FAC Explorer

Finding 10288 (2023-003)

Significant Deficiency
Requirement
N
Questioned Costs
-
Year
2023
Accepted
2024-01-26
Audit: 13927
Organization: Laramie County Community College (WY)
Auditor: McGee Hearne & Paiz LLP

AI Summary

  • Core Issue: The College lacks a written comprehensive information security program as required by 16 CFR 314.4.
  • Impacted Requirements: Failure to comply with the Gramm-Leach-Bliley Act due to inadequate safeguards for customer information.
  • Recommended Follow-Up: Implement a control to monitor Federal guideline changes for timely policy updates.

Finding Text

Criteria: 16 CFR 314.3 requires an institution to develop, implement, and maintain a comprehensive information security program that is written in one or more readily accessible parts and contains administrative, technical, and physical safeguards that are appropriate to the institution’s size and complexity, the nature and scope of activities, and the sensitivity of any customer information at issue. The information security program shall include the elements set forth in §314.4 and shall be reasonably designed to achieve the objectives of this part. Condition/context: The College does not have a written comprehensive information security program that addresses all of the elements required by 16 CFR 314.4. Cause: The College does not have a control in place to ensure that policies are reviewed and updated in accordance with Federal deadlines. Effect: The College is not compliant with the Gramm-Leach-Bliley Act. Questioned costs: None. Identification as a repeat finding: No. Recommendation: The College should implement a control to monitor changes in Federal guidelines in order to update policies timely. Views of responsible officials: Management concurs with the finding. See Exhibit I for the corrective action plan.

Corrective Action Plan

Corrective Action: The College was aware of the new required elements for our comprehensive information security program procedure but missed the June 9 deadline to finalize the procedure changes. The required Gramm-Leach-Bliley Act procedures were in draft form at the time of the audit review. The required procedures were finalized in July and approved by the President’s Cabinet on August 1, 2023, and were effective on that same date. The approved procedures address all elements as required by 16 CFR 314.4, and the College is now in full compliance with the Gramm-Leach-Bliley Act. Anticipated Completion Date: August 1, 2023 Contact Person: Chad Marley

Categories

No categories assigned yet.

Other Findings in this Audit

  • 10287 2023-002
    Significant Deficiency
  • 10289 2023-003
    Significant Deficiency
  • 10290 2023-003
    Significant Deficiency
  • 10291 2023-003
    Significant Deficiency
  • 586729 2023-002
    Significant Deficiency
  • 586730 2023-003
    Significant Deficiency
  • 586731 2023-003
    Significant Deficiency
  • 586732 2023-003
    Significant Deficiency
  • 586733 2023-003
    Significant Deficiency

Programs in Audit

ALN Program Name Expenditures
84.268 Federal Direct Student Loans $4.20M
84.063 Federal Pell Grant Program $4.18M
11.307 Economic Adjustment Assistance $1.78M
21.027 Coronavirus State and Local Fiscal Recovery Funds $558,472
93.575 Child Care and Development Block Grant $462,100
84.334 Gaining Early Awareness and Readiness for Undergraduate Programs $386,800
84.425 Education Stabilization Fund $276,028
84.048 Career and Technical Education -- Basic Grants to States $209,799
93.859 Biomedical Research and Research Training $154,744
84.007 Federal Supplemental Educational Opportunity Grants $104,122
84.033 Federal Work-Study Program $32,008
17.259 Wia Youth Activities $22,500
94.021 Volunteer Generation Fund $19,613
84.002 Adult Education - Basic Grants to States $13,566
10.664 Cooperative Forestry Assistance $1,229