Corrective Action Plans

Finding 2023-003 Finding Title: Student Financial Assistance Cluster Name of Contact Person: Traci Boeve, Director of Financial Aid Corrective Action: Hastings College will add additional staff as a control to the current process. The Assistant Registrar and the Office of Financial Aid will be included in the receipt of the graduation file. The Assistant Registrar will confirm in NSC (National Student Clearinghouse) the file was uploaded with no errors. The Office of Financial Aid will also request a report from NSLDS, which can be compared to the file that was directly uploaded to NSC. Anticipated Date of Completion: In place for 2023-2024 school year.

Corrective Action Plan: The University has a previously established detailed policy and procedure in place to process and to accurately report status changes timely via the National Student Clearinghouse (NSC) to NSLDS. The reporting of the Initial Submission along with the Subsequent Submissions occurs approximately 5 business days prior to the month for which the report is due. This then ensures that NSC has the opportunity to transmit the data to NSLDS within 14 days of the 1st of the month. Submission of additional rosters would not change anything as NSC only submits once per month to NSLDS. The University will continue to submit on time to NSC and will continue to monitor when NSC transmit to NSLDS. Timeline for Implementation of Corrective Action Plan: The corrective action plan was implemented as of October 2023. Contact Person Mark Powers, Registrar Finding number: 2023-001 Federal agency: U.S. Department of Education Programs: Student Financial Assistance Cluster CFDA #: 84.063 and 84.268 Award year: 2023

The College has created procedures to review outstanding checks monthly. Outstanding checks that are not resolved after several notifications to the student will be returned to the Department of Education. Checks will be returned within four months of the initial check issued date.

The Financial Aid Office worked with the Information Technology department to determine the issue with the exit conference report and had corrected it.

Lincoln Land Community College (LLCC) acknowledges and takes seriously the audit findings presented, highlighting areas where compliance requirements were not met. These findings are crucial in ensuring the ongoing enhancement of our Information Security Program. To address these concerns LLCC has proactively taken several measures. In June 2022, the College appointed an IT Security and Assurance Manager, tasked with overseeing the Information Security Program and ensuring compliance with the Gramm-Leach-Bliley Act (GLBA). The Manager has played a pivotal role in developing a comprehensive roadmap to guide the continued evolution of our Information Security Program. This roadmap specifically outlines the steps required to address the identified deficiencies, as detailed in the schedule of findings document received from the CLA. LLCC affirms its agreement with the details provided in the document and has prioritized these findings as top-level concerns in the roadmap. In the upcoming Fiscal Year 2024 (FY24), LLCC commits to diligently implementing the roadmap, with a focused emphasis on the following key areas: 1. Implementation and Periodic Review of Access Controls: The IT Security and Assurance Manager will lead efforts to establish robust access controls and ensure regular reviews to align with compliance requirements. 2. Encryption of Customer Information: Although informal procedures are in place, a comprehensive strategy for encrypting customer information both within the College’s system and during transit will be implemented to safeguard sensitive data. 3. Security Assessment of Applications: Rigorous evaluations, assessments, and testing procedures for applications transmitting sensitive information will be instituted to bolster the overall security posture. 4. Anticipation and Evaluation of System Changes: Proactive measures will be taken to anticipate and evaluate changes to the information system or network, ensuring a proactive stance against potential vulnerabilities, including the development of a formalized change management process. 5. Regular Testing and Monitoring: LLCC is committed to instituting regular testing, monitoring, and assessing protocols for established safeguards to ensure their ongoing effectiveness. 6. Implementation of Policies and Procedures: Policies and procedures will be refined and enforced to guarantee that personnel can effectively enact the information security program. 7. Monitoring Information System Service Providers: Development of a comprehensive approach to monitoring the College’s information system service providers has been initiated and will be established to ensure compliance with security standards. Lincoln Land Community College views this as an opportunity for continuous improvement and remains dedicated to upholding the highest standards of information security. The commitment to addressing these findings is integral to our ongoing efforts to safeguard sensitive information and maintain compliance with regulatory requirements.

Views of Responsible Officials and Corrective Action Plan (Finding 2023-001) In the process of assessing internal controls related to the prohibition of incentive compensation for enrollment recruiting, the College determined that three admissions personnel had been assigned an individual goal for securing enrollment. The enrollment goal was one of multiple criteria used to determine an overall performance rating that was the basis for merit increases awarded on July 1, 2022. The total merit increases awarded to certain of the College's admissions employees was $2,541, which were based in part upon success in securing enrollments. The College was not aware of the prohibition on merit-based adjustments based in any part, directly or indirectly, upon success in securing enrollments. The College has revised the annual Performance Management Review form to expressly prohibit a performance metric for securing enrollment. All personnel have been re-trained. For questions, please reach out to Elizabeth M. Krapp, Vice President, Finance and Administration at emkrapp@peirce.edu or Brad Hodge, Vice President, Enrollment Management & Student Services at bkhodge@peirce.edu.

Title: Student Financial Assistance Cluster – Assistance Listing Nos. 84.007, 84.033, 84.063, 84.268 Recommendation: We recommend the University review its SAP review policies to ensure it is completed timely and before Title IV disbursements occur. Explanation of disagreement with audit finding: There is no disagreement with the audit finding. Action taken in response to finding: Prior to this finding, in November 2022 our Registrar implemented a change in process to require a form when assigning either an L and I grade to a student. This ensures that the correct grade type is used in all cases depending on the nature of the work still outstanding. In doing so, it allows more accurate and timely assess a student’s GPA for SAP status on a regular schedule within the timeline expected for each type of grade when a final grade is determined. The Financial Aid office had also implemented an additional tracking mechanism outside of our ERP system to monitor the SAP status of each student to augment deficiencies in our ERP related to tracking the correct status over time. This tracking occurs regardless of the timing of a FAFSA being completed or the consistency of student enrollment from one semester to the next. This allows us to know the eligibility status of a student prior to awarding and disbursement, and require an appeal when appropriate. This was implemented May 2023. Regardless, as per policy and as we’ve been doing, we will continue to evaluate grade changes at the time of the next regular SAP evaluation period, and enforce the policy based on their status from that point forward. Name(s) of the contact person(s) responsible for corrective action: Dwight R Berreth Planned completion date for corrective action plan: August 2023

Finding 2023-003 - Federal Pell Grant Enrollment Status Condition: A qualifying student was awarded a Federal Pell Grant for the Fall semester as a full-time student. Upon review of the student's transcript, it showed the student was enrolled in 10 credit hours, categorizing the student as a three-quarter time student, therefore, an over award of PELL occurred. In conjunction with our FY2023 audit, please see the College's corrective action plan below: We concur with this finding and have reinforced with enrollment staff the internal control procedures to ensure the proper process is followed for students who withdraw or are considered no-shows. The enterprise management system for the College should adjust the credit hours for all dropped courses. Due to the student being administratively withdrawn after the last day to drop courses our system did not adjust these courses from the student financial aid aspect. We are aware of this and working toward ensuring this does not occur in the future. We will be scheduling additional training with our system in the upcoming year address this. Expected completion date: 11/17/2023 Party Responsible: Trisha White, Vice President of Business Affairs Contact Information: twhite@eosc.edu

Condition: A student received a direct subsidized loan despite showing no financial need, as the student's EFC was higher than the student's COA. The student's EFC was determined to be $24,282, whereas their COA was $20,686. Despite no financial need existing, the student was awarded a direct subsidized loan of $3,500, resulting in an over award. In conjunction with our FY2023 audit, please see the College's corrective action plan below: Management agrees this student had an incorrect type of loan awarded. Based off the students EFC number the loan should have been an unsubsidized loan and not the subsidized loan. The Financial Aid office will make the corrections of the loan type to the student's account. Financial Aid will add an internal control process to ensure there is a second verification of student federal loans in place. Expected completion date: 11/17/2023 Party Responsible: Trisha White, Vice President of Business Affairs Contact Information: twhite@eosc.edu

Comments on Findings and Recommendations: We agree with the finding and recommendations. Planned Corrective Action: The organization will undergo a software upgrade aimed at augmenting the efficiency and precision of the financial aid department. We anticipate that this upgrade will be fully operational by the end of the first quarter of the next calendar year. Anticipated Completion Date: 03/29/2024

The following is the Management's Response to Auditor's Findings, Summary Schedule of Prior Audit Findings and Corrective Action Plan. This document was prepared by management of the University of Oklahoma. 2023-001 Student Financial Assistance Cluster, ALN 84.063 Federal Pell Grant Program and ALN 84.268 Federal Direct Student Loans, Department of Education, Award Year 2023 Criteria or Specific Requirement - Special Tests and Provisions - Enrollment Reporting - 34 CFR § 690.83(b)(2) and 34 CFR §685.309(b)(1) Finding Summary: The University is required to implement a system of internal controls that ensure enrollment information is reported to Department of Education's National Student Loan Data System (NSLDS) each 60 days, at minimum. Enrollment information for eight students graduating in Spring 2023 was not reported timely to NSLDS. Explanation of Agreement/Disagreement: Management concurs with the finding and proper internal controls are being implemented during FY2024. Officials Responsible for Ensuring Corrective Action: Courtney Henderson, Acting Financial Aid Director. Planned Completion for Corrective Action: Corrected enrollment information was submitted to NSLDS on August 18, 2023. Corrective internal controls have been implemented as of October 12, 2023. Plan to Monitor Completion of Corrective Action: Management concurs with the finding and proper internal controls were implemented during FY2024. Management has implemented regular monthly meetings between the Financial Aid Services and Academic Records departments of the University to review graduation error reports and ensure timely processing.

Finding 2023-001 Cash Management - Heightened cash monitoring payment method Federal Agency Name: Department of Education Program Name: Student Financial Aid Cluster ALN #84.063 - Federal Pell Grant Program ALN #84.007 - Federal Supplemental Educational Opportunity Grants ALN #84.033 - Federal Work-Study Program ALN #84.268 - Federal Direct Student Loans Finding Summary: During testing of cash management, which includes disbursing of Title IV program funds under HCM1, a sample of 11 students was selected from the population of students receiving Title IV funding during fiscal year 2023. From this selection of students, the following deficiencies were noted where the College received Title IV payments from the Department of Education before either applying the funds to the students account or clearing any credit balances owed to the student/parent that were created by applying the funds to the students account. • Pell Grants – 10 of the 19 disbursements • Subsidized Loans – 17 of the 30 disbursements • Unsubsidized Loans – 18 of the 29 disbursements • Plus Loans – 4 of the 6 disbursements • FSEOG Grants – 9 of the 14 disbursements Responsible Individuals: Bryan Tarrant (Director of Operations) and Ryan Apple (Financial Aid Director) Corrective Action Plan: Management acknowledges the importance of continued training for staff to strengthen their knowledge of cash management practices and that processes and procedures relating to cash management are continually reviewed and updated. Anticipated Completion Date: We anticipate management’s review of practices and processes and additional training to be completed by December 31, 2023. The College anticipates continued review of policies and procedures on a yearly basis and additional training as the need arises.

CORRECTIVE ACTION PLAN Finding 2023-001 Federal Agency Name: U.S. Department of Education Program Name: Student Financial Assistance Cluster ALN: 84.268 Finding Summary: The UMHB Financial Aid Office initially did not correctly identify and include new entering spring students in the disbursement notification process. Subsequently, 100 spring-only students received disbursement notifications after the 30-day required timeframe. UMHB identified and corrected this discrepancy prior to the beginning of the Single Audit. Responsible Individuals: David Orsag, Director Melissa Jones, Assistant Director Corrective Action Plan: The UMHB Financial Aid Office modified the disbursement notification selection for Fall 2023 to ensure all students are included in the weekly evaluation for disclosures. Additionally, on September 6, 2023, UMHB implemented a bi-weekly review of disbursement notifications to identify any students with missing disclosures. Anticipated Completion Date: September 6, 2023

2023-001 Incorrect Pell Disbursement Amount - Student Financial Aid Cluster Assistance Listing Number 84.007, 84.033, 84.063, 84.268, Grant Period - Year Ended June 30, 2023 Condition Found During our student file testing we noted one student out of forty had was not disbursed the correct Pell Grant award. Based on the student’s enrollment status and need, the College under awarded the student by $200. We consider this to be an instance of noncompliance relating to the Eligibility Compliance Requirement. Corrective Action Plan: Run enhanced quality assurance (QA) checks with awarding analysis both prior to disbursement of funds and at the end of each semester. Execute 100% QA procedures to ensure accurate system awarding. Responsible Person for Corrective Action Plan: Mary Cobb, Program Manager Financial Aid, and Ana Mirnic, Program Manager Financial Aid, and Executive Director of Financial Aid (new hire in process) Implementation Date of Corrective Action Plan: September 1, 2023

Asbury University's Financial Aid office has had a turnover in positions. Submitting a disbursement date adjustment file for TEACH Grant disbursements was missed in training Dawn Hopkins the new Financial Aid Specialist. Leslie Kurtz (Director of Financial Aid) has shown Ms. Hopkins how to create and transmit a TEACH Grant adjustment file to COD. Ms. Hopkins sent a file to correct the 22-23 disbursement dates on July 14, 2023. Ms. Hopkins also updated her desk manual on July 14, 2023, adding the steps to create and submit a disbursement date adjustment file after each TEACH Grant is disbursed to a student's ledger. Leslie Kurtz and Dawn Hopkins have manually reviewed TEACH Grant recipients for the 22-23 at COD to ensure that our ledger and COD are in agreement. On July 14, 2023, Leslie Kurtz modified the receipt that is sent to students to indicate that they have the right to cancel the TEACH Grant by notifying our office.

Management’s Corrective Action Plan Finding 2023-001 Special Tests and Provisions- Enrollment Reporting- Significant Deficiency in Internal Control over Compliance. Responsible Office and Individuals The Associate Vice President of Student Financial Services, Jazmin Martin and the Executive Vice President/Chief Operations Officer, Mark Mendoza are responsible for the development of the processes, and implementation of the corrective actions described in the Corrective Action Plan. The corrective actions will result in timely and accurate reporting to NSLDS. Corrective Action Plan Management accepts responsibility for this significant deficiency in internal control over compliance and has implemented a new financial aid management system (Campus Ivy) and process to ensure that students’ statuses are reported timely. To maintain accuracy and compliance with the Title IV regulations, Campus Ivy will perform weekly, monthly, and bi-monthly National Student Loan Data System (NSLDS) enrollment reporting. Enrollment reporting is a process by which a student’s enrollment status and program of study is reported to NSLDS on a timely basis to meet the U.S. Department of Education’s 30-day and 60-day reporting requirements. The Student Financial Services Department will provide accurate and timely information to Campus Ivy and Campus Ivy will report that information timely and accurately to NSLDS. Campus Ivy’s Core system receives the NSLDS Enrollment Roster as scheduled on the 5th of the month every 60-days. The Core system will automatically load the roster and update all relevant enrollment data based on the information sent from CLU through the secure data import on an ongoing basis. These updates are then batched by the system to be transmitted to NSLDS. The Student Financial Services Department, through the student information system (Maestro), will provide student information updates. The Student Financial Services Department will sync updates to the Campus Ivy Core Financial Aid Management System (Core) with all students’ academic and demographic information from Maestro, by imports through Campus Ivy’s secure encrypted portal or through direct integration. The Student Financial Services Department will be responsible for timely and accurate updates of the Core system. The Student Financial Services Department will ensure daily updates from Maestro to clear any failed validations. The student data import process has built in validations to assist CLU with maintaining accurate data. These validations are on both the student’s demographic and academic information. In addition to the bi-monthly roster process, Campus Ivy also sends bi-weekly updates to NSLDS to record enrollment updates on an ongoing basis, well within the 30-day timeframe set by the Department of Education. The NSLDS module within Campus Ivy stores all roster batches processed by the system. CLU will have access to view our Roster Batches at any time and can request changes through our 24/7 Support Site. Anticipated Completion Date The anticipated completion date of the corrective action plan is November 30, 2023

Corrective Action Plan: New procedures to effectively collaborate and share information between financial aid and student accounts will be drafted to ensure unclaimed checks are processed within the required window. Timeline for Implementation of Corrective Action Plan: Immediately Contact Person Sharron Scott, CFO

Corrective Action Plan: CCV In June 2023 CCV implemented a new process to verify that student records reported to the Clearinghouse have been correctly and accurately reported to the National Student Database (“NSLDS”). VTSU In March 2023 VTSU implemented new procedures to ensure all enrollment status changes were processed consistently. Since implementation, no new findings were identified. Timeline for Implementation of Corrective Action Plan: Immediately

Corrective Action Plan: CCV CCV implemented new processes in March and June of 2023 to address these issues. The first process verifies that a student’s aid has been updated and recalculated before closing the record. The second process ensures additional training and controls to make sure student withdrawals occur within the appropriate timeframe. VTSU VTSU reprocessed the error return to the Title IV funds with the correct information and cancelled the loan completely. Training with all staff has been reinforced. Timeline for Implementation of Corrective Action Plan: Immediately Contact Person Sharron Scott, CFO

Corrective Action Plan: VTSU A new process for verifying last date of attendance by the registrar’s office was implemented for the 2023-2024 academic year. The new process includes verifying last date of attendance supplied by the student on their withdrawal form with faculty. The verified date will be used for all transactions of record. Timeline for Implementation of Corrective Action Plan: Immediately Contact Person Sharron Scott, CFO

Corrective Action Plan: VTSU This was an isolated instance and attributed to human error. Training with all staff has been reinforced. Timeline for Implementation of Corrective Action Plan: Immediately Contact Person Sharron Scott, CFO

Corrective Action Plan: CCV Disbursement errors noted are isolated errors due to system issues within COD, testing of processes that resulted in an error, and a scheduling issue related to a holiday break. A new automated COD report in Colleague will be created by CCV and implemented in November 2023. VTSU VTSU will continue to monitor and report weekly. Timeline for Implementation of Corrective Action Plan: Immediately Contact Person Sharron Scott, CFO Finding number: 2023-02 Federal agency: U.S. Department of Education Programs: Student Financial Assistance Cluster CFDA #: 84.007, 84.033, 84.038, 84.063, 84.268 Award year: 2023

Finding: The University did not timely or accurately report enrollment changes to the National Student Loan Data System (NSLDS). Corrective Actions Taken or Planned: The Registrar’s Office submits a monthly report to the National Student Clearinghouse (NSC). Summer is an optional term for students and only students who are enrolled for that semester are submitted to NSC. To ensure withdraw dates during the summer semester are being reported on a timely basis Financial Planning will manually enter dates of withdrawn students to NSC and National Student Loan Data Systems (NSLDS). Students who have withdrawn at the end of the spring semester will be manually entered and monitored closely by the Registrar’s Office who will adjust reporting schedule to ensure timely reporting of withdrawn dates. Person Responsible: Sara Sroka (ssroka@dbq.edu) Anticipated completion date: 10/18/2023

Incorrect Enrollment Reporting to National Student Loan Data System (NSLDS) Planned Corrective Action: 100% of example students (16 which overlap with the 12 mentioned) were accurately reported with a “W” withdrawn status to National Student Clearinghouse (NSC) in a timely (monthly) manner, but this correct status did not get transferred to NSLDS. An internal SSRS report for official and unofficial withdrawals, which also accurately reflects these withdrawn students, will remain available to the WBU offices of Financial Aid and the Registrar for verification as part of the planned corrective action. Several related WBU questions to our primary NSC support employee are awaiting a response from NSC. The NSC reporting tool(s) will be updated to make sure the correct combination of fields and corresponding data sources are used for dates. One of multiple date fields may have been misunderstood by the tool’s historical authors. A field-by-field analysis plus any needed corrections to the queries are part of the planned corrective action. Post-submission error corrections by registrar staff via NSC will be spot-checked by Information Technology for date-related warnings. If this cannot be resolved satisfactorily via NSC alone, then corrective measures via NSLDS directly may be considered. Data improvements needed for the PowerCampus baseline product’s NSC reporting tool will also be included in testing this further. Person Responsible for Corrective Action Plan: Cagan Cummings, CIO and Andrew Shamblin, Programmer Analyst Anticipated Date of Completion: June 30, 2024

Return of Title IV (R2T4) Calculations Planned Corrective Action: Executive Director of Financial Aid will continue to provide regular in-house R2T4 training specific to WBU for all staff and will ensure all pertinent staff responsible for R2T4 complete R2T4 training provided by FSA and purchased through NASFAA. The staff member responsible for disbursements, being new to her role in fall of 2022, did not realize that fall disbursements needed to be processed even after the end of the fall term. Once discovered, this was immediately addressed. In June 2023, WBU hired a full-time staff member to serve as a Financial Aid Compliance Specialist in the Office of Financial Aid and this position is devoted to internal audit and federal/state regulation compliance. Person Responsible for Corrective Action Plan: Christy Miller, Executive Director of Financial Aid Anticipated Date of Completion: October 31, 2023