Finding Text
Nonmaterial Noncompliance Findings Finding 2024-003 - Student Financial Aid Cluster, CFDA# 84.007, 84.033, 84.063, 84.268
Compliance Requirement: Gramm-Leach-Bliley Act – Student Information Security
Criteria: The College is required to have a written security program that address the seven elements as described in 16 CFR 314.4 (b).
Condition: The College does not have a written security program that address the seven elements as described in 16 CFR 314.4 (b) as of June 30, 2024.
Cause: Although the College meets some of the seven elements as described in 16 CFR 314.4 (b), the College has yet to establish a formalized written policy.
Context: Not all elements as described in 16 CFR 314.4 (b) have been met, nor is has the College establish a formalized written policy.
Effect: The College could have risks associated with the safeguarding of sensitive information it is not aware of or does not protect against.
Recommendation: The College should review and put in place the required minimum elements as described in 16 CFR 314.4 (b).
Management Response: The College concurs with this finding.
Corrective Action Plan: See attached management’s corrective action plan.