FAC Explorer

Finding 577356 (2023-002)

-
Requirement
N
Questioned Costs
-
Year
2023
Accepted
2023-10-30
Audit: 1692
Organization: John Brown University and Affiliates (AR)
Auditor: Capincrouse LLP

AI Summary

  • Core Issue: The University is not fully compliant with the updated GLBA requirements, specifically lacking multi-factor authentication for a system containing non-financial PII.
  • Impacted Requirements: Compliance with 16 CFR 314.4, including the need for enhanced security measures and comprehensive reporting to the board.
  • Recommended Follow-up: Implement the remaining components of the revised GLBA regulations to mitigate security risks and ensure full compliance.

Finding Text

Gramm-Leach-Bliley Act (GLBA) Compliance Other Matter DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, 84.007, 84.033, 84.038 and 84.379; Student Financial Assistance Cluster Federal Award Identification #: 2022-2023 Financial Aid Year Condition: The University has gaps in two areas with the updated requirements of GLBA. Criteria: 16 CFR 314.4 Questioned Costs: $0 Context: The University has not implemented multi-factor authentication on one system containing non-financial personally identifiable information (PII). Additionally, the written annual report to the board does not include all the required areas based on the updated regulations. Cause: The University has made significant progress on GLBA and has a couple of components to be in full compliance with the updated requirements of GLBA. University personnel were unaware of the system’s ability to support MFA. Effect: The University may have unintended exposure of non-financial student information to security risks. Identification as repeat finding, if applicable: n/a Recommendation: We recommend the University implement the remaining components of the revised regulations. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See corrective action plan.

Categories

No categories assigned yet.

Other Findings in this Audit

  • 907 2023-001
    Significant Deficiency
  • 908 2023-001
    Significant Deficiency
  • 909 2023-002
    -
  • 910 2023-002
    -
  • 911 2023-002
    -
  • 912 2023-002
    -
  • 913 2023-002
    -
  • 914 2023-002
    -
  • 577349 2023-001
    Significant Deficiency
  • 577350 2023-001
    Significant Deficiency
  • 577351 2023-002
    -
  • 577352 2023-002
    -
  • 577353 2023-002
    -
  • 577354 2023-002
    -
  • 577355 2023-002
    -

Programs in Audit

ALN Program Name Expenditures
84.268 Federal Direct Student Loans $9.17M
84.063 Federal Pell Grant Program $2.06M
84.038 Federal Perkins Loan Program $496,194
84.042 Trio_student Support Services $272,066
84.425 Covid-19 Education Stabilization Fund American Rescue Plan--Elementary and Secondary School Emergencuy Relief $271,191
84.033 Federal Work-Study Program $149,454
84.425 Covid-19 Education Stabilization Fund Governor's Emergency Education Relief Fund $143,136
84.007 Federal Supplemental Educational Opportunity Grants $107,622
97.008 Non-Profit Security Program $18,149
84.379 Teacher Education Assistance for College and Higher Education Grants (teach Grants) $18,104
93.859 Biomedical Research and Research Training $17,309
43.008 National Aeronautics and Space Administration Education $806