Auditing 6
Becker Professional Education | CPA Exam Review
VII. Single Audits: Title 2 of the Code of Federal RegulationS, 200.500–521
A.
Responsibilities Under the Single Audit Act
1.
Entities Subject to the Single Audit Act
The Single Audit Act is governed by provisions of federal regulations in 2 CFR
200.500–521, part of regulations included in what is commonly known as the "Super
Circular." It requires entities that expend total federal assistance equal to or in excess
of $750,000 in a fiscal year to have an audit performed in accordance with the act.
a.
The act allows for either a single or program-specific audit. The program-specific
audit election is only available to certain grant recipients who meet highly restrictive
criteria, including:
(1) Awards are expended under a single federal program.
(2) No financial statement audit is required.
b.
2.
Nonfederal entities that expend less than $750,000 a year in federal awards are
exempt from federal audit requirements for that year.
Objectives of the Single Audit
Single Audit
Objectives
A single audit has two main objectives:
3.
a.
Audit of the entity's financial statements and reporting on a separate schedule of
expenditures of federal awards in relation to those financial statements.
b.
Compliance audit of federal awards expended during the year as a basis for issuing
additional reports on compliance related to major programs and on internal control
over compliance.
Materiality Determinations
The Single Audit Act requires that the materiality of the transaction or other compliance
finding be considered separately in relation to each major program, not simply in relation
to the financial statements taken as a whole.
a.
Major programs are determined in accordance with formulas prescribed by 2 CFR
200 single audit requirements. Generally, programs classified as major are those
that expend $750,000 or more in federal financial assistance, but smaller programs
may be deemed major if they are classified as "high risk," even if they do not meet
the monetary threshold. The Circular provides guidance on applying this "riskbased approach" to program selection.
P ASS K E Y
The audit threshold for federal audit requirements is expenditure of $750,000 of federal financial assistance.
Single audits are generally required unless the restrictive requirements of a program-specific audit are met.
Program-specific audits are used when the expenditures are made under only one program and the terms
of the award do not require a financial statement audit.
b.
Under both GAAS and GAGAS, materiality is considered in relation to the financial
statements being audited taken as a whole.
P ASS K E Y
Remember, a single audit includes a separate evaluation of materiality for each major program selected.
© DeVry/Becker Educational Development Corp. All rights reserved.
A6-63
Auditing 6
Becker Professional Education| CPA Exam Review
4.
Audit Requirements Apply to Recipients and Subrecipients
Audit requirements apply to recipients and subrecipients of federal financial assistance.
Contractors have more limited requirements.
P ASS K E Y
Federal award recipients (e.g., a city expending funds received directly from the U.S. Department of
Housing and Urban Development) or a subrecipient (e.g., a city expending funds received from a state
that received the funds from the U.S. Department of Housing and Urban Development) are subject to
audit requirements associated with federal financial assistance.
Contractors (e.g., those who are paid by recipients or subrecipients of federal financial assistance, such
as an electrician performing service upgrades to a public housing authority) are not subject to the same
audit requirements as recipients and subrecipients.
B.
Program-Specific Audits
1.
Under certain circumstances, recipients are permitted to have a program-specific audit
instead of a single audit.
2.
Entities not covered by the Single Audit Act are also eligible.
3.
The auditor must contact the Inspector General of the applicable federal agency and
obtain a current program-specific audit guide.
4.
The auditor must follow GAGAS and the guide when performing a programspecific audit.
5.
If a program-specific audit guide is not available, the auditor has basically the same
responsibilities as in an audit of a major program for a single audit.
P ASS K E Y
All governmental audits carried out under the Single Audit Act are not the same:
• Audits of an entire organization that include additional audit procedures on specific programs
are called "single audits." These audits include a report on the financial statements of the whole
organization and audit reports on the specific programs.
• Audits of specific programs are called "program-specific audits" and do not include reports on the
financial statements of the organization taken as a whole.
C.
A6-64
Auditee Responsibilities—Auditor Selection
1.
Auditors must be selected using procurement standards established by federal guidelines.
2.
Procurement standards preclude limitations on competition, including:
a.
the use of a single or sole source vendor (only considering one firm).
b.
providing preferences to local firms (giving advantages to firms based on
geographic location).
3.
Auditees must request a copy of the audit organization's peer review report.
4.
Proposals made by auditors must be evaluated for:
a.
responsiveness to the request for proposal.
b.
relevant experience.
c.
the availability of professionally qualified staff.
d.
the results of peer reviews.
© DeVry/Becker Educational Development Corp. All rights reserved.
Auditing 6
Becker Professional Education | CPA Exam Review
5.
The use of small and minority-owned businesses is encouraged.
6.
Consultants engaged to develop indirect cost plans may not be engaged as the auditor
when the indirect costs recovered by the auditee during the prior year exceed $1 million.
P ASS K E Y
Auditor selection is made by the auditee, subject to federal guidelines that seek to ensure the
appointment of an auditor possessing the necessary expertise through an open and competitive proposal
process.
D.
Auditee Responsibilities—Report Submission
1.
The audit report must be submitted:
a.
within 30 calendar days of receipt.
b.
within nine months after the end of the audit period.
2.
Copies must be made available for public inspection (unless restricted by federal statute
or regulation).
3.
The audit report must be submitted in the following format:
a.
The report must be transmitted using a data collection form that follows a specific
data set required by the OMB.
b.
The form must be signed by a responsible official.
c.
The reporting package must include:
(1) Financial statements
(2) A summary schedule of prior audit findings
(3) Auditor's reports
(4) Corrective action plans
d.
4.
The report must be submitted electronically.
Reports must be retained for three years from the date of submission.
P ASS K E Y
The organization subject to audit is responsible for the production of financial statements and a schedule
of federal expenditures, along with corrective actions, in response to audit findings. Auditee reports,
along with auditor reports and findings, must be submitted by the auditee within 30 days of receipt or
nine months after the end of the audit period.
E.
Auditor Responsibilities—The Scope of the Audit
1.
Financial Statements and Schedules
The auditor should express an opinion regarding the fair presentation.
2.
Internal Control
a.
The auditor should consider internal controls over compliance using major programs
as a basis for both testing and reporting.
b.
Internal control guidance is taken from both the U.S. Office of the Comptroller
General and the Committee of Sponsoring Organizations (COSO) Internal Control
Framework.
© DeVry/Becker Educational Development Corp. All rights reserved.
A6-65
Auditing 6
Becker Professional Education| CPA Exam Review
c.
The audit must be planned to support a low assessed level of control risk of
noncompliance for major programs.
d.
The auditor must plan and perform tests of controls over compliance for major
programs.
(1) The auditor is not required to test controls that are ineffective.
(2) Significant deficiencies and material weaknesses must be reported.
(3) When controls are deemed ineffective, additional tests of compliance must be
considered.
e.
Auditors have no responsibility to obtain an understanding of internal control over
compliance or perform related tests of compliance for any federal program deemed
to be nonmajor.
3.Compliance
4.
a.
The auditor should express an opinion regarding major program compliance with
statutes, regulations, and terms and conditions of the related federal award.
b.
Compliance requirements are typically found in the compliance supplement.
Otherwise, the auditor should look to the sources of compliance requirements (e.g.,
laws, regulations, or terms and conditions of the award).
Previous Audit Findings
The auditor is required to follow up on audit findings from previous audits.
F.
Auditor Responsibilities—Audit Reporting
The auditor should:
1.
Express an opinion regarding the fair presentation of the financial statements, in
accordance with GAAP.
2.
Express an opinion regarding the fair presentation of the Schedule of Expenditures of
Federal Awards (SEFA) in relation to the financial statements.
3.
Report on internal control over financial reporting and compliance with federal statutes,
regulations, and the terms and conditions for the federal award, including:
4.
a.
the scope of testing of internal control over compliance.
b. the results of tests.
c.
reference to a separate Schedule of Findings and Questioned Costs.
Report on compliance for each major program and report on internal control over
compliance including:
a.
the scope of testing of internal control over compliance.
b.
an opinion with regard to compliance with federal statues, regulations and the terms
and conditions of the federal award.
(1) For reportable instances of noncompliance with the requirements governing
a major federal financial assistance program, reports should be qualified
("except for") or adverse, depending on materiality.
(2) Immaterial instances of noncompliance should be reported, but need not be
specifically identified.
c.
A6-66
reference to a separate Schedule of Findings and Questioned Costs.
© DeVry/Becker Educational Development Corp. All rights reserved.
Auditing 6
Becker Professional Education | CPA Exam Review
5.
Provide a schedule of findings that includes:
a.
A summary of the auditor's results:
(1) The type of report issued by the auditor over the financial statements
(2) Discovery of significant deficiencies or material weaknesses
(3) Discovery of any material noncompliance
(4) The type of report the auditor issued on compliance for major programs
(5) A statement regarding whether the audit disclosed any audit findings the
auditor is required to report
(6) Identification of the major programs (a list of the major programs)
(7) The dollar threshold used to distinguish between type A and type B programs
(8) A statement as to whether the auditee qualified as a low-risk auditee
G.
b.
GAGAS findings.
c.
Findings and questioned costs for federal awards.
Auditor Responsibilities—Audit Findings
1.
The auditor must report significant deficiencies and material weaknesses in internal control
over major programs and significant instances of abuse related to major programs.
2.
The auditor must report material noncompliance with provisions of federal statutes,
regulations, or the terms and conditions of federal awards related to major programs.
3.
The auditor must report questioned costs of a given type of compliance requirement if
those costs exceed $25,000.
E X AM P LE
An auditor is performing compliance testing on a rental assistance program, a major program
administered by a federally funded public housing authority. A compliance requirement for this major
program is that tenants must meet eligibility requirements, including income limitations. The auditor
finds that a number of tenants for whom rent subsidies have been claimed earned income in excess of
the tenant income limitations. The auditor accumulates the amounts associated with the noncompliance
and questions $36,000 of the public housing authority's rent subsidies. Because the questioned costs
are greater than $25,000, the auditor is required to report them.
4.
H.
Findings must be stated clearly and in a manner that defines the deficiency and the
implications of the deficiency.
Auditor Responsibilities—Audit Documentation
1.
Audit documentation must be maintained for three years after the date of issuance.
2.
Contested audit findings or requests by the awarding or cognizant agency may extend
the retention period. The cognizant agency is generally the lead agency that provides the
most funding to the recipient and the one that receives and distributes the reports.
P ASS K E Y
Both the auditor and the auditee must retain audit documentation for three years after issuance and receipt.
© DeVry/Becker Educational Development Corp. All rights reserved.
A6-67
Auditing 6
I.
Becker Professional Education| CPA Exam Review
Auditor Responsibilities—Major Program Determination
1.
Risk-Based Approach
a.
The determination of major programs uses a risk-based approach.
b.
The risk-based approach includes the consideration of:
(1) Current and prior audit experience
(2) Oversight by federal agencies
(3) Inherent risk
2.
3.
A Four-Step Process
Step 1
Identify type A ($750,000 or more) and type B programs (those not meeting the requirements
of type A).
Step 2
Identify type A programs that are low risk.
Step 3
Identify type B programs that are high risk, using professional judgment.
Step 4
At a minimum, major programs include all type A programs not identified as low risk and all
type B programs identified as high risk that meet the coverage requirements described below.
Percentage of Coverage
a.
For low-risk auditees, the auditor must test 20 percent of the total federal awards
expended.
b.
For other auditees, the auditor must test 40 percent of the total federal awards
expended.
4.Documentation
a.
Audit workpapers should include documentation of the risk analysis defined in the
federal guidance.
b.
Major programs determined in accordance with federal guidance will not be
challenged by federal agencies.
P ASS K E Y
Auditors select major programs for audit using a risk-based approach that follows a specific methodology,
but the process ultimately relies upon auditor judgment.
J.
Program Risk
1.
Criteria for Federal Program Risk
a.
Current and prior audit experience could indicate higher risk:
(1) Multiple internal control structures.
(2) Weak monitoring systems for subrecipients.
(3) Programs not recently audited as major.
b.
Oversight exercised by federal agencies and pass-through entities can be used to
assess risk.
c.
The inherent risk of a federal program is increased by:
(1) The complexity of the program (e.g., complex eligibility requirements).
(2) Being in the early phase of a program's life cycle (with new or untested
requirements).
A6-68
© DeVry/Becker Educational Development Corp. All rights reserved.
Auditing 6
Becker Professional Education | CPA Exam Review
2.
Criteria for a Low-Risk Auditee
a.
Single audits have been performed on an annual basis for two years.
b.
The financial statements received an unmodified opinion.
c.
No deficiencies in internal control were identified.
d.
No going concern contingencies were reported.
e.
Type A programs, that had:
(1) No findings
(2) No questioned costs in excess of 5 percent of the award expended
(3) No modified opinion
VIII. Reporting Requirements
A.
Summary of Recommended Reporting
The following chart summarizes when each of four reports is required.
Recommended Reporting
REQUIRED BY
Report
Opinion (or disclaimer) on financial statements
and supplementary schedule of expenditures of
federal awards
GAAS
Government
Auditing
Standards
Single
Audits
ü
ü
ü
ü
ü
Report on internal control and compliance with
provisions of laws, regulations, contracts, and grant
agreements
Report on compliance and internal control over
compliance applicable to each major program.
This report must include an opinion (or disclaimer)
on compliance
ü
Schedule of findings and questioned costs
ü
P ASS K E Y
Remember that government audits require more work and responsibility for the auditor. The examiners
usually focus on the additional audit report requirements.
P ASS K E Y
Government audit reports focus the reader on compliance with laws, rules, and regulations, the internal
controls associated with maintaining compliance, and any findings of noncompliance.
© DeVry/Becker Educational Development Corp. All rights reserved.
A6-69