FAC Explorer

Corrective Action Plans

Browse how organizations respond to audit findings

Total CAPs
48,663
In database
Filtered Results
7,441
Matching current filters
Showing Page
174 of 298
25 per page

Filters

Clear
Active filters: § 200.303
Finding 376162 (2023-072)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Subrecipient Monitoring Reporting Significant Deficiency § 200.303
Responsible Contact Person(s): Naveen Abraham, Chief Core Infrastructure Services Corrective Action Planned: Ensuring that infrastructure suppliers fulfill all contractual requirements with respect to Commonwealth security policies and standards necessitates a programmatic, continuous improvement ap...
Responsible Contact Person(s): Naveen Abraham, Chief Core Infrastructure Services Corrective Action Planned: Ensuring that infrastructure suppliers fulfill all contractual requirements with respect to Commonwealth security policies and standards necessitates a programmatic, continuous improvement approach. VITA has made improved cybersecurity a primary goal and major initiatives have completed and are underway. VITA has established a scoring mechanism, based on the Common Vulnerability Scoring System (CVSS), that delineates the necessary response based on the criticality of the vulnerability (critical, high, and medium). For vulnerabilities with a CVSS score of (critical and high), service level agreement (SLA) 1.1.3 is now in place to measure supplier performance and adjust supplier compensation accordingly through SLA credits and RCDs. For vulnerabilities below the critical and high score, in Q4 of 2023, suppliers started providing data in a quarterly report to the MSI and VITA. The new SLAs combined with the reports of vulnerabilities below the critical and high score are used to ensure suppliers’ contractual compliance. VITA’s data shows that patches for software on the enterprise software list are being applied on an ongoing basis. VITA will work with agencies and suppliers if there are any new technical difficulties or questions about patching. New tools are now available to agencies so that they can monitor and verify the remediation of the vulnerabilities for which infrastructure suppliers are responsible. Dashboards have also been provided to the suppliers so that they can review a shared and common vulnerability list. VITA and the suppliers monitor and review enterprise level logs and security events on behalf of customer agencies through the system dashboard and a 24x7 Security Operations Center. The dashboard is available for access by agencies as of Q4 2023. VITA will continue to monitor and improve the security of infrastructure services through ongoing governance, including the requirements of architecture documentation, system security plans, and audit reports. VITA’s infrastructure services group will work with the VITA security group to confirm that the current state achieves security standards compliance. Estimated Completion Date: 6/30/2024
View Audit 295106
Finding 376159 (2023-066)
Significant Deficiency 2023
Commonwealth of Virginia
VA
HUD Housing Programs Significant Deficiency Internal Control / Segregation of Duties § 200.303
Responsible Contact Person(s): Kevin Platea, Chief Information Officer Stephen Schleck, Associate Director of Enterprise Business Solutions Corrective Action Planned: A Change Request for the case management system was developed 2 years ago and DSS is reviewing the change request to determine a stat...
Responsible Contact Person(s): Kevin Platea, Chief Information Officer Stephen Schleck, Associate Director of Enterprise Business Solutions Corrective Action Planned: A Change Request for the case management system was developed 2 years ago and DSS is reviewing the change request to determine a status. It was agreed by Line of Business and ITS EBS & a vendor (the systems provider) that there will be an iterative approach to completing the record retention and purge rules for implementation in the case management system. Estimated Completion Date: 12/31/2024
View Audit 295106
Finding 376134 (2023-061)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Significant Deficiency Internal Control / Segregation of Duties § 200.303
Responsible Contact Person(s): Diane Carnohan, Chief Information Security Officer Corrective Action Planned: This finding was marked as FOIA Exempt (FOIAE) and as a result, the State Comptroller has determined that the resulting corrective actions are FOIAE under §2.2-3705.2 (9.) of the Code of Virg...
Responsible Contact Person(s): Diane Carnohan, Chief Information Security Officer Corrective Action Planned: This finding was marked as FOIA Exempt (FOIAE) and as a result, the State Comptroller has determined that the resulting corrective actions are FOIAE under §2.2-3705.2 (9.) of the Code of Virginia. Federal awarding agencies and pass-through entities, please see the Appendix titled “Applicable Management Contacts for Findings and Questioned Costs” to request the corrective action planned from the applicable entity. Estimated Completion Date: 6/1/2024
View Audit 295106
Finding 376131 (2023-058)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Significant Deficiency Internal Control / Segregation of Duties § 200.303
Responsible Contact Person(s): Kevin Platea, Chief Information Officer Corrective Action Planned: This finding was marked as FOIA Exempt (FOIAE) and as a result, the State Comptroller has determined that the resulting corrective actions are FOIAE under §2.2-3705.2 (9.) of the Code of Virginia. Fede...
Responsible Contact Person(s): Kevin Platea, Chief Information Officer Corrective Action Planned: This finding was marked as FOIA Exempt (FOIAE) and as a result, the State Comptroller has determined that the resulting corrective actions are FOIAE under §2.2-3705.2 (9.) of the Code of Virginia. Federal awarding agencies and pass-through entities, please see the Appendix titled “Applicable Management Contacts for Findings and Questioned Costs” to request the corrective action planned from the applicable entity. Estimated Completion Date: 12/31/2024
View Audit 295106
Finding 376128 (2023-056)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Internal Control / Segregation of Duties Significant Deficiency § 200.303
Responsible Contact Person(s): Barry Davis, Chief Information Security Officer and Director of Information Security & Risk Management John Vosper, Information Technology Audit Manager Corrective Action Planned: DSS has contracted with a contractor to perform IT audits once every three years on an on...
Responsible Contact Person(s): Barry Davis, Chief Information Security Officer and Director of Information Security & Risk Management John Vosper, Information Technology Audit Manager Corrective Action Planned: DSS has contracted with a contractor to perform IT audits once every three years on an ongoing rotating basis. Estimated Completion Date: 12/31/2023
View Audit 295106
Finding 376123 (2023-051)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Significant Deficiency Internal Control / Segregation of Duties § 200.303
Responsible Contact Person(s): David Clark, Information Security Officer Corrective Action Planned: The Information Security Unit has documented a process for the types of changes that trigger a security impact analysis (SIA) as well as a request form for a security impact review. Part of the SIA pr...
Responsible Contact Person(s): David Clark, Information Security Officer Corrective Action Planned: The Information Security Unit has documented a process for the types of changes that trigger a security impact analysis (SIA) as well as a request form for a security impact review. Part of the SIA process will be to determine if pre-implementation testing is required. The Information Security Unit will retain documentation in accordance with the Configuration Management Policy. Once the processes are further defined, the Information Security Unit will update the Configuration Management Policy & Procedures. Estimated Completion Date: 3/31/2024
View Audit 295106
Finding 376120 (2023-049)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Significant Deficiency Internal Control / Segregation of Duties § 200.303
Responsible Contact Person(s): Kevin Platea, Chief Information Officer Corrective Action Planned: This finding was marked as FOIA Exempt (FOIAE) and as a result, the State Comptroller has determined that the resulting corrective actions are FOIAE under §2.2-3705.2 (9.) of the Code of Virginia. Fede...
Responsible Contact Person(s): Kevin Platea, Chief Information Officer Corrective Action Planned: This finding was marked as FOIA Exempt (FOIAE) and as a result, the State Comptroller has determined that the resulting corrective actions are FOIAE under §2.2-3705.2 (9.) of the Code of Virginia. Federal awarding agencies and pass-through entities, please see the Appendix titled “Applicable Management Contacts for Findings and Questioned Costs” to request the corrective action planned from the applicable entity. Estimated Completion Date: 6/30/2024
View Audit 295106
Finding 376117 (2023-043)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Reporting Significant Deficiency Internal Control / Segregation of Duties § 200.303
Responsible Contact Person(s): Barry Davis, Chief Information Security Officer and Director of Information Security & Risk Management Melinda Raines, Director of Human Resources Karen Holt, Human Resources Business Process Consultant Corrective Action Planned: An agency-wide work group will be estab...
Responsible Contact Person(s): Barry Davis, Chief Information Security Officer and Director of Information Security & Risk Management Melinda Raines, Director of Human Resources Karen Holt, Human Resources Business Process Consultant Corrective Action Planned: An agency-wide work group will be established to determine the exact processes need to implement the controls necessary to address this finding. HR and ISRM have identified the need for new reporting and interfaces to regain compliance. DSS had deployed DOA human capital management system and an internal system that will need to have interfaces developed. Estimated Completion Date: 6/30/2024
View Audit 295106
Finding 376114 (2023-036)
Significant Deficiency 2023
Commonwealth of Virginia
VA
HUD Housing Programs Significant Deficiency Internal Control / Segregation of Duties § 200.303
Responsible Contact Person(s): Mike Jones, Chief Information Officer Steve Hanoka, Chief Information Security Officer Corrective Action Planned: The 2023 Annual Access Review for the claims processing system through secure web application surveys began in the 4th Quarter 2023. Three separate surve...
Responsible Contact Person(s): Mike Jones, Chief Information Officer Steve Hanoka, Chief Information Security Officer Corrective Action Planned: The 2023 Annual Access Review for the claims processing system through secure web application surveys began in the 4th Quarter 2023. Three separate surveys were sent to perform access review for DSS, Contractor and DMAS Internal access review. • DSS annual review sent on November 9, 2023 and ended on November 20, 2023 • Contractor review sent on November 30, 2023 and ended on December 15, 2023 • DMAS review sent on December 15, 2023 and ended on January 13, 2024 All 3 surveys requested managers to review their employees access and confirm if it was required or if the access should be revoked. Survey results are available to perform follow up actions. DMAS Security is currently reviewing the survey results and revoking access where requested. Estimated Completion Date: 6/30/2024
View Audit 295106
Finding 376111 (2023-035)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Eligibility HUD Housing Programs Significant Deficiency § 200.303
Responsible Contact Person(s): Barry Davis, Chief Information Security Officer and Director of Information Security & Risk Management Steve McCauley, Assistant Division Director Corrective Action Planned: DSS will perform an annual access review of user accounts for the case management system. Estim...
Responsible Contact Person(s): Barry Davis, Chief Information Security Officer and Director of Information Security & Risk Management Steve McCauley, Assistant Division Director Corrective Action Planned: DSS will perform an annual access review of user accounts for the case management system. Estimated Completion Date: 12/31/2024
View Audit 295106
Finding 376108 (2023-034)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Internal Control / Segregation of Duties Eligibility HUD Housing Programs § 200.303
Responsible Contact Person(s): Angela Morse, Director of Benefit Programs Kavansa Gardner, Information Technology Manager Corrective Action Planned: DSS will perform and document a conflicting access review for the case management system to identify the combinations of roles that could pose separat...
Responsible Contact Person(s): Angela Morse, Director of Benefit Programs Kavansa Gardner, Information Technology Manager Corrective Action Planned: DSS will perform and document a conflicting access review for the case management system to identify the combinations of roles that could pose separation of duties conflicts and ensure compensating controls are in place to mitigate risks arising from those conflicts. Additionally, DSS will work with a vendor to update the role-based security access documentation to reflect all system changes from prior case management system related releases when there are proposed changes to the roles matrix. Estimated Completion Date: 12/31/2024
View Audit 295106
Finding 376105 (2023-027)
Material Weakness 2023
Commonwealth of Virginia
VA
Material Weakness Internal Control / Segregation of Duties § 200.303
Responsible Contact Person(s): Barry Davis, Chief Information Security Officer and Information Security & Risk Management Kevin Platea, Chief Information Officer Corrective Action Planned: This finding was marked as FOIA Exempt (FOIAE) and as a result, the State Comptroller has determined that the r...
Responsible Contact Person(s): Barry Davis, Chief Information Security Officer and Information Security & Risk Management Kevin Platea, Chief Information Officer Corrective Action Planned: This finding was marked as FOIA Exempt (FOIAE) and as a result, the State Comptroller has determined that the resulting corrective actions are FOIAE under §2.2-3705.2 (9.) of the Code of Virginia. Federal awarding agencies and pass-through entities, please see the Appendix titled “Applicable Management Contacts for Findings and Questioned Costs” to request the corrective action planned from the applicable entity. Estimated Completion Date: 12/31/2023
View Audit 295106
Finding 376080 (2023-022)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Subrecipient Monitoring Significant Deficiency Internal Control / Segregation of Duties § 200.303
Responsible Contact Person(s): Diane Carnohan, Chief Information Security Officer Corrective Action Planned: This finding was marked as FOIA Exempt (FOIAE) and as a result, the State Comptroller has determined that the resulting corrective actions are FOIAE under §2.2-3705.2 (9.) of the Code of Virg...
Responsible Contact Person(s): Diane Carnohan, Chief Information Security Officer Corrective Action Planned: This finding was marked as FOIA Exempt (FOIAE) and as a result, the State Comptroller has determined that the resulting corrective actions are FOIAE under §2.2-3705.2 (9.) of the Code of Virginia. Federal awarding agencies and pass-through entities, please see the Appendix titled “Applicable Management Contacts for Findings and Questioned Costs” to request the corrective action planned from the applicable entity. Estimated Completion Date: 12/31/2024
View Audit 295106
Finding 376077 (2023-015)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Subrecipient Monitoring Significant Deficiency Internal Control / Segregation of Duties § 200.303
Responsible Contact Person(s): Kevin Platea, Chief Information Officer Corrective Action Planned: This finding was marked as FOIA Exempt (FOIAE) and as a result, the State Comptroller has determined that the resulting corrective actions are FOIAE under §2.2-3705.2 (9.) of the Code of Virginia. Fede...
Responsible Contact Person(s): Kevin Platea, Chief Information Officer Corrective Action Planned: This finding was marked as FOIA Exempt (FOIAE) and as a result, the State Comptroller has determined that the resulting corrective actions are FOIAE under §2.2-3705.2 (9.) of the Code of Virginia. Federal awarding agencies and pass-through entities, please see the Appendix titled “Applicable Management Contacts for Findings and Questioned Costs” to request the corrective action planned from the applicable entity. Estimated Completion Date: 12/31/2024
View Audit 295106
Finding 376074 (2023-014)
Significant Deficiency 2023
Commonwealth of Virginia
VA
Subrecipient Monitoring Significant Deficiency Internal Control / Segregation of Duties § 200.303
Responsible Contact Person(s): Barry Davis, Chief Information Security Officer and Director of Information Security & Risk Management Kevin Platea, Chief Information Officer Corrective Action Planned: To improve the governance structure of the agency, ISRM Division Leadership is working with a vendo...
Responsible Contact Person(s): Barry Davis, Chief Information Security Officer and Director of Information Security & Risk Management Kevin Platea, Chief Information Officer Corrective Action Planned: To improve the governance structure of the agency, ISRM Division Leadership is working with a vendor to address the division’s responsibility around defining and communicating the Security and Risk Management program. The goal is to educate the agency System Owners, Data Owners, System Administrators, System User, and Data Custodians as to their roles and responsibilities in managing risk associated with agency data and systems. The Division of ISRM will deliver System Owner training to the Agency Executive Team in April in support of the Commonwealth’s requirement that System Owner’s manage risks associated with their systems. This training will also highlight the importance of Configuration Management and Software and Service Acquisition. The Division of ISRM will also construct and offer training on Configuration Management and Software and Service Acquisition to whichever resources the Agency identifies to own such related processes. The training will be ready to be provided no later than August 1, 2023. Estimated Completion Date: 12/31/2023
View Audit 295106
Finding 376071 (2023-010)
Material Weakness 2023
Commonwealth of Virginia
VA
Subrecipient Monitoring Material Weakness Internal Control / Segregation of Duties § 200.303
Responsible Contact Person(s): Steve Hanoka, Chief Information Security Officer Corrective Action Planned: Policies are reviewed and signed. Procedures are in progress, to be followed by implementation. DMAS wants to meet with the APA and VITA to discuss Pen Test and vulnerability scan processes. ...
Responsible Contact Person(s): Steve Hanoka, Chief Information Security Officer Corrective Action Planned: Policies are reviewed and signed. Procedures are in progress, to be followed by implementation. DMAS wants to meet with the APA and VITA to discuss Pen Test and vulnerability scan processes. Completion of System Security Plans (SSPs) are about 50% complete, with 6 SSPs complete, 3 under review, 1 in draft and 7 to schedule. A program management policy/standard has been written and is under review. Estimated Completion Date: 4/1/2024
View Audit 295106
Finding 376069 (2023-002)
Material Weakness 2023
Global Community Charter School
NY
Matching / Level of Effort / Earmarking Special Tests & Provisions § 200.303
We are in agreement with the finding. GCCS management will retain documentation to support proper operation of internal controls and compliance with applicable Federal statutes, regulations, Wage Rate Requirements, and other terms and conditions of awards received. By the November 2023 board meeting...
We are in agreement with the finding. GCCS management will retain documentation to support proper operation of internal controls and compliance with applicable Federal statutes, regulations, Wage Rate Requirements, and other terms and conditions of awards received. By the November 2023 board meeting, we will adopt an updated fiscal policy & procedures manual with more explicit language regarding procurement & expenditure requirements for federal funding of capital items.
View Audit 295090
Finding 376063 (2023-004)
Material Weakness 2023
Batesville Community School Corporation
IN
Internal Control / Segregation of Duties Material Weakness Reporting § 200.303
FINDING 2023-004 Finding Subject: COVID-19 - Education Stabilization Fund – Reporting Summary of Finding: Reports were not reviewed by someone other than the preparer Contact Person Responsible for Corrective Action: Todd Nobbe Contact Phone Number: 812-934-2194 Views of Responsible Official: We con...
FINDING 2023-004 Finding Subject: COVID-19 - Education Stabilization Fund – Reporting Summary of Finding: Reports were not reviewed by someone other than the preparer Contact Person Responsible for Corrective Action: Todd Nobbe Contact Phone Number: 812-934-2194 Views of Responsible Official: We concur with the finding. Description of Corrective Action Plan: The school corporation will establish a proper system for internal controls and develop procedure to ensure report are review by someone other than the preparer. Completion Date: Immediately 2/26/2024
View Audit 295088
Finding 376058 (2023-003)
Material Weakness 2023
Batesville Community School Corporation
IN
Matching / Level of Effort / Earmarking Subrecipient Monitoring Special Tests & Provisions § 200.303 § 200.334
FINDING 2023-003 Finding Subject: COVID-19 - Education Stabilization Fund – Special Tests and Provisions – Wage Rate Requirements Summary of Finding: Weekly payroll reports were not reviewed by the unit for compliance with Davis-Bacon Act Contact Person Responsible for Corrective Action: Todd Nobbe ...
FINDING 2023-003 Finding Subject: COVID-19 - Education Stabilization Fund – Special Tests and Provisions – Wage Rate Requirements Summary of Finding: Weekly payroll reports were not reviewed by the unit for compliance with Davis-Bacon Act Contact Person Responsible for Corrective Action: Todd Nobbe Contact Phone Number: 812-934-2194 Views of Responsible Official: We concur with the finding. Description of Corrective Action Plan: Management will request and review weekly wage reports for all Davis-Bacon Act projects. Documents will be review and signed off by the Director of Operation and kept for audit. Completion Date: Immediately 2/26/2024
View Audit 295088
Finding 376055 (2023-002)
Material Weakness 2023
Batesville Community School Corporation
IN
Questioned Costs Allowable Costs / Cost Principles § 200.303 § 200.403 § 200.430
FINDING 2023-002 Finding Subject: COVID-19 - Education Stabilization Fund – Allowable Cost/Cost Principles Summary of Finding: Time and Effort logs were not maintained for grant Contact Person Responsible for Corrective Action: Todd Nobbe Contact Phone Number: 812-934-2194 Views of Responsible Offic...
FINDING 2023-002 Finding Subject: COVID-19 - Education Stabilization Fund – Allowable Cost/Cost Principles Summary of Finding: Time and Effort logs were not maintained for grant Contact Person Responsible for Corrective Action: Todd Nobbe Contact Phone Number: 812-934-2194 Views of Responsible Official: We concur with the finding. Description of Corrective Action Plan: The School Corporation will have the individuals paid by this grant complete time and effort documentation for the grant. Documentation will be kept for the audit. Completion Date: Immediately 2/26/2024
View Audit 295088 Questioned Costs: $1
Finding 376049 (2023-004)
Material Weakness 2023
Crown Point Community School Corporation
IN
Matching / Level of Effort / Earmarking Subrecipient Monitoring Special Tests & Provisions § 200.303
FINDING 2023-004 Finding Subject: COVID-19 - Education Stabilization Fund - Special Tests and Provisions - Wage Rate Requirements Summary of Finding: The School Corporation had not designed, nor implemented a system of internal control to ensure that construction contracts in excess of $2,000 paid f...
FINDING 2023-004 Finding Subject: COVID-19 - Education Stabilization Fund - Special Tests and Provisions - Wage Rate Requirements Summary of Finding: The School Corporation had not designed, nor implemented a system of internal control to ensure that construction contracts in excess of $2,000 paid from federal grant funds included a prevailing wage rate clause. One construction contract, totaling $35,000 was paid from the Education Stabilization Fund grant funds during the audit period. The single contract was tested. It was noted that the contract did not contain the required prevailing wage rate clause. Certified payrolls were not obtained until after the School Corporation was issued an ESSER Construction Monitoring Report in late 2023. It is recommended that the School Corporation's management establish a system of internal controls and include the wage rate requirement clause in construction contracts. In addition, certified payrolls should be obtained as required. Contact Person Responsible for Corrective Action: James H. Hardman Contact Phone Number and Email Address: 219-663-3371 jhardman@cps.k12.in.us Views of Responsible Officials: The management of the Crown Point Community School Corporation concurs with the finding. Description of Corrective Action Plan: The management of the Crown Point Community School Corporation will establish a system of internal controls and include the wage rate requirement clause in construction contracts. In addition, certified payrolls will be obtained as required. Anticipated Completion Date: February 20, 2024
View Audit 295075
Finding 376047 (2023-003)
Material Weakness 2023
Crown Point Community School Corporation
IN
Special Tests & Provisions Subrecipient Monitoring Material Weakness § 200.303
FINDING 2023-003 Finding Subject: Title I Grants to Local Educational Agencies Special Tests and Provisions – Assessment System Security Summary of Finding: A sample of 40 employees were tested from the school’s roster and ten did not have a signed agreement indicating training was received. There w...
FINDING 2023-003 Finding Subject: Title I Grants to Local Educational Agencies Special Tests and Provisions – Assessment System Security Summary of Finding: A sample of 40 employees were tested from the school’s roster and ten did not have a signed agreement indicating training was received. There was no process to ensure that all employees required to be trained received the training and submitted the Assessment System Security Agreement. It is recommended that the School Corporation's management establish a system of internal controls. Contact Person Responsible for Corrective Action: James H. Hardman Contact Phone Number and Email Address: 219-663-3371 jhardman@cps.k12.in.us Views of Responsible Officials: The management of the Crown Point Community School Corporation concurs with the finding. Description of Corrective Action Plan: The management of the Crown Point Community School Corporation will establish a system of internal controls to ensure all employees required to be trained receive the training and submit the Assessment System Security Agreement. Anticipated Completion Date: February 20, 2024
View Audit 295075
Finding 376045 (2023-002)
Material Weakness 2023
Crown Point Community School Corporation
IN
Internal Control / Segregation of Duties Material Weakness Reporting § 200.303
FINDING 2023-002 Finding Subject: Title I Grants to Local Educational Agencies - Reporting Summary of Finding: The School Corporation had established a system of internal controls over the Final Expenditure report for Title I. However, the internal control process was not documented. It is recommend...
FINDING 2023-002 Finding Subject: Title I Grants to Local Educational Agencies - Reporting Summary of Finding: The School Corporation had established a system of internal controls over the Final Expenditure report for Title I. However, the internal control process was not documented. It is recommended that the School Corporation's management establish a system of internal controls. Contact Person Responsible for Corrective Action: James H. Hardman Contact Phone Number and Email Address: 219-663-3371 jhardman@cps.k12.in.us Views of Responsible Officials: The management of the Crown Point Community School Corporation concurs with the finding. Description of Corrective Action Plan: The management of the Crown Point Community School Corporation will establish a system of internal controls consisting of policies and procedures. Anticipated Completion Date: April 5, 2024
View Audit 295075
Finding 376011 (2023-003)
Material Weakness 2023
Fayette County School Corporation
IN
Matching / Level of Effort / Earmarking Special Tests & Provisions § 200.303
FINDING 2023 003 Finding Subject: Material Weakness and Modified Opinion COVID 19 Education Stabilization Fund – Special tests and provisions regarding wage rate requirements. Summary of Finding: FCSC was not in compliance with the Davis Bacon Act, which requires contractors and subcontractors to su...
FINDING 2023 003 Finding Subject: Material Weakness and Modified Opinion COVID 19 Education Stabilization Fund – Special tests and provisions regarding wage rate requirements. Summary of Finding: FCSC was not in compliance with the Davis Bacon Act, which requires contractors and subcontractors to supply payroll/wage rate information to the contractee if the services provided exceed $2,000.00 and are paid with federal funds. Contact Person Responsible for Corrective Action: Randy Harris Contact Phone Number and Email Address: (765) 825 2178 rharris@fayette.k12.in.us Views of Responsible Officials: We concur with this finding. Description of Corrective Action Plan: We have learned from our error. Going forward, FCSC will be more diligent about understanding the parameters of grant guidelines and reporting. If we have any future contracts that are in excess of $2,000.00 and are to be paid with federal monies, FCSC will be sure to obtain the wage records from the contractor. We can note in the bid request that Davis Bacon rules apply. Anticipated Completion Date: A new procedure is in place effective February 2024.
View Audit 295033
Finding 376004 (2023-004)
Material Weakness 2023
Fayette County School Corporation
IN
School Nutrition Programs Internal Control / Segregation of Duties Allowable Costs / Cost Principles § 200.303
FINDING 2023 004 Finding Subject: Child Nutrition Cluster – Allowable and Non allowable Activities and Costs Summary of Finding: Material Weakness FCSC did not have a review process in place to ensure that food service program funds were being used for allowable activities and allowable costs. Conta...
FINDING 2023 004 Finding Subject: Child Nutrition Cluster – Allowable and Non allowable Activities and Costs Summary of Finding: Material Weakness FCSC did not have a review process in place to ensure that food service program funds were being used for allowable activities and allowable costs. Contact Person Responsible for Corrective Action: Tina Smith Contact Phone Number and Email Address: (765) 825 2178 tlsmith@fayette.k12.in.us Views of Responsible Officials: We concur with this finding. However, it has never been a past practice to audit the costs and activities of the food service program. This has been a recent change in audit requirements that began with the beginning of this audit period. Description of Corrective Action Plan: The Deputy Treasurer will randomly and periodically request receipts from the food service director in order to conduct a “mini audit” to ensure that all costs and activities are, in fact, allowable. Anticipated Completion Date: A new procedure is in place effective February 2024. The documented oversight will be available and provided for review with the 2025 audit.
View Audit 295033
« 1 172 173 175 176 298 »