20.3 Flashcards
In reporting on compliance with laws and regulations during a financial statement audit in accordance with Government Auditing Standards, an auditor should include in the auditor’s report
Material instances of fraud and noncompliance that were discovered.
An auditor’s report, in accordance with Government Auditing Standards, should present (1) significant deficiencies and material weaknesses in internal control; (2) instances of fraud and noncompliance with provisions of laws or regulations that have a material effect on the audit and any other instances that warrant the attention of those charged with governance; (3) noncompliance with provisions of contracts or grant agreements that has a material effect on the audit; and (4) abuse that has a material effect on the audit.
Which of the following services would constitute a management function under Government Auditing Standards and result in the impairment of a CPA’s independence if performed by the CPA?
Developing entity program policies.
Assuming management responsibilities for an auditee creates management participation threats that cannot be reduced to an acceptable level by safeguards. An example of a management responsibility that impairs independence if performed for an auditee is setting policies and strategic direction for the auditee.
An entity has failed to provide documentation for a newly acquired material asset and informs its auditors that the documentation is lost. According to generally accepted government auditing standards, what would this situation typically indicate to the auditors?
A heightened risk of fraud.
GAGAS incorporate by reference the AICPA’s Statements on Auditing Standards (SASs). All sections are incorporated, including (1) the introduction, (2) objectives, (3) definitions, (4) requirements, and (5) application and other explanatory material. According to Appendix C of AU-C 240, examples of circumstances indicating possible fraud include conflicting or missing evidence, such as missing or altered documents.
In a compliance audit, the auditor has a responsibility to
Consider whether management has identified the applicable compliance requirements.
Management is responsible for (1) identifying the entity’s government programs and understanding and complying with the compliance requirements, (2) establishing and maintaining effective controls over compliance, (3) evaluating and monitoring compliance, and (4) taking necessary correction action.
Although the scope of audits of recipients of federal awards in accordance with federal audit regulations varies, audits under the Single Audit Act generally have which of the following elements in common?
The auditor is to determine whether the federal financial assistance has been administered in accordance with applicable laws and regulations.
According to the Single Audit Act, the scope of federal audits may vary, but the auditor should
- Determine whether the financial statements are presented fairly, in all material respects, in conformity with GAAP.
- Determine whether the schedule of expenditures of federal awards is presented fairly, in all material respects, in relation to the financial statements as a whole.
- With respect to controls over compliance, obtain an understanding of those controls, assess control risk, and perform tests of controls unless the controls are ineffective.
- Determine whether the nonfederal entity has complied with the provisions of laws, regulations, and contracts or grants that have a direct and material effect on each major program.
- Report audit findings in a schedule of findings and questioned costs.
Government Auditing Standards relates to which of the services provided to government entities, programs, activities, and functions?
Financial Statement audits:
Nonaudit services:
Performance audits:
Yes
No
Yes
Government Auditing Standards relates to financial audits and attestation engagements. Moreover, it relates to performance audits of (1) government entities, programs, activities, and functions and (2) government assistance administered by contractors, not-for-profit entities, and other nongovernmental activities. Although GAGAS are not applicable to nonaudit services, they state independence standards and describe the effects of nonaudit services on auditor independence.
Which of the following is correct about reporting on compliance with laws and regulations in a financial audit under Government Auditing Standards (the Yellow Book)?
In some circumstances, auditors are required to report fraud and noncompliance directly to parties external to the audited entity.
Auditors should report known or likely (1) fraud; (2) noncompliance with provisions of laws, regulations, contracts, or grant agreements; or (3) abuse directly to parties outside the audited entity in two circumstances. First, when management does not satisfy legal or regulatory requirements to report such information to specified external parties (e.g., a federal inspector general or a state attorney general), auditors should communicate the failure to report such information to those charged with governance. If the entity still does not report this information to the specified external parties as soon as practicable, the auditors should report directly to the specified external parties. Second, when management does not take timely and appropriate steps to respond to known or likely fraud, etc., that (1) is material and (2) involves funding received directly or indirectly from a government, auditors should report this failure to those charged with governance. If the entity still does not take appropriate steps as soon as practicable, the auditors should report the entity’s failure directly to the funding agency.
Reporting standards for financial audits under Government Auditing Standards differ from reporting standards under generally accepted auditing standards in that Government Auditing Standards require the auditor to
Describe the scope of the auditor’s tests of compliance with laws and regulations.
According to Government Auditing Standards, the report should describe the scope of the auditor’s testing of (1) compliance with laws and regulations and (2) internal control over financial reporting. Thus, the report states whether (1) tests provided sufficient evidence to support an opinion on compliance or internal control over financial reporting and (2) such opinions are provided. According to GAAS, the auditor’s responsibility section of the auditor’s report describes the audit in general terms. It does not specifically describe the scope of testing of matters of audit interest, e.g., compliance with laws and regulations.
Reporting on internal control under Government Auditing Standards differs from reporting under generally accepted auditing standards in that Government Auditing Standards requires a
Written report included with the audit report on financial statements describing significant deficiencies and material weaknesses in internal control.
According to GAS, in a financial audit, auditors should communicate in the report on internal control significant deficiencies and material weaknesses in internal control. Under GAAS and PCAOB standards, significant deficiencies are required to be communicated to management and those charged with governance. But they are not required to be included in the report on internal control. If a material weakness exists, an adverse opinion is expressed, and it is identified in the report.
According to Government Auditing Standards, governmental auditors are required to acquire the following CPE hours every 2 years:
Total of 80 hours:
24 hours related to GAGAS:
Yes
Yes
Auditors who are involved in any amount of planning, directing, performing, or reporting on GAGAS audits are required to obtain 80 hours of continuing education in related topics every 2 years. At least 24 hours of CPE should directly relate to governmental auditing.
An objective of a performance audit is to determine whether an entity’s
Specific operating units are functioning economically and efficiently.
Performance audits include economy and efficiency audits. The objectives of these audits are to determine (1) whether the entity is acquiring, protecting, and using its resources economically and efficiently; (2) the causes of any inefficiencies; and (3) whether the entity has complied with laws and regulations concerning matters of economy and efficiency.
The auditor’s responsibilities under the Single Audit Act include
Reporting on compliance with grant requirements.
Under the Single Audit Act, audit reporting should include an opinion on the fairness of the financial statements, a report on internal control, and a report on compliance with grant requirements.
The GAO standards of reporting for governmental financial audits incorporate the AICPA standards of reporting and prescribe additional requirements to satisfy the unique needs of governmental audits. Which of the following is an additional requirement for governmental financial audits?
Auditors should report the scope of their testing of compliance with laws and regulations and of internal control.
The report on financial statements (or separate reports) should describe the scope of the auditor’s testing of internal control over financial reporting and compliance with laws and regulations and grant or contract provisions. Auditors also should state whether their tests provided sufficient appropriate evidence for opinions on the effectiveness of internal control and compliance.
In accordance with the general standard on independence stated in Government Auditing Standards, an audit organization may perform nonaudit services that do not violate the overarching principles that the standard is based on. Thus, the audit organization most likely may do which of the following without impairing its independence with respect to the audited entity?
Prepare tax filings.
The audit organization and the individual auditor, whether government or public, should be independent in mind and appearance. Audit organizations should not provide nonaudit services involving management functions or making management decisions, and audit organizations should not audit their own work or provide nonaudit services when the services are significant or material to the subject matter of the audits. Accordingly, an audit organization may, for example, prepare and draft financial statements if prepared by management, prepare routine tax filings, advise on IT system design, or advise on control self-assessment.
An auditor who is engaged to audit the financial statements of a governmental entity should
Obtain an understanding of the possible financial statement effects of laws and regulations having direct and material effects on amounts reported.
Government Auditing Standards incorporate all SASs. Thus, the auditor’s responsibility for noncompliance is to obtain sufficient appropriate evidence about material amounts and disclosures in the statements that are determined by the provisions of those laws and regulations generally recognized to have a direct effect on their determination. An example is tax law. Other laws and regulations, for example, those relating principally to operations, do not have a direct effect. An audit usually includes only limited procedures specifically designed to detect noncompliance with such other laws and regulations (AU-C 250).
