Auditing 20% Flashcards Preview

CGFM- Government Financial Management and Control > Auditing 20% > Flashcards

Flashcards in Auditing 20% Deck (62):

What is Audit?

An audit is an independent, systematic,objective, unbiased assessment that provides answers to asset of questions.


Material Respects

Reasonable assurance and not absolute assurance- Not free from errors.


Significant Audit Finding (Private versus Public)

Private Funds- The company makes an 1 billion dollar annually and finds $100,000 was embezzled. This will be less significant due to lack of public scrutiny.

Public- This same situation will have made the news. The public has higher expectation for government officials to protect taxpayers dollar which means there is a serious problem with internal controls. The level of significance is much higher. Government Financial audit manuals will specify the level of immateriality.


What are the three types of Audits?

Financial Audits
Attestation Engagements and
Performance Audits


Financial Audits

In financial audits, the auditor expresses an opinion that the statements ( balance Sheets, Income Statements, statement of cash flows, and statements from investments) present, fairly at the point of the time that the statements and financial are material stated and properly reported according to the principal of GAAP. Modified opinion is a negative or significant audit finding.


Attestation Engagements

When the auditor and management agree to examine or to perform a review of certain within the entity. The examination could be based on internal controls for cash. This engagement is not classify as an audit even though auditors might perform these duties. These can be perform in conjunction with a financial and performance audit according the AICPA Statement on Standards for Attestation Engagements.


Three Types of Attestation Engagments

Examination- gather evidence to express an opinion or bias or if the evidence does apply to rules in all material respects.

Review- testing to express a conclusion that evidence was presented fairly in all material respects.

Agreed-upon procedures engagement- The auditor and management agree upon criteria within the entity to test.


Performance Audits

To provide information to help management improve programs, operations and decision making in internal controls and ensuring that entity remains compliant with the laws.

Assessing the entities performance and reducing inefficiencies

Analyzing the cost effectiveness of the entity

Can the entity produce the results per the law or mandate that create the entity?


Private and Public companies and Not-for-profits organization uses GAAP

established by the Financial Accounting Standards Board (FASB)


State and Local government uses GAAP

established by the Government Accounting Standards board (GASB).


Federal government uses GAAP

established by Federal Accounting Standards Advisory Board (FASAB)


Can Audit firms provide non-audit services?

Yes. They can provide data analyzes, development of financial information system and assist with Internal controls within the entity. However, GAS and AICPA set a boundary of services that can be provide to protect the firms independence. Remember audit standard applies to audit not advisory services.


Government Auditing Standards GAO- The Yellow book

GAO was create by the Budget and Accounting Act of 1921 as a nonpartisan agency of congress.head by the comptroller general of the US, the GAO performs the audit for Congress.

GAGAS applies to financial audit, attestation engagements and performance audits.

Federal inspectors are required to follow the standard of the yellow book by law.


AICPA Generally Accepted Auditing Standards

AiCPA do not address performance audits. AICPA covers financial audits and attestation engagement.


International Standards for the Professional practice of internal auditing (IIA)

Is dedicate to the internal audit process and the development of the internal auditor professional growth.
The IIA focuses more on the performance audits which incorporates internal controls.

The yellow book encourages internal auditors to use IIA standards with GAGAS because the IIA is independent for the purpose reporting internally within the government entity.


Public Company Accounting Oversight Board (PCAOB)

create by the Sarbanes-Oxley act of 2002. PCAOB protects the interest of investors and public by overseeing the audits of the companies listed in the stock market (registered public accounting firms). The PCAOB has authority to issue auditing and attestation standards,informative reports and fairly stated reports, quality controls and ethical standards. PCAOB does not apply to government entities with the exception of internal controls.


The International Auditing and Assurance Standard Board (IAASB)

Sets high and independent standard and authority in audits, reviews and assurances to protect the public interest. AICPA is merging its auditing standards International Standards on Auditing.


The International Organization of Supreme Audit Institutions (INTOSAI)

Promotes the sharing of knowledge and the advancement of external government audit community.


Federal Government Financial Statements

Are required by the CFO Act, GMRA (govt management reform act) and the Accountability of Tax Dollars Act. Each act requires the audits are completed in accordance to the GAGAS.


Yellow Book (GAGAS) terminology requirments

Unconditional- MUST comply with the requirements

Presumptively Mandatory Requirements- Should comply with the requirement. If they do not follow the requirement the auditor has to make justification how objectives was completed with the requirements.

Explanatory material- May, might or could following the requirements. The auditor must justify other procedures followed other than GAGAS.


Ethical Principals of GAGAS

The public interest ( taxpayers dollars)

Integrity (fact-based work)

Objectivity ( independence)

Government information, resources and position (properly handling information-private, data security and position authority)

Professional Behavior ( complete with due care)


Yellow Book (GAGAS) Four General Standards

Professional Judgement
Quality Control and Assurance


AICPA GAAS Three General Standards

Adequate technical training and proficiency

Independence in mental attitude

Due Professional care in planning and performance audit and the report.


Yellow Books Definition of Auditor's Independence in mind

The state of mind that permits the performance of an audit without being affect by influences that compromise professional judgment, thereby allowing an individual to act with integrity and exercise objectivity and professional skepticism.


Yellow Books Definition of the Auditor's appearance is defined

The absence of circumstances that would cause a reasonable and informed third party, having knowledge of the relevant information to reasonably conclude that the integrity, objectivity or professional skepticism of an audit organization or member of the audit team had been compromised.


Seven Threats that can impair an Auditors independence

1. Self Interest
2. Self Review
3. Bias
4. Familiarity
5. Undue influences ( external Pressures)
6. Management participation
7. Structural


Safeguards that will secure the independence of the audit or auditor

1. Consult independent third party
2. Discuss independency issues with auditee
3. discuss the threat with the auditee
4. have an another audit firm perform part of the audit
5. have a staff person that wasn't apart of the audit to review the work


External Auditor independence threats lessen in the government structure

If the auditor is elected or appointed


Internal Auditor independence threats lessens in the government structure

If the auditor is located outside the auditee entity and reports to the head of the entity


Non-Audit Services Independence Pros

The Auditor must make sure the auditees:
Assume all responsibilities of the audit
Auditees has adequate people with skills to perform the duties.

The Auditor can prove advice, answer technical questions about accounting or auditing matters


Non-Audit Services Independence Cons

Auditor cannot:
Set policies to the entity
Accept responsibilities as an manager


Professional Judgement

Is determining the risk of each situation including the risk of arriving at the improper conclusion. Please note that competence is interrelated to professional judgement.



Auditors conducting financial audits or attestation engagements should be licensed CPAs or persons working for a CPA firm or for a government auditing organization.

GAGAS requires 80 CPEs every two years.
at least 24 hours of the 80 must related to government auditing.

Audit firm is responsible for recording keeping of the auditor CPEs.

Blending of education and experience.

External Consults doesn't have to meet the CPE requirement however they must be competent to perform the duties.


Quality Control and Assurance

A system of quality control that is designed to provide reasonable assurance that the organization and its personnel comply with the standard and laws. Their must perform external peer review every three years of their system of quality control and audits and attestation engagements.


Do Performance Audits have opinions?

No. Performance audits have conclusion. Financial and attestation engagement have unmodified ( Clean Audit with reasonable assurance) or modified (Auditing significant findings)


Unmodified Opinion (Financial Audits Only)

Statement are fairly presented in all material respects.


Modified Opinion ( Financial Audits Only)

Statements are fairly presented , except for the issue explained in the report.


Under GAAS auditor are required to do the following before performing an audit

1. Plan
2. Supervise Audit Staff
3. Gain understanding of the program
4. Obtain sufficient audit evidence


Under GAGAS auditor are required to do the following before performing an audit

1. Plan
2. Supervise Audit Staff
3. Gain understanding of the program
4. Obtain sufficient audit evidence
5. Auditor Communication with the entity or client
6. Consider the Results of prior Reviews
7. Look for Compliance and Abuse Violations ( Avoid interfering with potential investigations or legal proceedings.
8. Elements of a finding
9. Audit Documentation
10. Compliance with GAGAS
11. Report on Internal Controls and Compliance with laws
12. Communicating Deficiencies in Internal Controls, Fraud noncompliance and Abuse
13. Auditor may have to report to outsider in cases of fraud to the IG or State Attorney and to the awarding agency
14. Reporting Confidential or Sensitive Information
15. Report Distribution (GOVT, Management and oversight entity that mandated this audit


What should the auditor do if they discover deficiencies?

Materiality in GAGAS Financial Audits- because government funds or tax payers dollars are sensitive the materiality test level is lower than in private entity. Basically, zero to less tolerance for mistakes and fraud

Early Communication of Deficiencies- Government should immediately report deficiency to the charge governance.


What is the Auditor framework?

1. Audit Planning (Including an entrance conference)
2. Audit Fieldwork or audit performance in Financial Auditor
3. Exit Conference and Draft Report
4. Management representation Letters( essential in Financial Audit and Maybe done in Performance Audits.


Audit Planning

1. Research the Auditee
2. Conduct Analytical Test Depended on the Objective
3. Assess Audit Risk
4.Auditee Internal Controls related to the objective
5. Written Audit Program


Audit Objectives

Clearly stated for financial audits because its only the financial statements.

The auditor have to create test to examine the performance, which the legal statue will be examine first before creating test.


Audit Scope

Determines the nature, timing and extent of the audit procedures.


Audit Analytical Test

Analyzing information about the auditee including reviewing trends, ratios, and comparing entities with similar entities.


Internal Control Framework

understanding the daily operation of the entity Strengths and weakness.

Financial Audit - assures that transactions are properly recorded and reported

Performance Audit- Understanding the controls related to the audit objective chosen for the performance audit.


What are the three types of Audit Risk?

1. Inherent Risk- most likely to occur when transactions are complex, or in situations that require a high degree of judgment in regards to financial estimates. Example handling cash.

2. Control Risk a problem can occur but not be detected and corrected by the internal control system.

3. Detection Risk the possibility that the auditor will not detect a deficiency.


Audit Fieldwork

1. Analyzing the auditee records
2. Interviewing management and staff
3. observing the actual conduct of the auditee
4. Gather Evidence
5. Determine whether activities were conducted in the good intention
6. Cost incurred complied with regulatory limitations.

Fieldwork takes up the majority of the audits time


Audit Documentation

Supports the audit conclusion

Helps the audit supervisor and managers in monitoring and directing the audit

Facilitating review of Audit quality by an outside reviewer.


Audit Fieldwork for Performance

Reviewing inspection reports and inspection results
reviewing number inspection summary with complete inspection and the inspection the entity plans to make.
interviewing management
perform comparative analysis


Audit Findings Five Elements or Attributes

1. Condition- the actual situation identified by the auditor
2. Criteria - laws violated
3. Cause- reason for the violation
4. Effect- what violation happen?
5. Recommendation- Suggestion to correct the problem


Management Representation letter

Auditees provides the auditor letter addresses the following:
1.Management responsibilities for Financial Statements, internal controls and compliance with laws
2. Lack of Collusion among management
3.All documents and records were made available to the auditor
4. No illegals acts took place to best of the management knowledge
5. No contingencies other than in the financial statements.

Performance Audits:
All Performance reports are fairly stated
the program is performing the intended services
The staff is complying with the rules
No know instances of fraud


Exit Conference and Draft report

Meeting to advising the Auditee the results of the Audit. The auditee is proved a draft report to provide a written response if necessary. The report will include and auditees concurs with the following:

Facts as presented in the audit
Auditor Conclusion
Audit recommendation
Auditee promise to act on the recommendations


Final report

This report is the final audit results with the auditee comments if applicable.
Government- audit results and report are public information. The auditee must provide the oversight official with solutions to the findings or recommendation in the report.


Management Responsibilities in an Audit Setting

1. Prepare Financial Statement ( Financial audit)

2. Maintain and monitor effective internal control, compliance and performance

3. Cooperate with auditor - management representation letters

4. Follow up on audit conclusions


Single Audit Act and (OMB A-133)

In the United States, the Single Audit, also known as the OMB Uniform Guidance, is a rigorous, organization-wide audit or examination of an entity that expends $750,000 or more of Federal assistance received for its operations. Usually performed annually, the Single Audit’s objective is to provide assurance to the US federal government as to the management and use of such funds by recipients such as states, cities, universities, and non-profit organizations. The audit is typically performed by an independent certified public accountant and encompasses both financial and compliance components. The Single Audits must be submitted to the Federal Audit Clearinghouse along with a data collection form, Form SF-SAC.

The OMB A-133 Compliance Supplement is a large and extensive United States federal government guide created by the Office of Management and Budget and used in auditing federal assistance and federal grant programs, as well as their respective recipients. It is considered to be the most important tool of an auditor for a Single Audit.


The Single Audit Report MUST Have

1. Opinion on where the financial statement were supported in compliance with GAAP

2. Report on Internal Controls

3. Opinion on rather the non-federal entity complied with the laws

4. Schedule of finds and questioned cost


Chief Financial Officers Act of 1990

The Chief Financial Officers Act of 1990, or CFO Act, signed into law by President George H.W. Bush on November 15, 1990, is a United States federal law intended to improve the government's financial management, outlining standards of financial performance and disclosure. Among other measures, the Office of Management and Budget was given greater authority over federal financial management. For each of 23 federal departments and agencies, the position of chief financial officer was created. In accordance with the CFO Act, each agency or department vests its financial management functions in its chief financial officer


The Government Management Reform Act of 1994

Government Management Reform Act of 1994 - Title I: Limitation on Pay - Amends the Legislative Reorganization Act of 1946 and other Federal law to limit annual cost of living adjustments for Members of Congress, the Vice President, senior Government officials, and Federal judges.

Title II: Human Resource Management - Amends Federal civil service law to eliminate unlimited accumulation of annual leave by members of the Senior Executive Service. Sets a limit on excess leave of 90 days per year.

Title III: Streamlining Management Control - Authorizes the Director of OMB to publish annually in the President's Budget any recommendations for the consolidation, elimination, or adjustment in frequency and due dates of statutorily required periodic reports to the Congress or its committees.

Title IV: Financial Management - Federal Financial Management Act of 1994 - Amends Federal law to require direct deposit of Federal wage, salary, and retirement payments by electronic funds transfer for recipients who begin receiving such payments on or after January 1, 1995.

(Sec. 403) Authorizes the establishment of a franchise fund in each of six executive agencies for the equipment and computer systems necessary for the maintenance and operation of administrative support services that may be performed more advantageously on a centralized basis. Authorizes appropriations.

(Sec. 404) Authorizes the Director of the Office of Management and Budget (OMB) to consolidate or adjust the frequency and due dates of statutorily required periodic agency reports to OMB or the President and agency or OMB reports to the Congress under any laws for which OMB has financial management responsibility.

(Sec. 405) Requires the annual financial statements of executive agencies to be audited prior to submission to OMB.


The Federal Financial Management Improvement Act of 1996

The purpose of the Federal Financial Management Improvement Act of 1996 (FFMIA) is to advance Federal financial management by ensuring that Federal financial management systems provide accurate, reliable, and timely financial management information to the government’s managers.


The Accountability of Tax Dollars Act of 2002

H.R. 4685 (107th): Accountability of Tax Dollars Act of 2002. To amend title 31, United States Code, to expand the types of Federal agencies that are required to prepare audited financial statements.


IIA -The Institute of Internal Auditors

The stated mission of The Institute of Internal Auditors is to provide "dynamic leadership" for the global profession of internal auditing. This includes:
Advocating and promoting the value that internal audit professionals add to their organizations;
Providing comprehensive professional education and development opportunities; standards and other professional practice guidance; and certification programs;
Researching, disseminating, and promoting to practitioners and stakeholders knowledge concerning internal auditing and its appropriate role in control, risk management, and governance;
Educating practitioners and other relevant audiences on best practices in internal auditing;
Bringing together internal auditors from all countries to share information and experiences.