Finding Text
Federal Agency –Department of Education, Student Financial Assistance Cluster, Federal Supplemental Educational Opportunity Grants, Assistance Listing Number 84.007; Federal Pell Grant Program, Assistance Listing Number 84.063; Federal Direct Loan Program, Assistance Listing Number 84.268.
Federal Award Program Year – July 1, 2023 – June 30, 2024
Criteria or Specific Requirement – Special Tests and Provisions – Gramm-Leach-Bliley Act-Student Information Security –The Program Participation Agreement (PPA) with the United States Department of Education requires the College to comply with the Standards for Safeguarding Customer Information as described in 16 CFR Part 314 which includes the development of a comprehensive written security program.
Condition – The College has not document a written information security program in accordance with the applicable regulations.
Questioned Costs – None.
Context – Under the College’s PPA, institutions must protect student financial aid information, with particular attention to information provided to institutions by the Department of Education or otherwise obtained in support of the administration of federal student financial aid programs.
Cause – A formal information security program was not documented.
Effect – The absence of this document could result in the unauthorized disclosure, misuse, alteration, destruction, or other compromise of student account information
Identification as a Repeat Finding – N/A
Recommendation – We recommend the College complete a comprehensive risk assessment surrounding information security, and document and information security program based on that risk assessment.