FAC Explorer

Finding 560597 (2024-003)

-
Requirement
P
Questioned Costs
-
Year
2024
Accepted
2025-05-19
Audit: 356516
Organization: Claflin University (SC)
Auditor: Cherry Bekaert LLP

AI Summary

  • Core Issue: The University lacks a formal written security program required by the Gramm-Leach-Bliley Act.
  • Impacted Requirements: Not all seven elements outlined in 16 CFR 314.4 (b) are addressed, increasing risks to sensitive information.
  • Recommended Follow-Up: Implement a comprehensive written security program to meet compliance requirements.

Finding Text

Finding 2024-003-Student Financial Aid Cluster, ALN#84.007, 84.033, 84.063, 84.268, 84.379 Compliance Requirement: Gramm-Leach-Bliley Act – Student Information Security Criteria: The University is required to have a written security program that address the seven elements as described in 16 CFR 314.4 (b). Condition: The University does not have a written security program that address the seven elements as described in 16 CFR 314.4 (b) as of June 30, 2024. Cause: Although the University meets some of the seven elements as described in 16 CFR 314.4 (b), the University has yet to establish a formalized written policy. Effect: The University could have risks associated with the safeguarding of sensitive information it is not aware of or does not protect against. Questioned Costs: None Context: Not all elements as described in 16 CFR 314.4 (b) have been met, and the University does not have formal written documentation of its program. Recommendation: The University should implement a written security program that addresses the required elements as described in 16 CFR 314.4 (b). Management Response: The University concurs with this finding. Corrective Action Plan: See attached management’s corrective action plan.

Corrective Action Plan

The University will form a task force comprising representatives from IT, compliance, and legal departments to review the seven required elements of the Gramm-Leach-Bliley Act (GLBA) by May 31, 2025. The task force will draft a comprehensive written information security program that includes the designation of a program coordinator, identification of 400 Magnolia Street – Orangeburg, SC 29115 A University of the United Methodist Church internal and external risks to sensitive information, implementation of safeguards to control these risks, regular testing and monitoring of safeguards, oversight of service providers, evaluation and adjustment of safeguards in response to changes, and continuous employee training on handling sensitive information. The draft program will be submitted for review and approval by senior leadership by June 30, 2025.

Categories

No categories assigned yet.

Other Findings in this Audit

Programs in Audit

ALN Program Name Expenditures
10.766 Community Facilities Loans and Grants $13.76M
84.268 Federal Direct Student Loans $13.52M
84.063 Federal Pell Grant Program $8.22M
81.137 Minority Economic Impact $3.84M
11.028 Connecting Minority Communities Pilot Program $1.63M
84.382 Strengthening Minority-Serving Institutions $755,487
84.031 Higher Education Institutional Aid $553,831
81.089 Fossil Energy Research and Development $546,113
84.047 Trio Upward Bound $539,146
84.007 Federal Supplemental Educational Opportunity Grants $379,711
84.042 Trio Student Support Services $351,846
84.033 Federal Work-Study Program $260,349
84.120 Minority Science and Engineering Improvement $177,416
84.184 School Safely National Activities $147,165
47.076 Stem Education (formerly Education and Human Resources) $65,385
93.859 Biomedical Research and Research Training $64,390
84.302 Next Generation Black Stem Teachers (ngbst) $54,024
47.083 Integrative Activities $43,201
94.013 Americorps Volunteers in Service to America 94.013 $37,903
11.303 Economic Development Technical Assistance $29,397
84.116 Fund for the Improvement of Postsecondary Education $18,653
47.075 Social, Behavioral, and Economic Sciences $15,485
84.379 Teacher Education Assistance for College and Higher Education Grants (teach Grants) $13,192
47.084 Nsf Technology, Innovation, and Partnerships $12,825
10.351 Rural Business Development Grant $10,033
15.904 Historic Preservation Fund Grants-in-Aid $9,200
47.074 Biological Sciences $8,767
93.354 Public Health Emergency Response: Cooperative Agreement for Emergency Response: Public Health Crisis Response $7,916
84.220 Centers for International Business Education $7,840
81.123 National Nuclear Security Administration (nnsa) Minority Serving Institutions (msi) Program $6,439
81.113 Defense Nuclear Nonproliferation Research $3,307
47.041 Engineering $1,800
84.302 Summer 2023 Mgbst Research $1,397