Engagements under Government Auditing Standards under Government Auditing Standards Diane ......

8/8/2014

1

Engagements under Government

Auditing Standards

Diane Edelstein, CPA

Flo Ostrum, CPA

American Institute of CPAs®

Presenter Diane Edelstein, CPA

Diane is a partner at Maher Duessel, CPAs in Pittsburgh, PA. She is a

graduate of George Mason University in Fairfax, VA and has worked in

non-profit and government auditing for over 20 years.

Diane was a member of the Executive Committee of the AICPA

Governmental Audit Quality Center from 2007-2011. She is also a member

of the Steering Committee for the AICPA NPO conference held each June

in Washington, DC.

Diane is a member of the AICPA Practice Monitoring Task Force A-133

Subgroup and has lectured for the AICPA and other organizations on the

topics of Single Audit.

2

8/8/2014

2


Presenter

Flo Ostrum, CPA Flo is a partner and National Professional Practice Director –

Government and Not-for-Profit at Grant Thornton. She serves as a

technical accounting and auditing resource specializing in not-for-profit

accounting, performing audits in accordance with Government Auditing

Standards and conducting OMB A-133 audits. She is a member of the

AICPA Practice Monitoring Task Force- A-133 Subgroup.

Flo performs technical reviews of public and private clients. She also

acts as the liaison to the not-for-profit, health-care, Public Sector, and

Financial Services industry groups.

Flo’s industry experience includes not-for-profit organizations, consumer

industrial products companies, and governmental entities as well as

various other industries. She is a frequent presenter at AICPA and state

society conferences on Government Auditing Standards, OMB A-133 and

general auditing and accounting matters.

3


Topics to cover today

Revisit of 2011 Yellow Book Independence

Peer Review matters and revised A-133 checklist

Revised Data Collection Form

Emphasis Areas

Frequent Findings of Technical Reviewers

GAO

New OMB Changes – Uniform Guidance

4

8/8/2014

3


Revisit of 2011 Yellow Book

Independence

5


2011 Yellow Book Peer Review Changes

Revised Peer Review Engagement Profiles and

Yellow Book Supplemental Audit and AUP

Checklists

• Trigger questions on the profile

• Independence questions in the checklists

Supplemental Guidance PRP Section 3100 for

evaluating noncompliance with Yellow Book

6

8/8/2014

4


Engagement Profile Trigger Questions

7


Yellow Book Independence Engagement

Checklist Questions

PRP Section 22110/22120, questions GA101-GA115

GA105- Has the auditor listed all nonaudit services

provided to the auditee?

GA108- If the auditor is performing the preparation

of the financial statements, if significant threats

were not identified, does this seem reasonable?

GA113- If the auditor has not documented

independence in accordance with Interpretation 101-

3 and GAGAS, did firm otherwise provide

convincing evidence that independences was not

impaired?

8

8/8/2014

5


Peer Review Matters and

Revised A-133 Checklist

9


Peer Review Matters:

Common Governmental MFCs

Reporting

Failure to include all of the required elements of

professional standards in the Auditor’s Report on

Internal Control and Compliance

Failure to include all of the required elements of

professional standards in the Auditor’s Report

SINGLE AUDIT: Failure to properly report

information on the Schedule of Expenditures of

Federal Awards

10

8/8/2014

6




Documentation

Failure to properly document the evaluation of

management’s skills, knowledge and experience

SINGLE AUDIT:

• written management representations

• an understanding of internal control over compliance of federal

awards

• testing of controls and compliance for the relevant assertions

related to each compliance requirement with a direct and

material effect for the major program.

• Improper identification of an auditee as low-risk

11




General

Clarity: Failure to update the audit report to conform

to the clarity standards

Failure to document a sufficient audit plan to

consider fraud risk and comprehensive risk

assessment procedures, including failure to link the

risk assessment to the audit procedures performed

Failure to adequately document procedures

performed over balances and transactions

12

8/8/2014

7



Section 22,100 – Part A and B

Issued in April 2014

Instructions clarified as to completion of Part B

13



14

8/8/2014

8


Data Collection Form

15


Federal Audit Clearinghouse – 2013 Form

Changes

2013 Form SF-SAC

• The new form and instructions will be applicable for

audit periods ending in 2013, 2014 and 2015

• More significant changes this time around

16

8/8/2014

9



Changes

Part I – General Information

• Beginning with 2013 audits, all audit firms must report their

Employer Identification Number (EIN)

• Secondary auditors must report their EIN on the secondary

auditor contact information page

Part III: Federal Programs

• Identify Loan/Loan Guarantee

• Standardized Audit Finding Reference Numbers: YYYY-###, (ex.

2014-001)

17



Changes – New Items in Part III: Federal

Programs

18

8/8/2014

10



Changes

New Part III, Item 7: Federal Awards Findings

Summary

• Audit findings must be listed once for each Federal award

affected by that finding

• Auditor must report the Type of Compliance Requirement

(moved from Part III: Federal Programs) using letters A-N

or P from the annual Circular A-133 Compliance

Supplement. ‘O’ (for ‘None’) will no longer be needed as it

was only used when there was no finding

• Type of finding to be indicated

• Report questioned costs related to the finding

• See next slide for example Part III, Item 7

19



Changes – New Part III, Item 7: Federal

Awards Findings Summary

20

8/8/2014

11



Changes

Personally Identifiable Information Certification (PII)

• Auditors and auditees will be required to certify that

their reporting package does not contain Personally

Identifiable Information (PII)

Unlocked, unencrypted, and at least 85% text-

searchable PDFs. (2014 YE for < $50 million)

21



Changes

For 2013 Audits due before the 2013 Form is ready,

OMB has added the following guidance to the FAC

home page regarding extension:

“If a single audit for a fiscal period ending in 2013 is

due before the 2013 Form is available, auditees will

not be able to meet the thirty-day deadline for

submission prescribed by OMB Circular A-133

§_.320(a). Therefore, OMB has granted an

extension until March 2014 for reporting packages

due to the Clearinghouse before that date. The

extension is automatic and there is no approval

required. The extension applies only to single audits

for the fiscal periods ending in 2013.”

22

8/8/2014

12



Changes

New Submission Process

• New user profiles

• For 2013 audits with cognizant agency (and remaining audits in

2014), all reporting package uploads must be text searchable,

unlocked, and unencrypted PDF files (FAC provides instructions

when filing reports this year)

FAC working towards making all reporting packages

transparent to the public

• Financial statements, SEFA

• Auditor reporting

• Schedule of Findings and Questioned Costs

23


Emphasis Areas

24

8/8/2014

13


Current Environment – Financial Statement

Audits

Consider effect of current environment on the

financial statement audits

• Continued fiscal stress

• Going concern/fiscal uncertainty

• Client revenue recognition issues?

• Public pension challenges (funding issues, new GASB

standards, SEC interest in municipal issuer disclosure)

• Don’t ignore fraud risk

• Continued fee pressure

25


GASB's New Pension Standards

Peer reviewers to understand implementation issues

associated with the GASB’s new pension standards

April 2014 – Reviewer Focus

GASB’s employer standard—GASB Statement No.

68, Accounting and Financial Reporting for

Pensions—an amendment of GASB Statement No.

27—is not required until June 30, 2015 year-ends

Potential for employer auditors to issue modified

opinions

26

8/8/2014

14



The AICPA State and Local Government Expert

Panel (SLGEP) was charged with addressing the

various accounting and auditing implementation

issues that have resulted from the new GASB

standards.

SLGEP Pension Whitepaper on Employer and

Related Auditor Issues: Agent Plans

SLGEP Pension Whitepaper on Employer and

Related Auditor Issues: Cost-Sharing Plans

SLGEP Pension Whitepaper on Census Data Related

to Single-Employer and Cost-Sharing Plans

27



Interpretation to auditing standards

AICPA Audit and Attest Team website: Recently

Issued Audit Interpretations

The following includes a brief summary of the agent

interpretations and provides direct links to each

interpretation:

Interpretation No. 3, "Auditor of Participating

Employer in a Governmental Agent Multiple-

Employer Pension Plan”

Interpretation No. 2, "Auditor of Governmental Agent

Multiple-Employer Pension Plan”

28

http://www.aicpa.org/InterestAreas/GovernmentalAuditQuality/Resources/gasbmatters/DownloadableDocuments/AICPASLGEP_Agent_ER_Reporting_Whitepaper.pdf

http://www.aicpa.org/InterestAreas/GovernmentalAuditQuality/Resources/gasbmatters/DownloadableDocuments/AICPASLGEP_Agent_ER_Reporting_Whitepaper.pdf

http://www.aicpa.org/InterestAreas/GovernmentalAuditQuality/Resources/gasbmatters/DownloadableDocuments/AICPASLGEP_CS_ER_Reporting_Whitepaper.pdf




http://www.aicpa.org/InterestAreas/GovernmentalAuditQuality/Resources/gasbmatters/DownloadableDocuments/AICPASLGEP_CS_Census_Data_Whitepaper.pdf






http://e.aicpa.org/a/hBTrHQjB81KsbB866AMAAEM0cZg/[email protected]










8/8/2014

15


GASB's New Pension Standards - Resources

April 2014 AICPA Peer Reviewer Focus

http://www.aicpa.org/InterestAreas/PeerReview/NewsAnd

Publications/DownloadableDocuments/ReviewerFocus04

14.pdf

AICPA GAQC GASB Matters Page

http://www.aicpa.org/interestareas/governmentalauditqua

lity/resources/gasbmatters/pages/default.aspx

29


Current Environment – Compliance Audits

Documentation of the effect of current environment

on the compliance audit

• Continued fiscal stress

- Allowable use of grant funds?

• Subrecipient Monitoring

• Designing/Updating Controls

• Don’t Ignore Fraud Risk

- Employee Defalcation

- Journal Entries Create Risk

30

http://www.aicpa.org/InterestAreas/PeerReview/NewsAndPublications/DownloadableDocuments/ReviewerFocus0414.pdf



http://www.aicpa.org/interestareas/governmentalauditquality/resources/gasbmatters/pages/default.aspx

http://www.aicpa.org/interestareas/governmentalauditquality/resources/gasbmatters/pages/default.aspx

8/8/2014

16


Group Audits in a Governmental Audit

Peer Review Engagement Profile

• Is this engagement part of a group audit?

• If a group audit, describe the level of reliance on the

work of component auditors

PRP Section 20500, questions G122-G131

31

Governmental Audit Quality Center

AICPA Auditing Standards – Clarity One-Year

Later - Group Audits Challenges Areas

IDENTIFYING COMPONENTS CAN BE CHALLENGING

DETERMINING SIGNIFICANCE OF COMPONENTS

MATERIALITY DECISIONS

SUBSEQUENT EVENTS

COMMUNICATIONS WITH COMPONENT AUDITORS, GROUP GOVERNANCE AND MANAGEMENT

32

8/8/2014

17



Later – Auditor Reporting Challenge Areas

Ensure that all clarity reporting changes were

incorporated into the auditor report templates

How is the Firm addressing compliance audits for

States or federal regulators that have outdated

report examples?

33



Later – Auditor Reporting Challenge Areas

Current questions on audit reports

• Confusion over terminology (e.g., modified versus

qualified)

• Reporting on state and local government opinion units

when unmodified opinions and also modified opinions

• Reporting on compliance when have unmodified opinions

and modified opinions

• Referencing the management letter in Government

Auditing Standards report (not required)

• Restricted use alerts versus purpose alerts

34

8/8/2014

18


AICPA Auditing Standards – Additional

GAQC/AICPA Guidance

GAQC Archived Web Event titled, Group Audits: A Look Back

One Year Later and Lessons Learned (held 2/14)

GAQC Archived Web Event titled, Understanding the Potential

Impacts of the New Group Audits SAS on Your Governmental and

Not-For-Profit Audit Engagements (held 12/11 but still relevant)

Technical Questions and Answers on Group Audits (located in

TIS Section 8800, Audits of Group Financial Statements and Work

of Others on AICPA Website)

AICPA Audit Risk Alert - Understanding the Responsibilities of

Auditors for Audits of Group Financial Statements

AICPA Audit and Accounting Guide, State and Local

Governments (SLG Guide)

AICPA Audit Guide, Government Auditing Standards and Circular

A-133 Audits (GAS-A133 Guide)

35


Common Quality Issues

Found in Peer Reviews and

Ethics Referrals

36

http://www.aicpa.org/InterestAreas/GovernmentalAuditQuality/Resources/Pages/GroupAuditsALookBackOneYearLaterandLessonsLearned.aspx

http://www.aicpa.org/InterestAreas/GovernmentalAuditQuality/Resources/Pages/GroupAuditsALookBackOneYearLaterandLessonsLearned.aspx

http://www.aicpa.org/InterestAreas/GovernmentalAuditQuality/Resources/Pages/TheImpactofGroupAuditsSAS.aspx







http://www.aicpa.org/interestareas/frc/pages/recentlyissuedtechnicalquestionsandanswers.aspx



http://www.cpa2biz.com/AST/Main/CPA2BIZ_Primary/AuditAttest/IndustryspecificGuidance/PRDOVR~PC-ARAGRP/PC-ARAGRP.jsp

http://www.cpa2biz.com/AST/Main/CPA2BIZ_Primary/AuditAttest/IndustryspecificGuidance/PRDOVR~PC-ARAGRP/PC-ARAGRP.jsp

http://www.cpa2biz.com/AST/Main/CPA2BIZ_Primary/AuditAttest/AuditPreprationandPlanning/PRDOVR~PC-012665/PC-012665.jsp

http://www.cpa2biz.com/AST/Main/CPA2BIZ_Primary/AuditAttest/AuditPreprationandPlanning/PRDOVR~PC-012665/PC-012665.jsp

http://www.cpa2biz.com/AST/Main/CPA2BIZ_Primary/AuditAttest/IndustryspecificGuidance/NotforProfit/PRDOVR~PC-012743/PC-012743.jsp?cm_vc=PDPZ1




8/8/2014

19


Common Audit Quality Issues

The examples of single audit errors found on an

engagement profile are the following:

• Incorrectly computed Type A threshold

• Misidentification of Type A programs

• Missed clusters

• Not selecting appropriate programs (i.e. Type A program not

identified as low risk – not audited in prior 2 years)

37



Most Common Yellow Book and A-133 Clarified

Reporting Questions

• Where are the Yellow Book report illustrations for

NFP entities?

• Why did you add the title “Independent Auditor’s

Report” to the Yellow Book reports?

• Why was the reference to management responsibility

for internal control over financial reporting in the

Yellow Book report removed?

38

8/8/2014

20



Most Common Yellow Book and A-133 Clarified

Reporting Questions

• Why was the reference to management letter

removed from the Yellow Book report?

• Why was the "restricted use alert" replaced with a

"purpose alert“ and why only in internal control

section in A-133 report?

• Do I have to follow these formats exactly for my A-

133 reports?

39



Missed major programs

Documentation of internal control over compliance

understanding

Testing and documentation of compliance testing

Sampling adequacy and documentation

Schedule of Expenditures of Federal Awards (SEFA)

Issues

GAQC Web Event: How to Avoid Common Audit

Quality Issues: Compliance Audits, Governmental

Audits, and Not-for-Profit Audits

40

http://www.aicpa.org/InterestAreas/GovernmentalAuditQuality/Resources/Pages/GAQCArchivedWebEventAuditQuality.aspx







8/8/2014

21



More federal focus on findings

Be sure findings include all required elements

• Remember ensure that you have no PII in findings

Tell the whole story in your findings

• Helps avoid follow-up after the fact by a federal

agency trying to resolve the finding

41



Findings Reminder

• Tell the whole story:

42

Good finding

What was wrong

Frequency

Magnitude

8/8/2014

22


Audit Quality Issues and non conforming

engagements

When does a 'no' answer result in a nonconforming

engagement?

What if there is a nonconforming engagement in an

Engagement review?

What if there is a nonconforming engagement in a

System Review?

What are the reviewed firm's responsibilities?

• How to remediate?

What is the reviewer's responsibilities?

• Evaluate the response

• Should there be monitoring

43


Common Audit Quality Issues for

SLG Audits

Management’s Discussion and Analysis Issues

Defining the Reporting Entity

Disclosures (for example, component units,

transfers)

Reporting Units and Opinion Units

GASB 54, Fund Balance Reporting & Governmental

Fund Type Definitions

More details available in GAQC Archived Web Event

• How to Avoid Common Audit Quality Issues: Compliance Audits,

Governmental Audits, and Not-for-Profit Audits - Member Web

Event

44

http://www.aicpa.org/interestareas/governmentalauditquality/resources/pages/gaqcarchivedwebeventauditquality.aspx










8/8/2014

23


Use the Federal Audit Clearinghouse as a

Tool to Identify Audit Quality Issues

Consider using the database to perform a few

quality checks

• Check type A program thresholds for your audits (if

you find $500,000, you probably have a problem)

• See if doing any program-specific audits; if so, look at

the data collection form (DCF) to determine if only

one program or cluster noted

• Randomly drill down into some of your organization’s

DCFs to see if any other trends noted

45


QCR and Desk Review Checklists

Inspector General community has issued the

following checklists for use by federal agencies:

• Guide for Quality Control Reviews of OMB Circular A-133

Audits

• Guide for Desk Reviews of OMB Circular A-133 Audit

Report

Both can be found at:

http://www.ignet.gov/pande/audit1.html#reports

(look under Single Audit Guides)

Consider using these checklists as an additional QC

tool

46

http://www.ignet.gov/pande/audit1.html#reports

8/8/2014

24


Case Study 1: Low Risk Auditee

You are reviewing the engagement profile of an OMB

A-133 engagement and note that the auditee is a low

risk auditee. What procedures do you think you

should perform as the reviewer to establish that the

determination is correct?

47



Review responses with firm to ensure they

understood the question on profile sheet

Reviewer to recompute info on profile sheet

48

8/8/2014

25



What are peer reviewers doing about checking DCF

filing dates?

What are reviewers doing about comparing the DCF

to the A-133 reports?

49


Case Study 2: Control testing and evaluation

You are evaluating an A-133 engagement and completing

Part A of the checklist. In evaluating the engagement’s

risk assessment workpapers, the firm has indicated

control risk as high for the applicable, direct and material

compliance requirements for the particular major

program tested. There was no testing performed on

internal controls. The A-133 report on internal control

and compliance over major programs has no findings.

Further review of the compliance testing indicates no

deviations on the compliance testing. Documentation of

the compliance testing performed is in compliance with

the Yellow Book documentation standards. Does this

work appear acceptable or do you need to make further

inquiries?

50

8/8/2014

26



How was control risk determined to be high?

Firm responsibilities?

Reviewer?

51



A-133 internal control over federal programs

• Internal control pertaining to the compliance requirements for

federal programs (internal control over federal programs) means

a process—effected by an entity's management and other

personnel—designed to provide reasonable assurance

regarding the achievement of the following objectives for federal

programs….

52

8/8/2014

27


Government Accountability

Office (GAO)

53

Yellow Book: The Next Revision

We are working towards a 2015 Yellow Book.

• Revise and modernize CPE.

• Make some refinements to Independence based on user experience with the conceptual framework and SKE.

• Consider how the report on internal control and compliance can be made more relevant.

• Incorporate the 2013 peer review guidance.

• Clarity format?

54

8/8/2014

28


2013 Peer Review Guidance

Explicitly draws parallels between:

• Unmodified Opinion (2007) and Pass rating (2011).

• Modified Opinion and Pass with Deficiencies rating.

• Adverse Opinion and Fail rating.

Incorporates the AICPA peer review definitions of

Matter, Finding, Deficiency, and Significant

Deficiency.

55


We are working towards a 2015 Yellow Book.

What can we change or add that would help

peer reviewers do their work more

effectively?

56

8/8/2014

29

57

Where to Find the Yellow Book

The Yellow Book is available on GAO’s

website at:

www.gao.gov/yellowbook

For technical assistance, contact us at:

[email protected]

or call (202) 512-9535


New OMB Changes - Uniform

Guidance

58

http://www.gao.gov/yellowbook

http://www.gao.gov/yellowbook

mailto:[email protected]

8/8/2014

30


Sources

AICPA GAQC

COFAR Training held January 27, 2014

59


New Uniform Guidance

In late December 2013, the U.S. Office of

Management and Budget (OMB) issued Uniform

Administrative Requirements, Cost Principles, and

Audit Requirements for Federal Awards (Uniform

Grant Guidance or Guidance) 2 CFR 200. This 103

page document combines eight existing OMB

Circulars (A-21, A-87, A-89, A-102, A-110, A-122, A-

133 and sections of A-50).

http://www.gpo.gov/fdsys/pkg/FR-2013-12-

26/pdf/2013-30465.pdf

60

http://email.aicpa.org/cgi-bin15/DM/t/hoF70NTPGB0MKf0ELvN0Ef



http://www.gpo.gov/fdsys/pkg/FR-2013-12-26/pdf/2013-30465.pdf










8/8/2014

31


Replaces prior Circulars

Streamlining of Related Circulars and Guidance

• A-21, Cost Principles for Educational Institutions

• A-50, Audit Follow-Up, related to Single Audit

• A-87, Cost Principles for State, Local, and Indian Tribal

Governments

• A-89, Federal Domestic Assistance Program Information

• A-102, Awards and Cooperative Agreements with State and

Local Governments

• A-110, Uniform Administrative Requirements for Awards and

Other Agreements with Institutions of Higher Education,

Hospitals, and Other Nonprofit Organizations

• A-122, Cost Principles for Non-Profit Organizations

• A-133, Audits of States, Local Governments and Non-Profit

Organizations

61


Prior Circulars

The original circulars are available on the OMB

website at:

http://www.whitehouse.gov/omb/grants_circulars

62

http://www.whitehouse.gov/omb/grants_circulars

8/8/2014

32


Important Dates

The Uniform Guidance will be implemented one year

from publication: December 26, 2014. OMB and the

COFAR will continue to engage Federal and Non-

Federal stakeholders over the next year to facilitate

a smooth implementation process. Please submit

any comments or questions to [email protected].

Single Audits beginning December 31, 2015 year-

end

No early implementation permitted

63


COFAR Presentation

On Monday, January 27th COFAR, held a training

webcast on the major updates to OMB’s recently

reformed guidance on Uniform Administrative

Requirements, Cost Principles, and Audit

Requirements for Federal Awards (Uniform Grant

Guidance or Guidance).

64





8/8/2014

33


COFAR Presentation

Links to the Uniform Guidance 1-27-14 Training

Webcast:

COFAR Training Intro 1-27-14

http://youtu.be/SOET4b-7my8

COFAR Training Administrative Requirements 1-27-

14

http://youtu.be/BP3l3PjI1JQ

COFAR Training Cost Principles 1-27-14

http://youtu.be/q0rWXdy2ICM

COFAR Training Audit Requirements 1-27-14

http://youtu.be/g-U8HGbbC-Y

65


Administrative Requirements

Reforms to A-102,

Circular A-110, and

Circular A-89

66




http://youtu.be/BP3l3PjI1JQ

http://youtu.be/q0rWXdy2ICM






8/8/2014

34


Procurement

Five prescriptive procurement methods:

• Micro-purchase – supplies or services with aggregate

amount does not exceed $3K, or $2K in case subject

to Davis-Bacon Act

• Small purchase procedures – subject to Simplified

Acquisition Threshold (currently $150K)

• Sealed bids (formal advertising)

• Competitive proposals

• Noncompetitive proposals

67

OMB Circular A-110 is arguably more simple and allows more flexibility in

selecting procurement method.


Procurement

Must perform cost or price analysis in connection

with every procurement action in excess of

Simplified Acquisition Threshold, including contract

modifications

• As starting point, must make independent estimate

before receiving bids or proposals

68

8/8/2014

35


Procurement

Must negotiate profit as a separate element of price

for each contract where no price competition and in

all cases where cost analysis is performed

Competition provisions of section 200.319 prohibit

use of statutorily imposed state or local geographic

preferences in procurement

69


Cost Principles

Reforms to Circulars A-21,

A-87, and

A-122

70

8/8/2014

36


Compensation – Personal Services

Significant differences in time and effort

documentation requirements under the three

existing cost circulars

• A-21 is based on estimates that produce a

reasonable approximation of the activity

• A-87 and A-122 are based on periodic (at least

monthly) time and effort reporting of employees

71

§ 200.430

Many commenters of NPG requested additional flexibility, while others

requested stricter uniformity in the provision of specific certification language to

better prevent and facilitate prosecution of fraud.



Uniform Guidance loosely based on concepts from

all three circulars

• Increases emphasis on internal controls

• Provides less prescriptive guidance on

documentation

72

§ 200.430

Many commenters of NPG requested additional flexibility, while others

requested stricter uniformity in the provision of specific certification language to

better prevent and facilitate prosecution of fraud.

8/8/2014

37


Compensation – Personal Services (continued) Charges to Federal awards for salaries and wages must be

based on records that accurately reflect the work. They must:

73

Be incorporated into official records of non- Federal entity

Be supported by a system of internal

control which provides reasonable

assurance that charges are accurate,

allowable, and properly documented.

Comply with established

accounting policies of non-Federal entity

Encompass both federally assisted and

all other activities

Support distribution of employee’s salary

or wages among activities or cost

objectives

Reasonably reflect the total activity for which

employee is compensated

The standards for documentation contain several references to entity’s written policy.



(continued)

Budget estimates alone do not qualify as support,

but may be used for interim charges provided that:

• System for establishing the estimate produces reasonable

approximations of the activity actually performed

• Significant changes in corresponding work activity are

identified and entered into records on a timely basis

- Short term (such as one or two months) fluctuations

between workload categories need not be considered

as long as distribution reasonable over long term

• Entity’s system of internal controls include process to

review after-the-fact interim charges based on budget

74

8/8/2014

38



(continued)

Charges for salaries and wages of nonexempt

(hourly) employees must also be supported by

records indicating total hours worked each day

maintained in accordance with Department of Labor

regulations

Salaries and wages of employees used in meeting

cost sharing or matching requirements must be

supported in same way as if claimed for

reimbursement

75

Most time and effort reporting systems for NFP and SLG entities are

based on time actually incurred (allocated to Federal awards each period

based on actual hours incurred for each activity). In near term, it is likely

these entities will not revise IT systems because of cost.



(continued)

For non-Federal entity that do not meet these

standards, the Federal government may require

personnel activity reports

For states, local governments, and Indian tribes,

substitute process or systems for allocating salaries

may be used if approved by cognizant agency for

indirect costs

76

Most time and effort reporting systems for NFP and SLG entities are

based on time actually incurred (allocated to Federal awards each period

based on actual hours incurred for each activity). In near term, it is likely

these entities will not revise IT systems because of cost.

8/8/2014

39


Written Policies

“Written Policy” reference in Uniform Guidance (25

times)

• Financial management – section 200.302

• Payment – section 200.305

• Procurement – sections 200.318, 200.319, 200.320

• Compensation – sections 200.430 and 200.431

• Relocation costs – section 200.464

• Travel costs – section 200.474

77


Audit Requirements

Reforms to Circulars

A-133 and A-50

78

8/8/2014

40


Targeting Audit Requirements on Risk of

Waste, Fraud, and Abuse

The final guidance right-sizes the footprint of

oversight and Single Audit requirements to

strengthen oversight and focus audits where there

is greatest risk of waste, fraud, and abuse of

taxpayer dollars

It improves transparency and accountability by

making single audit reports available to the public

online, and encourages Federal agencies to take a

more cooperative approach to audit resolution in

order to more conclusively resolve underlying

weaknesses in internal controls

79


Revisions Focus Audit On Risk

Increases audit threshold

Strengthens risk-based approach to determine

Major Programs

Provides for greater transparency of audit results

Strengthens agency use of the single audit process

Provides for public outreach to focus Compliance

Supplement on requirements of highest risk

80

8/8/2014

41


Basic Structure of Single Audit Process

Unchanged

Audit threshold (200.501)

Subrecipient vs. Contractor (200.501(f) & 200.330)

Biennial (200.504) & Program-specific (200.507) audits

Non-Federal entity selects auditor (200.509)

Auditee prepares financial statements & SEFA (200.510)

Audit follow-up & corrective action (200.511 & 200.521)

9-month due date (set in law) (200.512(a))

Reporting to Federal Audit Clearinghouse (200.512)

Major programs determined based on risk (200.518)

Compliance Supplement overall format

81


Audit Threshold (200.501)

The COFAR considered that raising the threshold would

allow Federal agencies to focus their audit resolution

resources on the findings that put higher amounts of

taxpayer dollars at risk, thus better mitigating overall

risks of waste, fraud, and abuse across the government

Further, the COFAR notes that provisions throughout the

guidance, including pre-award review of risks, standards

for financial and program management, subrecipient

monitoring and management, and remedies for

noncompliance provide a strengthened level of oversight

for non-Federal entities that would fall below the new

threshold

82

8/8/2014

42


Audit Threshold

Increases audit threshold from $500,000 to $750,000

Maintains oversight over 99.7% of the dollars

currently subject to Single Audits and reduces audit

burden for approximately 5,000 entities

Increase of $250,000 is in line with previous

threshold increase in 2003

83


6,115 14%

38,704 86%

2010 FAC Total # of Audits

<$750k

>$750k

0.3%

99.7%

2010 FAC Total Dollars

<$750k

>$750k

Impact of Threshold

84

8/8/2014

43


Single Audits by Agency

Agency As Cognizant As Oversight

> $750 < $750

Education 508 8,936 1,601

HUD 259 10,383 1,588

HHS 239 6,368 1,028

Transportation 69 1,272 228

Labor 12 538 68

Agriculture 9 2,483 561

Energy 8 395 62

Homeland

Security

5 702 193

NSF 5 95 20

85


Major Program Determination

200.518 Major Program Determination focuses

audits on the areas with internal control deficiencies

that have been identified as material weaknesses.

Future updates to the Compliance Supplement will

reflect this focus as well

86

8/8/2014

44


Type A/B Threshold (Step 1)

Programs are grouped based on dollars

• Type A programs are those above the threshold

• Type B are those below the threshold

Type A/B threshold is a sliding scale with minimum

• Minimum increases from $300,000 to $750,000

• Threshold presented in table to be more easily understood.

Audit threshold and Type A/B minimum threshold

will be the same at $750,000

87


Type A/B Threshold – Table (200.518(b)(1))

Type A/B Threshold Total Federal Awards Expended (FAE)

$750,000 Equal to $750,000 but LT or EQ to $25 M

Total FAE times .03 Exceed $25M but LT or EQ to $100M

$3,000,000 Exceed $100M but LT or EQ to $1B

Total FAE times .003 Exceed $1B but LT or EQ to $10B

$30M Exceed $10B but LT or EQ to $20B

Total FAE times .0015 Exceed $20B

88

M means Million Dollars and B means Billion Dollars

LT means Less Than

EQ means Equal To

8/8/2014

45


Current A-133 criteria:

Not audited as major program in

1 of 2 most recent audit periods

In most recent period had ANY

AUDIT FINDING

• Provided for auditor judgment in

limited cases, e.g., very small

questioned costs

• Other – Auditor judgment

- Oversight exercised by

Federal agencies or pass-

through entities, audit follow-

up, or changes in personnel

or systems which significantly

increased risk

Uniform Guidance:

SAME

In most recent period had a

HIGH RISK AUDIT FINDING

• Modified opinion

• Material weakness in internal

control

• Known or likely questioned

costs exceeding 5% of total

program expenditures

• Other – Auditor judgment

- Basically unchanged

High-Risk Type A Program (200.518(c)) (Step 2)

89

Key – An entity with strong internal controls and few audit findings will

have less high-risk Type A program


Current A-133 criteria:

Currently there are two

Type B risk assessment

options: • Option 1 – Perform risk

assessments on ALL Type B

programs and select at least 50%

of Type B programs identified as

high risk up to number of low-risk

Type A programs

• Option 2 – Perform risk

assessments on all Type B

programs until as many high-risk

Type B programs have been

identified as there are low-risk

Type A programs

New criteria:

Perform risk assessments

on Type B programs until

high-risk Type B programs

have been identified UP

TO at least 25% of number

of low-risk Type A

programs

High-Risk Type B Program (200.518(d))

(Step 3)

90

8/8/2014

46


Percentage of Coverage Rule (200.518(f))

(Step 4)

Guidance reduces the minimum coverage as

follows:

91

Type of Auditee Current New

Not low-risk 50% 40%

Low-risk 25% 20%


Low-Risk Auditee

200.520 Criteria for a Low-Risk Auditee

Members of the audit community and states

commented on the criteria for a low-risk auditee that

includes whether the financial statements were

prepared in accordance with GAAP. Members of the

audit community note that GAAP is the preferred

method, and states note that state law sometimes

provides for other methods of preparation. The

COFAR considered this and recommended revised

language to allow for exceptions where state law

requires otherwise.

92

8/8/2014

47


Current (2 prior years)

Annual single audits

Unmodified opinion on financial

statements in accordance with

GAAP

Unmodified SEFA in relation to

opinion

No GAGAS material weaknesses

In either of preceding two years,

none of Type A programs had:

• Material Weakness

• Material noncompliance

• Questioned costs that exceed 5%

Timely filing with FAC

Auditor reporting going concern

not preclude low-risk

Waivers

New (2 prior years)

SAME

Unmodified opinions on statements

in accordance with GAAP or basis of

accounting required by state law

SAME

SAME

SAME

SAME

No Audit reporting of going concern

No waivers

Low-Risk Auditee (200.520)

93


Single Audit Report Submission (Cont’d)

All auditees must submit the reporting package and

the data collection form electronically to the Federal

Audit Clearinghouse (FAC) (200.512(d))

FAC responsible to make the reports available on a

Web site (200.512(g))

• Exception for Indian tribes will be discussed later

94

8/8/2014

48


Single Audit Reports on the Web - PPII

Auditors and auditees must ensure reports do not

include protected personally identifiable information

(PPII) (200.82 & 200.512(a)(2))

Auditee must sign statement that (200.512(b)(1)):

• Reports do not include PPII

• Authorizes FAC to make reports publically available

on a Web site

- Exception for Indian tribes as defined in 200.54

- No exception for tribal organization not meeting

the 200.54 definition

95


Exception for Indian Tribes (200.512(b)(2))

Tribal reports may include confidential business

information that would be redacted under the

Freedom of Information Act

May elect to not authorize the FAC to make reporting

package publically available on the Web site

If elected, Indian tribe must:

• Submit reporting package directly to pass-through

entities

• Make reporting package available for public

inspection as required by the Single Audit Act

96

8/8/2014

49


FAC Repository of Record for Reporting

Packages (200.36 & 200.512(b))

Federal agencies, pass-through entities, and others

obtain copies by accessing FAC website

Subrecipient only required to submit report to FAC

and no longer required to submit to pass-through

entity

Pass-through entity no longer required to retain

copy of subrecipient report as available on the Web

97


Single Audit Accountable Official

200.513 Responsibilities

Requires Federal awarding agencies to designate a

Senior Accountable Official who will be responsible for

overseeing effective use of the Single Audit process

and implementing metrics to evaluate audit follow-up.

98

8/8/2014

50


Single Audit Accountable Official

(200.513(c)(5))

Ensure agency effectively uses the single audit

process

Develop a baseline, metrics, and targets to track,

over time, the effectiveness of:

• The agency’s process to follow-up on audit findings

• Single Audits in:

- Improving non-Federal entity accountability for Federal

awards

- Use by the agency in making award decisions

Designate the agency’s Key Management Single

Audit Liaison

99


Agency Key Management Single Audit Liaison

(200.513(c)(6))

Agency management’s point of contact for single audit

Promote interagency coordination

Oversee training for agency’s program management

personnel related to the single audit process

Promote use of cooperative audit resolution

Coordinate agency’s audit follow-up to ensure timely

corrective action on audit findings

Organize cognizant agency for audit follow-up

Ensure agency provides annual updates to the

Compliance Supplement

Support the Senior Audit Accountable Official

100

8/8/2014

51


Cooperative Audit Resolution

200.513(c)(3)(iii) Responsibilities

Encourages Federal awarding agencies to make

effective use of cooperative audit resolution practices

in order to reduce repeat audit findings.

101


Cooperative Audit Resolution (200.25)

Cooperative audit resolution means the use of audit

follow-up techniques which promote prompt corrective

action by improving communication, fostering

collaboration, promoting trust, and developing an

understanding between the Federal agency and the

non-Federal entity. This approach is based upon:

a) A strong commitment by Federal agency and non-

Federal entity leadership to program integrity

b) Federal agencies strengthening partnerships and

working cooperatively with non-Federal entities and

their auditors; and non-Federal entities and their

auditors working cooperatively with Federal

agencies

102

8/8/2014

52


Cooperative Audit Resolution (200.25)

c) A focus on current conditions and corrective action

going forward;

d) Federal agencies offering appropriate relief for past

noncompliance when audits show prompt corrective

action has occurred; and

e) Federal agency leadership sending a clear message

that continued failure to correct conditions identified

by audits which are likely to cause improper

payments, fraud, waste, or abuse is unacceptable

and will result in sanctions.

103


Appendix XI - Compliance Supplement

While most commenters were in favor of the proposed

reduction of the number of types of compliance

requirements, many voiced concern about the process to

implement such changes. Comments questioned

whether Federal agencies adding back provisions under

special tests and provisions would result in increased

administrative burden.

Since the Supplement is published as part of a separate

process, the COFAR recommended that any future

changes to its structure be based on available evidence

of impact on past findings and include further public

outreach to mitigate potential risks of an inadvertent

increase in administrative burden.

104

8/8/2014

53


Compliance Supplement

Supplement is published as separate process so the

final changes are not included in the Guidance

Future changes will be based on available evidence

of past audit findings & potential impact of non-

compliance

Further public outreach will be conducted prior to

making structural changes to Supplement format

• 2014 Supplement will preview the implementation of

changes

• Changes will not be effective until the 2015

Supplement

105


Audit Findings (200.516)

Increases the threshold for reporting known and

likely questioned costs from $10,000 to $25,000

(200.516(a)(3) & (4))

Requires that questioned costs be identified by

CFDA number and applicable award number

(200.516(b)(6))

Requires identification of whether audit finding is a

repeat from the immediately prior audit and if so the

prior year audit finding number (200.516(b)(8))

Provides that audit finding numbers be in the format

prescribed by the data collection form (200.516(c))

106

8/8/2014

54


Finding Elements

107

§ 200.516

Finding Elements

Program

Information Criteria

Condition

Found

Context

Questioned

Costs Whether

Sampling was Statistically Valid

Repeat Finding from Prior Year

Cause & Effect

Recommendation

Views of Responsible

Officials


Single Audit Reporting

Face of schedule of expenditures of federal awards

(SEFA) must include all Federal awards expended

including:

• Noncash assistance

• Loan programs (beginning balance of outstanding loans plus

loans disbursed during period plus interest subsidy, cash, or

administrative cost allowance)

• Loan guarantee programs

Amounts in data collection form should be same as

SEFA

Reports submitted to FAC will be publically available

except for Indian tribes

108

We recommend including rollforward of loan and loan guarantee programs

in the notes to the SEFA.

8/8/2014

55


Additional Audit Requirements

List of program specific audit guides will be

provided beginning with the 2014 Supplement

including (200.517(a)):

• Agency contact information

• Web site where copy of guide is available

Clarified that if report due date is on a Saturday,

Sunday, or Federal legal holiday, report submission

is due the next business day (200.512(a))

Provides for a government-wide audit quality project

once every 6 years beginning in 2018

(200.513(a)(3)(ii))

Made technical edits to align with current auditing

standards

109


Effective Date for Audit Requirements

(200.110(b))

Subpart F will be effective for non-Federal entity

Fiscal Years (FY) or biennial periods beginning on or

after December 26, 2014

First year examples:

• FY beginning January 1, 2015 and ending December

31, 2015

• Biennial period beginning January 1, 2015 and

ending December 31, 2017

Early implementation of Subpart F is not permitted

110

8/8/2014

56


Reaching COFAR

Please submit questions to [email protected].

All questions will be reviewed and some may be

included in a frequently asked questions document

that will be posted on the COFAR website,

https://cfo.gov/cofar/

111


COFAR – Frequently Asked Questions

The Council on Financial Assistance Reform

(COFAR) released on February 12, 2014 an FAQ

document titled, Frequently Asked Questions for

New Uniform Guidance at 2 CFR 200, covering

certain aspects of the Uniform Grant Guidance. To

date, COFAR has received over two hundred

questions from grant stakeholders. This FAQ

issuance is the first attempt by COFAR to respond to

those questions and it plans to release additional

FAQs in the future. Therefore, continue to send any

questions or comments that you have to

[email protected].

112


https://cfo.gov/cofar/

http://email.aicpa.org/cgi-bin15/DM/t/hoJn0NTPGB0MMw0ENoH0Em

http://email.aicpa.org/cgi-bin15/DM/t/hoJn0NTPGB0MMw0ENoH0Em


8/8/2014

57


Next Steps

Read Uniform Guidance

Attend COFAR webcast (8 hours) – Jan. 27, 2014

Develop implementation plan

Identify changes to policies and procedures

Develop training plan

113


OMB - Uniform Grant Guidance

Client Education:

• Concern that auditees not paying attention; consider using “fear

factor” – that is, non-action could result in material weakness or

significant deficiency findings

• Need to start now!

• Ask clients:

- Have you read the new guidance?

- Do you have a plan to become compliant?

- How are you going to be addressing the new rules for

procurement, allocating indirect costs, time and effort

reporting, subrecipient monitoring, and internal control?

- Is senior management involved?

- Are you aware of available resources?

- How do you plan to train your staff?

114

8/8/2014

58


OMB - Uniform Grant Guidance

Client Education - Internal Control Clarification

§ 200.303 Internal controls.

The non-Federal entity must: (a) Establish and maintain effective

internal control over the Federal award that provides reasonable

assurance that the non-Federal entity is managing the Federal award

in compliance with Federal statutes, regulations, and the terms and

conditions of the Federal award. These internal controls should be

in compliance with guidance in “Standards for Internal Control in the

Federal Government” [Green Book] issued by the Comptroller General

of the United States and the “Internal Control Integrated Framework”,

issued by the Committee of Sponsoring Organizations of the Treadway

Commission (COSO).

OMB has stated that the should is meant to be a “best

practice” and not a presumptively mandatory

requirement 115


Resources and Tools Available

from the GAQC and AICPA

[email protected]

116


8/8/2014

59


Primary Guidance for Yellow

Book and Single Audit

Requirements

• Government Auditing

Standards & Circular A-133

Audits

Other Industries Include:

• State and Local Governments

• Not for Profit Entities

• Health Care Entities

• Gaming

• Sampling

Audit Risk Alerts

Checklists & Illustrative

Statements

AICPA Audit Guides are Valuable Tools

117


GAQC Resources

GAQC Web site (www.aicpa.org/GAQC)

118

http://www.aicpa.org/GAQC

8/8/2014

60


GAQC Mission and History

Overall mission to improve governmental audit quality and to

be a resource to members

Why Center launched?

• Indicators of problems with these audits from federal agencies

(e.g., PCIE study), peer reviews, and ethics referrals

• Proactive launch in light of expected federal study on single audit

quality which began in 2005 (report issued in 2007)

Milestones

• Council approved concept in 2003

• Board approved GAQC membership requirements in 2004

• Center launched September 2004

• Board approved state audit organization membership in 2009

• 10th year anniversary 2014

119


92%

8%

Dollar Coverage

GAQC member firms

Non-GAQC member firms

64%

36%

Number of Single Audits

GAQC member firms

Non-GAQC member firms

GAQC Member Firm Coverage of Single

Audits

120

8/8/2014

61


Member Value and Improving Quality

GAQC

Members Advocacy

Communication

(Alerts and Web events)

Technical guidance

Resources and Practice

Aids

GAQC Web site

121


Questions?

122

Engagements under Government Auditing Standards under Government Auditing Standards Diane ......

Documents

Transcript of Engagements under Government Auditing Standards under Government Auditing Standards Diane ......