Overview
• Objectives of a Financial Audit
• Generally Accepted Auditing Standards
(GAAS)
• Auditor’s Standard Report
– Opinions; Materiality; RSI;SAS
– Types of governmental audits
• General Accountability Office
– Generally Accepted Government Auditing
Standards (GAGAS)
2

Overview
• Independence Standards & Safeguards
– Audit & Non-audit services
• Single Audits
• External Auditor’s Role
• Management’s Role
• Certified Information Systems Auditor
• ARRA (American Recovery &
Reinvestment Act of 2009)
3

• Render a report by independent auditors expressing an opinion that FS present fairly the financial position, changes in financial position, &, where applicable, cash flows of the organization.
4

• “Present fairly” means in conformity with appropriate generally accepted accounting principles (GAAP)
• Opinions based on reasonable assurance the financial statements are free from material misstatements (error or fraud)
– Audits DO NOT provide absolute assurance
5

• Auditors performing financial statement audits (non issuers) follow GAAS, reflected in Statements of Auditing Standards (SAS) issued by the Auditing Standards Board of the AICPA
• 10 standards* (expanded by more than
100 SASs)
• general standards (3)
• field work standards (3)
• reporting standards (4)
*Does not reflect new audit risk standards
6

• General Standards
1. Adequate technical training & proficiency as auditor
2. Independence in mental attitude
3. Due professional care
7

• Standards of Field Work
1. Adequate planning & proper supervision
2. Study & evaluation of internal control
• New standard focuses on understanding entity
(including IC) & its environment to assess risk of material misstatement (RMM)
3. Sufficient competent evidential matter…basis of opinion
8

• Standards of Reporting
1. State if financial statements presented in accordance with GAAP
2. GAAP consistently observed in current & preceding period
3. Informative disclosures reasonably adequate
4. Expression of opinion or reason why not
9

Paragraphs in a standard audit report:
• Opening
– Identifies FS being audited
• Scope
– Describes nature of the audit
• Opinion
– Expresses auditor’s opinion re: “fairness” of FS
• Explanatory
– Used in most governmental audits, usually related to auditor’s role in reviewing supplementary information
10

• Unqualified (clean)
– FS present fairly financial position & changes in position (and cash flows, if applicable) according to GAAP
• Qualified opinion
– FS contain material departure from GAAP or there is a material change between periods in
GAAP
• Adverse opinion
– FS do not present fairly in conformity with GAAP
• Disclaimer of opinion
– Often due to inability to examine records .
11

• DEFINITION
– In the auditor’s judgment, level at which the quantitative or qualitative effects of misstatements will have a significant impact on users’ evaluations
• Auditors make separate materiality determinations for each opinion unit.
– Governmental activities
– Business-type activities
– Aggregate discretely presented component units
– Each major governmental & enterprise fund
– Aggregate remaining fund information
12

Statement on Auditing
Standards (SAS)
• Most important for PG:
– SAS 114 – Communicating with those charged with governance
• Auditor’s responsibilities under GAAS
• Overview of planned scope & timing of audit
• Significant findings from the audit
– Qualitative aspects of significant accounting policies
– Significant difficulties
– Material misstatements (uncorrected and/or uncorrected)
– Disagreements with management
– Other significant issues discussed with management
• Auditor’s choice (oral or written)
13

• Most important for PG:
– SAS 115 - Communicating IC Related Matters
• Replaces SAS 112 effective 9/30/2010
• Definition of terms:
– Control Deficiency
– Significant deficiency (replaces reportable condition)
– Material weakness
• Requires written communication of significant deficiencies and material weaknesses to management and those charged with governance
14

Statement on Auditing
Standards (SAS)
• Most important for PG:
– SAS 115 - Communicating IC Related Matters
• Definition of terms:
 Control deficiency:
» A deficiency in internal control exists when the design or operation of a control does not allow management or employees, in the normal course of performing their assigned functions, to prevent, or detect and correct misstatements on a timely basis.
15

Statement on Auditing
Standards (SAS)
• Most important for PG:
– SAS 115 - Communicating IC Related Matters
• Definition of terms (continued):
 Significant deficiency:
» A control deficiency, or combination of control deficiencies such that there is more than a remote likelihood that a misstatement of the entity’s financial statements that is more than inconsequential will not be prevented or detected.
 Material weakness :
» A significant deficiency, or combination of significant deficiencies, that results in more than a remote likelihood that a material misstatement of the financial statements will not be prevented or detected.
16

• RSI, such as:
– MD&A
– budgetary comparison schedules
– pension information
– modified approach information are normally outside the scope of the FS audit
• Auditors apply “certain limited
procedures” in connection to RSI to provide assurance that they are fairly presented in relation to the basic financial statements
17

Types of
Governmental Audits
• Financial
– Opinion as to whether FS are presented fairly in conformity with
GAAP & all material facts are disclosed
18

Types of
Governmental Audits
• Attestation engagement
– Examinations/procedures that lead to a report & assertion about subject matter that is the responsibility of another party
» Internal controls
» Compliance
» MD&A
» Contract amounts
» Performance measures
19

Types of
Governmental Audits
• Performance
– Determination of whether managers are using resources efficiently & effectively in accomplishing organizational goals
20

• Establishes Generally Accepted
Government Auditing Standards (GAGAS)
– Intended to supplement GAAS
– Standards in “Yellow Book”
21

• Required for Single Audit* of organizations that expend more than
$500,000 in federal financial assistance in any year
• May be required by states of its local governments
– All governments required in FL
*Single Audit Act of 1984
22

Standard re: professional proficiency
– Thorough knowledge of governmental auditing & the specific or unique environment in which audited entity operates
• Applies to all governmental auditors regardless of professional certifications
– At least 80 hours CPE every 2 years
• At least 20 hours in each of the 2 years
• At least 24 hours related directly to the audit environment
23

• 80 hours CPE
– Remaining 56 hours must improve proficiency to audit & attest if involved
• In any level of planning, supervision, reporting, or reviewing
• More than 20% of time in fieldwork on these types of engagements
– Proficiency standards apply to internal experts as well as governmental auditors
24

25

• Independence is the cornerstone of the auditing profession and the second general standard in both the AICPA’s
GAAS and GAO’s GAGAS
• Non audit services
– That solely performed for the benefit of the entity requesting the work & does not provide for a basis for conclusions, recommendations, or opinions as would a financial audit, attestation engagement, or performance audit
26

• Two overarching principles:
(1) Auditors should not perform management
functions or make management decisions
(2) Auditors should not audit their own work or provide nonaudit services in situations when the nonaudit services are significant to the audit subject matter
27

Safeguards:
1. Preclude nonaudit personnel from planning audit
2. Do not reduce audit scope
3. Document
• Consideration of nonaudit work
• Understanding with client of objectives
& scope of audit work
28

Safeguards:
4. Include policies to ensure compliance with independence standards
• Independent in fact & appearance
5. Avoid certain nonaudit work
6. Make all documentation available for peer review
29

• Acceptable - no safeguards needed
– Providing routine advice/methodologies
– Serving on advisory committees
– Answering technical questions
– Providing training
30

• Prohibited
– Maintaining accounting records
– Posting transactions
– Recommending a single person for a position
– Supervising information technology system
31

• Permitted
– When safeguards are in place
• Preparing draft FS based on management’s TB
– Maintaining depreciation schedules
• Management determines key elements in calculations
– Proposing adjusting & correction entries
• Management chooses to accept
32

• Revised “Yellow Book” – 2011
– New section of conceptual framework
• Assess threats to independence
• Establish safeguards
– No change in current status regarding independence
33

• Improve the efficiency & effectiveness of governmental audit effort
• Single Audit Act of 1984
– Amended 1996
– Replaced multitude of grant-by-grant audits with single, comprehensive, entity-wide audit
• Risk based approach
• Provide all federal awarding agencies a single report to satisfy program’s audit requirements
34

1996 Single Audit Act Amendments:
 Establishes risk-based approach
 Places greater audit coverage on high risk programs
 Improves contents & timeliness of single audit reporting
 Permits OMB to administratively revise SA requirements without requiring additional legislation
 Circular A-133 & related Compliance Supplement
35

• Those that expend more than $500,000 in federal financial assistance in a year
– Up from $100,000 (1984) & $300,000 (1996)
• Major program threshold still $300,000 or formula driven
– Increased to $500,000 in 2005
36

• State & local governments, not-forprofit organizations, including hospitals.
– If expended only for one program or one program cluster, may have a program
audit, otherwise the audit must be a single audit
37

• Calculation of amount of federal awards expended
– Expended may not only be cash disbursed
– Calculation can be complex
• Cash or accrual basis allowed
– Basic rule
• Award expended when federal agency becomes at risk & nonfederal recipient has duty of accountability
38

• All high risk** Type A** programs AND either
1. Half high-risk Type B programs
OR
2. One high-risk Type B** program for each lowrisk Type A program
• Not required to audit more high risk “B”s than low risk** “A”s
• Audit at least enough major programs to ensure that at least 25% - 50% of total federal award expenditures are audited
*Based on dollars spent
**Formula driven & subjective (A-133) 39

• Schedule of findings & questioned costs
– Describes such matters as
• Internal Control weaknesses
– Significant deficiencies
» Results in more than remote likelihood than material noncompliance will not be detected
– Material weaknesses
• Instances of noncompliance
• Questioned costs
• Fraud
• Material misrepresentations by the auditee
40

• Schedule of findings & questioned costs
– Questioned cost
• Usually involves instance of noncompliance with a law/regulation where costs are
– Unallowable
– Unreasonable
– Not supported by adequate documentation
– Must be reported in schedule
• Known questioned costs > $10,000
• Likely costs > $10,000
41

External Auditor’s Role
• Adhere to standards of ethics & performance.
– Independent in both fact and appearance
• Assures users of FS they are free of material misstatements
– ”Reasonable but not absolute assurance”
• May provide advice, research materials
& recommendations to assist management in performing its functions
& making decisions
42

Management’s Role
• Full responsibility
– Fair presentation of the FS
• Management Discussion & Analysis
• Accompanying notes
• RSI
• SI
– Completeness & reliability of all information supporting FS amounts
– Internal control structure
43

Management’s Role
• Audit process
– Select auditor
– Meet with auditor in entrance & exit conferences
– Respond to auditor questions in a timely manner
– Consider & implement as appropriate auditor recommendations
44

• Control tests balance transaction details to the total transaction
• Uses generalized audit software to
– Provide totals of unusual items
– Check for duplicate entries
– Check for missing information
– Verify calculation totals & routines
45

ARRA
American Recovery &
Reinvestment Act of 2009
• Rules complex
• “Yellow Book” program
• Recipient = any entity receiving funds directly from Fed. Gov’t
46