Audit Controls a. System Security Review. CONTRACTOR must ensure audit control mechanisms that record and examine system activity are in place. All systems processing and/or storing PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY must have at least an annual system risk assessment/security review which provides assurance that administrative, physical, and technical controls are functioning effectively and providing adequate levels of protection. Reviews should include vulnerability scanning tools.
Financial Controls At all times, the Charter School shall maintain appropriate governance and managerial procedures and financial controls which procedures and controls shall include, but not be limited to: (1) commonly accepted accounting practices and the capacity to implement them (2) a checking account; (3) adequate payroll procedures; (4) procedures for the creation and review of monthly and quarterly financial reports, which procedures shall specifically identify the individual who will be responsible for preparing such financial reports in the following fiscal year; (5) internal control procedures for cash receipts, cash disbursements and purchases; and (6) maintenance of asset registers and financial procedures for grants in accordance with applicable state and federal law.
Personal Controls a. Employee Training. All workforce members who assist in the performance of functions or activities on behalf of COUNTY in connection with Agreement, or access or disclose PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY, must complete information privacy and security training, at least annually, at CONTRACTOR’s expense. Each workforce member who receives information privacy and security training must sign a certification, indicating the member’s name and the date on which the training was completed. These certifications must be retained for a period of six (6) years following the termination of Agreement.
Books and Records; Internal Accounting Controls The records and documents of the Company and its Subsidiaries accurately reflect in all material respects the information relating to the business of the Company and the Subsidiaries, the location and collection of their assets, and the nature of all transactions giving rise to the obligations or accounts receivable of the Company or any Subsidiary. The Company and each of its Subsidiaries maintain a system of internal accounting controls sufficient, in the judgment of the Company's board of directors, to provide reasonable assurance that (i) transactions are executed in accordance with management's general or specific authorizations, (ii) transactions are recorded as necessary to permit preparation of financial statements in conformity with generally accepted accounting principles and to maintain asset accountability, (iii) access to assets is permitted only in accordance with management's general or specific authorization and (iv) the recorded accountability for assets is compared with the existing assets at reasonable intervals and appropriate actions are taken with respect to any differences.
Agreement Controls In the event that any term of any of the Loan Documents other than this Agreement conflicts with any express term of this Agreement, the terms and provisions of this Agreement shall control to the extent of such conflict.
Accounting Controls The Company and its Subsidiaries maintain systems of “internal control over financial reporting” (as defined under Rules 13a-15 and 15d-15 under the Exchange Act Regulations) that comply with the requirements of the Exchange Act and have been designed by, or under the supervision of, their respective principal executive and principal financial officers, or persons performing similar functions, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with GAAP, including, but not limited to, internal accounting controls sufficient to provide reasonable assurance that (i) transactions are executed in accordance with management’s general or specific authorizations; (ii) transactions are recorded as necessary to permit preparation of financial statements in conformity with GAAP and to maintain asset accountability; (iii) access to assets is permitted only in accordance with management’s general or specific authorization; and (iv) the recorded accountability for assets is compared with the existing assets at reasonable intervals and appropriate action is taken with respect to any differences. Except as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, the Company is not aware of any material weaknesses in its internal controls. The Company’s auditors and the Audit Committee of the Board of Directors of the Company have been advised of: (i) all significant deficiencies and material weaknesses in the design or operation of internal controls over financial reporting which are known to the Company’s management and that have adversely affected or are reasonably likely to adversely affect the Company’ ability to record, process, summarize and report financial information; and (ii) any fraud known to the Company’s management, whether or not material, that involves management or other employees who have a significant role in the Company’s internal controls over financial reporting.
Management and Control Systems Grantee will:
1. maintain an appropriate contract administration system to ensure that all terms, conditions, and specifications are met during the term of the contract through the completion of the closeout procedures.
2. develop, implement, and maintain financial management and control systems that meet or exceed the requirements of Uniform Statewide Accounting System (UGMS). Those requirements and procedures include, at a minimum, the following:
i. Financial planning, including the development of budgets that adequately reflect all functions and resources necessary to carry out authorized activities and the adequate determination of costs;
ii. Financial management systems that include accurate accounting records that are accessible and identify the source and application of funds provided under each Contract of this Contract, and original source documentation substantiating that costs are specifically and solely allocable to a Contract and its Contract and are traceable from the transaction to the general ledger;
iii. Effective internal and budgetary controls;
iv. Comparison of actual costs to budget; determination of reasonableness, allowableness, and allocability of costs;
v. Timely and appropriate audits and resolution of any findings;
vi. Billing and collection policies; and
vii. Mechanism capable of billing and making reasonable efforts to collect from clients and third parties.
Technical Security Controls 35 a. Workstation/Laptop encryption. All workstations and laptops that store PHI COUNTY 36 discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of 37 COUNTY either directly or temporarily must be encrypted using a FIPS 140-2 certified algorithm which 1 is 128bit or higher, such as AES. The encryption solution must be full disk unless approved by the 2 COUNTY.
Books and Record Internal Accounting Controls The books and records of the Company and its subsidiaries accurately reflect in all material respects the information relating to the business of the Company and the subsidiaries, the location and collection of their assets, and the nature of all transactions giving rise to the obligations or accounts receivable of the Company or any subsidiary. The Company and each of its subsidiaries maintain a system of internal accounting controls sufficient, in the judgment of the Company, to provide reasonable assurance that (i) transactions are executed in accordance with management's general or specific authorizations, (ii) transactions are recorded as necessary to permit preparation of financial statements in conformity with GAAP and to maintain asset accountability, (iii) access to assets is permitted only in accordance with management's general or specific authorization and (iv) the recorded accountability for assets is compared with the existing assets at reasonable intervals and appropriate actions is taken with respect to any differences.
Security Controls Annually, upon Fund’s reasonable request, DST shall provide Fund’s Chief Information Security Officer or his or her designee with a summary of its corporate information security policy and an opportunity to discuss DST’s information security measures, and a high level and non-confidential summary of any penetration testing related to the provision of in-scope services . DST shall review its Security Policy annually.
