FAC Explorer

Corrective Action Plans

Browse how organizations respond to audit findings

Total CAPs
57,775
In database
Filtered Results
9,691
Matching current filters
Showing Page
61 of 388
25 per page

Filters

Clear
Active filters: Significant Deficiency
Finding 1164259 (2024-001)
Material Weakness 2024
Hiv Alliance INC
OR
Allowable Costs / Cost Principles Internal Control / Segregation of Duties Subrecipient Monitoring § 200.303
U.S. Department of Health and Human Services Significant Deficiency in Internal Controls over Compliance: Activities Allowed or Unallowed, Allowable Costs/Cost Principles, Reporting Recommendation: CLA recommends that additional emphasis of documentary evidence of approvals be made, and such evidenc...
U.S. Department of Health and Human Services Significant Deficiency in Internal Controls over Compliance: Activities Allowed or Unallowed, Allowable Costs/Cost Principles, Reporting Recommendation: CLA recommends that additional emphasis of documentary evidence of approvals be made, and such evidence obtained and retained by the Alliance as proof of oversight of expenditure of federal funds. Additionally, CLA recommends increased emphasis and training on the importance of consistent application of procedures and controls. Explanation of disagreement with audit finding: There is no disagreement with the audit finding. Action taken in response to finding: All reports relating to a federally funded project will be reviewed prior to being submitted to the funding agency and documentation relating to that review will be retained by HIV Alliance. Name(s) of the contact person(s) responsible for corrective action: Renee Yandel, Executive Director; Wayne Hamblin, Finance Director Planned completion date for corrective action plan: July 1, 2025
View Audit 373559
Finding 1164256 (2024-001)
Material Weakness 2024
Congregation Bais Malka Inc.
NY
Internal Control / Segregation of Duties Reporting Significant Deficiency
The Organization has begun implementing the above-mentioned recommendations. The Organization will ensure that it has a working compliance calendar to assist in meeting the reporting deadline. Additionally, the Organization has engaged the audit firm for their upcoming fiscal year-end, and the audit...
The Organization has begun implementing the above-mentioned recommendations. The Organization will ensure that it has a working compliance calendar to assist in meeting the reporting deadline. Additionally, the Organization has engaged the audit firm for their upcoming fiscal year-end, and the audit firm has put it on its calendar to begin the audit process well in advance. The Organization’s board of directors has agreed to oversee the auditing and reporting processes to a greater extent. With these actions, the Organization expects to comply with the Uniform Guidance for single audits deadline for the fiscal year end June 30, 2025. Mr. Benjamin Klein, executive director, has been designated to monitor the plan of corrective action for this finding. He can be reached at 845-354-9500.
View Audit 373554
Finding 1164252 (2024-004)
Material Weakness 2024
Manor College
PA
Reporting Student Financial Aid Significant Deficiency § 200.303
Pending
Pending
View Audit 373530
Finding 1164249 (2024-003)
Material Weakness 2024
Manor College
PA
Student Financial Aid Reporting Significant Deficiency
Implement draft Policy & Procedures on monthly recs
Implement draft Policy & Procedures on monthly recs
View Audit 373530
Finding 1163592 (2024-002)
Material Weakness 2024
Zvago Cooperative at Long Lake
MN
Special Tests & Provisions HUD Housing Programs Significant Deficiency
The Cooperative is making required deposits to the General Operating Reserve. Management will implement a process to ensure deposits are made as required by the HUD regulatory agreement.
The Cooperative is making required deposits to the General Operating Reserve. Management will implement a process to ensure deposits are made as required by the HUD regulatory agreement.
View Audit 373336
Finding 1163578 (2024-006)
Material Weakness 2024
Housing Authority of the City of Asheville
NC
HUD Housing Programs Special Tests & Provisions Reporting
Federal Agency: U.S. Department of Housing and Urban Development Federal Program Titles: Housing Voucher Cluster Federal Assistance Listing Numbers: 14.871, 14.879, 14.EHV Noncompliance – N. Special Tests and Provisions – Depository Agreements Non Compliance Material to the Financial Statements: No ...
Federal Agency: U.S. Department of Housing and Urban Development Federal Program Titles: Housing Voucher Cluster Federal Assistance Listing Numbers: 14.871, 14.879, 14.EHV Noncompliance – N. Special Tests and Provisions – Depository Agreements Non Compliance Material to the Financial Statements: No Significant Deficiency in Internal Control over Compliance for Special Tests and Provisions Criteria: PHAs are required to enter into general depository agreements (GDA) with their financial institutions in the form required by HUD. The agreements serve as safeguards for federal funds and provide third party rights to HUD. Among the terms in many agreements are requirements for funds to be placed in an interest-bearing account (24 CFR section 982.156). Condition: Based on inspection of files and discussions with management, it was determined that the depository agreements were signed after the reporting period. Context: The Authority did not have signed depository agreements with their financial institutions on file during the reporting period, therefore we were unable to verify the existence of depository agreements and unable to determine if the Authority met the terms of the agreements. Cause: There is a significant deficiency in internal controls over compliance for the special tests and provision type of compliance related to depository agreements. The Authority has not properly considered, designed, implemented, maintained and monitored a system of internal controls for their partnered management company that assures the program is in compliance. Effect: The Housing Voucher Cluster is in noncompliance with the special tests and provisions type of compliance related to depository agreements. Auditors' Recommendation: We recommend that the Authority properly file HUD-51999 forms in accordance with HUD guidelines. View of Responsible Officials and Corrective Actions: The Authority accepts the recommendation of the auditor and will properly file HUD- 51999 forms in accordance with HUD guidelines. Noelle Tackett, Director of the Housing Choice Voucher Program, will be responsible to implement this corrective action by December 31, 2025.
View Audit 373324
Finding 1163555 (2024-003)
Material Weakness 2024
Community Service Council of Greater Tulsa, Inc.
OK
Eligibility Significant Deficiency
Federal Program – Supportive Housing for Veterans (Supportive Services for Veterans Families) (SSVF) Assistance Listing Number – 64.033 Significant Deficiency Criteria: The SSVF Program Guide Section VIII, Subsection E. Documentation Required states: Grantees must use adequate financial management s...
Federal Program – Supportive Housing for Veterans (Supportive Services for Veterans Families) (SSVF) Assistance Listing Number – 64.033 Significant Deficiency Criteria: The SSVF Program Guide Section VIII, Subsection E. Documentation Required states: Grantees must use adequate financial management systems that follow generally accepted accounting principles (GAAP) and provide adequate fiscal control and account records including cost accounting records supported by documentation. Grantees must also maintain all back up documentation and invoices to support the costs paid with SSVF funds.” Condition: During the OBO review, OBO found the Organization was unable to provide a general ledger detail that separated administrative costs from general costs. Cause: Because the Organization’s SSVF administrative costs are allocated payroll expenses, management was unaware they needed to segregate the administrative costs in the general ledger. Effect: The Organization’s failure to provide a general ledger that separates administrative and general expenses increases the risk of inaccurate financial results being provided at closeout or unauthorized and ineligible expenses being charged to the award, which may result in subsequent funding shortages for other qualified expenses. Questioned Costs: None Identification as a repeat finding: This is a repeat finding. Corrective Action: As of 2/17/2025 OKVU added sub-coding to the general ledger to identify administrative labor costs under 7000 – Salaries & wages, 7100 – Fringe benefits and 7200 – Payroll taxes bases on direct allocations provided to the payroll system. This information will be provided by report from the payroll system and added via journal entry to the GL.
View Audit 373239
Finding 1163554 (2024-002)
Material Weakness 2024
Community Service Council of Greater Tulsa, Inc.
OK
Internal Control / Segregation of Duties Significant Deficiency
Federal Program – Supportive Housing for Veterans (Supportive Services for Veterans Families) (SSVF) Assistance Listing Number – 64.033 Significant Deficiency Criteria: The SSVF Program Guide (March 2021) Section VII, Subsection E. Notification to Participants, states: “To ensure that Veteran famili...
Federal Program – Supportive Housing for Veterans (Supportive Services for Veterans Families) (SSVF) Assistance Listing Number – 64.033 Significant Deficiency Criteria: The SSVF Program Guide (March 2021) Section VII, Subsection E. Notification to Participants, states: “To ensure that Veteran families receiving supportive services under the SSVF Program are receiving quality services, the grantee must give a VA-designated satisfaction survey to each participant within 30 days of the participant’s pending exit from the grantee’s program.” Condition: The Office of Business Oversight (OBO) performed a review to assess the Organization’s compliance with SSVF program and other federal requirements and regulations. During this review, OBO found 15 case files where the Organization provided the VA-designated satisfaction survey late. Cause: As a result of staff turnover, the Organization failed to develop adequate internal controls to ensure management monitored case manager development and reviewed case files for adequate documentation. Effect: The Organization’s failure to provide the VA-designated satisfaction survey within 30 days may decrease feedback to the SSVF Program, which may result in veterans not receiving appropriate assistance and quality services. Questioned Costs: None Identification as a repeat finding: This is a repeat finding. Corrective Action: As of 12/11/2024 OKVU updated the SSVF policy and procedure manual to ensure grant compliance with the VA-designated satisfaction survey and added a review requirement to the discharge file QC checklist. As of 12/11/2024 all case manager staff were provided training.
View Audit 373239
Finding 1163553 (2024-001)
Material Weakness 2024
Community Service Council of Greater Tulsa, Inc.
OK
Eligibility Significant Deficiency
Federal Program – Supportive Housing for Veterans (Supportive Services for Veterans Families) (SSVF) Assistance Listing Number – 64.033 Significant Deficiency Criteria: The SSVF Program Guide (March 2021) Section V, Subsection C. Determining Income Eligibility, provides a summary of asset inclusions...
Federal Program – Supportive Housing for Veterans (Supportive Services for Veterans Families) (SSVF) Assistance Listing Number – 64.033 Significant Deficiency Criteria: The SSVF Program Guide (March 2021) Section V, Subsection C. Determining Income Eligibility, provides a summary of asset inclusions and exclusions for use in evaluating assets. Assets must be evaluated at entry to SSVF and at recertification. Condition: The Office of Business Oversight (OBO) performed a review to assess the Organization’s compliance with SSVF program and other federal requirements and regulations. During this review, OBO found 45 case files missing evidence that the grantee evaluated assets (inclusions and exclusions) for certification of eligibility. Cause: Management misinterpreted the guidance and was not aware of the need to document asset evaluations if the veteran did not have any assets. Effect: The Organization’s failure to obtain and keep the adequate income supporting documentation in the case file may result in the Organization providing services to an ineligible veteran or household. Questioned Costs: None Identification as a repeat finding: This is a repeat finding. Corrective Action: As of 12/06/2024 OKVU implemented the addition of the Asset Calculation Worksheet to the veteran case file. To ensure compliance the requirement was also added to the discharge file QC checklist and the SSVF policy and procedure manual updated. As of 12/11/2024 all case manager staff were provided training.
View Audit 373239
Finding 1163380 (2024-007)
Material Weakness 2024
Economic Development Bank for Puerto Rico
PR
Special Tests & Provisions Subrecipient Monitoring Reporting
Management acknowledges that the Single Audit report timelines can be further strengthened. All audit processes are performed using the Recipient systems, which are designed to comply with federal requirements. Observations are considered an opportunity to improve coordination and internal monitorin...
Management acknowledges that the Single Audit report timelines can be further strengthened. All audit processes are performed using the Recipient systems, which are designed to comply with federal requirements. Observations are considered an opportunity to improve coordination and internal monitoring.
View Audit 372904
Finding 1163358 (2024-007)
Material Weakness 2024
Pembina County Water Resource District
ND
Subrecipient Monitoring Reporting Significant Deficiency § 200.303
2024-007 – CORONAVIRUS STATE AND LOCAL FISCAL RECOVERY FUNDS – IMPROPER REPORTING OF EXPENDITURES – ALN 21.027 – SIGNIFICANT DEFICIENCY & OTHER NONCOMPLIANCE Condition Pembina County did not properly report expenditures and obligations on the March 31, 2024, Project and Expenditure Report for the Co...
2024-007 – CORONAVIRUS STATE AND LOCAL FISCAL RECOVERY FUNDS – IMPROPER REPORTING OF EXPENDITURES – ALN 21.027 – SIGNIFICANT DEFICIENCY & OTHER NONCOMPLIANCE Condition Pembina County did not properly report expenditures and obligations on the March 31, 2024, Project and Expenditure Report for the Coronavirus State and Local Fiscal Recovery Funds program. The total cumulative and current expenditures and cumulative and current obligations reported were understated by $17,797.40. Corrective Action Plan: We agree, Pembina County will ensure obligations and expenditures for the SLFR grant are properly stated in future periods. Anticipated Completion Date: FY 2025
View Audit 372866
Finding 1163338 (2024-003)
Material Weakness 2024
Upper Missouri District Health Unit
ND
Allowable Costs / Cost Principles Cash Management Reporting § 200.303
2024-003 - IMMUNIZATION COOPERATIVE GRANT AGREEMENTS - INTERNAL CONTROLS - LACK OF SUPPORT FOR PAYROLL APPROVALS - ALN #93.268 - SIGNIFICANT DEFICIENCY FINDING TYPE: SIGNIFICANT DEFICIENCY Finding 2024-003 Federal Program: FAIN: IMMUNIZATION COOPERATIVE AGREEMENT NH23IP922623 ALN: 93.268 Year(s): 20...
2024-003 - IMMUNIZATION COOPERATIVE GRANT AGREEMENTS - INTERNAL CONTROLS - LACK OF SUPPORT FOR PAYROLL APPROVALS - ALN #93.268 - SIGNIFICANT DEFICIENCY FINDING TYPE: SIGNIFICANT DEFICIENCY Finding 2024-003 Federal Program: FAIN: IMMUNIZATION COOPERATIVE AGREEMENT NH23IP922623 ALN: 93.268 Year(s): 2024 Federal Agency: U.S. Department of Health and Human Services Pass Through Agency: North Dakota Department of Health Questioned Cost: $0 Condition: Upper Missouri District Health Unit does not have documented approval of the payroll transactions to ensure that the expenditures are allowable to the Immunization Cooperative Agreements program and are coded to the proper grant. Corrective Action Plan: We agree, UMDHU will be adding proper approval processes regarding payroll transactions. Anticipated Completion Date: FY 2026
View Audit 372860
Finding 1163308 (2024-002)
Material Weakness 2024
Heading Home
NM
Allowable Costs / Cost Principles Reporting Significant Deficiency
Heading Home management is in agreement with this finding. After years of turnover in key management positions steps have been taken to address staffing challenges and these positions have been successfully staffed with high-quality individuals who bring extensive knowledge and expertise to their ro...
Heading Home management is in agreement with this finding. After years of turnover in key management positions steps have been taken to address staffing challenges and these positions have been successfully staffed with high-quality individuals who bring extensive knowledge and expertise to their roles. These positions include a new Chief Executive Officer, Director of Operations, Chief Financial Officer, and Director of Human Services. To address challenges in accounting and finance Heading Home had contracted with a local CPA firm specializing in nonprofit accounting and financial reporting to assist the CFO with daily accounting tasks, the monthly close, financial reporting to management and the board of directors, and to facilitate and ensure audits are completed timely each year. The new management group is committed to maintaining a skilled and competent team in key financial roles. Due to the backlog of billings at the opening of FY23, the billing submissions and quarterly reports for the first quarter were submitted late. With the new staff and assistance, these billings and quarterly reports were brought current as quickly as possible. They are now current and being submitted in a timely manner. Management’s corrective action plan was fully implemented by June 30, 2025, and anticipate that there will be no further issues. Personnel responsible for ensuring implementation include Connie Chavez, Executive Director, and Debbie Brickman, Chief Financial Officer.
View Audit 372829
Finding 1163295 (2024-001)
Material Weakness 2024
Genesis Community Health, Inc.
FL
Reporting Significant Deficiency Matching / Level of Effort / Earmarking § 200.302
Additional preventive internal control procedures will be implemented, designating a secondary individual responsible for submission should the primary individual leave or be terminated. These procedures and internal controls have been implemented as of the date of this report.
Additional preventive internal control procedures will be implemented, designating a secondary individual responsible for submission should the primary individual leave or be terminated. These procedures and internal controls have been implemented as of the date of this report.
View Audit 372818
Finding 1163279 (2024-005)
Material Weakness 2024
Alameda Point Collaborative
CA
Cash Management Significant Deficiency Matching / Level of Effort / Earmarking
1-Develop a reconciliation process for excess cash reserves to ensure compliance with loan agreements 2-Implement procedures to obtain and maintain documentation for qualifying low-income housing individuals. 3-Train staff on compliance requirements for loan agreements and reconciliation processes.
1-Develop a reconciliation process for excess cash reserves to ensure compliance with loan agreements 2-Implement procedures to obtain and maintain documentation for qualifying low-income housing individuals. 3-Train staff on compliance requirements for loan agreements and reconciliation processes.
View Audit 372806
Finding 1163275 (2024-002)
Material Weakness 2024
Youthcare
WA
Allowable Costs / Cost Principles Reporting Significant Deficiency
Corrective Action Plan For the Year Ended December 31, 2024 Contact Person(s): De Angelo Jones, Finance Director Deangelo.jones@youthcare.org Finding 2024-002 Significant deficiency in internal controls over compliance related to reporting. Explanation and specific reasons for disagreement with the ...
Corrective Action Plan For the Year Ended December 31, 2024 Contact Person(s): De Angelo Jones, Finance Director Deangelo.jones@youthcare.org Finding 2024-002 Significant deficiency in internal controls over compliance related to reporting. Explanation and specific reasons for disagreement with the audit finding or that corrective action is not required (if applicable): No disagreement. Corrective action planned:  Develop a contract expenditure compliance review process created with final review and approval by Finance Director. Anticipated completion date: Fixed January 1, 2025
View Audit 372803
Finding 1163016 (2024-003)
Material Weakness 2024
City of Hamilton, Texas
TX
Significant Deficiency Matching / Level of Effort / Earmarking Internal Control / Segregation of Duties
The City will implement policies and procedures to verify that all required elements are included in relevant contracts. The City staff will ensure that all necessary certified payrolls are received and reviewed.
The City will implement policies and procedures to verify that all required elements are included in relevant contracts. The City staff will ensure that all necessary certified payrolls are received and reviewed.
View Audit 372605
Finding 1162977 (2024-004)
Material Weakness 2024
Valle Verde Housing-Municipality of Adjuntas
PR
Reporting Significant Deficiency Internal Control / Segregation of Duties
Management concurs with the Finding. We gave instructions to the Fiscal Staff to maintain a dateline control sheet to ascertain that required reports were submitted within the due date and to retain evidence on file about each submission.
Management concurs with the Finding. We gave instructions to the Fiscal Staff to maintain a dateline control sheet to ascertain that required reports were submitted within the due date and to retain evidence on file about each submission.
View Audit 372579
Finding 1162976 (2024-003)
Material Weakness 2024
Valle Verde Housing-Municipality of Adjuntas
PR
Reporting Significant Deficiency Matching / Level of Effort / Earmarking
Management concurs with the Finding. The fiscal year 2023-2024 Single Audit reporting package will be immediately uploaded to the Federal Audit Clearinghouse (FAC) web portal upon receipt of the auditor’s reports. As a preventive actions for fiscal year, 2024–2025, the Municipality’s financial staff...
Management concurs with the Finding. The fiscal year 2023-2024 Single Audit reporting package will be immediately uploaded to the Federal Audit Clearinghouse (FAC) web portal upon receipt of the auditor’s reports. As a preventive actions for fiscal year, 2024–2025, the Municipality’s financial staff, with the support of a financial consulting firm, have been working to prepare the FY 2024-2025 financial statements and Single Audit deliverables to comply with the established deadline.
View Audit 372579
Finding 1162880 (2024-002)
Material Weakness 2024
City of Hempstead, Texas
TX
Internal Control / Segregation of Duties Special Tests & Provisions Subrecipient Monitoring § 200.303 § 200.328
Finding 2024-002: Insufficient Documentation of Management Review of Section 3 Quarterly and Annual Reporting Planned Corrective Action: Management agrees with the finding and will establish a formal review and approval process for all Section 3 quarterly and annual reports prepared and submitted by...
Finding 2024-002: Insufficient Documentation of Management Review of Section 3 Quarterly and Annual Reporting Planned Corrective Action: Management agrees with the finding and will establish a formal review and approval process for all Section 3 quarterly and annual reports prepared and submitted by the grant administrator to the Texas General Land Office. Going forward, the City Secretary will review each report for accuracy and completeness prior to submission, and evidence of this review, such as signed approval or email confirmation, will be retained in the grant files. The City anticipates implementing this procedure for all future reporting periods to ensure compliance with federal reporting and internal control requirements. Anticipated Completion Date: December 2025
View Audit 372549
Finding 1162849 (2024-003)
Material Weakness 2024
Kitsap Rescue Mission
WA
Subrecipient Monitoring Procurement, Suspension & Debarment Cash Management § 200.302
Condition: Management did not retain evidence of the execution of the Organization’s internal controls over the review and or authorization of the payment or reimbursement of credit card charges during the year. Recommendation: Management should document the review and/or authorization of credit car...
Condition: Management did not retain evidence of the execution of the Organization’s internal controls over the review and or authorization of the payment or reimbursement of credit card charges during the year. Recommendation: Management should document the review and/or authorization of credit card charges and reimbursement. Views of responsible officials: The Organization will adopt a new policy on corporate credit cards with the following general provisions. Corporate credit cards may only be issued to the Executive Director and, if approved by the Executive Director, to the heads of shelter operations, and the Organization’s Accountant. All charges shall be made solely for goods or services for the use or benefit of the Organization. Use of the credit card for the purchase of gift cards or recurring automatic transactions can only be made by the Executive Director or the Organization’s Accountant after approval by Executive Director. Receipts shall be provided to the internal accountant monthly by the 5th day of the following month. The internal accountant shall prepare a summary of all charges highlighting any 1) that are not supported by a receipt, or 2) appear questionable, and also an allocation of each charge to the appropriate expense category for financial reporting. The summary and the credit card statement shall be provided to the Executive Director for review and approval. The Executive Director will spot check actual receipt documentation for credit card2 purchases of the Organization’s Accountant and the Shelter Director. In the case of the credit card used by the Executive Director, the summary and statement shall be reviewed and approved by the Treasurer or Board President. Any improper or unsupported transaction shall create a reimbursement obligation by the card holder to the Organization. Misuse of the credit card shall be a cause for discipline in accordance with the employment manual.
View Audit 372514
Finding 1162801 (2024-002)
Material Weakness 2024
TOWN OF CHESTER
MA
Subrecipient Monitoring Allowable Costs / Cost Principles Procurement, Suspension & Debarment
Condition: The Town has not documented in writing its policies regarding federal awards. Corrective Action Planned: The Town plans to draft and adopt policies. Anticipated Completion Date: 12/31/2025 Contact: Andrew Alward, Town Administrator
Condition: The Town has not documented in writing its policies regarding federal awards. Corrective Action Planned: The Town plans to draft and adopt policies. Anticipated Completion Date: 12/31/2025 Contact: Andrew Alward, Town Administrator
View Audit 372434
Finding 1162798 (2024-010)
Material Weakness 2024
Micronesian Legal Services Corporation
MP
Cash Management Significant Deficiency Internal Control / Segregation of Duties
Management’s Response and Corrective Action Plan: MLSC concurs with the audit finding. Management acknowledges that the previous cash disbursement policy did not fully incorporate the requirements outlined in LSC Financial Guide § 3.2.4. MLSC believes that with the implementation of the revised Cash...
Management’s Response and Corrective Action Plan: MLSC concurs with the audit finding. Management acknowledges that the previous cash disbursement policy did not fully incorporate the requirements outlined in LSC Financial Guide § 3.2.4. MLSC believes that with the implementation of the revised Cash Disbursement Policy and related staff training, all recommendations in the audit finding have been fully addressed. Responsible person: Exec. Director, Lee Pliscou and Chief Fiscal Officer, Jocelyn Mallari Corrective action planned: MLSC has reviewed and revised the policy, and the Board of Directors approved an updated Cash Disbursement policy that fully aligned with the LSC Financial Guide. MLSC staff were trained on the new procedures to ensure full understanding and compliance. The revised policy was shared with all the staff at MLSC’s share drive. Anticipated completion date: Completed
View Audit 372427
Finding 1162797 (2024-009)
Material Weakness 2024
Micronesian Legal Services Corporation
MP
Subrecipient Monitoring Significant Deficiency
Management’s Response and Corrective Action Plan: See the response on finding 2024-009
Management’s Response and Corrective Action Plan: See the response on finding 2024-009
View Audit 372427
Finding 1162796 (2024-008)
Material Weakness 2024
Micronesian Legal Services Corporation
MP
Subrecipient Monitoring Significant Deficiency
Management’s Response and Corrective Action Plan: Management agrees, and has addressed this as follows: Responsible person: Lee Pliscou MLSC Board of Directors approved a revised accounting manual in October 2025 which requires an annual cybersecurity assessment and response in compliance with LSC F...
Management’s Response and Corrective Action Plan: Management agrees, and has addressed this as follows: Responsible person: Lee Pliscou MLSC Board of Directors approved a revised accounting manual in October 2025 which requires an annual cybersecurity assessment and response in compliance with LSC Financial Guide § 2.5.3, together with a formal risk assessment of banking operations to identify and address vulnerabilities, as required by LSC Financial Guide § 3.2.1. Specifically, our cybersecurity policies include the following requirements: ● Perform (and document) an annual risk assessment ● Resolve any risk findings or conclusions ● Maintain physical access controls for servers and storage rooms ● Develop and periodically test an emergency disaster prevention and recovery plan ● Perform regular back up of electronic records and systems stored offsite or in a virtual environment with easy-to-use restoration options ● Formally assign computer and data security responsibilities The risk assessment process: ● Identifies the physical and digital assets susceptible to cyberattacks ● Identifies risks to those assets (risks should be evaluated annually for changes) ● Evaluates the risks (e.g., high, medium, or low) based on likelihood and impact ● Documents the results of the risk assessment, including the development and implementation of appropriate controls Finding 2024-008 LSC Financial Guide § 2.5.3 Electronic Data Processing and Cybersecurity, continued Also, per our new Accounting Manual, MLSC conducts a risk assessment of its electronic banking policies and procedures to identify areas that need additional safeguards and protections. We do this in conjunction with the annual cybersecurity risk assessment. As of November 2025, MLSC has contracted with a consultant to provide such an assessment, and the contractor has delivered a first draft of an assessment. Anticipated completion date: MLSC has already completed the requirement to have policies in compliance with LSC Financial Guide Sections 2.5.3 (Electronic Data Processing and Cybersecurity) and 3.2.1 (Bank accounts). MLSC will complete the annual assessment by February 28, 2026.
View Audit 372427
« 1 59 60 62 63 388 »