Single Audit
Opportunities Exist to Improve the Single Audit Process and Oversight Gao ID: GAO-09-307R March 13, 2009Federal government grant awards to state and local governments and nonprofit organizations have risen substantially from $7 billion in 1960 to $500 billion budgeted in fiscal year 2009. In constant dollars, federal grant awards rose from about $42 billion in 1960 to $500 billion in fiscal year 2009. The auditing of federal awards, including grant funds, administered by state and local governments and nonprofit organizations is intended to be a key accountability mechanism over the proper use of federal funding. The President's Council on Integrity and Efficiency (PCIE) issued its Report on National Single Audit Sampling Project in June 2007, which raised significant concerns about the quality of single audits and made recommendations aimed at improving the quality of those audits. The Single Audit Act, as amended, is intended to promote sound financial management, including effective internal controls over federal grant funds administered by state and local governments and nonprofit organizations. Congress asked GAO to conduct additional audit work and analysis to identify any further actions needed to improve federal oversight and accountability for federal grant funds. Specifically, Congress asked that we (1) determine whether the federal oversight structure is adequate to monitor the efficiency and effectiveness of the single audit process, (2) identify potential changes that can be made to the single audit process and relevant guidance to improve accountability for federal grant awards, and (3) determine the current status of actions being taken to address the recommendations made in the PCIE report.
Without a mechanism in place to monitor on an ongoing basis how the single audit process is implemented governmentwide, OMB and federal stakeholders are unable to measure the efficiency and effectiveness of this process, as well as its usefulness as an accountability tool over federal grant awards. The variations we found on how federal agencies we reviewed perform key functions of the single audit process demonstrate the need to assess whether federal agencies carry out their single audit responsibilities in an efficient and effective manner. We also believe opportunities exist to address concerns about the complexity and relative costs and benefits of audit requirements for single audits, while concurrently seeking the proper balance between risk and cost-effective accountability by (1) exploring a simplified approach for performing single audits of small entities, and (2) identifying best practices and providing guidance for achieving higher quality single audits of large entities. Office of Management and Budget (OMB), American Institute of Certified Public Accountants (AICPA), and National Association of State Boards of Accountancy (NASBA) have initiated actions to address the PCIE report recommendations. However, most of these actions are not yet completed and their impact on (1) addressing longstanding single audit quality issues, and (2) identifying needed changes to the single audit process, is yet to be determined. Overall, we believe that a centralized federal effort would be beneficial in evaluating risk, cost-benefit, and efficiency and effectiveness of the single audit process, and in making adjustments to the process as necessary.
RecommendationsOur recommendations from this work are listed below with a Contact for more information. Status will change from "In process" to "Open," "Closed - implemented," or "Closed - not implemented" based on our follow up work.
Director: Team: Phone:GAO-09-307R, Single Audit: Opportunities Exist to Improve the Single Audit Process and Oversight
This is the accessible text file for GAO report number GAO-09-307R
entitled 'Single Audit: Opportunities Exist to Improve the Single Audit
Process and Oversight' which was released on April 10, 2009.
This text file was formatted by the U.S. Government Accountability
Office (GAO) to be accessible to users with visual impairments, as part
of a longer term project to improve GAO products' accessibility. Every
attempt has been made to maintain the structural and data integrity of
the original printed product. Accessibility features, such as text
descriptions of tables, consecutively numbered footnotes placed at the
end of the file, and the text of agency comment letters, are provided
but may not exactly duplicate the presentation or format of the printed
version. The portable document format (PDF) file is an exact electronic
replica of the printed version. We welcome your feedback. Please E-mail
your comments regarding the contents or accessibility features of this
document to Webmaster@gao.gov.
This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed
in its entirety without further permission from GAO. Because this work
may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this
material separately.
GAO-09-307R:
United States Government Accountability Office:
Washington, DC 20548:
March 13, 2009:
The Honorable Thomas R. Carper:
Chairman:
The Honorable John McCain:
Acting Ranking Member:
Subcommittee on Federal Financial Management, Government Information,
Federal Services, and International Security:
Committee on Homeland Security and Governmental Affairs:
United States Senate:
The Honorable Tom Coburn, M.D.
United States Senate:
Subject: Single Audit: Opportunities Exist to Improve the Single Audit
Process and Oversight:
Federal government grant awards to state and local governments and
nonprofit organizations have risen substantially from $7 billion in
1960 to $500 billion budgeted in fiscal year 2009. In constant dollars,
[Footnote 1] federal grant awards rose from about $42 billion in 1960
to $500 billion in fiscal year 2009. The auditing of federal awards,
including grant funds, administered by state and local governments and
nonprofit organizations is intended to be a key accountability
mechanism over the proper use of federal funding.[Footnote 2] The
President's Council on Integrity and Efficiency (PCIE)[Footnote 3]
issued its Report on National Single Audit Sampling Project[Footnote 4]
in June 2007, which raised significant concerns about the quality of
single audits and made recommendations aimed at improving the quality
of those audits. The Single Audit Act, as amended, is intended to
promote sound financial management, including effective internal
controls over federal grant funds administered by state and local
governments and nonprofit organizations. Due to concerns surrounding
the effectiveness of the single audit process, your subcommittee held a
hearing on October 25, 2007, at which we provided (1) a preliminary
analysis of the recommendations made in the PCIE report for improving
audit quality, and (2) additional considerations for improving the
quality of single audits.[Footnote 5]
You asked us to conduct additional audit work and analysis to identify
any further actions needed to improve federal oversight and
accountability for federal grant funds. Specifically, you asked that we
(1) determine whether the federal oversight structure is adequate to
monitor the efficiency and effectiveness of the single audit process,
(2) identify potential changes that can be made to the single audit
process and relevant guidance to improve accountability for federal
grant awards, and (3) determine the current status of actions being
taken to address the recommendations made in the PCIE report. On
December 11, 2008, we briefed your staff on the results of our work.
This letter summarizes the information provided during the briefing and
the attached briefing slides have been updated with additional
information as of January 23, 2009. Our scope and methodology are also
discussed in the attached briefing slides.
We conducted this performance audit from February 2008 through January
2009, in accordance with generally accepted government auditing
standards. Those standards require that we plan and perform the audit
to obtain sufficient, appropriate evidence to provide a reasonable
basis for our findings and conclusions based on our audit objectives.
We believe that the evidence obtained provides a reasonable basis for
our findings and conclusions based on our audit objectives.
Summary of Results:
Federal Oversight Process:
The federal oversight structure for the single audit process does not
include a designated function or entity to monitor whether or how well
federal awarding agencies are implementing single audit requirements.
As a result, the Office of Management and Budget (OMB)[Footnote 6] and
other single audit stakeholders are unable to identify pervasive and
systemic single audit issues, determine the impact of the issues across
federal programs to identify needed changes to the single audit
process, and communicate results, best practices, and lessons learned.
We also identified variations in the federal oversight process in
performing key functions of the single audit process such as quality
control reviews (QCR)[Footnote 7] and use of the Federal Audit
Clearinghouse (FAC)[Footnote 8] to obtain single audit reports. These
variations help to demonstrate the need to assess the efficiency and
effectiveness of how federal agencies carry out their single audit
responsibilities. GAO's internal control standards require ongoing
monitoring of programs to ensure that objectives and goals are being
addressed efficiently and effectively.[Footnote 9]
Potential Single Audit Improvements:
Single audit stakeholders have raised concerns about the complexity and
relative costs and benefits of the audit requirements for single
audits, especially at the smaller entities. Specifically, auditors of
single audits are subject to similar audit requirements and the same
guidance in OMB Circular No. A-133 and the Compliance Supplement when
auditing an entity that expended $500,000 of federal awards as they are
when reviewing one that expended $50 million or more.
We found that opportunities exist to evaluate the audit procedures
being applied and determine whether the proper balance exists between
risk and cost-effective accountability from the largest to the smallest
of audited entities. Single audits of small entities could be
simplified while still meeting the accountability objectives of the
Single Audit Act. For audits of large entities, opportunities could be
explored to identify best practices and provide guidance for achieving
higher quality single audits. Our analysis shows significant
disparities in the number of audits of small entities versus the number
of audits of large entities and their respective coverage of federal
award expenditures. The current one-size-fits-all approach to single
audits, combined with the fact that less than 3 percent of audits cover
about 85 percent of federal award expenditures subject to a single
audit, presents a convincing case for re-examining the overall approach
for performing single audits.
Actions to Address PCIE Recommendations:
The PCIE report recommended that OMB work with other single audit
stakeholders to address deficiencies and implement recommendations to
improve single audit quality. As a result, OMB, the American Institute
of Certified Public Accountants (AICPA), and the National Association
of State Boards of Accountancy (NASBA)[Footnote 10] have several
activities underway in response to the recommendations. OMB has
established eight workgroups in areas such as audit findings, training,
and compliance testing. According to OMB, one of the workgroups, the
New and Improved Single Audit Process, will focus on identifying
strategic improvements to the single audit process. OMB anticipates
making revisions to OMB Circular No. A-133, and the PCIE checklist for
performing QCRs during 2009. AICPA also established seven task forces
to address the PCIE report recommendations. According to the AICPA, it
has issued a proposed revised auditing standard, included guidance in
the 2008 AICPA Audit Guide, and provided a white paper on continuing
professional education (CPE) training to OMB for comment. The AICPA
also anticipates finalizing revisions to applicable auditing standards
and the 2009 AICPA Audit Guide, and is developing illustrative practice
aids. NASBA has developed a process for tracking the status of federal
agency referrals to state boards on poor performing auditors to ensure
appropriate action and timely follow-up. NASBA plans to contact each
federal grant awarding agency on a quarterly basis to inquire about
outstanding referrals to determine whether the issue has been resolved.
Conclusions:
Without a mechanism in place to monitor on an ongoing basis how the
single audit process is implemented governmentwide, OMB and federal
stakeholders are unable to measure the efficiency and effectiveness of
this process, as well as its usefulness as an accountability tool over
federal grant awards. The variations we found on how federal agencies
we reviewed perform key functions of the single audit process
demonstrate the need to assess whether federal agencies carry out their
single audit responsibilities in an efficient and effective manner. We
also believe opportunities exist to address concerns about the
complexity and relative costs and benefits of audit requirements for
single audits, while concurrently seeking the proper balance between
risk and cost-effective accountability by (1) exploring a simplified
approach for performing single audits of small entities, and (2)
identifying best practices and providing guidance for achieving higher
quality single audits of large entities. OMB, AICPA, and NASBA have
initiated actions to address the PCIE report recommendations. However,
most of these actions are not yet completed and their impact on (1)
addressing longstanding single audit quality issues, and (2)
identifying needed changes to the single audit process, is yet to be
determined. Overall, we believe that a centralized federal effort would
be beneficial in evaluating risk, cost-benefit, and efficiency and
effectiveness of the single audit process, and in making adjustments to
the process as necessary.
Recommendations for Executive Action:
In order to monitor the risk, cost--benefit, and efficiency and
effectiveness of the single audit process, we recommend that OMB take
the following three actions:
* designate an entity or group to (1) evaluate and comprehensively
monitor the single audit process governmentwide, (2) assess the
efficiency and effectiveness of how agencies carry out their single
audit responsibilities, and (3) identify additional guidance and
resources needed to carry out single audit requirements;
* designate a federal workgroup such as its New and Improved Single
Audit Process workgroup to evaluate the current single audit process to
identify simplified alternatives for meeting the accountability
objectives of the Single Audit Act for the audits of small entities,
while achieving the proper balance between risk and cost-effective
accountability for the smallest to the largest entities; and:
* monitor the status of OMB workgroups, AICPA task forces, and NASBA
referral project activities, and evaluate completed actions and their
impact on addressing the PCIE report recommendations to improve single
audit quality.
Agency Comments:
We provided a draft of this report to OMB. The agency responded by e-
mail that it concurred with our observations and recommendations, and
provided a technical comment which we have incorporated into this
report. We also met with agency officials from the top six federal
awarding agencies which accounted collectively for 94 percent ($422.2
billion) of federal grant outlays to state and local governments in
fiscal year 2007. We obtained oral comments from the agency officials
responsible for performing cognizant agency for audit
responsibilities[Footnote 11] in accordance with OMB Circular No. A-
133. They generally agreed with our observations and recommendations,
and their comments have been incorporated as appropriate.
We are sending copies of this report to the subcommittee. As we agreed
with your offices, unless you publicly announce the contents of this
report earlier, we plan no further distribution of it until 30 days
from the report date. At that time, we will send copies to the Director
of the Office of Management and Budget. The report will also be
available at no charge on GAO's Web site at [hyperlink,
http://www.gao.gov]. If you or your staff have any questions about this
report, please contact me at (202) 512-2600 or franzelj@gao.gov.
Contact points for our Offices of Congressional Relations and Public
Affairs may be found on the last page of this report. Key contributors
to this report are listed in Enclosure II.
Signed by:
Jeanette M. Franzel:
Managing Director Financial Management and Assurance:
Enclosures (2):
[End of section]
Enclosure I: Briefing Slides:
Single Audit:
Opportunities Exist to Improve the Single Audit Process and Oversight:
Briefing to the Staff of the Subcommittee on Federal Financial
Management, Government Information, Federal Services, and International
Security; Committee on Homeland Security and Governmental Affairs,
United States Senate:
December 11, 2008:
[Updated as of January 23, 2009]
Contents:
* Background;
* Objectives;
* Scope and Methodology;
* Summary of Results;
* Federal Oversight Process;
* Potential Single Audit Improvements;
* Actions to Address the President‘s Council on Integrity and
Efficiency (PCIE) Recommendations;
* Conclusions;
* Recommendations for Executive Action.
Background:
Federal government grant awards budgeted for state and local
governments and nonprofit organizations have risen substantially
from fiscal year 1960 to fiscal year 2009 (see figure on slide 4).
The Single Audit Act, as amended, requires each reporting entity
that expends $500,000 or more in federal awards, including grants
and other assistance, in its fiscal year to obtain an annual ’single
audit.“[Footnote 12]
The single audit is intended to be an accountability mechanism for
the expenditure of federal awards by state and local governments,
and nonprofit organizations.
Figure: Federal Funds Budgeted for Grants, Fiscal Year 1960 through
Fiscal Year 2009:
[Refer to PDF for image: line graph]
Year: 1960;
Constant dollars (2009), adjusted for inflation: $42 billion;
Actual budgeted dollars: $7 billion.
Year: 1966;
Constant dollars (2009), adjusted for inflation: $44 billion;
Actual budgeted dollars: $8 billion.
Year: 1970;
Constant dollars (2009), adjusted for inflation: $111 billion;
Actual budgeted dollars: $24 billion.
Year: 1974;
Constant dollars (2009), adjusted for inflation: $113 billion;
Actual budgeted dollars: $30 billion.
Year: 1978;
Constant dollars (2009), adjusted for inflation: $138 billion;
Actual budgeted dollars: $50 billion.
Year: 1982;
Constant dollars (2009), adjusted for inflation: $183 billion;
Actual budgeted dollars: $91 billion.
Year: 1986;
Constant dollars (2009), adjusted for inflation: $167 billion;
Actual budgeted dollars: $95 billion.
Year: 1990;
Constant dollars (2009), adjusted for inflation: $231 billion;
Actual budgeted dollars: $150 billion.
Year: 1994;
Constant dollars (2009), adjusted for inflation: $277 billion;
Actual budgeted dollars: $200 billion.
Year: 1998;
Constant dollars (2009), adjusted for inflation: $323 billion;
Actual budgeted dollars: $250 billion.
Year: 2002;
Constant dollars (2009), adjusted for inflation: $390 billion;
Actual budgeted dollars: $325 billion.
Year: 2006;
Constant dollars (2009), adjusted for inflation: $483 billion;
Actual budgeted dollars: $450 billion.
Year: 2009;
Constant dollars (2009), adjusted for inflation: $500 billion.
Actual budgeted dollars: $500 billion.
Source: GAO analysis of Office of Management and Budget (OMB)
Compliance Suppplement Update, OMB presentation, June 12, 2008.
[End of figure]
The Office of Management and Budget (OMB) performs several activities
to assist the single audit community”federal awarding agencies,
grantees, and the auditors”in carrying out their respective single
audit responsibilities as described in OMB Circular No. A-133, Audits
of States, Local Governments, and Non-Profit Organizations, and the
related Compliance Supplement.[Footnote 13] OMB‘s activities include:
* issuing and revising OMB Circular No. A-133 and the Compliance
Supplement,
* providing outreach and training through professional conferences on
changes to OMB Circular No. A-133 and the Compliance Supplement, and,
* providing guidance for submitting single audit reports to the Federal
Audit Clearinghouse (FAC), which is designed as a repository for single
audit reports.
In June 2007, PCIE issued its Report on National Single Audit Sampling
Project, which raised concerns about the quality of single audits and
made recommendations.
* PCIE reviewed a sample of 208 audits randomly selected from a
universe of more than 38,000 single audits submitted and accepted into
the FAC for the period April 1, 2003, through March 31, 2004.
* The sample was split into two strata”audits of entities expending $50
million or more of federal awards during their fiscal year and entities
expending at least $500,000 but less than $50 million of federal awards
(see slide 8).
PCIE found that out of 208 single audits reviewed:
* About 51 percent of the audits had deficiencies that were severe
enough to classify the audits as unacceptable or limited in
reliability.
* About 49 percent were acceptable, including those with deficiencies
that did not require corrective action.
The breakout of acceptable audits between large and small entities
was as follows:
* Sixty-four percent of the large audits ($50 million or more in
federal award expenditures) were acceptable, while:
* Forty-eight percent of the small audits (at least $500,000 but less
than $50 million in federal award expenditures) were acceptable.
Table: Summary of PCIE Study on Single Audit Quality:
Stratum[A]: I;
Universe: 852;
Sample size: 96;
Acceptable, Number of audits: 61;
Acceptable, Point estimate[B]: 64%;
Unacceptable or limited reliability[D], Number of audits: 35;
Unacceptable or limited reliability[D], Point estimate[B]: 36%.
Stratum[A]: II;
Universe: 37,671;
Sample size: 112;
Acceptable, Number of audits: 54;
Acceptable, Point estimate[B]: 48%;
Unacceptable or limited reliability[D], Number of audits: 58;
Unacceptable or limited reliability[D], Point estimate[B]: 52%.
Stratum[A]: Total;
Universe: 38,523;
Sample size: 208;
Acceptable, Number of audits: 115[E];
Acceptable, Point estimate[B]: 49%[C];
Unacceptable or limited reliability[D], Number of audits: 93[F];
Unacceptable or limited reliability[D], Point estimate[B]: 51%[C].
Source: PCIE‘s Report on National Single Audit Sampling Project (June
2007).
[A] Stratum I – Included large audits of entities that expended $50
million or more of federal awards during their fiscal year.
Stratum II – Included audits of entities that expended at least
$500,000 of federal awards, but less than $50 million during their
fiscal year.
[B] At the 90 percent confidence level, the margins of error range
between plus or minus 5.3 and 7.8 percentage points.
[C] The point estimates for the total were computed with formulas for a
stratified random sample, which give more weight to Stratum II because
it represents a much larger proportion of the universe. Due to
rounding, these percentages do not add to exactly 100 percent.
[D] Limited reliability audits are categorized as having significant
deficiencies with applicable auditing criteria noted, requiring
corrective action to afford unquestioned reliance on the audit.
[E] The 115 audits that were deemed acceptable represented about 93
percent of the federal awards reported in all 208 audits reviewed.
[F] The 93 audits that were deemed to be unacceptable or of limited
reliability represented about 7 percent of the federal awards reported
in all 208 audits reviewed.
[End of table]
The PCIE report recommended that OMB work with the single audit
community to implement a three-pronged approach to reduce the types of
deficiencies found and to improve the quality of single audits by:
* revising and improving single audit standards, criteria, and
guidance;
* establishing minimum continuing professional education (CPE)
requirements as a prerequisite for auditors to be eligible to conduct
and continue to perform single audits; and;
* reviewing and enhancing the disciplinary process to address
unacceptable audits and compliance with training and CPE requirements.
On October 25, 2007, GAO testified before this subcommittee and
provided its perspective on the (1) Single Audit Act and underlying
principles, (2) a preliminary analysis of the recommendations made in
the PCIE report for improving audit quality, and (3) additional
considerations for improving single audit quality.[Footnote 14]
* At the hearing, GAO, OMB, and the American Institute of Certified
Public Accountants (AICPA) agreed that actions are needed, and they
continue to work on resolving the single audit quality issues raised in
the PCIE report.
* The subcommittee asked GAO to conduct additional audit work and
analysis as necessary to identify further actions to improve federal
oversight and accountability for federal grant funds.
Objectives:
Our objectives were as follows:
* Determine whether the federal oversight structure is adequate to
monitor the efficiency and effectiveness of the single audit process.
* Identify potential changes that can be made to the single audit
process and relevant guidance to improve accountability for federal
grant awards.
* Determine the current status of actions being taken to address the
recommendations made in the PCIE report.
Scope and Methodology:
To address objective 1: we analyzed documentation and interviewed
officials from OMB to obtain an understanding of the single audit
process and OMB‘s role and responsibility in ensuring effective
implementation of OMB Circular No. A-133 and related guidance.
We selected the top six federal awarding agencies, which accounted for
94 percent ($422.2 billion) of federal grant outlays to state and local
governments in fiscal year 2007.[Footnote 15] The selected agencies were
the Departments of:
* Health and Human Services,
* Transportation,
* Education,
* Housing and Urban Development,
* Agriculture, and,
* Homeland Security.
We also analyzed documentation and interviewed officials from these
agencies on how they perform their ’cognizant agency for audit“
[Footnote 16] oversight responsibilities in accordance with OMB
Circular No. A-133 and related guidance.
To address objective 2 we analyzed documentation and interviewed
officials from the top six federal awarding agencies, OMB, AICPA, the
National Association of the State Boards of Accountancy (NASBA),
[Footnote 17] and Census Bureau officials responsible for the
FAC to identify potential improvements to the overall single audit
process. Using fiscal year 2007 single audit data from the FAC, we
compiled, stratified, and analyzed the total number of single audits
completed to determine the coverage of single audits performed by
federal expenditure category.
To address objective 3 we analyzed documentation and interviewed
officials from OMB, AICPA, and NASBA to determine the current status of
actions being taken to address the recommendations in the PCIE report.
We conducted this performance audit from February 2008 through January
2009 in accordance with generally accepted government auditing
standards. Those standards require that we plan and perform the audit
to obtain sufficient, appropriate evidence to provide a reasonable
basis for our findings and conclusions based on our audit objectives.
We believe that the evidence obtained provides a reasonable basis for
our findings and conclusions based on our audit objectives.
Federal Oversight Process:
GAO‘s internal control standards require ongoing monitoring of programs
to ensure that objectives and goals are being addressed efficiently and
effectively.[Footnote 18]
The current design of the federal oversight structure for the single
audit process does not include a designated function or entity for
monitoring whether or how federal awarding agencies are implementing
single audit requirements.
The current design of the single audit process has resulted in
variations across federal agencies in performing key functions of the
single audit process such as quality control reviews (QCR)[Footnote 19]
and use of the FAC.
The six agencies we reviewed had not consistently implemented the OMB
Circular No. A-133 requirement to perform QCRs to evaluate the quality
of audits for expenditures of $50 million or more in federal awards.
* Four of those six agencies had performed QCRs. Only two of the four
had documented policies and procedures with criteria for determining
which completed single audits to select in performing a QCR.[Footnote
20]
We also found that some agencies had elected to obtain single audit
reports directly from their grant recipients rather than using the FAC.
Because there is no designated federal function or entity monitoring
the implementation of the single audit process, OMB and other single
audit stakeholders are unable to:
* identify pervasive and systemic single audit issues,
* determine the impact of the issues across federal programs to
identify needed changes to the single audit process, and,
* communicate results, best practices, and lessons learned.
As a result, there is a lack of assurance at the federal government
level that the single audit process is being implemented governmentwide
in an efficient and effective manner.
Potential Single Audit Improvements:
Auditors of single audits are subject to similar audit requirements and
the same guidance in OMB Circular No. A-133 and the Compliance
Supplement, even if the amounts of federal awards expended by the
audited entities vary significantly. As a result, single audit
stakeholders have raised concerns about the complexity and relative
cost”benefit of the requirements for audits, especially for the smaller
entities.
Our analysis of fiscal year 2007 single audit data reported in the FAC
shows significant disparities in the number of audits of smaller
entities versus the number of audits of large entities and their
respective coverage of federal award expenditures (see slide 18).
Specifically,
* 2.6 percent of the total number of single audits covered about 85
percent of the total federal award expenditures subject to a single
audit, and,
* 52.1 percent of the total number of single audits covered over 2
percent of the total federal award expenditures subject to a single
audit.
Table: Single Audits Completed for Fiscal Year 2007:
Federal award expenditure categories: $500K to less than $2M;
Federal award expenditures: $19,579,049,234;
Percentage of total federal award expenditures: 2.1%;
Total audits, Per category: 18,482;
Total audits, Percentage of total audits: 52.1%.
Federal award expenditure categories: $2M to less than $5M;
Federal award expenditures: $27,620,950,288;
Percentage of total federal award expenditures: 2.9%;
Total audits, Per category: 8,723;
Total audits, Percentage of total audits: 24.6%.
Federal award expenditure categories: $5M to less than $10M;
Federal award expenditures: $27,321,370,170;
Percentage of total federal award expenditures: 2.9%;
Total audits, Per category: 3,938;
Total audits, Percentage of total audits: 11.1%.
Federal award expenditure categories: $10M to less than $50M;
Federal award expenditures: $68,567,556,098;
Percentage of total federal award expenditures: 7.3%;
Total audits, Per category: 3,395;
Total audits, Percentage of total audits: 9.6%.
Federal award expenditure categories: $50M or more;
Federal award expenditures: $801,182,038,803;
Percentage of total federal award expenditures: 84.8%;
Total audits, Per category: 927;
Total audits, Percentage of total audits: 2.6%.
Federal award expenditure categories: Total;
Federal award expenditures: $944,270,964,593[A];
Percentage of total federal award expenditures: 100.0%;
Total audits, Per category: 35,465;
Total audits, Percentage of total audits: 100.0%.
Source: GAO analysis of fiscal year 2007 data from the FAC as of
November 24, 2008.
[A] Total federal expenditures in this analysis include some federal
expenditures multiple times because some award dollars are passed
through to subrecipients.
[End of table]
The current one-size-fits-all approach to single audits combined with
the fact that less than 3 percent of audits cover about 85 percent of
federal expenditures subject to a single audit presents a convincing
case for re-examining the overall approach for performing single
audits.
* Single audits of small entities could be simplified to achieve higher
quality audits and more effective accountability for those audits.
* Opportunities could be explored to identify best practices and
provide guidance for achieving higher quality single audits of large
entities.
Actions to Address the PCIE Recommendations:
OMB established eight work groups to address the PCIE report
recommendations.
According to OMB, it anticipates that revisions to OMB Circular No.
A-133, and the PCIE checklist for performing QCRs will be completed
during 2009 (see slide 21).
Table: Status of OMB Work Group Actions:
Work Group: 1. Audit Findings;
Anticipated product(s): Revisions to OMB Circular No. A-133;
Proposed timeline(s): Fall 2009.
Work Group: 2. Compliance Testing;
Anticipated product(s): Revisions to OMB Circular No. A-133 Compliance
Supplement;
Proposed timeline(s): Spring 2009.
Work Group: 3. Audit Testing and Sampling;
Anticipated product(s): Comment on AICPA Audit Guide, Government
Auditing Standards and Circular No. A-133 Audits;
Proposed timeline(s): Fall 2009.
Work Group: 4. Training;
Anticipated product(s): Revisions to OMB Circular No. A-133;
Proposed timeline(s): Fall 2009.
Work Group: 5. Suspension and Debarment;
Anticipated product(s): Revisions to OMB Circular No. A-133 which will
identify criteria for single audit procurement;
Proposed timeline(s): Fall 2009.
Work Group: 6. Sanctions and Punitive Actions;
Anticipated product(s): Monitoring of the activities of NASBA and
AICPA;
Proposed timeline(s): Continuous.
Work Group: 7. PCIE QCR Checklist Revision;
Anticipated product(s): Revised PCIE QCR Checklist with guidance
emphasizing the significance of performing QCRs.
Proposed timeline(s): Spring 2009.
Work Group: 8. New and Improved Single Audit Process;
Anticipated product(s): Revisions to OMB Circular No. A-133 with
proposals for immediate improvements to the single audit
process;
Proposed timeline(s): Fall 2009;
Anticipated product(s): Identification of strategic improvements to the
single audit process;
Proposed timeline(s): Continuous.
Source: OMB.
[End of table]
AICPA established seven task forces to address the PCIE report
recommendations. It issued a proposed revised auditing standard and
provided clarifying guidance in the audit guide during 2008. According
to the AICPA, it anticipates finalizing revisions to applicable
auditing standards and the AICPA Audit Guide, and developing
illustrative practice aids in 2009 (see slide 23).
* AICPA developed a white paper that proposes a training curriculum for
auditors who perform single audits and provided it to OMB for
consideration as they prescribe specific CPE requirements.
* According to AICPA, it has provided OMB with some drafts for the
anticipated products to be completed in 2009, as shown on slide 23.
Table: Status of AICPA Task Force Actions:
Task Force: 1. Sampling/Materiality Issues in a Single Audit
Environment;
Completed/anticipated product(s): New chapter in AICPA Audit Guide,
Government Auditing Standards and Circular A-133 Audits (Audit Guide);
Completed/proposed timeline(s): Fall 2009.
Task Force: 2. Internal Control & Compliance Responsibilities in a
Single Audit Environment;
Completed/anticipated product(s): Clarification to Chapter 9
’Consideration of Internal Control Over Compliance for Major Programs“
of the 2008 AICPA Audit Guide;
Completed/proposed timeline(s): Issued November 2008;
Completed/anticipated product(s): Practice Aid templates (both in a
narrative and checklist format) to assist auditors in documenting their
understanding and testing of internal control over compliance;
Completed/proposed timeline(s): Summer 2009;
Completed/anticipated product(s): Examples of internal control and
compliance documentation for certain A-133 compliance requirements
using the Practice Aids described above;
Completed/proposed timeline(s): Fall 2009.
Task Force: 3. Reporting Audit Findings in a Single Audit;
Completed/anticipated product(s): Illustrative Findings Template
Practice Aid;
Completed/proposed timeline(s): Summer 2009;
Completed/anticipated product(s): Examples of actual findings write-ups
using the Illustrative Findings Template Practice Aid;
Completed/proposed timeline(s): Fall 2009.
Task Force: 4. Single Audit Training Needs and Continuing Professional
Education (CPE) Evaluation;
Completed/anticipated product(s): Single Audit Training Curriculum
white paper issued to OMB for its consideration;
Completed/proposed timeline(s): Issued July 2008.
Task Force: 5. Schedule of Expenditures of Federal Awards (SEFA)
Reporting Issues;
Completed/anticipated product(s): Clarification to Chapter 7 ’Schedule
of Expenditures of Federal Awards“ of the 2008 AICPA Audit Guide;
Completed/proposed timeline(s): Issued November 2008;
Completed/anticipated product(s): Illustrative Audit Program for the
SEFA;
Completed/proposed timeline(s): Summer 2009;
Completed/anticipated product(s): Illustrative Auditor Disclosure
Checklist for the SEFA;
Completed/proposed timeline(s): Summer 2009.
Task Force: 6. Practice Monitoring in a Single Audit Environment;
Completed/anticipated product(s): Recommendations to the AICPA Peer
Review Board;
Completed/proposed timeline(s): Spring 2009;
Completed/anticipated product(s): Conduct periodic meetings with
Inspector General community after recommendations from all the task
forces are completed to facilitate, enhance, and improve the
effectiveness of the Peer Review Program;
Completed/proposed timeline(s): To be determined.
Task Force: 7. Compliance Auditing Considerations in Audits of
Governmental Entities and Recipients of Governmental Financial
Assistance;
Completed/anticipated product(s): Exposure Draft of a new auditing
standard titled Compliance Auditing issued and out for public comment.
This proposed standard would supersede Statement on Auditing Standards
(SAS) No. 74, Compliance Auditing Considerations of Governmental
Entities and Recipients of Governmental Financial Assistance, which is
the current auditing standard in this area;
Completed/proposed timeline(s): Issued December 2008.
Completed/anticipated product(s): New compliance auditing standard;
Completed/proposed timeline(s): Summer 2009.
Source: AICPA.
[End of table]
NASBA developed a process in May 2008 for tracking the status of
federal agency referrals on poor-performing auditors to state boards
to ensure appropriate action and timely follow-up.
* On a quarterly basis, NASBA stated it plans to contact each federal
grant awarding agency to inquire about outstanding referrals.
* NASBA stated it will follow up with the agency 2 weeks after each
quarterly referral to determine whether the issue has been resolved.
Conclusions:
Without a mechanism in place to monitor on an ongoing basis how the
single audit process is implemented governmentwide, OMB and federal
stakeholders are unable to measure the efficiency and effectiveness of
this process, as well as its usefulness as an accountability tool over
federal grant awards. Variations in how federal agencies we reviewed
perform key functions of the single audit process demonstrate the need
to assess whether federal agencies carry out their single audit
responsibilities in an efficient and effective manner.
Opportunities exist to address concerns about the complexity and
relative costs and benefits of audit requirements for single audits,
while achieving a proper balance between risk and cost”effective
accountability. This can be accomplished by exploring a simplified
approach for performing single audits of small entities, and
identifying best practices and providing guidance for achieving higher
quality single audits of large entities.
OMB, AICPA, and NASBA have initiated actions to address the PCIE report
recommendations; however, most of these actions have yet to be
completed and their impact on (1) addressing long-standing single audit
quality issues, and (2) identifying needed changes to the single audit
process is yet to be determined.
Recommendations for Executive Action:
In order to monitor the risk, cost”benefit, and efficiency and
effectiveness of the single audit process, we recommend that OMB:
* designate an entity or group to (1) evaluate and comprehensively
monitor the single audit process governmentwide, (2) assess agencies‘
efficiency and effectiveness in carrying out their single audit
responsibilities, and (3) identify additional guidance and resources
needed to carry out single audit requirements;
* designate a federal work group such as its ’New and Improved Single
Audit Process“ work group to evaluate the current single audit process
to identify simplified alternatives for meeting the accountability
objectives of the Single Audit Act for the audits of small entities,
while achieving the proper balance between risk and cost”effective
accountability for the smallest to the largest entities; and;
* monitor the status of OMB work groups, AICPA task forces, and NASBA
referral project activities, and evaluate completed actions and their
impact on addressing the PCIE report recommendations to improve single
audit quality.
[End of section]
Enclosure II: GAO Contact and Staff Acknowledgements:
GAO Contact:
Jeanette Franzel, (202) 512-2600 or franzelj@gao.gov:
Staff Acknowledgements:
In addition to the contact named above Sabrina Springfield, Assistant
Director; Marcia Buchanan, Assistant Director; Abe Dymond, Assistant
General Counsel; Sunny Chang; Emily Clancy; Maxine Hattery; Heather
Keister; Jason Kirwan; Sandy Silzer; and Doris Yanger made key
contributions to this report.
[End of section]
Footnotes:
[1] Constant dollar amounts reflect adjustments for inflation (e.g. the
purchasing value of the $7 billion awarded in 1960 represents about $42
billion in today's fiscal year 2009 dollars).
[2] The Single Audit Act, as amended, requires each reporting entity
that expends $500,000 or more in federal awards, including grants and
other assistance, in a fiscal year to obtain an annual "single audit,"
which includes an audit of the entity's financial statements and a
schedule of the expenditure of federal awards, and review of related
internal controls.
[3] The President's Council on Integrity and Efficiency (PCIE) and the
Executive Council on Integrity and Efficiency (ECIE) were established
by Executive Orders in 1981 and 1992, respectively, to continually
identify, review, and discuss areas of weakness and vulnerability in
Federal programs and operations to fraud, waste, and abuse. The
councils were also established to develop plans for coordinated,
governmentwide activities that address these problems and promote
economy and efficiency in federal programs and operations.
[4] PCIE Report on National Single Audit Sampling Project (June 2007).
The project was conducted under the auspices of the Audit Committee of
the PCIE, as a collaborative effort involving PCIE member
organizations, as well as a member of the ECIE and three State
Auditors. The project was performed to determine the quality of single
audits using statistical methods and make recommendations to address
noted audit quality issues.
[5] GAO, Single Audit Quality: Actions Needed to Address Persistent
Audit Quality Problems, [hyperlink,
http://www.gao.gov/products/GAO-08-213T] (Washington, D.C.: October 25,
2007).
[6] To assist the single audit community in carrying out their
respective audit responsibilities, OMB performs several activities,
including issuing guidance for implementing single audit requirements
as described in OMB Circular No. A-133, Audits of States, Local
Governments, and Non-Profit Organizations, and the Compliance
Supplement.
[7] Federal agencies are required by OMB to perform QCRs to evaluate
the quality of selected single audits of entities with expenditures of
$50 million or more in federal awards to ensure that the audit (1) is
conducted in accordance with applicable standards, (2) meets single
audit requirements, (3) identifies any follow-up audit work needed, and
(4) identifies issues that may require management attention.
[8] The Federal Audit Clearinghouse operates on behalf of OMB to
disseminate single audit information to federal agencies and the
public.
[9] GAO, Standards for Internal Control in the Federal Government,
[hyperlink, http://www.gao.gov/products/GAO/AIMD-00-21.3.1]
(Washington, D.C.: November 1999).
[10] NASBA is a voluntary membership association of the boards of
accountancy in the 50 states of the United States, the District of
Columbia, Guam, the Commonwealth of the Northern Mariana Islands,
Puerto Rico, and the U.S. Virgin Islands. The purpose of the
association is to protect, promote, foster, and advance the common
interests and welfare of the various boards of accountancy. NASBA
provides programs and services primarily related to the testing and
licensing of certified public accountants in compliance with the
requirements of boards of accountancy.
[11] Each award recipient expending more than $50 million is assigned a
cognizant agency for audit. Generally, the cognizant agency for audit
is the federal awarding agency that provides the predominant amount of
direct funding to a recipient unless OMB assigns this responsibility to
another agency. Some of the responsibilities of the cognizant agency
includes performing QCRs, considering auditee requests for extensions,
and coordinating a management decision for audit findings that affect
federal programs of more than one agency.
[12] Entities that expend federal awards under only one federal program
are not required to obtain a single audit but may elect to have a
program-specific audit focused on financial expenditures, internal
control, and compliance under that program. [31 U.S.C. §
7502(a)(1)(C)].
[13] The Compliance Supplement provides auditors the information needed
to understand federal programs‘ objectives, procedures, and compliance
requirements relevant to the single audit. It also provides auditors
with guidance for determining whether federal programs are compliant
with these requirements (laws, regulations, and provisions of contract
or grant agreements).
[14] GAO, Single Audit Quality: Actions Needed to Address Persistent
Audit Quality Problems, [hyperlink,
http://www.gao.gov/products/GAO-08-213T] (Washington, D.C.: October
2007).
[15] OMB Update, April 2008.
[16] Each award recipient expending more than $50 million is assigned a
cognizant agency for audit. Generally, the cognizant agency for audit
is the federal awarding agency that provides the predominant amount of
direct funding to a recipient unless OMB assigns oversight
responsibility to another agency.
[17] NASBA is a voluntary membership association of the boards of
accountancy in the 50 states of the United States, the District of
Columbia, Guam, the Commonwealth of the Northern Mariana Islands,
Puerto Rico, and the U.S. Virgin Islands. The purpose of the
association is to protect, promote, foster, and advance the common
interests and welfare of the various boards of accountancy. NASBA
provides programs and services primarily related to the testing and
licensing of certified public accountants in compliance with the
requirements of boards of accountancy.
[18] GAO, Standards for Internal Control in the Federal Government,
[hyperlink, http://www.gao.gov/products/GAO/AIMD-00-21.3.1]
(Washington, D.C.: November 1999).
[19] QCRs are conducted to ensure that the audit (1) is conducted in
accordance with applicable standards, (2) meets single audit
requirements, (3) identifies any follow-up audit work needed, and (4)
identifies issues that may require management attention.
[20] QCR data are as of fiscal year 2006, which were the most complete
data available from the six federal agencies reviewed.
[End of section]
GAO's Mission:
The Government Accountability Office, the audit, evaluation and
investigative arm of Congress, exists to support Congress in meeting
its constitutional responsibilities and to help improve the performance
and accountability of the federal government for the American people.
GAO examines the use of public funds; evaluates federal programs and
policies; and provides analysis, recommendations, and other assistance
to help Congress make informed oversight, policy, and funding
decisions. GAO's commitment to good government is reflected in its core
values of accountability, integrity, and reliability.
Obtaining Copies of GAO Reports and Testimony:
The fastest and easiest way to obtain copies of GAO documents at no
cost is through GAO's Web site [hyperlink, http://www.gao.gov]. Each
weekday, GAO posts newly released reports, testimony, and
correspondence on its Web site. To have GAO e-mail you a list of newly
posted products every afternoon, go to [hyperlink, http://www.gao.gov]
and select "E-mail Updates."
Order by Phone:
The price of each GAO publication reflects GAO‘s actual cost of
production and distribution and depends on the number of pages in the
publication and whether the publication is printed in color or black and
white. Pricing and ordering information is posted on GAO‘s Web site,
[hyperlink, http://www.gao.gov/ordering.htm].
Place orders by calling (202) 512-6000, toll free (866) 801-7077, or
TDD (202) 512-2537.
Orders may be paid for using American Express, Discover Card,
MasterCard, Visa, check, or money order. Call for additional
information.
To Report Fraud, Waste, and Abuse in Federal Programs:
Contact:
Web site: [hyperlink, http://www.gao.gov/fraudnet/fraudnet.htm]:
E-mail: fraudnet@gao.gov:
Automated answering system: (800) 424-5454 or (202) 512-7470:
Congressional Relations:
Ralph Dawn, Managing Director, dawnr@gao.gov:
(202) 512-4400:
U.S. Government Accountability Office:
441 G Street NW, Room 7125:
Washington, D.C. 20548:
Public Affairs:
Chuck Young, Managing Director, youngc1@gao.gov:
(202) 512-4800:
U.S. Government Accountability Office:
441 G Street NW, Room 7149:
Washington, D.C. 20548:
