Finding Text
2022-002 Gramm-Leach-Bliley Act (?GLBA?) Compliance Significant Deficiency DEPARTMENT OF EDUCATION ALN #: 84.268, 84.063, and 84.007 ? Student Financial Aid Cluster Federal Award Identification # 21-22 Financial Aid Year Condition: The College did not sufficiently comply with the requirements of GLBA. Criteria: 16 CFR 314.3, 16 CFR 314.4. Questioned Costs: $0. Context: The College has not designated an individual to oversee information security. The College has not documented its security risk assessment and safeguards. Cause: The College has not allocated sufficient resources to address all requirements of GLBA. Effect: The College has not adequately addressed the requirements of GLBA, which may lead to unintended exposure of student information to security risks. Identification as Repeat Finding, if Applicable: Repeat finding. Recommendation: We recommend that the College finalize putting appropriate safeguards in place to mitigate risks associated with GLBA. Views of Responsible Officials and Planned Corrective Action: Management agrees with the finding. See Corrective Action Plan.