Auditing Governments and Not-For-Profit Organizations Chapter 16 Auditing Governments and Not-For-Profit Organizations Chapter 16 Granof-5e
Learning Objectives Auditing Government & Not-for-Profit vs. Business Types of audits that governments conduct Standards of government audits Role of “Yellow-Book” in governmental auditing Single Audit Act (A-133) Auditor reports Performance audits -Characteristics -Key elements Impact of Sarbanes-Oxley on governments and not-for-profits Ethical issues facing governmental and not-for-profit accountants and auditors. Chapter 16 Granof-5e
Important Concepts Understand very clearly what is meant by generally accepted government auditing standards (GAGAS), the source of GAGAS, and why GAGAS are much broader than GAAS, in particular for financial audits and performance audits Chapter 16 Granof-5e
Overview: Audits Governments & Not-For-Profits Vs. Business -“examination of records or accounts for accuracy.” Business sector audits: -characterized by attest function (i.e. “to affirm to be true.”) Government/Not-for-Profit sector audits: -Auditors not only “attest” BUT ALSO independently evaluate. -Auditors assess whether auditees have achieved the objectives. Chapter 16 Granof-5e
Types of Audits: Government Auditing Standards (2003) characterize government audits into three categories: Financial Audits: determines if financial statements are in accordance with GAAP. Attestation engagements: Examine, review, perform agreed-upon procedures Performance Audits: Effectiveness of internal controls Effective usage of entity’s resources (Efficiency) Verifying that organization is complying with terms of the law, grants, and contracts. GAGAS standards place much more emphasis on compliance with laws and regulations than do GAAS Chapter 16 Granof-5e
GAGAS --Yellow Book Generally Accepted Government Auditing Standards (GAGAS) Issued by the Government Accountability Office (GAO). Prescribes accounting standards and practices for ALL federal agencies (as required by law, regulation, agreement, contract, or policy) Mirror GAAS in discussion of: Auditor’s professional qualifications Quality of audit effort, Characteristics of professional/meaningful audit reports Chapter 16 Granof-5e
Generally Accepted Government Auditing Standards (GAGAS) Contains a total of 32 standards for both financial and performance audits Required of auditors in a Single Audit Government auditing standards are divided into: General standards Field work standards Reporting standards Chapter 16 Granof-5e
Generally Accepted Government Auditing Standards (GAGAS) Broader than GAAS: This gives an overview of the breadth and depth of GAGAS. Financial Audits Attestation Engagements Performance GAAS GAGAS General Standards 3 4 5 Field Work Standards 2 7 Reporting Standards 11 9 Totals 10 20 21 12 Chapter 16 Granof-5e
GAAS v/s GAGAS General General Independence Independence -Qualifications: Professional Proficiency Knowledge of government programs CPE requirements Independence Due Professional Care Quality Control General -Training and Proficiency Independence Due Care Chapter 16 Granof-5e
Generally Accepted Government Auditing Standards (GAGAS) Professional competence requires auditors to have: A thorough knowledge of governmental auditing and the specific or unique environment in which the audited entity operates At least 80 hours of CE (CPE) every two years, of which at least 20 hours must be completed in each of the two years and at least 24 hours of which must be related directly to the audit environment Peer Review: has to be done at least once in 3 years. Compliance: reasonable assurance in detecting fraud or misstatements (required by AICPA and GAO) Working Papers Standards of Reporting: -Compliance and Internal Controls -Public Inspection Chapter 16 Granof-5e
GAAS v/s GAGAS Field Work Field Work Adequate planning and supervision Evaluate internal control Obtain competent evidence Field Work Adequate planning and supervision Evaluate internal control Obtain competent evidence Supplemental Standards: Planning – consideration of government programs Compliance testing Chapter 16 Granof-5e
Chapter 16 Granof-5e
GAAS v/s GAGAS Reporting Adherence to GAAP Consistent application Adequate disclosure Expression of opinion Reporting Adherence to GAAP Consistent application Adequate disclosure Expression of opinion Report distribution not restricted “In accordance with GAAS and GAGAS” Report on compliance and internal control Chapter 16 Granof-5e
Critical Terminology: Unconditional Requirements GAGAS use the words “must” or “is required” to specify an unconditional requirement. Required compliance in all cases in which the circumstances exist to which the unconditional requirement applies. Throughout the “Yellow Book” the professional requirements are identified by this terminology. Chapter 16 Granof-5e
Critical Terminology: Presumptively Mandatory GAGAS use the word “should” to specify a presumptively mandatory requirement May depart from presumptively mandatory requirement if they document: the justification for the departure, and describe how the alternative procedures performed in the circumstances were sufficient to achieve the objectives in the presumptively mandatory requirement. Chapter 16 Granof-5e
Critical Terminology: Explanatory Material GAGAS use the words “may,” “might,” or “could” to describe explanatory information. The explanatory information is provided to: Provide further explanation and guidance on the professional requirements, or Identify/describe other procedures or actions relating to the activities of the auditor/audit organization. Explanatory material is used to document the objective of a requirement, explain why particular procedures might be considered/used in certain circumstances, or add supplemental information to consider in exercising professional judgment. Chapter 16 Granof-5e
Reporting Requirements Must state compliance with GAGAS in the report when required to follow GAGAS, or representing to to others that the audit followed GAGAS requirements. “We conducted this performance audit in accordance with generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe that the evidence obtained provides a reasonable basis for our finding and conclusions based on our audit objectives.” Chapter 16 Granof-5e
Single Audit Act of 1984 Administered by the Office of Management and Budget (OMB). Replaces a multitude of grant-by-grant audits with a single, comprehensive, entity-wide audit. Intended (among other purposes) to improve the efficiency and effectiveness of governmental audit effort OMB Circular A-133 and the related Compliance Supplement provide implementing guidance. Federal agencies must agree to this process. Applies to both direct and indirect recipients of federal $$$ $500,000 (1996 amendment) initiation threshold (multiple awards). Higher education, state/local governments, and other not-for- profit entities (1996 amendment) Chapter 16 Granof-5e
Single Audit Act (Cont’d) Two main components: - Audit conducted under GAGAS - Compliance Audit of federal financial awards/major programs (Single Audit component) Understand the characteristics of a single audit, including: the purpose which entities must have a single audit what auditing work is required how major programs are selected for audit what reports must be rendered, when, and to whom Chapter 16 Granof-5e
Single Audit Act (cont’d): Key Requirements Annual audit of financial statements conducted by an independent auditor encompassing the entity’s financial statements and schedule of expenditures of federal awards Fair presentation of financial statements and the schedule of federal financial awards is presented fairly in relation to the financial statements. Study and evaluation of internal controls --understanding of compliance requirements by major program. Assess control risk and structure control tests accordingly. Federal and nonfederal “Pass-through” agencies are assigned certain responsibilities for compliance Chapter 16 Granof-5e
GAAS - GAGAS - Single Audit Relationships FOR “MAJOR PROGRAMS” -Internal Control Audit -Compliance Audit with Laws and Regulations -Schedule of Questioned Costs Single Audit -General Internal Control Audit -General Compliance Audit with Laws and Regulations GAGAS -Financial Audits GAAS GAGAS Incorporates GAAS – and includes additional requirements Single Audit Incorporates GAGAS – and includes additional requirements Chapter 16 Granof-5e
Single Audit Act – “Expended” Requires organizations expending more than $500,000 in federal assistance under more than one program be subject to single audit. Key task is determining when funds were expended. Federal award is expended - Basic rule is: When the federal agency has become at risk, and The nonfederal recipient has a duty of accountability. Recipient of funds has to deal only with a single agency (referred to as Cognizant Agency). --All federal awarding agencies are required to accept the single audit reports as satisfying their program’s audit requirements Complex as it isn’t a simple reflection of grants awarded in a fiscal year. Chapter 16 Granof-5e
Single Audit Act and OMB Circular A-133 No Single Audit or Program Specific Audit required--only GAAS and GAGAS Audit required. Did the nonfederal entity expend $500,000 or more of federal awards? No Yes Did the nonfederal entity 1) expend federal awards under only one federal program--which did not require a financial statement audit, 2) meet other requirements, and 3) properly elect a program specific audit? Yes A program-specific audit is required. No A Single Audit is required. Chapter 16 Granof-5e
Single Audit Act: Four Reports Produced: 1) Opinion on the Financial Statements and on the Schedule of Expenditures of Federal Awards The schedule includes a list of total expenditures of the organization Proper categorization of expenses 2) Report on Compliance and on Internal Control over Financial Reporting Directed towards the basic financial statements Based on audit requirements of Governmental Auditing Standards Include any material weaknesses in the controls 3) Report on Compliance with Requirements of “Major Programs” Explain the nature of the examination Auditors express an opinion Include any “ reportable conditions” 4) Schedule of Findings and Questionable Costs Most distinctive and informative Summary of the results Describe reportable conditions Include findings pertaining to major programs Chapter 16 Granof-5e
Types of Audits: Financial The purpose is to perform an independent assessment of and to provide reasonable assurance about whether an entity’s reported financial condition, results, and use of resources are presented fairly (in accordance with recognized criteria) GAGAS financial reports include reports on: internal control compliance with laws and regulations, and the terms and provisions of contracts/grants Chapter 16 Granof-5e
Internal Control Audit Assess internal control system components for adequacy and effectiveness – can it provide reasonable assurance of: Achieving effective and efficient operations; Reliable financial and performance reporting; and Compliance with laws and regulations. Extremely relevant to government procurement officials for determining organizational capability for successful performance of government contract effort. Chapter 16 Granof-5e
Compliance Audits Assess compliance with established laws; regulations; contract provisions; grant agreements; and other requirements To assess the direct or indirect impact on the acquisition; protection; use; and disposition of the entity’s resources or quantity; quality; timeliness; and cost of services that the entity produces and delivers. Chapter 16 Granof-5e
Single Audit: Compliance Component for “Major Programs” Chapter 16 Granof-5e
Compliance Audits of Federal Financial Awards/Major Programs For each “Major Program” the auditor must test whether the program: was administered in conformity with the appropriate OMB Circular (A-102 or A-110) complied with detailed requirements in the A-133 Compliance Circular and other specified requirements. Chapter 16 Granof-5e
Selection of “Major Programs” Using a sliding scale identify “Type A” and “Type B” programs Identify low-risk programs (based on no audit findings in most recent audit and absence of certain risk factors) Assess risk of Type B programs (major programs that are not Type A programs) At a minimum, audit all high risk Type A programs and either (1) half of the high-risk Type B programs or (2) one high-risk Type B program for each low-risk Type A program Audit at least enough major programs to ensure that at least 50% of total federal award expenditures are audited Chapter 16 Granof-5e 3
Risk-Based Approach Step 1: Identify (larger) Type A Programs Step 2: Identify “low-risk” Type A programs Step 3: Identify “high-risk” Type B programs Step 4: Select for audit as major programs a minimum of all Type ‘A programs not identified as “low-risk” in Step 2, plus certain “high-risk” Type B programs. Chapter 16 Granof-5e
Key Audit Procedures Identify compliance requirements Plan the engagement Assess internal control Obtain sufficient evidence Consider subsequent events Evaluate and report on noncompliance Follow-up procedure Chapter 16 Granof-5e
Performance Audits NOT required by Single Audit Focus on organizational accomplishments Carried out by “internal” audit departments General standards are common to both financial and performance audits 3 sections include: -General -Field work -Reporting Auditors make independent assessments Performance audits carried out on specific programs Conducted irregularly Broader range of evidence Each performance audit is unique. Chapter 16 Granof-5e
Steps in Conducting Performance Audit Selecting audit target Establishing scope and purpose Discerning objectives Scheduling disbursements Assessing management controls Written audit plan Gathering evidence Reporting the results Chapter 16 Granof-5e
Additional Topics: Ethical Issues Governments and to a lesser extent not-for-profits have characteristics that present their employees with ethical decisions that are different from those faced by employees of businesses. These are: Public expectations Guardians of public funds (OPM) Activities carried out in open view Special powers Conflicting loyalties Chapter 16 Granof-5e
Impact of Sarbanes-Oxley Act on Government and NFPs Even though the Sarbanes-Oxley Act (Act) applies only to publicly traded corporations, it’s impact is being felt by government and NFP organizations. Key provisions of the Act that are relevant to government and NFP organizations include: -Section 404 which emphasizes the importance of sound internal controls -Responsibility of audit committees -the Act mandates that CEO and CFO certify the financial statements -the Act provides “whistle-blower” protection to employees. Perhaps most importantly the Act changed the climate of all organizations. Chapter 16 Granof-5e
Summary Auditors add value to information by being independent and conforming to professional auditing standards (GAAS or GAGAS) GAGAS are broader than GAAS in that they include standards for financial and performance audits established by the government through the GAO’s Yellow book. Performance audits differ in concept from financial audits. It makes assessments about an entity’s programs. Under the Single Audit Act, GAGAS has to be adhered to in all audits of both governments and not-for-profit organizations. However, the Single audit requires only financial audits. Single audits comprise of 2 elements: an audit of financial statements and an audit of federal financial awards that follows the provisions of OMB Circular A-133. The single audit improves both the efficiency and effectiveness of audits of nonfederal entities with significant expenditures of federal award. The Sarbanes-Oxley Act does not apply to government and not-for-profit organizations but has affected their culture. Chapter 16 Granof-5e 3