Government Audting

Question 1

What are GAAS (General Accepted Auditing Standards)?

Answer 1

• For audits of nonissuers
• Issued by AICPA’s ASB
• SAS - standards

Question 2

What are GAGAS (Yellow Book)?

Answer 2

• Standards for government organizations, programs, activities, and functions; Government assistance
• GAGAS includes designing the audit to provide reasonable assurance of detecting material misstatements resulting from noncompliance

Question 3

What are the requirements of recipients of federal financial assistance?

Answer 3

Have to be in accordance with GAAS and GAGAS

1) Expanded internal control documentation & testing requirements
2) Include formal written reports on internal control and assessment of control risk
3) Reporting on federal financial assistance in compliance
4) Application of single audit standards

Question 4

What the different types of government audits?

Answer 4

1) Financial
2) Attestation
3) Performance

Question 5

What is the audit risk of noncompliance?

Answer 5

Audit risk of noncompliance = Risk of Material Noncompliance X Detection Risk

Question 6

What are the different reports that can be prepared by an auditor for a compliance audit?

Answer 6

1) Opinion on compliance
2) Report on internal control over compliance
3) Combined report on compliance and internal control over compliance

Must restrict use

Question 7

What are the required documentation in a compliance audit?

Answer 7

1) Assessed risk of material noncompliance
2) Responses to the risk assessment
3) The basis or rationale for materiality levels
4) Compliance with supplemental requirements

Question 8

What are the ethics standards under GAGAS?

Answer 8

1) Serving the public interest
2) Integrity
3) Objectivity
4) Proper use of government information, resources, and positions
5) Professional behavior

Question 9

What are the general standards under GAGAS?

Answer 9

1) Independence
2) Professional Judgment
3) Competence
4) Quality Control & Assurance (peer review once every 3 years)

Question 10

What are the standards under GAGAS for PERFORMING financial audits?

Answer 10

1) Consider previous audits & attestation engagements
2) Fraud, noncompliance, and abuse
3) Developing a finding (criteria, condition, cause, effect or potential effect)
4) Audit documentation (supervisory review, departures from GAGAS)

Question 11

What are the standards under GAGAS for REPORTING financial audits?

Answer 11

1) Auditor’s compliance with GAGAS
2) Report on Internal Control and Compliance with laws, regulations, contracts and grant agreements
3) Communicate deficiencies in internal control, fraud, and noncompliance
4) Report views of responsible officials (written responses included)
5) Reporting confidential or sensitive information
6) Distribute reports

Question 12

What is difference between GAGAS and AICPA Standards for reporting on internal control?

Answer 12

1) GAGAS = only requires a report on internal control and compliance that describes the scope of the auditor’s testing
2) AICPA = examination - requires auditor to provide high level of assurance about internal control

Question 13

How should an auditor report confidential or sensitive information?

Answer 13

By either disclosing the exclusion, issuing a separate report, and considering whether omission distorts audit results or conceals improper practices

Question 14

Who should an auditor distribute reports to?

Answer 14

1) Governance
2) Audited entity officials
3) Oversight bodies
4) Officials with oversight authority
5) All others authorized

Question 15

What written representations should be provided by management under GAGAS?

Answer 15

1) No violations or possible violations of laws or regulations
2) Management is responsible for the entity’s compliance with laws & regulations
3) Management has identified and disclosed in writing all laws with a direct and material effect on F/S

Question 16

How should an auditor’s report be formatted?

Answer 16

1) Introductory paragraph (management is responsible)
2) Scope paragraph - audit performed in accordance with GAAS and GAGAS
3) Opinion (fair presentation)
4) Disclosure paragraph
5) Opinion on Other Schedules (Schedule of Expenditures of Federal Awards - not part of F/S, audited, and fairly stated)

Question 17

Who should the auditor report illegal or possible illegal acts?

Answer 17

Auditor is required to report all illegal acts to:

1) Officials of the audited company
2) Governance
3) External regulators

Question 18

How should a report on illegal acts be presented?

Answer 18

• Included in required audit report

- Separate report

Question 19

When is the auditor required to directly report fraud and illegal activities to the federal inspector general?

Answer 19

1) Management fails to disclose such fraud or illegal acts to the grantor
2) Management fails to take appropriate remedial action

Question 20

How should internal control be reported under GAGAS?

Answer 20

1) GAGAS (like GAAS) requires auditor to obtain an understanding of internal control and communicate significant deficiencies
2) GAGAS ALSO requires a written report on the auditor’s understanding and the assessment of control risk in ALL audits. This is different from GAAS’s requirement to only require written communication for significant deficiencies.
3) Significant deficiencies should be report to regulatory bodies

Question 21

What is the content of the written report on internal control?

Answer 21

1) Assertion that evaluating compliance with laws, rules, and regulations with a direct and material effect on F/S is part of developing an opinion on F/S
2) Assertion that specific controls related to financial reporting are considered
3) Indication either no weaknesses were found or that significant deficiencies were found (and whether they were material).

Question 22

What are the threats to independence under GAGAS?

Answer 22

1) Self-interest threat
2) Self-review threat
3) Bias threat
4) Familiarity threat
5) Undue Influence threat
6) Management participation threat
7) Structural threat

Question 23

What is the self-interest threat?

Answer 23

Threat that a financial/other interest will influence auditor’s judgment

Question 24

What is the self-review threat?

Answer 24

Threat that an auditor who has provided non-audit services will not appropriately evaluate the results of previous judgments made or services performed as part of the non-audit services when forming a judgment significant to an audit

Can be minimized if management oversees the services, assumes responsibility, evaluates the adequacy and results, and accepts responsibility.

Question 25

What is the bias threat?

Answer 25

Threat that the auditor will take a non objective position as a result of political, ideological, social or other convictions.

Question 26

What is familiarity threat?

Answer 26

Threat that a long term relationship with client will result in a nonobjective opinion

Question 27

What is the undue influence threat?

Answer 27

Threat that external influences or pressures will impact the judgment

Question 28

What is the management participation threat?

Answer 28

Threat that the auditor will take on the role of management

Question 29

What is the structural threat?

Answer 29

Threat that an audit organization’s placement within a government entity (and in relation to client) will impact judgment

Question 30

What are safeguards? Examples?

Answer 30

Safeguards are controls designed to eliminate or reduce threats to independence to an acceptable level.

Examples:

• Consulting an independent third party
• Involving another audit organization
• Having a professional staff member who was not a member of the audit team previously
• Removing an individual from the audit team when that individual’s financial or other interests or relationships pose a threat to independence

Question 31

What are the requirements to document independence?

Answer 31

1) Threats to independence
2) Safeguards
3) Consideration of management to oversee auditor
4) The auditor’s understanding to perform a non-audit service

Question 32

Which entities are subject to the single audit act (OMB circular A-133)?

Answer 32

Entities that get total federal assistance of $500,000 or greater in a fiscal year.

Single audits include reports on F/S taken as a whole and specific programs

Question 33

Which entities can qualify for a program-specific audit?

Answer 33

1) Awards are expended under a single federal program (program specific audit)
2) Therefore, no F/S audit is required

Question 34

What are the objectives of the single audit act?

Answer 34

1) Audit of the entity’s financial statement and reporting on a separate schedule of expenditures of federal awards
2) Compliance audit of federal awards expended during the year as a basis for issuing additional reports on compliance related to major programs and on internal control over compliance

Question 35

How should material transactions be reported under the single audit act?

Answer 35

Separately in relation to each major program (greater than $300,000), instead of F/S taken as a whole (GAAS and GAGAS)

Question 36

How should internal control be reported for Federal Programs?

Answer 36

Effective control = Test

Ineffective control = Report

Question 37

How should noncompliance be reported for major federal financial assistance programs?

Answer 37

Qualified (except for) or Adverse opinion

Must report illegal acts!

Question 38

How should reports on compliance be formatted?

Answer 38

1) Introductory paragraph = in compliance for each of entity’s major grants, direct reader to Schedule of findings & questioned costs, and asserts compliance with laws, regulations, contracts, and grants is management’s responsibility. Auditor’s responsibility is only to express an opinion on compliance.
2) Scope paragraph = audit in accordance with GAAS, GAGAS, and OMB Circular A-133, report on noncompliance’s effect on major federal programs, states character of audit, audit does not provide legal determination of entity’s compliance
3) Opinion paragraph = identifies any matters of noncompliance to Schedule of Findings & Questioned Costs, summarizes noncompliance, asserts compliance is necessary, assets entity has complied.

Question 39

How should reports on internal control be formatted?

Answer 39

1) Introductory paragraph = management responsible for establishing and maintaining internal control
2) Opinion paragraph = significant deficiencies/material weaknesses, defines them, points reader to Schedule of Findings & Questioned Costs, DISCLAIM OPINION on internal control over compliance
3) Ending paragraph = Restrict use of report

Question 40

What are the three sections of the Schedule of Findings & Questioned Costs?

Answer 40

I - Summary of Auditor’s Results - 1) Financial statement Audit Results 2) Federal Award Results

II = Financial Statement Findings

III - Federal Award Findings & Questioned Costs (fraud/illegal acts)

Question 41

What is located in the Financial Statement Audit Results section of the Summary of Auditor’s Results?

Answer 41

1) Audit Opinion
2) Internal control over financial reporting (yes/no to material weaknesses and yes/none to immaterial reportable conditions)
3) Noncompliance material to F/S

Question 42

What is located in the Federal Award Results of the Summary of Auditor’s Results?

Answer 42

1) Internal control over major programs (yes/no to material weaknesses and yes/none to immaterial reportable conditions)
2) Auditor’s report on compliance
3) Audit findings (yes/no; identify questioned costs > $10,000)
4) Identification of major programs (type A or type B)