongoing quality control review process on the entire tenant population to ensure proper compliance with the requirements related to tenant eligibility. Ongoing staff training and timely management reviews should be utilized to ensure staff is aware of acceptable procedures. In addition, the Authority should review staffing levels, skill sets and case load. Action Taken We concur with this finding and have implemented various controls. A tenant file and unit quality control procedure has been developed and implemented.
View Audit 295068
Finding 376036 (2023-002)
Significant Deficiency 2023
Grand Rapids Community College
MI
Questioned Costs Student Financial Aid Matching / Level of Effort / Earmarking
Condition: The College did not have a control in place to ensure all returns of Title IV refunds were reviewed. As a result, certain student Title IV refund calculations were not correctly calculated and returned.. Planned Corrective Action: • GRCC updated its R2T4 procedure document to highlight t...
Condition: The College did not have a control in place to ensure all returns of Title IV refunds were reviewed. As a result, certain student Title IV refund calculations were not correctly calculated and returned.. Planned Corrective Action: • GRCC updated its R2T4 procedure document to highlight the steps needed to be taken so that bookstore charges are handled correctly in the R2T4 calculation. • GRCC provided updated training to the current employees who handle the R2T4 process. • GRCC reviewed all of the R2T4s in which students had bookstore charges. The results were as follows: oTotal number of students: -Fall -- 103 students reviewed; 61 corrections made -Winter -- 83 students reviewed; 5 corrections made o Total amount of adjustments: -Fall = $13,372 -Winter = $1,362 • GRCC reviewed all unofficial withdrawals during fiscal year 2023 adn matched them with R2T4's where required. Once correction was made for $558. This is the same error noted in teh finding. • During the 2023-2024 year (fiscal year 2024), GRCC is performing a 100% review of the R2T4s that have bookstore charges. While performing the review of the bookstore charges, we are reviewing the entire R2T4, not only whether bookstore charges are correctly included. By doing so, we can ensure that the entire process is performed accurately. • Additionally, GRCC will be conducting R2T4 training each semester by way of ensuring that staff who perform the calculations understand the process and the specific steps needed to complete the calculations. Contact person responsible for corrective action: David DeBoer, Executive Director of Financial Aid Anticipated Completion Date: 12/02/2023
View Audit 295065 Questioned Costs: $1
« 1 232 233 235 236 378 »