FAC Explorer

Finding 42421 (2022-002)

Significant Deficiency Repeat Finding
Requirement
N
Questioned Costs
-
Year
2022
Accepted
2023-01-17
Audit: 38817
Organization: Bennett College (NC)
Auditor: Dmj Ps PLLC

AI Summary

  • Core Issue: The College is not fully compliant with the Gramm-Leach-Bliley Act (GLBA), risking student information security.
  • Impacted Requirements: Key requirements under 16 CFR 314.3 and 16 CFR 314.4 are not being met, including lack of a designated information security officer and undocumented risk assessments.
  • Recommended Follow-Up: The College should implement necessary safeguards and finalize a corrective action plan to address GLBA compliance issues.

Finding Text

2022-002 Gramm-Leach-Bliley Act (?GLBA?) Compliance Significant Deficiency DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, and 84.007 ? Student Financial Aid Cluster Federal Award Identification # 21-22 Financial Aid Year Condition: The College did not sufficiently comply with the requirements of GLBA. Criteria: 16 CFR 314.3, 16 CFR 314.4. Questioned Costs: $0. Context: The College has not designated an individual to oversee information security. The College has not documented its security risk assessment and safeguards. Cause: The College has not allocated sufficient resources to address all requirements of GLBA. Effect: The College has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as Repeat Finding, if Applicable: Repeat finding. Recommendation: We recommend that the College finalize putting appropriate safeguards in place to mitigate risks associated with GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See Corrective Action Plan.

Corrective Action Plan

Finding Number: 2022-002 Gramm-Leach-Bliley Act (GLBA) Compliance Planned Corrective Action: A comprehensive GLBA audit was completed by Oculus IT in November 2022. Subsequently, a corrective action plan was established and prioritized. Several corrective actions have been completed and the remainder are scheduled to be completed on or before December 31, 2022. Person(s) Responsible for the Corrective Action Plan: Mondrail Myrick, Director of Information Technology & Greg Hodges, Chief Financial Officer Anticipated Date of Completion: December 31, 2022.

Categories

Subrecipient Monitoring Significant Deficiency

Other Findings in this Audit

  • 618863 2022-002
    Significant Deficiency Repeat

Programs in Audit

ALN Program Name Expenditures
84.268 Federal Direct Student Loans $1.54M
84.063 Federal Pell Grant Program $793,223
21.027 Coronavirus State and Local Fiscal Recovery Funds $750,000
84.425 Education Stabilization Fund $607,937
84.031 Higher Education_institutional Aid $531,347
12.630 Basic, Applied, and Advanced Research in Science and Engineering $121,080
84.007 Federal Supplemental Educational Opportunity Grants $116,090
84.033 Federal Work-Study Program $53,721
47.076 Education and Human Resources $40,446
45.024 Promotion of the Arts_grants to Organizations and Individuals $14,331
15.904 Historic Preservation Fund Grants-in-Aid $9,270
45.313 Laura Bush 21st Century Librarian Program $8,272