Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Nw april 06 2018 aga single audits under the uniform guidance

195 views

Published on

2018 abq aga

Published in: Government & Nonprofit
  • Be the first to comment

  • Be the first to like this

Nw april 06 2018 aga single audits under the uniform guidance

  1. 1. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 1
  2. 2. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 1. Introduction to Single Audit & Single Audit Planning 2. Single Audit Uniform Guidance 3. Determination of Major Programs and the Compliance Supplement 4. Understanding the Entity, Its Environment, and Internal Controls 5. Preliminary Analytical Procedures & Risk Assessment 6. Tests of Compliance and Controls 7. Data Mining, Conducting and Reporting on the Single Audit 2
  3. 3. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 3
  4. 4. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 4
  5. 5. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 5 The Office of Management and Budget- Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards at 2 CFR 200, referred to as the Uniform Guidance, is changing auditor requirements generally for December 31, 2015, year- end and later single audits. • The UG combines all the rules into one place. • It supersedes and combines the cost circulars (A-21, 87, AND 122). • It supersedes and combines the common rule circulars (A-89, 109 AND 110), and it supersedes A-133. It is located at: https://www.federalregister.gov
  6. 6. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 6 For purposes of determining thresholds, administrative requirements, and cost requirements we will use the Uniform Guidance (UG). • AICPA Audit Guide for Government Auditing Standards and Single Audit. • For Federal assistance granted prior to December 26, 2014, the following OMB Circulars must be used for determining allowable costs and administrative requirements:  OMB Circulars A-21, A-87, A-102, A-110, A-122, A-133). • Recipients of Federal Assistance should consider asking for a waiver to the old rules to allow using just the current rules. That way they would only have one system.
  7. 7. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 7 The report on National Single Audit Sampling Project was issued in June 2007 by the President’s Council on Integrity and Efficiency (PCIE). The PCIE conducted QCRs of statistical sample of 208 randomly selected audits and they split into two strata. Stratum I included audits of entities that expended $50 million or more of federal awards (FA). Stratum II included audits of entities that expended at least $500,000 of FA but less than $50 million. Sample results showed: The most prevalent deficiencies found were: Not documenting: • the understanding of internal controls over compliance requirements, • testing internal controls of at least some compliance requirements, and • compliance testing of at least some compliance requirements. SAMPLE % RESULTS 115 55% Acceptable & could be relied on 30 14% Significant deficiencies & only had limited reliability 63 30% Unacceptable & could not be relied on 208
  8. 8. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 8 • Federal assistance as we know it today began in the 1930s under the Hoover administration. In the 1930s through the 1940s, federal assistance was only in the millions of dollars. From the 1950s to the present, federal assistance to NFEs has grown to an annualized level in the hundreds of billions of dollars. • Beginning in the early 1950s, the Government Accountability Office (GAO) and the OMB became concerned about the federal government's control over grant programs and audits. In 1979, the GAO completed a study that produced some significant findings. The study found that a very large number of the state and local governments handling federal funds never had their grant transactions audited. Some 80% to 90% of the $70 billion disbursed each year to state and local governments was not sufficiently audited. • This grant-by-grant auditing often exposed an entity to multiple audits, continually disrupting the entity and hampering program efforts. There was also a duplication of effort by various groups of auditors, resulting in inefficient use of audit resources. • On October 22, 1979, the OMB responded to reports of uncoordinated and ineffective audits and reports by issuing Attachment P to Circular A-102. A-102, Attachment P, "Uniform Requirements for Grants to State and Local Governments," established a Single Audit approach.
  9. 9. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 9
  10. 10. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 • Nonfederal entities that expend $750,000 or more in a year in federal assistance (FA) shall have a Single Audit conducted for that year. • If an auditee expends FA under only one program (excluding research and development –R&D) and the federal program’s laws, regulations, or grant agreements do not require a financial statement audit of the auditee, the auditee may elect to have a program-specific audit in place of the Single Audit previously referenced. 10
  11. 11. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 11 The audit shall be conducted in accordance with GAGAS. The audit shall cover the entire operations of the auditee; or, at the option of the auditee, such audit shall include a series of audits that cover departments, agencies, and other organizational units which expended or otherwise administered Federal awards during such fiscal year, provided that each such audit shall encompass the financial statements and schedule of expenditures of Federal awards for each such department, agency, and organizational unit, which shall be considered to be a non-Federal entity. The financial statements and schedule of expenditures of Federal awards shall be for the same fiscal year. Federal Register/Vol. 78 §200.514(a)
  12. 12. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 12 The audit shall determine whether the financial statements of the auditee are presented fairly in all material respects in conformity with generally accepted accounting principles. The auditor shall also determine whether the schedule of expenditures of Federal awards is presented fairly in all material respects in relation to the auditee’s financial statements taken as a whole. Federal Register/Vol. 78 §200.514(b)
  13. 13. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 13 2. In addition to the requirements of GAGAS, the auditor shall perform procedures to obtain an understanding of internal control over Federal programs sufficient to plan the audit to support a low assessed level of control risk for major programs. 3. Except as provided …..(as follows) ….the auditor shall: a. Plan the testing of internal control over major programs to support a low assessed level of control risk for the assertions relevant to the compliance requirements for each major program; and b. Perform testing of internal controls as planned… 4. When internal control over some or all of the compliance requirements for a major program are likely to be ineffective in preventing or detecting noncompliance, the planning and performing of testing described….are not required for those compliance requirements. However, the auditor shall report a significant deficiency (including whether any such condition is material weakness) ….assess the related control risk at the maximum, and consider whether additional compliance test are required because of ineffective internal control. Federal Register/Vol. 78 §200.514(c)
  14. 14. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 14 1. In addition to the requirements of GAGAS, the auditor shall determine whether the auditee has complied with laws, regulations, and the provisions of contracts or grant agreements that may have a direct and material effect on each of its major programs. 2. The principal compliance requirements applicable to most Federal programs and the compliance requirements of the largest Federal programs are included in the compliance supplement. 3. For the compliance requirements related to Federal programs contained in the compliance supplement, an audit of these compliance requirements will meet the requirements of this part. Where there have been changes to the compliance requirements and changes are not reflected in compliance supplement, the auditor shall determine the current compliance requirements and modified the audit procedures accordingly. For those Federal programs not covered in compliance supplement, the auditor should be use the types of compliance requirements contained in the compliance supplements as guidance for identifying the types of compliance requirements to test, and determine the requirements governing the Federal program by reviewing the provisions of contracts and grant agreements and the laws and regulations referred to in such contracts and grant agreements. 4. The compliance testing shall include tests of transactions and such other auditing procedures necessary to provide the auditor sufficient evidence to support an opinion on compliance. Federal Register/Vol. 78 §200.514(d)
  15. 15. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 15 Recipients expending more than $50 million a year in Federal awards shall have a cognizant agency for audit. The designated cognizant agency for audit shall be the Federal awarding agency that provides the predominant amount of direct funding to a recipient unless OMB makes a specific cognizant agency for audit assignments. Cognizant agencies are responsible to provide technical advice and liaison to auditees and auditors. To provide for continuity of cognizance, the determination of the predominant amount of direct funding shall be based upon direct Federal awards expended in the recipient’s fiscal years ending in 2004, 2009, 2014, and every fifth year thereafter.
  16. 16. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 16 Cognizant agency responsibilities include: 1. Provide technical audit advice and liaison to auditees and auditors. 2. Obtain or conduct quality control reviews of selected audits made by non-Federal auditors, and provide the results, when appropriate, to other interested organizations. 3. Promptly inform other affected Federal agencies and appropriate Federal law enforcement officials of any direct reporting by the auditee by the auditee or its auditor of Irregularities (fraud) or Illegal acts as required by GAGAS or laws and regulations. 4. Advice the auditors and, where appropriate, the auditee of any deficiencies found in the audits when the deficiencies require corrective action by the auditor. When advised of deficiencies, the auditee shall work with the auditor to take corrective action. If corrective action is not taken, the cognizant agency for audit shall notify the auditor, the auditee, and applicable Federal awarding agencies and pass-through entities of the facts and make recommendations for follow up action. Major inadequacies or repetitive substandard performance by auditors shall be referred to appropriate State licensing agencies and professional bodies for disciplinary action. 5. Coordinate to extend practical, audits or reviews made by or for Federal agencies that are in addition to the audits made pursuant to this part, so that the additional audits or reviews build upon audits performed in accordance with this part. 6. Coordinate a management decision for audit findings that affect the Federal programs of more than one agency. 7. Coordinate the audit work and reporting responsibilities among auditors to achieve the most cost-effective audit.
  17. 17. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 The oversight agency for audit: • shall provide technical advice to auditees and auditors as requested, and • may assume all or some of the responsibilities normally performed by a cognizant agency for audit. OMB Federal Register Vol. 78 §200.513 (ix)(b)(l) 17
  18. 18. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 18
  19. 19. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 19 Grants received on or after December 26, 2014, they will be under the Uniform Guidance for administrative and cost rules. The first standard of field work states that ''the auditor must adequately plan the work and must properly supervise any assistants”. Planning is the most critical part of any audit and this is especially true for a Single Audit. In the real world, however, it tends to be one of the least-considered parts of many audits. Getting an accurate SEFA is sometimes challenging.
  20. 20. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 20 • Obtaining an understanding of the entity and its environment, including the entity's internal control (referred to hereafter as an understanding of the entity), is a continuous, dynamic process of gathering, updating, and analyzing information throughout the audit. • determining materiality in accordance with Section 320, Materiality In Planning and Performing an Audit; • considering the appropriateness of the selection and application of accounting policies and the adequacy of financial statement disclosures; • identifying areas for which special audit consideration may be necessary (for example, related party transactions, the appropriateness of management's use of the going concern assumption, considering the business purpose of transactions, or the existence of complex and unusual transactions);
  21. 21. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 21 • identifying areas for which special audit consideration may be necessary (for example, related party transactions, the appropriateness of management's use of the going concern assumption, considering the business purpose of transactions, or the existence of complex and unusual transactions); • developing expectations for use when performing analytical procedures; • responding to the assessed risks of material misstatement, including designing and performing further audit procedures to obtain sufficient appropriate audit evidence; and • evaluating the sufficiency and appropriateness of audit evidence obtained, such as the appropriateness of assumptions and management's oral and written representations.
  22. 22. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 22 The first step in determining the need for a Single Audit is to get a draft of the schedule of expenditures of federal awards (SEFA) from your client. Once this is obtained, complete the following worksheet in order to answer the question as to whether or not a Single Audit is required: The Single Audit and Major Program Determination Worksheet. The basic requirement for a Single Audit is that the client expends an amount equal to or exceeding $750,000. If the client expends less than this amount, a Single Audit is not required. Completion of the form stops at Step 2. Some might question using the form at all in this situation. Using the form shows that the Single Audit requirement was considered and a written draft SEFA was obtained from the client. If, after the fact, it becomes apparent that there was a requirement for a Single Audit, the auditor will have documentation showing that he gave it due consideration and that the information provided was incorrect. How does an auditor determine that the information provided is correct? The answer is tied to the client's system for recording FA and will be covered in the following sections. If the client does not have an adequate system, there would be a significant deficiency in internal controls. The auditor would most likely have to issue a disclaimer of opinion.
  23. 23. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 23 The Uniform Guidance prescribes a risk-based approach. The auditor must audit all Type A programs not identified as low risk, all Type B programs identified as high-risk, and such additional programs as may be necessary to comply with the percentage of coverage rule. If the auditee meets the criteria for a low-risk auditee, the auditor need only audit the major programs and such additional federal programs with FA expended that, in aggregate, encompass at least 20% of the Federal Awards expended. If the auditee does not meet the criteria for a low-risk, the audit of all major programs must encompass at least 40% of the Federal Awards expended.
  24. 24. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 24 In order to be a Low-Risk Auditee, the following conditions must exist for the previous two audit periods: 1. Single or program-specific audits were performed on an annual basis in accordance with the provisions of OMB Circular A-133. An entity that has biennial audits does not qualify as a low-risk entity, unless agreed to in advance by the cognizant or oversight agency for audit. 2. The auditor’s opinions were unmodified. 3. There were no deficiencies in internal controls which were identified as material weaknesses under the requirements of GAGAS. 4. The auditor did not report a substantial doubt about the auditee’s ability to continue as a going concern.
  25. 25. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 25 5. None of the Federal programs had audit findings from any of the following in either of the preceding two audit periods in which they were classified as Type A programs: Internal control deficiencies that were identified as material weaknesses in the auditors report on internal control for major programs, A modified opinion on a major program in the auditors report on major programs, or Known or likely questioned costs that exceeded five percent of the total Federal awards expended for a Type A program during the audit period. 6. OMB may approve a Federal awarding agency's request that a Type A program not be considered low-risk for a certain recipient. If there were no Type A programs in either year, these items are not applicable and do not need to be answered for Type B programs.
  26. 26. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 26 If federal expenditures equal or exceed $750,000, a program-specific audit may be performed unless: A. All programs are R&D from the same Federal agency. B. All programs are listed as a cluster in the Compliance Supplement. C. All programs have a different CFDA number. D. All programs have the same CFDA number.
  27. 27. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 27
  28. 28. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 28 Single audits went through many changes under the Uniform Guidance. These changes are effective in varying stages. However all changes are effective for years ending after December 15, 2015. That is, for fiscal years ending on or after December 31, 2015. Also, there is no early implementation allowed. Completion of "New Uniform Guidance" will enable you to: • identify the changes for Single Audits, • list the new thresholds for Single Audits, and • identify the changes and requirements applicable for clients.
  29. 29. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 29
  30. 30. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 30 The Uniform Guidance combines all the rules into one place. It supersedes and combines the cost circulars (A-21, 87, and 122), it supersedes and combines the common rule circulars (A-89, 102 and 110), and it supersedes A-133. It is located at: https:/ /www.federalregister.gov The purpose of the Uniform Guidance is to: 1. Tailor regulations to impose the least burden, while being consistent with obtaining regulatory objectives; 2. Eliminate unnecessary and reforming requirements that are overly burdensome, including combining various circulars into one document.
  31. 31. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 31
  32. 32. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 32 a. Each state must expend and account for the Federal award In accordance with state laws and procedures for expending and accounting for the state's own funds. In addition, the state's and the other non-Federal entity's financial management systems, Including records documenting compliance with Federal statutes, regulations, and the terms and conditions of the Federal award, must be sufficient to permit the preparation of reports required by general and program-specific terms and conditions; and the tracing of funds to a level of expenditures adequate to establish that such funds have been used according to the Federal statutes, regulations, and the terms and conditions of the Federal award. See also § 200.450 Lobbying. b. The financial management system of each non-Federal entity must provide for the following : (see also §§ 200.333 Retention requirements for records, 200.334 Requests for transfer of records, 200.335 Methods for collection, transmission and storage of Information, 200.336 Access to records, and 200.337 Restrictions on public access to records)
  33. 33. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 33 1. Identification, in its accounts, of all Federal awards received and expended and the Federal programs under which they were received. Federal program and Federal award identification must include, as applicable, the CFDA {Catalog of Federal Financial Assistance) title and number, Federal award Identification number and year, name of the Federal agency, and name of the pass-through entity, if any. 2. Accurate, current, and complete disclosure of the financial results of each Federal award or program in accordance with the reporting requirements set forth in §§ 200.327 Financial reporting and 200.328 Monitoring and reporting program performance. If a Federal awarding agency requires reporting on an accrual basis from a recipient that maintains its records on other than an accrual basis, the recipient must not be required to establish an accrual accounting system. This recipient may develop accrual data for its reports on the basis of an analysis of the documentation on hand. Similarly, a passthrough entity must not require a subrecipient to establish an accrual accounting system and must allow the subrecipient to develop accrual data for its reports on the basis of an analysis of the documentation on hand.
  34. 34. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 34 3. Records that identify adequately the source and application of funds for federally-funded activities. These records must contain information pertaining to Federal awards, authorizations, obligations, unobligated balances, assets, expenditures, income and interest and be supported by source documentation. 4. Effective control over, and Accountability for, all funds, property, and other assets. The non-Federal entity must adequately safeguard all assets and assure that they are used solely for authorized purposes. See§ 200.303 Internal controls. 5. Comparison of expenditures with budget amounts for each Federal award. 6. Written procedures to implement the requirements of§ 200.305 Payment. (No longer best practice, It is a requirement) 7. Written procedures for determining the allowability of costs in accordance with Subpart. E-Cost Principles of this Part and the terms and conditions of the Federal award. (No longer best practice, It is a requirement)
  35. 35. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 35 Develop written procedures for: Cash Management - §200.302(b)(6) Allowability of Costs - §200.302(b)(7) Conflict of Interest - §200.318(c)(1-2) Ensure that existing written procedures are in compliance with: General Procurement Standards - §200.318-.326 Equipment Management Requirements - §200.313
  36. 36. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 36 Written procedures should ensure claiming of allowable costs without stopping or bottlenecking activities Make the procedures reliable but not burdensome. Accountability is important, but just as important is allowing the program area timely access to Federal funds to implement grant activities
  37. 37. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 37 Written procedures should outline manageable steps; Everyone involved must know the written procedures and how to implement them, otherwise the written procedures do not matter (and there could be an internal control deficiency finding and possibly a non-compliance finding); If the procedure is overly complicated or the people involved in authorizing are never available, the subrecipient is setting the stage for staff to ignore procedures in order to move work along.
  38. 38. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 38 The non-Federal entity must: a. Establish and maintain effective internal control over the Federal award that provides reasonable assurance that the non-Federal entity is managing the Federal award in compliance with Federal statutes, regulations, and the terms and conditions of the Federal award. These internal controls should be in compliance with guidance in "Standards for Internal Control in the Federal Government' issued by the Comptroller General of the United States and the Internal Control Integrated Framework", issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). b. Comply with Federal statutes, regulations, and the terms and conditions of the Federal awards.
  39. 39. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 39 c. Evaluate and monitor the non-Federal entity's compliance with statute, regulations and the terms and conditions of Federal awards. d. Take prompt action when instances of noncompliance are identified including noncompliance identified in audit findings. e. Take reasonable measures to safeguard protected personally identifiable information and other information the Federal awarding agency or pass-through entity designates as sensitive or the non-Federal entity considers sensitive consistent with applicable Federal, state and local laws regarding privacy and obligations of confidentiality.
  40. 40. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 40 Objective: To Ensure all costs coded to the Airport grant are allowable per State and Federal rules and regulations Design a Control: Joe in accounting has been trained and is familiar with what are allowable and unallowable costs per 2 CFR Part 200 section Subpart E Cost Principles; and CFR 200.404. Therefore, he will approve all budget items for the Airport grant. Janet in accounting will verify that goods and supplies were received or services were performed before approving an invoice for payment.
  41. 41. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 41 Implement the Control: Joe puts together the federal grant budget for submission ensuring that only allowable costs are included. Janet in accounting will work with the payroll department to identify the individuals that will work on the Airport grant and ensure they are included under the appropriate project code in the budget. All supplies and services are processed through the Agency’s accounts payable department (PO, receipt, invoice, payment). Janet codes the invoices with Airport grant’s project code, Joe approves the claim verifying the costs are in agreement with the approved budget and allowable, Janet submits the claim to Grantor.
  42. 42. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 42 The auditee must: a. Procure or otherwise arrange for the audit required by this Part In accordance with §200.509 Auditor selection, and ensure it is properly performed and submitted when due in accordance with § 200.512 Report submission. b. Prepare appropriate financial statements, Including the schedule of expenditures of Federal awards In accordance with § 200.510 Financial statements. c. Promptly follow up and take corrective action on audit findings, Including preparation of a summary schedule of prior audit findings and a corrective action plan in accordance with §200.511 Audit findings follow-up, paragraph (b) and § 200.511 Audit findings follow-up, paragraph (c), respectively. d. Provide the auditor with access to personnel, accounts, books, records, supporting documentation, and other Information as needed for the auditor to perform the audit required by this Part.
  43. 43. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 43 a. Financial statements. The auditee must prepare financial statements that reflect its financial position, results of operations or changes In net assets, and, where appropriate, cash flows for the fiscal year audited. b. Schedule of expenditures of Federal awards. The auditee must also prepare a schedule of expenditures of Federal awards for the period covered by the auditee's financial statements which must include the total Federal awards expended as determined in accordance with §200.502 Basis for determining Federal awards expended. While not required, the auditee may choose to provide information requested by Federal awarding agencies and pass-through entities to make the schedule easier to use.
  44. 44. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 44 For example, when a Federal program has multiple Federal award years, the auditee may list the amount of Federal awards expended for each Federal award year separately. At a minimum, the schedule must: 1. List individual Federal programs by Federal agency. For a cluster of programs, provide the cluster name, List individual Federal programs within the cluster of programs, and provide the applicable Federal agency name. For R&D, total Federal awards expended must be shown either by individual Federal award or by Federal agency and major subdivision within the Federal agency. For example, the National Institutes of Health is a major subdivision in the Department of Health and Human Services.
  45. 45. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 45 2. For Federal awards received as a subrecipient, the name of the passthrough entity and identifying number assigned by the pass-through entity must be included. 3. Provide total Federal awards expended for each individual Federal program and the CFDA number or other identifying number when the CFDA information is not available. For a cluster of programs also provide the total for the cluster. 4. Include the total amount provided to subrecipients from each Federal program. 5. For loan or loan guarantee programs described in§ 200.502 Basis for determining Federal awards expended, paragraph (b), identify in the notes to the schedule the balances outstanding at the end of the audit period. This is in addition to including the total Federal awards expended for Loan or Loan guarantee programs in the schedule. 6. Include notes that describe that significant accounting policies used in preparing the schedule, and note whether or not the non-Federal entity elected to use the 10% de minim is cost rate as covered in § 200.414 Indirect (F&A) costs.
  46. 46. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 46 How does this affect smaller entities which do not have adequate segregation of duties? It doesn't affect them anymore than the previous rules did. When the federal government grants these entities funds they know that internal controls will not be in total compliance with the COSO framework. These entities just need to continue doing the best they can and implementing whatever controls are possible, especially where it applies to compliance requirements for the federal funds expended.
  47. 47. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 47 Internal control over compliance requirements for Federal awards means a process implemented by a non-Federal entity designed to provide reasonable assurance regarding the achievement of the following objectives for Federal awards: Transactions are properly recorded and accounted for, in order to: • Permit the preparation of reliable financial statements and Federal reports; • Maintain accountability over assets; and • Demonstrate compliance with Federal statutes, regulations, and the terms and conditions of the Federal award.
  48. 48. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 48 Transactions are executed in compliance with: • Federal statutes, regulations, and the terms and conditions of the Federal award that could have a direct and material effect on a Federal program; • Any other Federal statutes and regulations that are identified in the Compliance Supplement; and • Funds, property, and other assets are safeguarded against loss from unauthorized use or disposition.
  49. 49. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 49 Section 200.501 Audit Requirements A non-Federal entity that expends $750,000 (increased from $500,000) or more during the non-Federal entity's fiscal year in Federal awards must have a single or program-specific audit conducted for that year in accordance with the provisions of this part. There are no major changes to these sections. • Section 200.502 Basis for determining Federal awards expended • Section 200.503 Relation to other audit requirements • Section 200.504 Frequency of audits • Section 200.505 Sanctions • Section 200.506 Audit Costs • Section 200.507 Program-specific audits • Section 200.508 Auditee responsibilities • Section 200.509 Auditor selection • Section 200.510 Financial statements
  50. 50. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 50 Section 200.511 Audit Findings Follow-Up The auditee is responsible for follow-up and corrective action on all audit findings. As part of this responsibility, the auditee must prepare a summary schedule of prior audit findings. The auditee must also prepare a corrective action plan for current year audit findings. The summary schedule of prior audit findings and the corrective action plan must Include the reference numbers the auditor assigns to audit findings. Since the summary schedule may Include audit findings from multiple years, It must Include the fiscal year In which the finding Initially occurred.
  51. 51. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 51 The summary schedule of prior audit findings must report the status of all audit findings included In the prior audit's schedule of findings and questioned costs. The summary schedule must also include audit findings reported in the prior audit's summary schedule of prior audit findings except audit findings listed as corrected, or no longer valid or not warranting further action. 1. When audit findings were fully corrected, the summary schedule need only list the audit findings and state that corrective action was taken. 2. When audit findings were not corrected or were only partially corrected, the summary schedule must describe the reasons for the finding's recurrence and planned corrective action, and any partial corrective action taken. When corrective action taken is significantly different from corrective action previously reported In a corrective action plan or In the Federal agency's or pass-through entity's management decision, the summary schedule must provide an explanation. Reference # Findings Status of Findings Type of Finding* PRIOR YEAR 2016-001 Disposition of Property Resolved G 2016-002 Chief Procurement Officer Certification Modified/ Repeated G CURRENT YEAR None * Legend for Type of Findings A. Material Weakness in Internal Control Over Financial Reporting B. Significant Deficiency in Internal Control Over Financial Reporting C. Other Matters Involving Internal Control Over Financial Reporting D. Material Weakness in Internal Control Over Compliance of Federal Awards E. Significant Deficiency in Internal Control Over Compliance of Federal Awards F. Instance of Noncompliance related to Federal Awards G. Non-compliance with State Audit Rule, NM State Statutes, NMAC, or other entity compliance
  52. 52. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 52 3. When the auditee believes the audit findings are no longer valid or do not warrant further action, the reasons for this position must be described in the summary schedule. A valid reason for considering an audit finding as not warranting further action Is that all of the following have occurred: I. Two years have passed since the audit report In which the finding occurred was submitted to the FAC; II. The Federal agency or pass-through entity Is not currently following up with the auditee on the audit finding; and iii. A management decision was not issued.
  53. 53. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 53 At the completion of the audit, the auditee must prepare, in a document separate from the auditors findings, a corrective action plan to address each audit finding included in the current year auditors reports. OSA requires this document to be part of the final audit report. The corrective action plan must provide: 1. The name(s) of the contact person(s) responsible for corrective action, 2. The corrective action planned, and 3. The anticipated completion date. If the auditee does not agree with the audit findings or believes corrective action is not required, then the corrective action plan must include an explanation and specific reasons.
  54. 54. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 54 At the completion of the audit, the auditee must prepare, in a document separate from the auditors findings, a corrective action plan to address each audit finding included in the current year auditors reports. The corrective action plan must provide: • The name(s) of the contact person(s) responsible for corrective action, • The corrective action planned, and • The anticipated completion date. If the auditee does not agree with the audit findings or believes corrective action is not required, then the corrective action plan must include an explanation and specific reasons.
  55. 55. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 55 At the completion of the audit, the auditee must prepare, in a document separate from the auditors findings, a corrective action plan to address each audit finding included in the current year auditors reports. The corrective action plan must provide: • The name(s) of the contact person(s) responsible for corrective action, • The corrective action planned, and • The anticipated completion date. If the auditee does not agree with the audit findings or believes corrective action is not required, then the corrective action plan must include an explanation and specific reasons.
  56. 56. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 56 • This section discusses cognizance (more than $50 million a year) and oversight. • There are no major changes from prior guidance in this section.
  57. 57. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 57 Note Pertaining to internal control: • Financial statements: Issue a report, but not an opinion. • Federal funds: Plan testing of internal control over compliance for major programs to support a Low assessed Level of control risk for the assertions relevant to the compliance requirements for the program, and perform testing of internal control. When internal control over some or all of the compliance requirements for a major program are likely to be ineffective in preventing or detecting noncompliance, the planning and performing of testing are not required for those compliance requirements. However, the auditor must report a significant deficiency or material weakness, assess the related control risk at the maximum, and consider whether additional compliance tests are required because of ineffective internal control.
  58. 58. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 58 • Financial statements: Issue a report, but not an opinion. • Federal funds: Issue an opinion on compliance for all major programs. 1. In addition to the requirements of GAGAS, the auditor must determine whether the auditee has complied with Federal statutes, regulations, and the terms and conditions of Federal awards that may have a direct and material effect on each of its major programs. 2. The principal compliance requirements applicable to most Federal programs and the compliance requirements of the largest Federal programs are included in the compliance supplement.
  59. 59. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 59 3. For the compliance requirements related to Federal programs contained in the compliance supplement, an audit of these compliance requirements will meet the requirements of this Part. Where there have been changes to the compliance requirements and the changes are not reflected in the compliance supplement, the auditor must determine the current compliance requirements and modify the audit procedures accordingly. For those Federal programs not covered in the compliance supplement, the auditor should follow the compliance supplement's guidance for programs not included in the supplement. 4. The compliance testing must include tests of transactions and such other auditing procedures necessary to provide the auditor sufficient appropriate audit evidence to support an opinion on compliance.
  60. 60. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 60 This section changes the threshold from $10,000 to $25,000. Audit findings reported The auditor must report the following as audit findings In a schedule of findings and questioned costs: 1. Significant deficiencies and material weaknesses in internal control over major programs and significant Instances of abuse relating to major programs. The auditor's determination of whether a deficiency In Internal control ls a significant deficiency or material weakness for the purpose of reporting an audit finding is In relation to a type of compliance requirement for a major program identified in the Compliance Supplement. Reference # Finding Status of Prior Year Findings Type of Finding Prior Year Findings 2013-001 SUBGRANTEE REPORTING Resolved E, F 2014-001 INTERNAL CONTROLS OVER CASH RECEIPTS Repeated C, G 2014-002 PREPAYMENTS OF SERVICES Resolved G Current Year Findings 2015-001 LACK OF CASH RECONCILIATION PROCESS Current A, G 2015-002 CERTIFICATION OF CAPITAL ASSETS ANNUAL INVENTORY Current B, G 2015-003 LATE DATA COLLECTION FORM Current E, F 2015-005 EQUIPMENT MANAGEMENT Current E, F 2015-006 SUSPENSION & DEBARMENT Current E, F 2015-007 GRANT AND SUBRECIPIENT MONITORING Current E, F 2015-008 PRE-AWARD COST ELIGIBILITY Current E, F 2015-009 MAINTENANCE OF GRANT FILE Current E, F
  61. 61. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 61 2. Material noncompliance with the provisions of Federal statutes, regulations, or the terms and conditions of Federal awards related to a major program. The auditor's defemination of whether a noncompliance with the provisions of Federal statutes, regulations, or the terms and conditions of Federal awards is material for the purpose of reporting an audit finding is in relation to a type of compliance requirement for a major program identified in the Compliance Supplement. 3. Known questioned costs that are greater than $25,000 for a type of compliance requirement for a major program. Known questioned costs are those specifically identified by the auditor. In evaluating the effect of questioned costs on the opinion on compliance, the auditor considers the best estimate of total costs questioned (Likely questioned costs), not just the questioned costs specifically identified (known questioned costs). The auditor must also report known questioned costs when Likely questioned costs are greater than $25,000 for a type of compliance requirement for a major program. In reporting questioned costs, the auditor must include information to provide proper perspective for judging the prevalence and consequences of the questioned costs.
  62. 62. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 62 4. Known questioned costs that are greater than $25,000 for a Federal program which is not audited as a major program. Except for audit follow-up, the auditor is not required under this Part to perform audit procedures for such a Federal program; therefore, the auditor will normally not find questioned costs for a program that is not audited as a major program. However, if the auditor does become aware of questioned costs for a Federal program that is not audited as a major program (e.g., as part of audit follow-up or other audit procedures) and the known questioned costs are greater than $25,000, then the auditor must report this as an audit finding. 5. The circumstances concerning why the auditor's report on compliance for each major program is other than an unmodified opinion, unless such circumstances are otherwise reported as audit findings in the schedule of findings and questioned costs for Federal awards.
  63. 63. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 63 6. Known or Likely fraud affecting a Federal award, unless such fraud is otherwise reported as an audit finding in the schedule of findings and questioned costs for Federal awards. This paragraph does not require the auditor to report publicly information which could compromise investigative or Legal proceedings or to make an additional reporting when the auditor confirms that the fraud was reported outside the auditor's reports under the direct reporting requirements of GAGAS. 7. Instances where the results of audit follow-up procedures disclosed that the summary schedule of prior audit findings prepared by the auditee materially misrepresents the status of any prior audit finding.
  64. 64. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 64 Audit findings must be presented in sufficient detail and clarity for the auditee to prepare a corrective action plan and take corrective action, and for Federal agencies and pass-through entities to arrive at a management decision. The following specific information must be included, as applicable, in audit findings: 1. Federal program and specific Federal award identification including the CFDA title and number, Federal award identification number and year, name of Federal agency, and name of the applicable pass-through entity. When information, such as the CFDA title and number or Federal award identification number, is not available, the auditor must provide the best information available to describe the Federal award. 2. The criteria or specific requirement upon which the audit finding is based, including the Federal statutes, regulations, or the terms and conditions of the Federal awards. Criteria generally identify the required or desired state or expectation with respect to the program or operation. Criteria provide a context for evaluating evidence and understanding findings.
  65. 65. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 65 3. The condition found, including facts that support the deficiency identified in the audit finding. 4. A statement of cause that identifies the reason or explanation for the condition or the factors responsible for the difference between the situation that exists (condition). and the required or desired state (criteria), which may also serve as a basis for recommendations for corrective action. 5. The possible asserted effect to provide sufficient information to the auditee and Federal agency, or pass-through entity in the case of a subrecipient, to permit them to determine the cause and effect to facilitate prompt and proper corrective action. A statement of the effect or potential effect should provide a clear, logical Link to establish the impact or potential impact of the difference between the condition and the criteria.
  66. 66. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 66 6. Identification of questioned costs and how they were computed. Known questioned costs must be identified by applicable CFDA number(s) and applicable Federal award identification number(s). 7. Information to provide proper perspective for judging the prevalence and consequences of the audit findings, such as whether the audit findings represent an isolated instance or a systemic problem. Where appropriate, instances identified must be related to the universe and the number of cases examined and be quantified in terms of dollar value. The auditor should report whether the sampling was a statistically valid sample. 8. Identification of whether the audit finding was a repeat of a finding in the immediately prior audit and if so any applicable prior year audit finding numbers. 9. Recommendations to prevent future occurrences of the deficiency identified in the audit finding. 10. Views of responsible officials of the auditee.
  67. 67. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 67 6. Identification of questioned costs and how they were computed. Known questioned costs must be identified by applicable CFDA number(s) and applicable Federal award identification number(s). 7. Information to provide proper perspective for judging the prevalence and consequences of the audit findings, such as whether the audit findings represent an isolated instance or a systemic problem. Where appropriate, instances identified must be related to the universe and the number of cases examined and be quantified in terms of dollar value. The auditor should report whether the sampling was a statistically valid sample. 8. Identification of whether the audit finding was a repeat of a finding in the immediately prior audit and if so any applicable prior year audit finding numbers. 9. Recommendations to prevent future occurrences of the deficiency identified in the audit finding. 10. Views of responsible officials of the auditee.
  68. 68. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 68 Each audit finding in the schedule of findings and questioned costs must include a reference number in the format meeting the requirements of the data collection form submission to allow for easy referencing of the audit findings during follow-up.
  69. 69. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 69 . 2017-006–FEDERAL GRANT MANAGEMENT Federal Agency: U.S. Department of Housing and Urban Development Program Name: All programs identified on the Schedule of Expenditures of Federal Awards (SEFA) CFDA Nos. and Program Expenditures: All CFDA #s presented on the SEFA Award Number and Program Award Year: As presented in SEFA. Compliance Requirement: Other – Schedule of Expenditures of Federal Awards preparation Questioned Costs: None Statistical Sampling: The sample was not intended to be, and was not, a statistically valid sample. Type of Finding: D Statement of Condition The auditors were unable to initially reconcile the federal revenues to the federal expenses by an outstanding difference of $189,028. Additionally, the SEFA was not reconciled to the GL prior to the auditors receiving it. As a result, the auditor proposed multiple adjustments in order to adjust the GL to the correct receivable and revenue balances per the SEFA. It has since been corrected and adjustments have been made to federal revenues and receivables. Criteria For HUD capital grants, revenue is recognized under GASB 33 and based on allowable grant expenditures. Also, 2 CFR 200.510 indicates that the auditee must prepare a schedule of expenditures of Federal awards (SEFA) for the period covered by the auditee’s financial statements which must include the total Federal awards expended as determined in accordance with 200.502 Basis for Determining Federal Awards Expended. Per 2 CFR 200.502 the determination of when a Federal award is expended should be based on when the activity related to the Federal award occurs. Generally, the activity pertains to events that require the non-Federal entity to comply with Federal statutes, regulations, and the terms and conditions of Federal awards, such as: expenditure/expense transactions associated with awards. In addition, 2 CFR Part 200.303 requires the program establish and maintain effective internal controls over Federal awards that provides reasonable assurance of compliance with Federal statutes, regulations, and the terms and conditions of Federal awards. Effect Without an established process governed by effective internal controls, the Authority may not prevent or detect material misstatements on its SEFA in a timely manner. In addition, the errors could result in improper selections of major program(s) for the single audit, and a substandard single audit. Cause The Authority does not have an effective process to ensure that the SEFA is accurate. Recommendation We recommend the Authority reconcile the SEFA to GL as a yearend financial close procedure. Also, the Authority needs to review all reimbursements in July and the next fiscal year, to ensure all FY17 expenditures are captured in the SEFA and in GL according to the proper GASB and HUD requirements. View of Responsible Officials Corrective Action Plan Timeline: N/A Designation Of Employee Position Responsible For Meeting Deadline: N/A
  70. 70. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 70 • Retain for three years unless notified, and • Documentation must be available for inspection.
  71. 71. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 71 The auditor must use a risk-based approach to determine which Federal programs are major programs. This risk- based approach must include consideration of: • current and prior audit experience, • oversight by Federal agencies and pass-through entitles, and • the Inherent risk of the Federal program. Step 1: Major program determination The auditor must identify the larger Federal programs, which must be labeled Type A programs. Type A programs are defined as Federal programs with Federal awards expended during the audit period exceeding the levels outlined In the following table: Total Federal awards expended Type A/B threshold Equal to $750,000 but less than or equal to $25 million $750,000 Exceed $25 million but less than or equal to $100 million Total Federal awards expended times .03 Exceed $100 million but Less than or equal to $1 billion $3 million Exceed $1 billion but less than or equal to $10 billion Total Federal awards expended times .003 Exceed $10 billion but less than or equal to $20 billion $30 million Exceed $20 billion Total Federal awards expended times .0015
  72. 72. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 72 Step 2: Major program determination The auditor must identify Type A programs which are low-risk. In making this determination, the auditor must consider whether the requirements in§ 200.519 Criteria for Federal Program Risk, the results of audit follow-up, or any changes in personnel or systems affecting the program indicate significantly increased risk and preclude the program from being low risk. For a Type A program to be considered low-risk, it must have been audited as a major program in at least one of the two most recent audit periods (in the most recent audit period in the case of a biennial audit), and, in the most recent audit period, the program must have not had: • Internal control deficiencies which were identified as material weaknesses in the auditors report on internal control for major programs; • A modified opinion on the program in the auditors report on major programs as required; or • Known or likely questioned costs that exceed five percent of the total Federal awards expended for the program. OMB may approve a Federal awarding agency's request that a Type A program may not be considered low risk for a certain recipient. For example, it may be necessary for a large Type A program to be audited as a major program each year at a particular recipient to allow the Federal awarding agency to comply with http://www.gpo.gov. The Federal awarding agency must notify the recipient and, if known, the auditor of OMBs approval at least 180 calendar days prior to the end of the fiscal year to be audited.
  73. 73. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 73 Step 3: Major program determination The auditor must identify Type B programs which are high-risk using professional judgment and the criteria in§ 200.519 Criteria for Federal Program Risk. However, the auditor is not required to identify more high-risk Type B programs than at least one fourth the number of low-risk Type A programs identified as low-risk under Step Two. Except for known material weakness in internal control or compliance problems as discussed in§ 200.519 Criteria for Federal Program Risk, a single criteria in risk would seldom cause a Type B program to be considered high-risk. When identifying which Type B programs to risk assess, the auditor is encouraged to use an approach which provides an opportunity for different high-risk Type B programs to be audited as major over a period of time. The auditor is not expected to perform risk assessments on relatively small Federal programs. Therefore, the auditor is only required to perform risk assessments on Type B programs that exceed 25% of the Type A threshold determined in Step 1.
  74. 74. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 74 Step 4: Major program determination At a minimum, the auditor must audit all of the following as major programs: 1. ALL Type A programs not identified as Low risk under Step 2. 2. ALL Type B programs identified as high-risk under Step 3. 3. Such additional programs as may be necessary to comply with the percentage of coverage rule. This may require the auditor to audit more programs as major programs than the number of Type A programs. Percentage of coverage rule If the auditee meets the criteria in§ 200.520 Criteria for a Low-Risk Auditee, the auditor need only audit the major programs identified in Step 4 and such additional Federal programs with Federal awards expended that, in aggregate, all major programs encompass at least 20% of total Federal awards expended. Otherwise, the auditor must audit the major programs identified in Step Four and such additional Federal programs with Federal awards expended that, in aggregate, all major programs encompass at Least 40% of total Federal awards expended. Documentation of risk The auditor must include in the audit documentation the risk analysis process used in determining major programs. Auditor’s judgment When the major program determination was performed and documented in accordance with this Subpart, the auditor's judgment in applying the risk-based approach to determine major programs must be presumed correct. Challenges by Federal agencies and pass-through entities must only be for clearly improper use of the requirements in this Part. However, Federal agencies and passthrough entities may provide auditors guidance about the risk of a particular Federal program and the auditor must consider this guidance in determining major programs in audits not yet completed.
  75. 75. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 75 The auditor's determination should be based on an overall evaluation of the risk of noncompliance occurring that could be material to the Federal program. The auditor must consider criteria to identify risk in Federal programs. Also, as part of the risk analysis, the auditor may wish to discuss a particular Federal program with auditee. Current and prior audit experience Weaknesses in internal control over Federal programs would indicate higher risk. Consideration should be given to the control environment over Federal programs and such factors as the expectation of management's adherence to Federal statutes, regulations, and the terms and conditions of Federal awards and the competence and experience of personnel who administer the Federal programs. • A Federal program administered under multiple internal control structures may have higher risk. When assessing risk in a large Single Audit, the auditor must consider whether weaknesses are isolated in a single operating unit (e.g., one college campus) or pervasive throughout the entity. • When significant parts of a Federal program are passed through to subrecipients, a weak system for monitoring subrecipients would indicate higher risk. Prior audit findings would indicate higher risk, particularly when the situations identified in the audit findings could have a significant impact on a Federal program or have not been corrected. Federal programs not recently audited as major programs may be of higher risk than Federal programs recently audited as major programs without audit findings.
  76. 76. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 76 Federal programs primarily Involving staff payroll costs may have high risk for noncompliance with requirements of§ 200.430 Compensation-Personal Services, but otherwise be at low risk. The phase of a Federal program in its life cycle at the Federal agency may indicate risk. For example, a new Federal program with new or Interim regulations may have higher risk than an established program with time-tested regulations. Also, significant changes In Federal programs, statutes, regulations, or the terms and conditions of Federal awards may increase risk. The phase of a Federal program in its life cycle at the auditee may indicate risk. For example, during the first and Last years that an auditee participates in a Federal program, the risk may be higher due to start-up or closeout of program activities and staff.
  77. 77. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 77
  78. 78. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 78 A. GENERAL The auditor must use a risk-based approach to determine which Federal programs are major programs. This risk-based approach must Include consideration of: current and prior audit experience, oversight by Federal agencies and pass-through entitles, and the Inherent risk of the Federal program. B. STEP ONE (1) The auditor must identify the larger Federal programs, which must be Labeled Type A programs. Type A programs are defined as Federal programs with Federal awards expended during the audit period exceeding the levels outlined In the table In this paragraph (b)(1): Total Federal awards expended Type A/B threshold Equal to $750,000 but less than or equal to $25 million $750,000 Exceed $25 million but less than or equal to $100 million Total Federal awards expended times .03 Exceed $100 million but Less than or equal to $1 billion $3 million Exceed $1 billion but less than or equal to $10 billion Total Federal awards expended times .003 Exceed $10 billion but less than or equal to $20 billion $30 million Exceed $20 billion Total Federal awards expended times .0015
  79. 79. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 79 B. STEP ONE- Cont. (2) Federal programs not labeled Type A under paragraph (b)(l) of this section must be labeled Type B programs. (3) The inclusion of large loan and loan guarantees (loans) should not result in the exclusion of other programs as Type A programs. When a Federal program providing Loans exceeds four times the largest non- loan program it is considered a large Loan program, and the auditor must consider this Federal program as a Type A program and exclude its values in determining other Type A programs. This recalculation of the Type A program is performed after removing the total of all large Loan programs. For the purposes of this paragraph a program is only considered to be a Federal program providing loans if the value of Federal awards expended for loans within the program comprises fifty percent or more of the total Federal awards expended for the program. A cluster of programs is treated as one program and the value of Federal awards expended under a loan program is determined as described in § 200.502 Basis for determining Federal awards expended. (4) For biennial audits permitted under§ 200.504 Frequency of audits, the determination of Type A and Type B programs must be based upon the Federal awards expended during the two year period.
  80. 80. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 80 C. STEP TWO (1) The auditor must identify Type A programs which are Low-risk. In making this determination, the auditor must consider whether the requirements in §200.519 Criteria for Federal program risk paragraph (c), the results of audit follow-up, or any changes in personnel or systems affecting the program indicate significantly increased risk and preclude the program from being low risk. For a Type A program to be considered low-risk, it must have been audited as a major program in at least one of the two most recent audit periods (in the most recent audit period in the case of a biennial audit), and, in the most recent audit period, the program must have not had: (i) Internal control deficiencies which were identified as material weaknesses in the auditor’s report on internal control for major programs as required under§200.515 Audit reporting, paragraph (c); (ii) A modified opinion on the program in the auditor's report on major programs as required under§200.515 Audit reporting, paragraph (c); or (iii) Known or Likely questioned costs that exceed 5 % of the total Federal awards expended for the program. (2) Notwithstanding paragraph (c)(l) of this section, OMB may approve a Federal awarding agency's request that a Type A program may not be considered low risk for a certain recipient. For example, it may be necessary for a large Type A program to be audited as a major program each year at a particular recipient to allow the Federal awarding agency to comply with 31 U.S.C. 3515. The Federal awarding agency must notify the recipient and, if known, the auditor of OM B's approval at least 180 calendar days prior to the end of the fiscal year to be audited.
  81. 81. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 81 D. STEP THREE 1) The auditor must Identify Type B programs which are high-risk using professional judgment and the criteria In §200.519 Criteria for Federal program risk. However, the auditor Is not required to identify more high-risk Type B programs than at least ¼ the number of low-risk Type A programs identified as Low-risk under Step 2 (paragraph (c) of this section). Except for known material weakness in internal control or compliance problems as discussed in §200.519 Criteria for Federal program risk paragraphs (b)O), (b)(2), and (c)(l), a single criteria in risk would seldom cause a Type B program to be considered high-risk. Ex. Management of the program is decentralized from the rest of the programs, it is a new program or it is closing out. The amount is high $500,000 When identifying which Type B programs to risk assess, the auditor is encouraged to use an approach which provides an opportunity for different high-risk Type B programs to be audited as major over a period of time. (2) The auditor Is not expected to perform risk assessments on relatively small Federal programs. Therefore, the auditor Is only required to perform risk assessments on Type B programs that exceed 25% of the Type A threshold determined in Step 1.
  82. 82. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 82 E. STEP FOUR At a minimum, the auditor must audit all of the following as major programs: 1. All Type A programs not identified as Low risk under step two (paragraph (c)(l) of this section). 2. All Type B programs identified as high-risk under step three (paragraph (d) of this section). 3. Such additional programs as may be necessary to comply with the percentage of coverage rule discussed in paragraph (f) of this section. This may require the auditor to audit more programs as major programs than the number of Type A programs. (f) Percentage of coverage rule. If the auditee meets the criteria In §200.520 Criteria for a low-risk auditee, the auditor need only audit the major programs identified in Step 4 (paragraph (e)(l) and (2) Of this section) and such additional Federal programs with Federal awards expended that, in aggregate, all major programs encompass at least 20% of total Federal awards expended. Otherwise. the auditor must audit the major programs Identified In Step 4 (paragraphs (e)(l) and (2) of this section) and such additional Federal programs with Federal awards expended that, in aggregate, all major programs encompass at least 40% of total Federal awards expended. (g) Documentation of risk. The auditor must include in the audit documentation the risk analysis process used In determining major programs. (h) Auditor's Judgment. When the major program determination was performed and documented in accordance with this Subpart, the auditor's judgment in applying the risk-based approach to determine major programs must be presumed correct. Challenges by Federal agencies and passthrough entitles must only be for clearly improper use of the requirements In this Part. However, Federal agencies and pass-through entitles may provide auditors guidance about the risk of a particular Federal program and the auditor must consider this guidance In detangling major programs in audits not vet completed.
  83. 83. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 83 STEPS FOR ASSESSING RISK The auditor must perform a risk assessment for each Type A program. The following are the risk questions that must be answered: STEP 1: Has the program been audited as a major program in at least 1 of the 2 most recent audit periods (in the most recent audit period in the case of a biennial audit)? If yes, Indicate the audit periods and go to Step 2. If no, this Is a high-risk program. Go to Step 6 and Indicate "No.'' STEP 2: Did the program being assessed have any of the following In the most recent audit period: [2 CFR § 200.SlB(c){l}] a. Material weaknesses in internal control in the auditor's report on internal control for major programs? b. A modified opinion on the program in the auditor's report on major programs? c. Known or likely questioned costs that exceed 5% of the total federal awards expended for the program? If any of the answers to these questions is yes the program is not low risk. Describe the findings and go to step 4.
  84. 84. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 84 STEP 4: Based on Steps 1 and 2 or consideration of the risk: factors in Step 3 is the program Low risk? STEP 3: To document the risk assessment, consider the risk factors Listed below. Factors that indicate a high risk may negate factors indicating a low risk. (2 CFR § 200.SlB(c)(l)) a. Oversight by Federal Agencies and Pass-through Entities. Oversight exercised by federal agencies or pass- through entities may indicate risk. For example, recent monitoring or other reviews that disclosed no significant problems would Indicate Lower risk. Significant problems would Indicate higher risk. [2 CFR § 200.519©(1)) b. Audit Follow-up. The results of audit follow-up on prior audit finding(s). [2 CFR § 200.518(c)(1)] c. Personnel and Systems. Changes in personnel and/or systems affecting the program may increase risk. [2 CFR § 200.518(c)(l)] d. Identified as Higher-risk. Has the program been identified as having a higher-risk by a federal agency (In the Compliance Supplement). [2 CFR § 200.519{c)(2)]
  85. 85. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 85 The auditor must perform a risk assessment for selected Type B programs. Based on consideration of these risk factors, the auditor assesses the risk level of the program. The questions relate to the following categories {the author recommends using PPC Form CX-1.7): 1. Weaknesses in internal control over compliance for federal programs would indicate higher risk. [2 CFR §200.519{b){1)] 2. Programs administered by multiple internal control structures, for example, when multiple locations or branches are involved, may have a higher risk: [2 CFR § 200.519(b}(l){i)] 3. When significant parts of a federal program are passed through to subrecipients, a weak system for monitoring subrecipients would indicate higher risk. [2 CFR § 200.519(b)(1)(ii)] 4. Prior audit findings relative to the program may Indicate a higher risk, particularly when the situations identified in the audit findings could have a significant impact on the program or have not been corrected. [2 CFR § 200.519(b)(2)] 5. Programs not audited as a major program recently may indicate a higher risk: than federal programs recently audited as major programs without audit findings. (2 CFR § 200.519(b}(3)] 6. Oversight exercised by federal agencies or pass-through entitles could be used to assess risk. For example, recent monitoring or other reviews that disclosed no significant problems would Indicate lower risk. Significant problems would Indicate higher risk. [2 CFR § 200.519(c)(1)]
  86. 86. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 86 7. Has the program has been identified as having a higher risk by a federal agency 8. The more complex the program {eligibility, calculations, etc.), the higher the risk. [2 CFR § 200.519(d)(1)] 9. The greater the amount of program contracting for goods and services, the higher the risk. [2 CFR § 200.519(d)(1)] 10. The newer the program, the higher the risk. Also, significant changes In federal programs, statutes, regulations, or the terms and conditions of federal awards may increase risk. [2 CFR § 200.519(d)(2)] 11. The risk may be higher in the first and last year of a program due to the peculiarities related to start-up or close-out of program activities and staff. [2 CFR § 200.519(d)(3)] 12. The greater the amount of the award expended, the higher the risk. [2 CFR §200.519{d)(4)] Based on consideration of the above risk factors, is the program considered high risk?
  87. 87. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 87 Determination of Low-Risk Auditee-1 To be eligible for a reduced threshold for testing major programs, an entity must qualify as a low-risk auditee. 1. In order for an entity to be considered low-risk It must meet ALL of the below criteria: a. Single Audits were performed on an annual basis in accordance with the provisions of 2 CFR part 200, subpart F, including submitting the data collection form and the reporting package to the FAC by the due date. (An entity that has biennial audits does not qualify as a Low-risk auditee.) [2 CFR § 200.520(a)] b. The auditor's opinion on whether the financial statements were prepared in accordance with GMP, or a basis of accounting required by state law, and the auditor’s in-relation-to opinion on the schedule of expenditures of federal awards were unmodified. [2 CFR § 200.520(b)] c. The auditor's Yellow Book report on internal control did not identify any deficiencies in internal control over financial reporting as material weaknesses. [2 CFR § 200.520(c)] d. The auditor did not report a substantial doubt about the entity's ability to continue as a going concern. [2 CFR § 200.520(d)]
  88. 88. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 88 Determination of Low-Risk Auditee-2 e. None of the federal programs had audit findings from any of the following in either of the preceding two audit periods in which they were classified as Type A programs: [2 CFR § 200.520(e)] (If there were no Type A programs in either year, these questions are N/A and do not need to be answered for Type B programs.) 1. Internal control deficiencies that were identified as material weaknesses in the auditor's report on internal control for major programs. 2. A modified opinion on a major program. 3. Known or likely questioned costs that exceeded 5% of the total federal awards expended for a Type A program during the audit period. 2. If any of the above criteria are not met the auditee IS NOT a low-risk auditee.
  89. 89. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 89 Test of Controls and Compliance Tests For all the programs designated as major under the previous rules, the auditor must test controls and compliance. The auditor should plan the audit of major programs to obtain a low control risk. If the auditor can obtain a low control risk, then controls must be tested. If the auditor cannot obtain a low control risk, then the controls should not be tested, and the auditor should report a control deficiency. Major Programs Once the major programs have been determined, the auditor should take certain steps for each major program: • Obtain and read a Copy of all applicable agreements and contracts. • Obtain and read performance measures and reports. • Read the information in Part 4 of the compliance requirement for the program. • Obtain and read the CFDA for the program. • Obtain and review all drawdown requests. • Contact the office of a Regional Inspector General (RIG), with the client's permission, to determine whether or not the Compliance Supplement Is up-to-date and If there Is anything else that should be known prior to starting the audit.
  90. 90. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 90 Once the major programs have been determined, each must be audited and an opinion must be given on each. Therefore, materiality must be determined for each major program. It generally is acceptable to most people, including the IGs, to use 5% of the major programs' expenditures as materiality. Materiality must be documented for each major program. Example Three major programs have been identified: • Program 1 with total expenditures of $1.5 million • Program 2 with total expenditures of $1 million • Program 3 with total expenditures of $500,000 Then materiality would be as follows: • Program 1: $75,000 • Program 2: $50,000 • Program 3: $25,000 This will be used in computing sample sizes for compliance testing.
  91. 91. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 91 The Single Audit Compliance Supplement and its applicability to planning and performing a Single Audit. On June 30, 1997, OMB issued revisions to OMB Circular A-133 (62 FR 35278) to implement the 1996 Amendments, extend the circular's coverage to States, local governments, and Indian tribal governments, and rescind OMB Circular A- 128. The 1996 Amendments required the Director, OMB, to periodically review the audit threshold. On June 27, 2003, OMB amended OMB Circular A-133 (68 FR 38401) to increase the audit threshold to an aggregate expenditure of $500,000 in Federal funds and to make changes in the thresholds for cognizant and oversight agencies. Those changes took effect for fiscal years ending after December 31, 2003. OMB further amended the circular on June 26, 2007 (72 FR 35080) to (1) update internal control terminology and related definitions and (2) simplify the auditee reporting package submission requirement. On December 26, 2013, OMB Circular A-133 was superseded by the issuance of 2 CFR part 200, subpart F. Among other things, those changes increased the audit threshold to $750,000 for auditee fiscal years beginning on or after December 26, 2014 and made changes to the major program determination process. The Compliance Supplement (Supplement) is based on the requirements of the 1996 Amendments and 2 CFR part 200, subpart F, which provide for the issuance of a compliance supplement to assist auditors in performing the required audits. This document serves to identify existing important compliance requirements that the Federal Government expects to be considered as part of an audit required by the 1996 Amendments. Without the Supplement, auditors would need to research many Laws and regulations for each program under audit to determine which compliance requirements are important to the Federal Government and could have a direct and material effect on a program. Providing the Supplement is a more efficient and cost-effective approach to performing this research.
  92. 92. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 92 For the programs contained herein, the Supplement provides a source of information for auditors to understand the Federal program's objectives, procedures, and compliance requirements relevant to the audit as well as audit objectives and suggested audit procedures for determining compliance with these requirements. 2 CFR part 200, subpart F, provides that Federal agencies are responsible for annually informing OMB of any updates needed to the Supplement. This responsibility includes ensuring that program objectives, procedures, and compliance requirements (including statutory and regulatory citations), noncompliance with which could have a direct and material effect on these individual Federal programs, are provided to OMB for inclusion in the Supplement, and that agencies keep that information current. Parts 4 and 5 of the Supplement provide a stand-alone section for each program/cluster included in the Supplement, which contains program objectives, program procedures, and compliance requirements. For some programs, a separate section (IV, "Other Information") also is included to communicate additional information concerning the program. For example, when a program allows funds to be transferred to another program, the "Other Information" section provides guidance on how those funds are to be treated on the Schedule of Expenditures of Federal Awards and in Type A program determinations. The Supplement also provides guidance to assist auditors in determining compliance requirements relevant to the audit, audit objectives, and suggested audit procedures for programs not included herein. For Single Audits, the Supplement replaces agency audit guides and other audit requirement documents for individual Federal programs. Throughout the Supplement, the word "must," when used in conjunction with auditor responsibilities, means that the auditor is required to do what the statement indicates. Use of the term "should," when addressing auditor responsibilities, indicates a recommended action or approach.
  93. 93. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 93 This Supplement is effective for audits of fiscal years beginning after June 30, 2015, and supersedes the Compliance Supplement dated June 2015. 2 CFR part 200, subpart F, describes the non-Federal entity's responsibilities for managing Federal assistance programs (2 CFR §200.508) and the auditor’s responsibility with respect to the scope of audit (2 CFR § 200.514). Auditors are required to follow the provisions of 2 CFR part 200, subpart F, and the Supplement.
  94. 94. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 94 General Auditors must consider the Supplement and the referenced laws, regulations, and OMB Circulars/Uniform Guidance (whether codified by Federal agencies in agency regulations or adopted or implemented by other means) in determining the compliance requirements that could have a direct and material effect on the programs Included herein. That Is, use of the Supplement is mandatory. Accordingly, adherence to the Supplement satisfies the requirements of 2 CFR part 200, subpart F. For program-specific audits performed in accordance with a Federal agency’s program-specific audit guide, the auditor must follow such program-specific audit guide. Finally, for major programs not included In the Supplement, the auditor must follow the guidance In Part 7 and use the types of compliance requirements in Part 3 to identify the applicable compliance requirements that could have a direct and material effect on the program. Update of Requirements 2 CFR section 200.513(c)(4) provides that Federal agencies are responsible for annually informing OMB of any needed updates to the Supplement. However, auditors must recognize that laws and regulations change periodically and that delays will occur between such changes and revisions to the Supplement. Moreover, auditors must recognize that there may be provisions of grant agreements and contracts that are not specified in law or regulation and, therefore, the specifics of such are not included in the Supplement. For example, the grant agreement may specify a certain matching percentage or set a priority for how funds can be spent (e.g., a requirement to not fund certain size projects}. Another example is a Federal agency imposing additional requirements on a recipient (see 2 CFR section 200.207 regarding use of specific award conditions). Accordingly, the auditor should perform reasonable procedures to ensure that compliance requirements are current and determine whether there a re any additional provisions of Federal awards that should be covered by an audit under the 1996 Amendments. Reasonable procedures would be inquiry of non-Federal entity management and review of the Federal awards for programs selected for testing (I.e., major programs).
  95. 95. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 95 Safe Harbor Status Because the suggested audit procedures were written to be able to apply to many different programs administered by many different entities, they are necessarily general in nature. Auditor judgment is necessary to determine whether the suggested audit procedures are sufficient to achieve the stated audit objectives or whether alternative audit procedures are needed. Therefore, the auditor cannot consider the Supplement to be a "safe harbor" for identifying the audit procedures to apply in a particular engagement. However, the auditor can consider the Supplement a "safe harbor" for identification of compliance requirements to be tested for the programs included herein if, as discussed above, the auditor (1) performs reasonable procedures to ensure that the requirements in the Supplement are current and to determine whether there are any additional provisions of Federal awards that should be covered by an audit under the 1996 Amendments, and (2) updates or augments the requirements contained in the Supplement, as appropriate. Responsibility for Other Requirements Although the focus of the Supplement is on compliance requirements that could have a direct and material effect on a major program, auditors also have responsibility under Generally Accepted Government Auditing Standards (GAGAS) for other requirements when specific information comes to the auditors' attention that provides evidence concerning the existence of possible noncompliance that could have a material indirect effect on a major program.
  96. 96. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 96 Although the focus of this Supplement is on compliance requirements that could have a direct and material effect on a major program, auditors also have responsibility under Generally Accepted Government Auditing Standards (GAGAS) for other requirements when specific information comes to the auditors' attention that provides evidence concerning the existence of possible noncompliance that could have a material indirect effect on a major program. As is apparent from this introductory material, this is a useful document in planning and performing a Single Audit. However, it is imperative that an auditor understand the idea of safe harbor as previously mentioned. It is only a safe harbor for determining which of the 14 general compliance requirements apply to the audited program. These requirements are detailed in the matrix in Part 2 of the Supplement. As far as audit procedures and changes in program requirements are concerned, there is no safe harbor. For each major program selected, the auditor should ensure that the requirements are current and up-to-date. The auditor should not get a false sense of security and follow the Supplement without thinking. The auditor should contact the OIG or RIG for each major program selected and ask if there is anything else that needs to be done. This contact and the response should be documented in the audit working papers.
  97. 97. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 97 Part 2 Part 2 is a matrix of compliance requirements. It lists the most common and the largest federal programs in existence alphabetically by federal department, and then numerically by CFDA number. The 12 common requirements are Listed to the right of each CFDA number. Within the matrix there is either a "Y" or the box is grayed out. A "Y" Indicates the requirement applies to this program, while a gray box indicates that it does not apply. N.B. the two requirements removed from Part 2 are not necessarily gone, if they apply they will be covered in Part 4 under Agency Program Requirements.
  98. 98. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 98 Part 3 Part 3 Lists and describes the 12 types of compliance requirements and, except for special tests and provisions, the related audit objectives that the auditor shall consider in every Single Audit, with the exception of program- specific audits performed in accordance with a federal agency’s program-specific audit guide. Suggested audit procedures are also provided to assist the auditor in planning and performing tests of nonfederal entity compliance with the requirements of federal programs. Auditor judgment will be necessary to determine whether the suggested audit procedures are sufficient to achieve the stated audit objectives, and whether additional or alternative audit procedures are needed. Determining the nature, timing, and extent of the audit procedures necessary to meet the audit objectives is the auditor's responsibility. In general, while the auditor should perform the "Suggested Audit Procedures," in doing so, he will find that often some steps do not apply. Some of them only apply to states, others to counties, and so on. However, the auditor only must perform the ones that apply plus any others that he thinks are necessary to meet the objective. The auditor must determine the specific procedures to test internal control on a case-by-case basis, considering factors such as the nonfederal entity's internal control, the compliance requirements, the audit objectives for compliance, the auditor's assessment of control risk, and the audit requirement to test internal control as prescribed in the Uniform Guidance.
  99. 99. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 99 Part 4 Part 3 Lists and describes the 12 types of compliance requirements and, except for special tests and provisions, the related audit objectives that the auditor shall consider in every Single Audit, with the exception of program- specific audits performed in accordance with a federal agency’s program-specific audit guide. Suggested audit procedures are also provided to assist the auditor in planning and performing tests of nonfederal entity compliance with the requirements of federal programs. Auditor judgment will be necessary to determine whether the suggested audit procedures are sufficient to achieve the stated audit objectives, and whether additional or alternative audit procedures are needed. Determining the nature, timing, and extent of the audit procedures necessary to meet the audit objectives is the auditor's responsibility. In general, while the auditor should perform the "Suggested Audit Procedures," in doing so, he will find that often some steps do not apply. Some of them only apply to states, others to counties, and so on. However, the auditor only must perform the ones that apply plus any others that he thinks are necessary to meet the objective. The auditor must determine the specific procedures to test internal control on a case-by-case basis, considering factors such as the nonfederal entity's internal control, the compliance requirements, the audit objectives for compliance, the auditor's assessment of control risk, and the audit requirement to test internal control as prescribed in the Uniform Guidance.
  100. 100. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 100 Part 5 Part 5 identifies clusters. A cluster of programs is a grouping of closely related programs that have similar compliance requirements. The following are the types of clusters: • Research and development (R&D) • Student financial aid (SFA) • Other clusters Other clusters are identified in the Supplement or designated in a state award document. Although the programs within a cluster are administered as separate programs, a cluster of programs is treated as a single program for the purpose of meeting the audit requirements of the Uniform Guidance, Section 105. Part 5 provides compliance requirements, audit objectives, and suggested audit procedures for R&D and SFA clusters as well as listing other clusters.
  101. 101. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 101 Part 6 As a condition of receiving FA, NFEs agree to comply with applicable laws, regulations, and the provisions of contract and grant agreements. They also agree to maintain internal control to provide reasonable assurance of compliance with these requirements. The Uniform Guidance requires auditors to obtain an understanding of the NFE's internal control over federal programs sufficient to: • plan the audit to support a low-assessed Level of control risk for major programs; • plan the testing of internal control over major programs to support a low-assessed level of control risk for the assertions relevant to the compliance requirements for each major program; and • unless internal control is likely to be ineffective, perform testing of internal control as planned. Part 6 is intended to assist NFEs and their auditors in complying with these requirements by presenting characteristics of internal control which may be used to reasonably ensure compliance with the compliance requirements in Part 3. The characteristics of internal control presented in Part 6 era neither mandatory nor all-inclusive. On the other hand, if the client is very small and has limited segregation of duties, it will likely not be possible to achieve a Low control risk. in this case the auditor should document that fact and report a deficiency or deficiencies.
  102. 102. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 102 Part 7 Part 7 provides guidance to auditors in identifying the compliance requirements and designing tests of compliance for programs not included in the Supplement. If the auditor determines that a certain program is a major program and references Part 2 and does not find it listed, then Part 7 will give advice on how to audit this program. Appendices and Annual Compliance Supplement There are currently nine appendices to the Compliance Supplement. The one all auditors should read is Appendix 5, which Lists changes for the Compliance Supplement for the current year. The Compliance Supplement is updated on an annual basis, usually in May or June of each year. The auditor should be certain to use the correct Supplement when performing an audit.
  103. 103. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 103
  104. 104. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 104 The audit procedures to obtain the understanding are referred to as risk assessment procedures because some of the information obtained by performing such procedures may be used by the auditor as audit evidence to support assessments of the risks of material misstatement. In performing a Single Audit, the auditor will also perform a financial statement audit. Understanding the entity for purposes of a financial statement and a Single Audit, if performed separately, would contain duplication. Therefore, it would be logical to gain the understanding of the entire entity for both purposes at the same time. In doing this work and throughout the audit, the auditor should constantly ask four questions: • What could go wrong? • Could it be material? • How likely is it? • Did it go wrong? It is important that auditors not only document their understanding but also validate their understanding.
  105. 105. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 105 Quote The engagement partner and other key engagement team members should discuss the susceptibility of the entity1s financial statements to material misstatement and the application of the applicable financial reporting framework to the entity's facts and circumstances. The engagement partner should determine which matters are to be communicated to engagement team members not involved in the discussion. Note The phrase "including the auditor with final responsibility for the audit" in the first sentence points out the need for the partner in charge (PIC) of the audit to participate in the engagement team discussion. This is where many important decisions are going to be made. The PIC is responsible for those decisions. For the Single Audit, this may be a separate discussion, or it may take place when the financial statement audit engagement team discussion takes place. In either event, the PIC and other key members of the audit team should be present. All members of the audit team should be present, unless they are spread out at different locations. A series of discussions or conference calls may be required.
  106. 106. AGA 2018 Single Audit Under the Uniform Guidance– April 06, 2018 106 The five interrelated components of Internal control are: 1. Control environment sets the tone of an organization, influencing the control consciousness of Its people. It Is the foundation for all other components of Internal control providing discipline and structure. 2. Entity's risk assessment is the entity's identification and analysis of relevant risks to achievement of its objectives, forming a basis for determining how the risks should be managed. 3. Information and communication systems support the identification, capture, and exchange of information in a form and timeframe that enable people to carry out their responsibilities. 4. Control activities are the policies and procedures that help ensure that management directives are carried out. 5. Monitoring is a process that assesses the quality of internal control performance over time.

×