FAC Explorer

Finding 544740 (2024-001)

Significant Deficiency Repeat Finding
Requirement
N
Questioned Costs
-
Year
2024
Accepted
2025-03-31
Audit: 351245
Organization: Presbyterian College (SC)
Auditor: Capincrouse LLC

AI Summary

  • Core Issue: The College is not fully compliant with the updated requirements of the Gramm-Leach-Bliley Act (GLBA).
  • Impacted Requirements: Insufficient documentation of security risk assessments, lack of multi-factor authentication for systems with personally identifiable information (PII), and no annual report to the board.
  • Recommended Follow-up: Allocate adequate resources to meet GLBA requirements and implement corrective actions as planned.

Finding Text

Gramm-Leach-Bliley Act (GLBA) Compliance Significant Deficiency DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, 84.038, and 84.379 Federal Award Identification #: 2023-2024 Award Year Condition: The College did not sufficiently comply with the updated requirements of GLBA. Criteria: 16 CFR 314.4 Questioned Costs: $0 Context: The College has not sufficiently documented its security risk assessment and safeguards, sufficiently implemented multi-factor authentication on systems containing personally identifiable information (PII), or provided a written, annual report to the board. Cause: The College has not allocated sufficient resources to address and document compliance with the requirements of GLBA. Effect: The College has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as repeat finding, if applicable: 2023-004 Recommendation: We recommend the College allocate sufficient resources to address all requirements of GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.

Corrective Action Plan

Gramm-Leach-Bliley Act (GLBA) Compliance Planned Corrective Action: The college has taken significant, strategic, steps to secure college assets and data in the last few years. We have completed multiple high impact security projects, and with those complete we are now well positioned to draft data and implement policies and procedures. In the coming year, the college will be undertaking a Data Classification/Security project, as well as a holistic review of PCI practices currently in use. These efforts will bring the college into compliance with these GLBA rules: 16 CFR 314.4(c)(2) – Safeguards – Inventory 16 CFR 314.4(c)(3) – Safeguards – Encryption 16 CFR 314.4(c)(5) and (8) – Safeguards – MFA 16 CFR 314.4(c)(6) – Data Disposal and Retention The college is implementing MFA for critical business staff, bringing us into compliance with: 16 CFR 314.4(c)(1) – Safeguards – Access Management Effective at our next board meeting, the college will begin having the CISO give regular reports to the Board, bringing us into compliance with: 16 CFR 314.4(i) - Annual Status Report to the Board  Person Responsible for Corrective Action Plan: Kevin Crider, Chief Information Officer Anticipated Date of Completion: June 30, 2026

Categories

Subrecipient Monitoring Significant Deficiency

Other Findings in this Audit

  • 544741 2024-001
    Significant Deficiency Repeat
  • 544742 2024-001
    Significant Deficiency Repeat
  • 544743 2024-001
    Significant Deficiency Repeat
  • 544744 2024-001
    Significant Deficiency Repeat
  • 544745 2024-001
    Significant Deficiency Repeat
  • 1121182 2024-001
    Significant Deficiency Repeat
  • 1121183 2024-001
    Significant Deficiency Repeat
  • 1121184 2024-001
    Significant Deficiency Repeat
  • 1121185 2024-001
    Significant Deficiency Repeat
  • 1121186 2024-001
    Significant Deficiency Repeat
  • 1121187 2024-001
    Significant Deficiency Repeat

Programs in Audit

ALN Program Name Expenditures
10.766 Community Facilities Loans and Grants $57.22M
84.268 Federal Direct Student Loans $14.70M
84.063 Federal Pell Grant Program $1.80M
84.038 Federal Perkins Loan Program $435,750
84.033 Federal Work-Study Program $137,717
84.007 Federal Supplemental Educational Opportunity Grants $73,422
93.859 Biomedical Research and Research Training $34,598
97.036 Covid-19 Disaster Grants - Public Assistance (presidentially Declared Disasters) $17,690
84.379 Teacher Education Assistance for College and Higher Education Grants (teach Grants) $16,974
21.027 Covid-19 Coronavirus State and Local Fiscal Recovery Funds $6,653