Chapter 11: Auditing of Governmental and Not-for-profit Organizations

Chapter 11: Auditing of Governmental and Not-for-profit Organizations

Fundamentals of Financial Audits

  • Audited financial statements provide a higher level of confidence to users regarding the reported information.

  • Auditor's objective is to issue a report expressing an opinion that financial statements present a true and fair view.

    • "Present fairly" refers to compliance with the applicable financial reporting framework.

Generally Accepted Auditing Standards (GAAS)

Overview: Standards set by the Auditing Standards Board (ASB) that provide guidance for planning, conducting, and reporting on audits of nonpublic organizations by certified public accountants

  • Audits of state and local governments may be conducted by:

    • Independent Certified Public Accountants (CPAs)

    • State or federal audit agencies

  • The AICPA's Code of Professional Conduct mandates adherence to GAAS by CPAs.

  • State and federal auditors must also follow GAAS if required by law or policy.

Auditor Responsibilities

  • Auditors must adhere to auditing standards and maintain technical qualification and independence.

    • This adds credibility to financial information and enhances user confidence.

  • GAAS outlines general audit guidelines, including minimum responsibilities, objectives, and requirements.

Government Audit Process

  • Steps involved in the government audit process include:

    1. Determine appropriate GAAP (Generally Accepted Accounting Principles).

    2. Establish audit scope. Management Letter: written agreement between an auditor and the audited entity that describes the scope of the work to be completed. A written record of the agreement and is essential for protection of both parties

    3. Establish audit procedures.

    4. Determine materiality.

    5. Conduct examination.

    6. Issue opinion.

Materiality

  • Materiality must be established for each opinion unit: Materiality is an auditor’s judgment as to the level at which the quantitative and qualitative effects of misstatements will have a significant impact on users’ evaluations. The opinion units in the GASB model are:

    • Governmental activities

    • Business-type activities

    • Aggregate discretely presented component units

    • Each major governmental and enterprise fund

    • Aggregate remaining fund information

Basic Format of the Audit Report

  • An audit report typically includes:

    • Title that incorporates the word "independent"

    • the addressee.

    • Opinion section.

    • Basis for Opinion.

    • Management Responsibilities for Financial Statements.

    • Auditor’s Responsibilities for the Audit of the financial statements

    • When applicable,Findings related to other legal and regulatory requirements.

    • Auditor’s signature, address, and audit date of the report.

Types of Opinions

  • Different types of audit opinions include:

    • Unmodified Opinion: indicates the financial statements under the audit have not materially misstated the financial position of the NFP under the audit.

    • Qualified Opinion

    • Disclaimer

    • Adverse Opinion

Reasons for Not Issuing an Unmodified Opinion

  • Reasons for issuing a non-unmodified opinion may include:

    • Material departure from GAAP.

    • Significant change in accounting principles or methods between periods.

    • Limitations affecting the scope of examination due to external conditions.

Government Auditing Standards (GAGAS)

Overview

  • GAGAS is broader than GAAS and applies to audits of federal entities, programs, and functions. set forth and explained in the publication of government auditing standards, called the yellow book

  • Guidelines are detailed in the publication issued by the Government Accountability Office (GAO).

Types of Audits and engagements include financial audits, performance audits, and attestation engagements

  • Financial Audits: One of the two major audits performed under GAGAS, focusing on the accuracy of financial statements and compliance with laws and regulations and generally accepted accounting principles (GAAP)

  • Performance Audits: The other major audits performed. A performance audit provides an auditor’s independent determination But not an opinion of the extent to which government officials are efficiently, economically, and effectively carrying out their responsibilities.

  • Attestation Engagements: Services related to internal control, compliance, MD&A, allowability and reasonableness of contract amounts, final contract costs, and reliability of performance measures.

GAGAS Financial Audits

  • Unconditional Requirements: Auditors and audit organizations must comply in all cases where such requirement is relevant. GAGAS use must to indicate unconditional requirement.

  • Presumptively mandatory requirements (PMR): Auditors and audit organizations must comply with PMR in all cases where requirement is relevant, except in rare circumstances. GAGAS use should to indicate PMR

Education Requirements

  • Continuing professional education (CPE)

  • Every two years each auditor should complete:

    • at least 80 hours of CPE

    • 24 hours of the subject matter

    • at least 20 years of the CPE hours should be completed in each year of the two year period.

Auditor Audit Findings:

  • Criteria: Laws, regulations, contracts, grant agreements, or standards against performance is compared or evaluated

  • Condition: The situation under audit

  • Cause: The factor or factors responsible for the difference between the condition and the criteria that also may serve as a basis for recommendations for corrective actions

  • Effect: The outcome or consequence resulting from the difference between the condition and criteria

  • Waste: The act of using or expending resources carelessly or to no purpose and relates to mismanagement

  • Abuse: Behavior that is deficient or improper when compared with behavior that a prudent person would consider

Additional GAGAS Requirements for Reporting Financial Audits

  1. Compliance with Standards

  2. Licensing and Certification

  3. Auditor Communication

  4. Review of Previous Engagements

  5. Investigation of Legal Proceedings

  6. Noncompliance reporting

  7. Audit documentation

  8. Availability of individuals and documents

Reporting Requirements under GAGAS

  1. Evaluation of internal control systems.

  2. Compliance with laws and regulations, including fraud instances.

  3. Presenting findings

  4. Report findings straight to outside parties.

  5. Documenting the views of responsible officials.

  6. Confidential information handling

  7. report distribution obligations.

Fundamental Ethical Principles

  • Ethical standards for auditors include:

    1. Serving the public interest.

    2. Upholding integrity

    3. Objectivity.

    4. Proper use of government resources and information.

    5. Maintaining professional behavior.

GAGAS’s practical consideration of independence:

  1. General requirements and application guidance

  2. requirements for and guidance on a conceptual framework for independence determinations

  3. requirements for guidance on independence for auditors on non audit services

  4. requirements and guidance on documentation necessary to support consideration of auditor independence

Independence in Auditing

  • GAGAS mandates strict independence for auditors, ensuring they maintain integrity and objectivity.

  • An independence framework guides auditors in assessing threats that may impair independence.

    • If threats cannot be alleviated, auditors must decline the audit engagement.

    • Threats are self-interest threat, self-review threat, bias threat, familiarity threat, undue influence threat, management participation threat, and structural threat

Nonaudit Services

  • Non-audit Work: Performed solely for the benefit of the entity requesting the work and does not provide the basis for conclusions, recommendations, or opinions as would types of audits

  • Auditors must evaluate the risk of independence compromise when offering nonaudit services to audited entities.

  • If threats cannot be sufficiently managed, auditors should choose not to provide such services or forgo the audit engagement.

  • Compliance conclusions should be well-documented.

History of the Single Audit Act

  • Prior to 1979, individual agencies audited federal grants separately.

  • In 1979, OMB mandated organization-wide audits instead of grant-by-grant audits.

  • Single Audit Act of 1984 established the framework for these audits, which has undergone multiple revisions (1996, 1997, 2003, 2013).

  • Single Audit: An audit prescribed by federal law for state and local governments and non-for-profit organziations that expend federal financial assistance, ensuring compliance on a organization basis rather than a grant-by-grant basis

  • Current guidance available in the OMB document titled "Uniform Guidance."

Purposes of the Single Audit Act

  1. Enhance financial management of local and state governments with federal assistance.

  2. Create uniform audit requirements for federal assistance programs.

  3. Promote efficient audit resource utilization.

  4. Ensure reliance on audit work by federal entities.

Who Must Have a Single Audit?

  • Program-specific audit: an audit of one specific federal program opposed to a single audit of the whole entity.

  • Requirement for a single audit applies to state or local governments or not-for-profits if they:

    • Expended over $750,000 in federal awards during the year.

    • Follow specific program guidelines.

    • Based on federal awards expended rather than received.

Single Audit Requirements

  1. Conduct an annual audit covering the financial statements and relevant schedules of federal award expenditures.

  2. The audit should conform to GAGAS and evaluate the entire entity's operations.

  3. The auditor must assess financial statement fairness in relation to GAAP and federal award schedules.

  4. Understanding of internal controls for compliance is crucial, including assessments and control testing.

  5. OMB’s Uniform Guidance assigns certain responsibilities to federal awarding agencies and nonfederal entities that act as “pass-through’

Compliance Audits

  • Auditors must express opinions regarding compliance with legal requirements that materially affect major programs.

  • Evidence gathering involves testing compliance with the Uniform Guidance and related requirements.

Auditee Requirements/Responsibilities

  • Entities must:

    • Identify and track federal awards and associated programs.

    • Maintain adequate internal controls for compliance.

    • Prepare statements and disclosures for audit and address audit findings.

Risk-Based Approach for Selecting Major Programs for Audit

Step 1: Identifying Federal Programs

  • A major program is a federal award selected for audit

  • Classify federal programs as Type A or B based on award amounts:

    • Type A programs:

    • $750,000 to $100 million: Larger of $750,000 or 3% of total federal awards.

    • More than $100 million to $10 billion: Larger of $3 million or 0.3% of total federal awards.

    • Over $10 billion: Larger of $30 million or 0.15% of total federal awards.

Step 2: Low-risk Type A Programs

  • Identify low-risk Type A programs based on previous audit experiences and performance metrics.

  • Criteria include previously identified major programs, maintained personnel stability, and professional judgment of risk levels.

Step 3: High-risk Type B Programs

  • Identify high-risk Type B programs based on auditor insights and results from Step 1 without performing assessments on minor programs.

  • Applies to Type B programs exceeding 25% of Type A thresholds established in Step 1.

Step 4: Minimum Audit Requirements

  • Audit selections must ensure:

    • All Type A programs not identified as low-risk are audited.

    • All high-risk Type B programs are audited, at a minimum totaling one-fourth of identified low-risk Type A programs.

Percentage of Coverage Rule

  • Audit enough major programs to cover at least 40% of total federal expenditures.

  • Auditee may qualify as low-risk, potentially reducing coverage needed.

Reports Required for Single Audit

  • Required reports include:

    • Financial statements and schedules of expenditures.

    • Summary of prior audit findings.

    • Auditor's report signatures.

    • Corrective action plans submitted electronically to the Federal Audit Clearinghouse.

Required Auditor’s Reports

  1. An opinion(or disclaimer of opinion) on financial statements and expenditure schedules' fairness under GAAP.

  2. A report on internal controls and compliance with federal statutes.

  3. A compliance report for each major program and internal control over compliance.

  4. A schedule of findings and questioned costs containing

    • summary of the auditor’s results

    • findings related to the financial statements

    • Audit findings and questioned costs for federal awards

Audit Findings

Categories of Findings

  1. Material Weakness - Deficiency in internal control that could lead to significant misstatements.

  2. Significant Deficiency - Less severe but noteworthy issue requiring management's attention.

  3. Questioned Cost - Costs lacking appropriate documentation or being unreasonable. Must be reported if exceeding $25,000

Summary Schedule of Findings and Cost Questions

  • The summary schedule must detail:

    • Audit result summaries, opinion types, deficiencies, and audit outcomes concerning low-risk qualification.

    • Summary of findings related to financial statement audits per GAGAS guidelines.

Other Single Audit Requirements

  • Cognizant agency for audit responsibilities: The federal awarding agency that provides the amount of direct funding to nonfederal entity exceeding $50 million in federal awards

  • Oversight agency: Makes direct funding to the nonfederal entity receiving less than $50 million in federal awards.

Special Topics on Auditing

Audit Quality Concerns

  • The importance of single audit quality has been a focus over the years with initiatives from AICPA promoting high-quality government audits.

External Auditor Selection Process

  • Governments and non-profits must prepare a formal request for proposal (RFP) to outline required audit services, standards to follow, and expectations for any additional assistance.

Impact of Sarbanes-Oxley Act (SOX)

  • SOX applies to publicly held companies but indirectly influences auditing practices in government and non-profit sectors. Organizations can benefit from adopting elements of SOX for enhanced controls.

Looking Forward

  • This chapter covered audits of governmental and non-profit organizations, highlighting critical aspects of financial audits, GAAS, GAGAS, and the single audit.

  • The upcoming Chapter 12 will discuss budgeting and performance measurement.