Audit of State and Local Governments

Print
Audits of State and Local Governments
written by
Lucinda Upton, CPA, CGFM
Course Information
Prerequisite Internal Control and Fraud in
Government Engagements or
comparable
knowledge/experience; A detailed
knowledge in [an area] and/or
experience at a mid-level position
within an organization with
operational or supervisory
responsibilities
Field of Study Auditing - Governmental
CPE Credit Hours 17
Author Biography
Lucinda Upton, CPA, CGFM, has been in governmental auditing and accounting for more than 30
years. In her career with Kentucky state government, she held positions with the Legislative
Research Commission, Office of the Health Services Inspector General, the Medicaid program,
and Auditor of Public Accounts. She was previously with the National Association of State
Auditors, Comptrollers, and Treasurers. She has been a discussion leader for national conferences
and training sessions and has provided training and technical assistance to state audit staff, local
government officials, and CPAs who audit governmental entities. Ms. Upton has authored training
programs for Thomson Reuters Tax and Accounting, Bisk Education, Inc., the AICPA Continuing
Education Division, and the Association of Government Accountants (AGA).
Course Description
This course provides the information an auditor needs to design, perform, and report on a
financial statement audit of a governmental entity in accordance with generally accepted auditing
standards (GAAS). Our experts cover: new auditing and accounting requirements; risk assessment
procedures, general planning procedures, and the detailed audit plan; substantive procedures
and tests of controls; audit programs for specific audit areas including pensions and
postemployment benefits other than pensions (OPEB); special-purpose and state governments;
general and concluding procedures; and the auditors reports. This update includes an overview of
the following newly issued GASB Statements No. 88 through No. 92. This course is most
appropriate for the professional with detailed knowledge in audits of state and local government
who may be at a mid-level position within an organization with operational or supervisory
responsibilities, or both.
Learning Objectives
Upon successful completion of this course, the user should be able to:
recognize significant changes to the AICPA Codification of Auditing Standards, the Yellow
Book, and GASB standards;
identify the importance of and procedures behind risk assessment;
recognize the various classes of financial statement assertions;
identify issues related to substantive testing in a financial statement audit;
identify the process of deciding when and how to perform tests of controls;
recognize the process of developing audit programs and detailed audit plans for various audit
areas;
identify unique accounting, reporting, and auditing characteristics in various special purpose
governmental units;
identify unique accounting, reporting, and auditing characteristics dealing with pensions and
OPEB;
identify various general and concluding audit procedures; and
recognize the importance and relevance of standard GAAS and GAGAS reports on the basic
financial statements.
Chapter 1. New Auditing and Accounting Requirements

This chapter provides an overview of the AICPA Codification of Statements on Auditing Standards.
It also discusses the 2011 and 2018 revisions of Government Auditing Standards (the Yellow Book)
and recent GASB pronouncements, GASB Statement Nos. 88 through 92.
Upon successful completion of this chapter, the user should be able to:
recognize significant changes to the AICPA Codification of Auditing Standards, the Yellow
Book, and GASB standards.
1 A. Overview of the AICPA Codification of

Auditing Standards
Introduction
The AICPA's Auditing Standards Board (ASB) redrafted the auditing sections in the Codification of
Statements on Auditing Standards (SASs) to apply the clarity drafting conventions and to
converge with the International Standards on Auditing. The AICPA undertook this project to make
generally accepted auditing standards (GAAS) easier to read, understand, and apply, and to more
closely align United States standards with international standards.
Effective Date
The clarified standards generally were effective for audits of financial statements for periods
ending on or after December 15, 2012. Some, such as the standard on compliance audits, were
made effective earlier.
Codification Section Identifiers
The clarified standards use “AU-C” section numbers instead of the previously used “AU” section
numbers. The AU-C identifier has been retained in the Codification and the AU sections have been
discontinued.
Format of Standards
Each standard follows a specified format. The introduction explains the purpose and scope of the
standard. The objective defines the context in which the requirements are set. When appropriate,
a standard explains specific meanings of terms in that standard. Application and other
explanatory material explains or provides guidance for carrying out the requirements of the
standard; it is an integral part of the standard, and the auditor is required to read and understand
the entire text of the standard.
Format of Codification
The major parts of the Codification are as follows: general principles and responsibilities; risk
assessment and response to assessed risk; audit evidence; using the work of others; audit
conclusions and reporting; special considerations; and special considerations in the United States.
Substantive Changes to the Codification
Some of the clarified standards contain substantive changes in content, while others have merely
been converted to the clarity format. This chapter focuses on the AU-C sections that had
substantive changes, presented in the format of the new Codification. The participant in this
program is presumed to have a basic understanding of the auditing standards that were not
changed in the clarity project.
1 B. General Principles and Responsibilities
The “General Principles and Responsibilities” part of the Codification covers the following: overall
objectives of the independent auditor and the conduct of an audit in accordance with GAAS;
terms of engagement; quality control; audit documentation; consideration of fraud in a financial
statement audit; consideration of laws and regulations in an audit of financial statements; the
auditor's communication with those charged with governance; and communicating internal
control related matters identified in an audit.
Objectives of the Auditor and Conduct of an Audit
AU-C §200 is Overall Objectives of the Independent Auditor and the Conduct of an Audit in
Accordance With Generally Accepted Auditing Standards. It did not substantially change what the
auditor is required to do, but it is structurally different and introduced new terminology.
Overall Objectives of the Auditor
AU-C §200 supersedes AU §150, Generally Accepted Auditing Standards, which contains the 10
general, field work, and reporting standards. It establishes the overall objectives of the auditor.
Note
If the auditor fulfills the overall objectives and meets applicable ethical requirements,
the ASB believes that the auditor will have fulfilled the 10 standards.
The auditor's two overall objectives are as follows:

A. To obtain reasonable assurance about whether the financial statements as a whole are free
from material misstatement, whether due to fraud or error, thereby enabling the auditor to
express an opinion on whether the financial statements are presented fairly, in all material
respects, in accordance with an applicable financial reporting framework
B. To report on the financial statements and communicate as required by GAAS, in accordance
with the auditor's findings
New Terminology
New terminology introduced in AU-C §200 is as follows:
A. A financial reporting framework is a set of criteria used to determine measurement,
recognition, presentation, and disclosure of all material items appearing in the financial
statements.
B. An applicable financial reporting framework is the financial reporting framework adopted by
management and, when appropriate, those charged with governance in the preparation and
fair presentation of the financial statements that is acceptable in view of the nature of the
entity and the objective of the financial statements, or that is required by law or regulation.
Terms of Engagement
Acceptability of Applicable Financial Reporting Framework
AU-C §210, Terms of Engagement, requires the auditor to determine whether the financial
reporting framework to be applied in the preparation of the financial statements is acceptable.
The auditor's responsibility for determining the acceptability of the applicable financial reporting
framework is necessary for expressing an opinion on the financial statements and has been
implicit in GAAS.
The ASB concluded that it is appropriate that the auditor determine the acceptability
of the applicable financial reporting framework in conjunction with accepting the
engagement.
Agreement of Management Responsibility
AU-C §210 requires the auditor to obtain the agreement of management that it acknowledges
and understands its responsibility for selecting the appropriate financial reporting framework,
establishing and maintaining internal control, and providing access and information to the
auditor. These requirements were contained or implied in previous standards.
The ASB believes it is appropriate to require that management's responsibilities be

explicit in the engagement letter.
Entity Not Required to Have an Audit

Some entities are not required by law or regulation to have an audit. AU-C §210 states that, if
management or those charged with governance of this kind of entity impose a limitation on the
scope of the auditor's work in terms of a proposed audit such that the auditor believes the
limitation will result in a disclaimer of opinion on the financial statements as a whole, the auditor
should not accept this limited-scope engagement as an audit engagement.
Auditor Not Required to Perform an Audit
Unless required by law or regulation to do so, the auditor should not accept an audit engagement
if the auditor has determined that the applicable financial reporting framework is not acceptable.
Also, the auditor should not accept the engagement if management has not acknowledged in the
engagement letter its responsibility for the selection and application of the appropriate financial
reporting framework, establishing and maintaining internal control, and making all financial
records and related information available to the auditor.
Recurring Audits
For recurring audits, AU-C §210 requires the auditor to assess whether circumstances require the
terms of the audit engagement to be revised. If the auditor concludes that the terms do not need
to be revised, the auditor should remind the entity of the terms of the engagement. This reminder
can be accomplished by means of a new engagement letter or a written or oral reminder that the
responsibilities in the previous terms of engagement still apply.
Understanding for Each Audit
Previous standards required the auditor to establish an understanding with the client for each
engagement. In practice, this requirement may not result in a reminder each year for recurring
audits. AU-C §210 requires the auditor to document the reminder.
Request to Change Audit to Lower Level of Assurance
AU-C §210 also addresses situations in which the auditor is requested to change the audit
engagement to an engagement that conveys a lower level of assurance. The auditor should
determine whether reasonable justification for doing so exists.
Prescribed Layout or Wording of Report
In some situations, law or regulation prescribes the layout or wording of the auditor's report in a
form or in terms that are significantly different from the requirements of GAAS. In these
circumstances, previous GAAS required the auditor to reword the prescribed form or attach a
separate report. AU-C §210 includes the explicit requirement that, if the auditor determines that
rewording the prescribed form or attaching a separate report would not be permitted or would not
mitigate the risk of users misunderstanding the auditor's report, the auditor should not accept the
engagement.
To view this interactivity please view chapter 1, page 12

Interactivity information:
Engagement Quality Control
AU-C §220 is Quality Control for an Engagement Conducted in Accordance With Generally
Accepted Auditing Standards. The previous standard, The Relationship of Generally Accepted
Auditing Standards to Quality Control Standards, contained no requirements.
Engagement Level Procedures
AU-C §220 addresses specific responsibilities of the auditor regarding quality control procedures
for an audit of financial statements. It specifies procedures at the engagement level that help the
auditor achieve the objectives of the quality control standards. These procedures include the
following: direction, supervision, and performance; review; consultation; engagement quality
control review; and handling differences of opinion.
Supervision
AU-C §220 also addresses requirements for supervision in an audit that had not been included in
the previous Audit Planning standard but are required by Statements on Quality Control
Standards (SQCS) No. 8, A Firm's System of Quality Control.
Consideration of Fraud
AU-C §240, Consideration of Fraud in a Financial Statement Audit, did not significantly change or
expand the previous standard. However, it changed the definition of fraud to be consistent with
the international standards. It broadened the definition by including the list of parties who may
commit fraud and by referring to the use of deception. AU-C §240 defines “fraud” as an
intentional act by one or more individuals among management, those charged with governance,
employees, or third parties, involving the use of deception that results in a misstatement in
financial statements that are the subject of an audit.
The ASB believes that the new definition of fraud does not create differences between
the application of the old and new versions of the standard.

Consideration of Laws and Regulations
AU-C §250 is Consideration of Laws and Regulations in an Audit of Financial Statements. It
supersedes AU §317, Illegal Acts by Clients.
Noncompliance That May Have an Indirect Material Effect
AU-C §250 requires the auditor to perform procedures to identify instances of noncompliance
with laws and regulations that may have an indirect but material effect on the financial
statements. Specifically, it requires the auditor to inspect any correspondence with the relevant
licensing or regulatory authorities.
Inherent Limitations of an Audit
The previous standard stated that an audit performed in accordance with GAAS provides “no
assurance” that noncompliance with laws and regulations will be detected or that any contingent
liabilities that may result will be disclosed. AU-C §250 states that, because of the “inherent
limitations of an audit,” some material misstatements may not be detected, even though the audit
is properly planned and performed in accordance with GAAS.
Note
The concept of “no assurance” is different from the concept of “inherent limitations of
an audit.”
Communicating Internal Control Related Matters
AU-C §265, Communicating Internal Control Related Matters Identified in an Audit, supersedes
AU §325 of the same name. AU-C §265 makes explicit two requirements that were implied in AU
§325.
Deficiencies in Internal Control
The first formerly implicit requirement is to determine whether, on the basis of the audit work
performed, the auditor has identified one or more deficiencies in internal control.
Written Communication of No Material Weaknesses
The second formerly implicit requirement is to include specific matters in a written communication
in which the auditor states that no material weaknesses were identified during the audit. These
matters are similar to those in the written communication of significant deficiencies and material
weaknesses. They include the following: the definition of the term “material weakness” and, when
relevant, the definition of the term “significant deficiency;” sufficient information to enable those
charged with governance and management to understand the context of the communication; and
communication in an audit conducted in accordance with Government Auditing Standards that
the report is not suitable for any other purpose but does not restrict the use of the auditor's report.
Note
The requirement to state in a Government Auditing Standards audit that the report on
internal control is not suitable for any other purpose changed previous practice.
Communicating Other Deficiencies to Management

AU-C §265 also adds new requirements. The first is that the auditor is required to communicate,
in writing or orally, only to management, other deficiencies in internal control identified during the
audit that have not been communicated to management by other parties and that, in the
auditor's professional judgment, are of sufficient importance to merit management's attention.
Note
The ASB did not view this new requirement as a difference between the old and new
standards because auditor judgment is what determines whether a deficiency, other
than a material weakness or significant deficiency, is of sufficient importance to
communicate to management. In addition, the previous standard did not preclude this
type of communication.
Potential Effects of Significant Deficiencies and Material Weaknesses
The second new requirement is that the auditor include, in a written communication, an
explanation of the potential effects of the significant deficiencies and material weaknesses
identified. The potential effects need not be quantified.
The ASB did not believe this explanation required additional effort by the auditor
because the potential effects would have been considered as part of evaluating the
severity of the deficiency.
1 C. Risk Assessment and Response

This part of the Codification addresses risk assessment and response to assessed risks. The
sections in this part have not changed from their original versions as risk assessment standards,
but they have been rearranged in the Codification.
Requirements That Did Not Change

The auditor has no new requirements for the following: planning an audit, understanding the
entity and its environment and assessing the risks of material misstatement, evaluating
materiality and performing an audit, performing audit procedures in response to assessed risks
and evaluating the audit evidence obtained, and evaluating misstatements identified during the
audit.
Entity Using a Service Organization
The only real change in this part of the Codification is in AU-C §402, Audit Considerations
Relating to an Entity Using a Service Organization. AU-C §402 contains guidance only for user
auditors. Guidance for service auditors is now contained in Statement on Standards for
Attestation Engagements (SSAE) No. 16, Reporting on Controls at a Service Organization. AU-C
§402 changes previous AU §324, Service Organizations, as follows:
User Entity
A “user organization” is now known as a “user entity.”
Making Reference to Service Auditor
A user auditor is permitted to make reference to the work of a service auditor in the user auditor's
report to explain a modification of the user auditor's opinion. In these circumstances, the user
auditor's report is required to indicate that such a reference does not diminish the user auditor's
responsibility for that opinion. As in the previous standard, the user auditor is prohibited from
making reference to the work of a service auditor in a user auditor's report containing an
unmodified opinion.
Inquiry of Management
A user auditor is required to inquire of management of the user entity about whether the service
organization has reported to the user entity any fraud, noncompliance with laws and regulations,
or uncorrected misstatements. If so, the user auditor is required to evaluate how such matters
affect the nature, timing, and extent of further audit procedures.
Adequacy of Standards Used by Service Auditor
As in the previous standard, in determining the sufficiency and appropriateness of the audit
evidence provided by a service auditor's report, the user auditor should be satisfied regarding the
adequacy of the standards under which the service auditor's report was issued.
1 D. Audit Evidence
This part of the Codification discusses the standards on audit evidence. Some standards changed
with the implementation of the Codification while others did not.
Specific Considerations for Selected Items

AU-C §501 is Audit Evidence—Specific Considerations for Selected Items. It combines the
requirements from three previous standards.
Derivative Instruments, Hedging Activities, and Investments in Securities
Many of the requirements of previous AU-C §332, Auditing Derivative Instruments, Hedging
Activities, and Investments in Securities, are essentially the same as requirements in other
clarified standards, primarily the risk assessment standards and AU-C §540, Auditing Accounting
Estimates, Including Fair Value Accounting Estimates, and Related Disclosures. The ASB
concluded that the application of those requirements in the other clarified standards to the
subject matter is best addressed as interpretive guidance in the related AICPA Audit Guide.
Investments Accounted for Using the Equity Method
Auditing of investments accounted for using the equity method were excluded from AU-C §501.
The auditing of equity investees is addressed more broadly by AU-C §600, Special Considerations
—Audits of Group Financial Statements (Including the Work of Component Auditors).
Inquiry of a Client's Lawyer
AU-C §501 changes previous AU §337, Inquiry of a Client's Lawyer Concerning Litigation, Claims,
and Assessments. AU §337 stated that the auditor should request client management to send a
letter of inquiry to those lawyers with whom management consulted concerning litigation, claims,
and assessments. In contrast, AU-C §501 requires the auditor to seek direct communication with
the entity's external legal counsel, through a letter of inquiry, if the auditor assesses a risk of
material misstatement regarding litigation or claims, or when audit procedures indicate that
material litigation or claims may exist.
External Confirmations
AU-C §505, External Confirmations, did not greatly change the existing standard.
Accounts Receivable
The presumptively mandatory requirement to confirm accounts receivable has been moved to AU-
C §330, Performing Audit Procedures in Response to Assessed Risks and Evaluating the Audit
Evidence Obtained. It was placed there because it is part of the process of determining the
appropriate audit procedures to perform. AU-C §505 presumes that the auditor has already
determined an external confirmation is the appropriate audit procedure.
Management's Refusal to Allow a Confirmation Request
New procedures address the responsibilities of the auditor when management refuses to allow
the auditor to send a confirmation request. The auditor should communicate with those charged
with governance if management's refusal is unreasonable or if the auditor is unable to obtain
relevant and reliable audit evidence from alternative procedures.
Oral Response to Confirmation Request
Application material was added to clarify that the receipt of an oral response to a confirmation
request does not meet the definition of an external confirmation. If a direct written response to a
positive confirmation is not needed, the auditor may take the oral response into consideration
when determining the nature and extent of alternative audit procedures.
An alternative procedure could be performed, for example, by calling the respondent

using a number that the auditor has independently verified as being associated with
the entity.

Opening Balances
AU-C §510 is Opening Balances—Initial Audit Engagements, Including Reaudit Engagements. It
clarifies that initial audit engagements include reaudits.
Review of Predecessor Auditor's Documentation
AU-C §510 makes it clear that reviewing a predecessor auditor's audit documentation cannot be
the only procedure performed to obtain sufficient appropriate audit evidence regarding opening
balances.
Sufficient Appropriate Audit Evidence
AU-C §510 requires the auditor to obtain sufficient appropriate evidence about both of the
following:
A. Whether opening balances contain misstatements that materially affect the current period's
financial statements
B. Whether appropriate accounting policies reflected in the opening balances have been
consistently applied in the current period's financial statements or whether changes in the
accounting policies have been appropriately accounted for and adequately presented and
disclosed in accordance with the applicable financial reporting framework
The Entity's Ability to Continue as a Going Concern

AU-C §570 is The Auditor's Consideration of an Entity's Ability to Continue as a Going Concern. It
is based on SAS No. 132, which superseded SAS No. 126. In the context of governmental audits,
SAS No. 132 was issued to address the provisions of GASB Statement No. 56, Codification of
Accounting and Financial Reporting Guidance Contained in the AICPA Statements on Auditing
Standards.
Auditor's Objectives and Related Conclusions
AU-C §570 clarifies that the auditor's objectives include separate determinations and conclusions
regarding the following:
A. The appropriateness of management's use of the going concern basis of accounting, when
relevant, in the preparation of the financial statements
B. Whether substantial doubt about an entity's ability to continue as a going concern exists,
based on the evidence obtained, for a reasonable period of time
Financial Support by Third Parties
When management's plans include financial support by third parties and such support is
necessary in supporting management's assertions about the entity's ability to continue as a going
concern for a reasonable period of time, the auditor should obtain sufficient appropriate audit
evidence about the intent of such supporting parties to provide the necessary financial support,
including written evidence of such intent, and the ability of such supporting parties to provide the
necessary financial support.
Period beyond Management's Assessment
AU-C §570 requires the auditor to inquire of management regarding its knowledge of conditions
or events beyond the period of management's evaluation that may affect the entity's ability to
continue as a going concern.
Requirements Not Significantly Changed
The Codification does not significantly change the audit evidence requirements for the following:
analytical procedures;
audit sampling;
auditing accounting estimates, including fair value estimates and related disclosures;
related parties;
subsequent events;
written representations; and
consideration of omitted procedures after the report release date.
1 E. Using the Work of Others

The next part of the Codification addresses using the work of others, including internal auditors.
Audits of Group Financial Statements

The major change in this part of the Codification is in AU-C §600, Special Considerations—Audits
of Group Financial Statements (Including the Work of Component Auditors). It supersedes AU
§543, Part of Audit Performed by Other Independent Auditors.
Note
The ASB has concluded that this change affects previous practice because the
standard's scope—including its objective, requirements, and guidance—significantly
expands the previous requirements.
Application of Risk Assessment Standards in a Group Audit

The focus of AU §543 was on how to conduct an audit that involved other auditors. The focus of
AU-C §600 is on how to conduct an effective audit of group financial statements. It focuses on the
application of the risk assessment standards in a group audit. AU-C §600 specifies the
procedures necessary for the group engagement team to perform in order to be involved with (i.e.,
not make reference to) the component auditors to the extent necessary for an effective audit.
New Terminology
AU-C §600 introduces several new terms.
A. A “group” is all of the components whose financial information is included in the group
financial statements. A group always has more than one component.
B. A “component” is an entity or business activity for which group or component management
prepares financial information that is required by the applicable financial reporting framework
to be included in the group financial statements.
C. “Group financial statements” are financial statements that include the financial information
of more than one component. The term also refers to combined financial statements
aggregating the financial information prepared by components that are under common
control.
D. The “group engagement partner” is the partner or other person in the firm who is responsible
for the group audit engagement and its performance and for the auditor's report on the group
financial statements that is issued on behalf of the firm. The term “principal auditor” is no
longer used.
E. The “group engagement team” is partners, including the group engagement partner, and
staff who establish the overall group audit strategy, communicate with component auditors,
perform work on the consolidation process, and evaluate the conclusions drawn from the
audit evidence as the basis for forming an opinion on the group financial statements.
Determining Whether to Accept or Continue Engagement
An overall difference between AU §543 and AU-C §600 is the change in focus when determining
whether to accept or continue the engagement. AU §543 bases the determination on whether the
auditor will be able to sufficiently participate in the group audit in order to be the principal
auditor. AU-C §600 bases that determination on whether the auditor believes s/he will be able to
obtain sufficient appropriate audit evidence over the group financial statements, including
whether the group engagement team will have appropriate access to information.
Change in Mindset of Group Engagement Partner
This approach means a change in the mindset of the group engagement partner from considering
the group engagement team's coverage of the principal amounts and reliance on other
(component) auditors to considering the sufficiency of the group engagement team's involvement
in the performance of the audit, including involvement in the work of the component auditors.
Understanding of Component Auditor
The group engagement team is required to gain an understanding of the component auditor. This
understanding includes certain aspects that were already covered by AU §543, such as
competence and independence. But it also includes additional areas, such as determination of the
extent to which the group engagement team will be able to be involved in the work of the
component auditor.
Group Engagement Partner Choices
Once an understanding of the component auditor has been gained, the group engagement
partner may choose to do either of the following:
A. Assume responsibility for, and thus be required to be involved in, the work of component
auditors, insofar as that work relates to the expression of an opinion on the group financial
statements, or
B. Not assume responsibility for, and accordingly make reference to, the audit of a component
auditor in the auditor's report on the group financial statements.
Note
This choice determines the application of AU-C §600 to a group audit. For example, if
your firm is the auditor of a large governmental unit, such as a state, and your firm uses
a component auditor to audit the state's pension information, your firm's group
engagement partner must choose whether to make reference to the work of the
component auditor. If so, nothing changes from previous practice. Your firm will
determine whether the component auditor is competent and independent. If your firm
uses a component auditor to audit the state's pension information and the group
engagement partner chooses to assume responsibility for the work of the component
auditor, your firm must determine the extent to which your firm will be involved in the
work of the component auditor. The remainder of this section of the course assumes
that your firm has chosen to assume responsibility for the work of the component
auditor and not make reference to the component auditor in your firm's report on the
group financial statements.
Involvement in Work of Component Auditor

Involvement in the work performed by a component auditor will involve the group engagement
team in two specific actions, as follows:
A. Establishing component materiality to be used by the component auditor
B. Performing risk assessment procedures and participating in the assessment of risks of
material misstatement and the planned audit response, either together with the component
auditor or by the group engagement team
When Group Engagement Partner Assumes Responsibility
AU §543 required only that the principal auditor adopts appropriate measures to assure the
coordination of activities with those of the other auditor in order to achieve a proper review of
matters affecting the consolidating or combining of accounts in the financial statements. AU-C
§600 builds on this principle by including requirements and guidance relating to work to be
performed on all components for which the group engagement partner is assuming responsibility
for the work of the component auditor. It includes requirements and guidance on the nature,
timing, and extent of the group engagement team's involvement in the work of the component
auditors, particularly when performing work on significant components.
Using the Work of Internal Auditors
AU-C §610 (SAS No. 128) is Using the Work of Internal Auditors. It superseded the previous AU-C
§610, The Auditor's Consideration of the Internal Audit Function in an Audit of Financial
Statements.
Amendments
SAS No. 128 amends numerous AU-C sections, particularly AU-C §315, Understanding the Entity
and Its Environment and Assessing the Risks of Material Misstatement. For example, it includes in
the risk assessment procedures the auditor's inquiries of appropriate individuals within the
internal audit function.
New Concepts and Requirements
The new AU-C §610 introduces the concept of a systematic and disciplined approach. It requires
the external auditor to evaluate the application by the internal audit function of a systematic and
disciplined approach, including quality control, as a prerequisite for being able to use the work of
the internal audit function. If the external auditor uses the work of the internal audit function, the
extent of use should be communicated to those charged with governance.
Using the Work of an Auditor's Specialist
AU-C §620 is Using the Work of an Auditor's Specialist. It superseded AU §336, Using the Work of
a Specialist.
Use of Management's Specialist
AU §336 addressed the use of the auditor's specialist and the use of management's specialist.
The requirements for the use of management's specialist have been included in AU-C §500, Audit
Evidence, since audit evidence produced by management's experts, whether internal or external,
needs to be evaluated by the auditor for relevance and reliability like any other audit evidence. The
change of location in the Codification does not create a difference in the standard.
Use of Auditor's Specialist
AU §336 specifically scoped out from the standard the use of specialists employed by the firm
who participate in the audit. However, AU-C §620 specifically encompasses the auditor's in-house
specialists. Therefore, there will be a need to evaluate the competence, capabilities, and
objectivity of the specialist; obtain an understanding of the specialist's field of expertise; and
evaluate the adequacy of the specialist's work.
Note
This change in the scope of the standard creates incremental documentation
requirements.
1 F. Audit Conclusions and Reporting
The next part of the Codification covers audit conclusions and reporting. It does not significantly
change or expand the requirements for opinion modifications. The AU-C sections on Other
Information in Documents Containing Audited Financial Statements (SAS No. 118);
Supplementary Information in Relation to the Financial Statements as a Whole (SAS No. 119); and
Required Supplementary Information (SAS No. 120) were issued in the clarity format. They were
effective for audits of financial statements for periods beginning on or after December 15, 2010.
Therefore, participants in this course should already be familiar with them.
Forming an Opinion and Reporting
AU-C §700, Forming an Opinion and Reporting on Financial Statements, requires the auditor to
describe management's responsibility for the financial statements in more detail than the
previous standard.
Description of Management's Responsibility
The description includes an explanation that management is responsible for the preparation and
fair presentation of the financial statements in accordance with the applicable financial reporting
framework, and that this responsibility includes the design, implementation, and maintenance of
internal control relevant to the preparation and fair presentation of financial statements that are
free from material misstatement, whether due to fraud or error.
Use of Headings in the Report
AU-C §700 also includes a presumptively mandatory requirement for the use of headings
throughout the auditor's report to clearly distinguish each section of the report.

Emphasis-Of-Matter and Other-Matter Paragraphs
AU-C §706 is Emphasis-of-Matter Paragraphs and Other-Matter Paragraphs in the Independent
Auditor's Report.
Emphasis-Of-Matter Paragraph
An emphasis-of-matter paragraph is a paragraph included in the auditor's report that refers to a
matter appropriately presented or disclosed in the financial statements. Some of these
paragraphs would be required, such as when there is substantial doubt about the entity's ability to
continue as a going concern. Others would be added at the discretion of the auditor, consistent
with previous practice. All such paragraphs would be considered emphasis-of-matter paragraphs
because they are intended to draw a user's attention to a particular matter.
Other-Matter Paragraph
An other-matter paragraph is a paragraph included in the auditor's report that refers to a matter
other than those presented or disclosed in the financial statements that, in the auditor's
judgment, is relevant to a user's understanding of the audit, the auditor's responsibilities, or the
auditor's report. An example would be an auditor's inability to withdraw from an audit.
Location in the Report
The concept of an “explanatory paragraph” is no longer used. Instead, additional communications
in the auditor's report are labeled as either emphasis-of-matter paragraphs or other-matter
paragraphs. AU-C §706 requires an emphasis-of-matter paragraph or other-matter paragraph to
be included in a separate section of the auditor's report under the section heading Emphasis of
Matter or Other Matter.
Consistency of Financial Statements

AU-C §708, Consistency of Financial Statements, only expanded previous requirements in one
regard.
Previous Standard
The previous standard in AU §420 stated that changes and material reclassifications made in
previously issued financial statements to enhance comparability with current financial statements
ordinarily would not need to be referred to in the independent auditor's report.
Evaluation of Material Change in Classification
AU-C §708 requires the auditor to evaluate a material change in financial statement classification
and the related disclosure to determine whether such a change is also a change in accounting
principle or an adjustment to correct a material misstatement in previously issued financial
statements. If so, the requirements in AU-C §708 apply.
Note
For example, if the auditor concludes that there is a change in accounting principle
that is justified, and the change has a material effect on the financial statements, the
auditor should include in the auditor's report an emphasis-of-matter paragraph that
describes the change in accounting principle and provides a reference to the entity's
disclosure.
1 G. Special Considerations
The next part of the Codification addresses special considerations. The requirements and
guidance for Reporting on Compliance With Aspects of Contractual Agreements or Regulatory
Requirements in Connection With Audited Financial Statements (which is based on AU §623,
Special Reports) has not significantly changed.
Special Purpose Frameworks

AU-C §800 is Audits of Financial Statements Prepared in Accordance With Special Purpose
Frameworks. AU-C §800 addresses the application of previous AU sections to an audit of
financial statements prepared in accordance with a special purpose framework. Special purpose
frameworks are limited to cash, tax, regulatory, contractual, or other bases of accounting. An
other basis of accounting is a basis of accounting that uses a definite set of logical, reasonable
criteria that is applied to all material items appearing in financial statements. The cash, tax, and
regulatory bases of accounting are commonly referred to as “other comprehensive bases of
accounting” or (OCBOA). The term OCBOA was replaced with the term “special purpose
framework.”
Auditor's Understanding
AU-C §800 requires the auditor to obtain an understanding of the purpose for which the financial
statements are prepared, the intended users of the financial statements, and the steps taken by
management to determine that the special purpose framework is acceptable in the
circumstances.
Management's Responsibility
AU-C §800 requires the auditor to obtain the agreement of management that it acknowledges
and understands its responsibility to include all disclosures that are appropriate for the special
purpose framework used to prepare the financial statements, including additional disclosures
beyond those required by the framework that may be necessary to achieve fair presentation. The
auditor is required to evaluate whether such disclosures are necessary.
Contractual Basis of Accounting
In the case of special purpose financial statements prepared in accordance with a contractual
basis of accounting, the auditor is required to obtain an understanding of any significant
interpretations of the contract that management made in preparing those financial statements,
and evaluate whether the financial statements adequately describe such interpretations.
Choice of Financial Reporting Frameworks
When management has a choice of financial reporting frameworks in preparing the financial
statements, the explanation of management's responsibility for the financial statements in the
auditor's report is required to make reference to management's responsibility for determining that
the applicable financial reporting framework is acceptable in the circumstances.
Regulatory or Contractual Basis of Accounting
In the case of financial statements prepared in accordance with a regulatory or contractual basis
of accounting, the auditor's report is required to describe the purpose for which the financial
statements are prepared or refer to a note in the financial statements that contains that
information.
Specific Elements in the Auditor's Report
The auditor's report is required to include specific elements if the auditor is required by law or
regulation to use a specific layout, form, or wording of the auditor's report. These elements can
include, for example, a description of the purpose for which the financial statements are prepared,
and an emphasis-of-matter paragraph that indicates the financial statements are prepared in
accordance with a special purpose framework.
Single Financial Statements and Specific Elements, Accounts, or
Items
AU-C §805 is Audits of Single Financial Statements and Specific Elements, Accounts, or Items of
a Financial Statement. AU-C §805 explains that a single financial statement and a specific
element include the related notes, which ordinarily consist of a summary of significant accounting
policies and other relevant information. AU-C §805 does not apply to the report of a component
auditor issued as a result of work performed on the financial information of a component at the
request of a group engagement partner.
Auditor Not Engaged to Audit Complete Set of Financial Statements
If the auditor is not engaged to audit the entity's complete set of financial statements, the auditor
is required to determine whether the audit of a single financial statement or a specific element is
practicable, and whether the auditor will be able to perform procedures on interrelated items.
The Auditor's Understanding
The auditor is required to obtain an understanding of the purpose for which the single financial
statement or specific element is prepared, the intended users of the report, and the steps taken by
management to determine that the application of the applicable financial reporting framework is
acceptable in the circumstances.
Acceptability of Financial Reporting Framework
The auditor is required to determine the acceptability of the financial reporting framework,
including whether its application will result in a presentation that provides adequate disclosures
to enable the intended users to understand the information conveyed and the effect of material
transactions and events on that information.
Auditor Engaged to Audit Complete Set of Financial Statements
If the auditor is engaged to audit a single financial statement or a specific element in conjunction
with an audit of the complete financial statements, the auditor is required to issue a separate
report and express a separate opinion for each engagement. In a report on a specific element, the
auditor is also required to indicate the date of the auditor's report on the complete set of financial
statements and the nature of the opinion expressed.
Publishing the Reports Together
With certain exceptions, an audited single financial statement or a specific element may be
published together with the audited complete set of financial statements, provided that the
presentation of the single financial statement or specific element is sufficiently differentiated from
the complete set of financial statements.
An example of an exception is a situation in which the auditor has expressed a

modified opinion on the complete set of financial statements but nevertheless
concludes that an unmodified opinion should be expressed on the single financial
statement or specific element.
Summary Financial Statements

AU-C §810 is Engagements to Report on Summary Financial Statements. It provides guidance for
reporting on condensed financial statements that are derived from audited financial statements
of a public entity that is required to file complete audited financial statements with a regulatory
agency.
Note
A government is not a public entity as defined under AU-C §810 with respect to
reporting on separately issued summary financial information. However, if a
government issues a popular report that contains highly condensed summary
information, some provisions of AU-C §810 can be used by an auditor who is engaged
to express an opinion on that report.
When the Auditor May Report

The auditor may report on summary information only if the auditor has rendered an opinion on
the basic financial statements and the auditor has not rendered an adverse opinion or a
disclaimer of opinion on one of the opinion units from which the summary financial information
was derived or on the basic financial statements as a whole.
When a Component Audit Has Been Involved
If a component auditor has been involved in rendering an opinion on the basic financial
statements, only the auditor of the group financial statements may render the opinion on the
summary financial information.
1 H. Special Considerations in the United

States
The last part of the AICPA Codification addresses special considerations in the United States.
Standards that have not changed in any significant way address the following: reports on
application of requirements of an applicable financial reporting framework (except for changes in
terminology); letters for underwriters and certain other requesting parties; interim financial
information; and compliance audits.
Standards outside the Scope of This Course

Two standards that are outside the scope of this course are those for financial statements
prepared in accordance with a financial reporting framework generally accepted in another
country, and Filings with the U.S. Securities and Exchange Commission (SEC) under the Securities
Act of 1933.
Alert That Restricts the Use of Auditor's Written Communication

AU-C §905 is Alert That Restricts the Use of the Auditor's Written Communication. It supersedes
AU §532, Restricting the Use of an Auditor's Report. AU-C §905 more clearly indicates that it
applies to an auditor's reports and other written communications (which are referred to
collectively as “written communications”) that are issued in connection with an engagement
conducted in accordance with GAAS.
Umbrella Requirement to Include Alert
AU-C §905 establishes an umbrella requirement to include an alert that restricts the use of the
auditor's written communication when the subject matter of that communication is based on any
of the following:
A. Measurement or disclosure criteria that are determined by the auditor to be suitable only for a
limited number of users who can be presumed to have an adequate understanding of the
criteria
B. Measurement or disclosure criteria that are available only to the specified parties
C. Matters identified by the auditor during the course of the audit engagement when the
identification of such matters is not the primary objective of the audit engagement (“by-
product” reports that, under GAAS, include communications on internal control and
compliance)
Audits Performed in Accordance with Government Auditing Standards
The alert language is changed when the engagement is also performed in accordance with
Government Auditing Standards, and the written communication is issued in accordance with AU-
C §260, Communicating Internal Control Related Matters in an Audit; AU-C §806, Reporting on
Compliance With Aspects of Contractual Agreements or Regulatory Requirements in Connection
With Audited Financial Statements; or AU-C §935, Compliance Audits. In this situation, the alert
language describes the purpose of the communication and states that the communication is “not
suitable for any other purpose.” No specified parties are identified in this type of alert.
Comfort Letters
AU-C §920 (SAS No. 129) is Letters for Underwriters and Certain Other Requesting Parties.
Purpose
AU-C §920 addresses unintended changes to previous practice as a result of the ASB's clarity
project. It addresses the auditor's responsibilities when engaged to issue comfort letters to
requesting parties in connection with a nonissuer entity's financial statements included in a
registration statement or other securities offerings.
Amendments
AU-C §920 does the following:
A. It amends the requirement to inform the requesting party that the auditor cannot provide any
assurance regarding the sufficiency of the procedures for the requesting party's purposes by
changing “state in any discussion” to “communicate” so as to provide the auditor with more
flexibility in making this required communication.
B. It clarifies that the requirement to attach the review report when the auditor states in the
comfort letter that the auditor has performed a review of unaudited interim financial
information to a requirement to attach the review report when the auditor states in the
comfort letter that the auditor has issued a review report on unaudited interim financial
information.
C. It amends examples.
1 I. Government Auditing Standards

Introduction
The U.S. Government Accountability Office (GAO) last revised Government Auditing Standards—
also known as generally accepted government auditing standards (GAGAS) or the Yellow Book—
in 2018. The 2018 revision superseded the 2011 revision and was effective for financial audits for
periods ending on or after June 30, 2020. Early implementation was not permitted.
Overview of Major Changes
This chapter discusses major changes in the Yellow Book to the general standards and standards
for financial audits.
Conceptual Framework for Independence
The Yellow Book includes a conceptual framework for independence to provide a way for auditors
to assess their independence for activities that are not expressly prohibited in the standards. The
GAO document, Answers to Independence Standard Questions, has been retired.
Documentation of Independence
The Yellow Book adds requirements for documentation to support adequate consideration of
auditor independence.
Changes to the Independence Standard
In the Yellow Book, specific references to personal, external, and organizational impairments, and
the overarching principles for independence described in the 2007 standards, were removed.
However, the underlying concepts related to these categories were retained in the conceptual
framework. The audit organization and the individual auditors, whether government or public,
must be independent. Independence has two components: independence of mind and
independence in appearance.
Independence of Mind
Independence of mind is a state of mind that permits the performance of an audit without being
affected by influences that compromise professional judgment and allows an auditor to act with
integrity and exercise objectivity and professional skepticism.
Independence in Appearance
Independence in appearance is the absence of circumstances that would cause a reasonable and
informed third party, having knowledge of the relevant information, to reasonably conclude that
the integrity, objectivity, or professional skepticism of an audit organization or member of the
audit team had been compromised.
Period of Independence
As a general rule, auditors should be independent from an audited entity during two periods:
A. The auditor should be independent during any period of time that falls within the period
covered by the financial statements or subject matter of the audit.
B. The auditor should be independent during the period of the professional engagement. This
period begins when the auditors either sign an initial engagement letter or other agreement
to perform an audit (such as a contract with the state to audit a local government) or begin to
perform the audit, whichever is earlier. The period lasts for the entire duration of the
professional relationship that, for recurring audits, could cover many periods. The period ends
with the formal or informal notification, either by the auditor or the audited entity (or its
oversight government), of the termination of the professional relationship or by the issuance
of a report, whichever is later.
Accordingly, the period of the professional engagement does not necessarily end with
the issuance of a report and recommence with the beginning of the following year's
audit or a subsequent audit with a similar objective.
When a Nonaudit Service May Not Impair Independence
For financial statement audits, a nonaudit service performed during the period covered by the
financial statements may not impair an auditor's independence with respect to those financial
statements provided that the following three conditions exist:
A. The nonaudit service was provided prior to the period of the professional engagement.
B. The nonaudit service related only to periods prior to the period covered by the financial
statements.
C. The financial statements for the period to which the nonaudit service did relate were audited
by another auditor or, in the case of an examination or review engagement, were examined,
reviewed, or audited by another auditor, as appropriate.
The Conceptual Framework
The Yellow Book establishes a conceptual framework that auditors use to identify, evaluate, and
apply safeguards to address threats to independence that result from activities that are not
specifically prohibited by the Yellow Book. Auditors should apply the conceptual framework at the
audit organization, audit, and individual auditor levels to accomplish the following three
purposes:
A. Identify threats to independence
B. Evaluate the significance of the threats identified, both individually and in the aggregate
C. Apply safeguards as necessary to eliminate the threats or reduce them to an acceptable level
If no safeguards are available to eliminate an unacceptable threat or reduce it to an

acceptable level, independence would be considered impaired.
Threats to Independence
Auditors should evaluate the following seven broad categories of threats to independence:
A. Self-interest—The threat that a financial or other interest will inappropriately influence an
auditor's judgment or behavior
B. Self-review—The threat that an auditor or audit organization that has provided nonaudit
services will not appropriately evaluate the results of previous judgments made or services
performed as part of the nonaudit services when forming a judgment significant to an audit
C. Bias—The threat that an auditor will, as a result of political, ideological, social, or other
convictions, take a position that is not objective
D. Familiarity—The threat that aspects of a relationship with management or personnel of an
audited entity, such as a close or long relationship, or that of an immediate or close family
member, will lead an auditor to take a position that is not objective
E. Undue influence—The threat that external influences or pressures will impact an auditor's
ability to make independent and objective judgments
F. Management participation—The threat that results from an auditor's taking on the role of
management or otherwise performing management functions on behalf of the entity
undergoing audit
G. Structural—The threat that an audit organization's placement within a government entity, in
combination with the structure of the government entity being audited, will impact the audit
organization's ability to perform work and report results objectively
Safeguards
Safeguards are controls designed to eliminate or reduce to an acceptable level threats to
independence. Examples of safeguards include the following:
1. Consulting an independent third party, such as a professional organization, a professional
regulatory body, or another auditor
2. Involving another audit organization to perform or reperform part of the audit
3. Having a professional staff member who was not a member of the audit team review the work
performed
4. Removing an individual from an audit team when that individual's financial or other interests
or relationships pose a threat to independence
When Threats to Independence Are Not at an Acceptable Level
When threats to independence are not at an acceptable level, thereby requiring the application of
safeguards, auditors should document the threats identified and the safeguards applied to
eliminate the threats or reduce them to an acceptable level. Certain conditions may lead to
threats that are so significant that they cannot be eliminated or reduced to an acceptable level
through the application of safeguards, resulting in impaired independence.
Note
Under such conditions, auditors should decline to perform a prospective audit or
terminate an audit in progress (when they are not required by law or regulation to
perform the audit).
Performance of Nonaudit Services to an Audited Entity

Before an auditor agrees to provide a nonaudit service to an audited entity, the auditor should
determine whether providing such a service would create a threat to independence, either by itself
or in aggregate with other nonaudit services provided. A critical component of this determination
is consideration of management's ability to effectively oversee the nonaudit service to be
performed. The auditor should determine that the audited entity has designated an individual
with suitable skill, knowledge, or experience and that the individual understands the services to
be performed sufficiently to oversee them. The auditor should document consideration of
management's ability to effectively oversee nonaudit services to be performed. If the audited
entity does not have an individual with suitable skill, knowledge, or experience to oversee the
nonaudit services provided, or is unwilling to perform such functions, the auditor's provision of
these services would impair independence.
Performance of Management Responsibilities
If an auditor performs management responsibilities on behalf of an audited entity, the
management participation threats would be so significant that no safeguards could reduce them
to an acceptable level. Consequently, the auditor's independence would be impaired with respect
to that entity.
Preparation of Accounting Records
Some services involving preparation of accounting records always impair an auditor's
independence with respect to an audited entity. These services include the following:
A. Determining or changing journal entries, account codes or classifications for transactions, or
other accounting records for the entity without obtaining management's approval.
B. Authorizing or approving the entity's transactions.
C. Preparing or making changes to source documents without management approval.
Note
Source documents include those providing evidence that transactions have occurred,
such as purchase orders, payroll time records, customer orders, and contracts. Such
records also include an audited entity's general ledger and subsidiary records or their
equivalent.
Note
The 2018 Yellow Book revision specifically states that auditors should conclude that
preparing financial statements in their entirety from a client-prepared trial balance or
underlying accounting records creates significant threats to auditors' independence,
and should document the threats and safeguards applied to eliminate and reduce
threats to an acceptable level or decline to provide the service.
Internal Audit Assistance

Internal audit assistance services involve assisting an entity in performing its internal audit
activities.
A. Activities That Always Impair Independence: Certain internal audit assistance activities always
impair an external auditor's independence with respect to an audited entity. These activities
include the following:
1. Setting internal audit policies or the strategic direction of internal audit activities
2. Performing procedures that form part of the entity's internal control, such as reviewing
and approving changes to employee data access privileges
3. Determining the scope of the internal audit function and resulting work
B. Ongoing Internal Control Monitoring: If an auditor performs or supervises ongoing internal
control monitoring procedures, the management participation threat created is so significant
that no safeguards could reduce the threat to an acceptable level.
C. Separate Internal Control Evaluations: It is possible for an auditor to perform separate
evaluations of internal control without creating a management participation threat that
would impair independence. In all such cases, the significance of the threat created by
performing separate evaluations should be evaluated and safeguards applied when
necessary.
Information Technology Services
Information technology (IT) services that impair independence include the following:
A. Designing or developing a financial or other IT system that will play a significant role in the
management of an area of operations that is or will be the subject of an audit
B. Providing services that entail making other than insignificant modifications to the source code
underlying such a system
C. Operating or supervising the operation of such a system
Valuation Services
If an audit organization provides valuation services to an audited entity and the valuations would
have a material effect on the financial statements or other information on which it is reporting,
and the valuation involves a significant degree of subjectivity, the audit organization's
independence would be impaired.
Prohibited Nonaudit Services
Provision of certain other nonaudit services always impairs an external auditor's independence
with respect to an audited entity. Therefore, these nonaudit services are prohibited from being
performed by the external auditor.
A. Non-Tax Disbursement: Prohibited services for non-tax disbursement are as follows:
1. Accepting responsibility to authorize payment of audited entity funds, electronically or
otherwise
2. Accepting responsibility for signing or cosigning audited entity checks, even if only in
emergency situations
3. Maintaining an audited entity's bank account or otherwise having custody of an audited
entity's funds or making credit or banking decisions for the audited entity
4. Approving vendor invoices for payment
B. Benefit Plan Administration: Prohibited services for benefit plan administration are as follows:
1. Making policy decisions on behalf of audited entity management
2. When dealing with plan participants, interpreting the plan document on behalf of
management without first obtaining management's concurrence
3. Making disbursements on behalf of the plan
4. Having custody of a plan's assets
5. Serving a plan as a fiduciary as defined by the Employee Retirement Income Security Act
(ERISA)
C. Investment Advisory or Management Services: Prohibited services for investment advisory or
management services are as follows:
1. Making investment decisions on behalf of audited entity management or otherwise
having discretionary authority over an audited entity's investments
2. Executing a transaction to buy or sell an audited entity's investment
3. Having custody of an audited entity's assets, such as taking temporary possession of
securities purchased by an audited entity
D. Financial Consulting or Advisory Services: Prohibited services for financial consulting or

advisory services are as follows:
1. Committing the audited entity to the terms of a transaction or consummating a
transaction on behalf of the audited entity
2. Acting as a promoter, underwriter, broker-dealer, or guarantor of audited entity securities,
or distributor of private placement memoranda or offering documents
3. Maintaining custody of an audited entity's securities
E. Executive or Employee Personnel Matters: Prohibited services for executive or employee
personnel matters are as follows:
1. Committing the audited entity to employee compensation or benefit arrangements
2. Hiring or terminating audited entity employees
F. Business Risk Consulting: Prohibited services for business risk consulting are as follows:
1. Making or approving business risk decisions
2. Presenting business risk considerations to those charged with governance or others on
behalf of management
Competence
The Yellow Book specifies the continuing professional education (CPE) requirements for internal
specialists. Internal specialists consulting on a Yellow Book audit should be qualified and
maintain professional competence in their areas of specialization but are not required to meet the
Yellow Book CPE requirements. As in previous Yellow Book standards, internal specialists who are
performing work under the Yellow Book standards should comply with the Yellow Book's CPE
requirements.
Financial Audit Standards
The Yellow Book incorporates by reference the AICPA Statements on Auditing Standards (SASs) in
the Codification. All sections of the SASs are incorporated, including the introduction, objectives,
definitions, requirements, and application and other explanatory material. Auditors performing
financial audits in accordance with the Yellow Book should comply with the incorporated SASs
and the additional requirements in Chapter 6 of the Yellow Book.
Combining of Standards on Field Work and Reporting
The major change to the standards for financial audits is the combining into one chapter of the
standards of field work (or audit performance) with the standards for audit reporting. Yellow Book
standards and guidance that were duplicative of AICPA standards have been deleted.
Changes to Standards for Performing Financial Audits
The Yellow Book emphasizes the importance of early communication of internal control
deficiencies to enable management and those charged with governance to correct the deficiencies
as soon as possible to prevent potential loss of government funding.
1 J. New GASB Statements
This chapter concludes with a brief discussion of new standards issued by the Governmental
Accounting Standards Board (GASB), Statement Nos. 88 through 92.
Note
At the time this program went to press, the GASB was deliberating whether to
postpone the effective dates of provisions in certain pronouncements. You can obtain
updates at https://www.gasb.org/home.
GASB Statement No. 88

GASB Statement No. 88 is Certain Disclosures Related to Debt, Including Direct Borrowings and
Direct Placements.
Objective
Statement No. 88 improves the information that is disclosed in notes to government financial
statements related to debt, including direct borrowings and direct placements. It also clarifies
which liabilities governments should include when disclosing information related to debt.
Debt to Be Disclosed
Debt for purposes of disclosure in notes to financial statements is a liability that arises from a
contractual obligation to pay cash (or other assets that may be used in lieu of cash) in one or more
payments to settle an amount that is fixed at the date the contractual obligation is established.
Additional Information to Be Disclosed
Additional essential information related to debt that must be disclosed in notes to the financial
statements includes unused lines of credit, assets pledged as collateral for the debt, and terms
specified in debt agreements related to significant events of default with finance-related
consequences, significant termination events with finance-related consequences, and significant
subjective acceleration clauses.
Separately Presented Information
Notes to financial statements related to debt must also provide additional information for direct
borrowings and direct placements of debt separately from other debt.
Effective Date
The requirements of Statement No. 88 are effective for reporting periods beginning after June 15,
2018. The GASB encourages earlier application.
GASB Statement No. 89 is Accounting for Interest Costs Incurred Before the End of a Construction
Period.
Objectives
The objectives of Statement No. 89 are to enhance the relevance and comparability of information
about capital assets and the cost of borrowing for a reporting period and to simplify accounting
for interest cost incurred before the end of a construction period.
Recognition of Interest Cost
Interest cost incurred before the end of a construction period includes all interest that previously
was accounted for in accordance with the requirements in GASB Statement No. 62, which are
superseded by this Statement. Statement No. 89 requires that interest cost incurred before the
end of a construction period be recognized as an expense in the period in which the cost is
incurred for financial statements prepared using the economic resources measurement focus. As
a result, such interest cost will not be included in the historical cost of a capital asset reported in a
business-type activity or enterprise fund. In financial statements prepared using the current
financial resources measurement focus, interest cost incurred before the end of a construction
period should be recognized as an expenditure on a basis consistent with governmental fund
accounting principles.
Effective Date
The requirements of Statement No. 89 are effective for reporting periods beginning after
December 15, 2019, and should be applied prospectively. The GASB encourages earlier
application.
GASB Statement No. 90 is Majority Equity Interests —an Amendment of GASB Statements No. 14
and No. 61.
Objectives
The objectives of Statement No. 90 are:
to improve the consistency and comparability of reporting a government's majority equity

interest in a legally separate organization and
to improve the relevance of financial statement information for certain component units.
Reporting Investments
A majority equity interest in a legally separate organization should be reported as an investment if
a government's holding of the equity interest meets the definition of an investment. A majority
equity interest that meets the definition of an investment should be measured using the equity
method, unless it is held by a special-purpose government engaged only in fiduciary activities, a
fiduciary fund, or an endowment (including permanent and term endowments) or a permanent
fund. Those governments and funds should measure the majority equity interest at fair value.
Reporting Other Holdings
All other holdings of a majority equity interest in a legally separate organization should be
reported as a component unit, and the government or fund that holds the equity interest should
report an asset related to the majority equity interest using the equity method. Ownership of a
majority equity interest in a legally separate organization results in the government being
financially accountable for that organization.
Component Unit Reporting
A component unit in which a government has a 100 percent equity interest must account for the
assets, deferred outflows of resources, liabilities, and deferred inflows of resources at acquisition
value at the date the government acquired a 100 percent equity in the component unit.
Transactions presented in flows statements of the component unit in that circumstance should
include only transactions that occurred subsequent to the acquisition.
Effective Date
December 15, 2018. The GASB encourages earlier application. The requirements should be
applied retroactively, except for the provisions related to reporting a majority interest in a
component unit and reporting a component unit if the government acquires a 100 percent equity
interest. Those provisions should be reported on a prospective basis.
GASB Statement No. 91 is Conduit Debt Obligations.
Objectives
The objectives of GASB Statement No. 91 are to provide a single method of reporting conduit debt
obligations by issuers and eliminate diversity in practice associated with commitments extended
by issuers, arrangements associated with conduit debt obligations, and related note disclosures.
Definition
A conduit debt obligation is defined as a debt instrument having all of the following
characteristics:
There are at least three parties involved: an issuer, a third-party obligor, and a debt holder.
The issuer and the third-party obligor are not within the same financial reporting entity.
The debt obligation is not a parity bond of the issuer, nor is it cross-collateralized with other
debt of the issuer.
The third-party obligor or its agent, not the issuer, ultimately receives the proceeds from the
debt issuance.
The third-party obligor, not the issuer, is primarily obligated for the payment of all amounts
associated with the debt obligation (debt service payments).
Nature of the Commitment
All conduit debt obligations involve the issuer making a limited commitment. Some issuers
extend additional commitments or voluntary commitments to support debt service in the event
the third party is, or will be, unable to do so.
Liability Recognition Criteria
An issuer should not recognize a conduit debt obligation as a liability. However, an issuer should
recognize a liability associated with an additional commitment or a voluntary commitment to
support debt service if certain recognition criteria are met. As long as a conduit debt obligation is
outstanding, an issuer that has made an additional commitment should evaluate at least
annually whether those criteria are met. An issuer that has made only a limited commitment
should evaluate whether those criteria are met when an event occurs that causes the issuer to
reevaluate its willingness or ability to support the obligor's debt service through a voluntary
commitment.
Arrangements Often Characterized as Leases
In some arrangements, capital assets are constructed or acquired with the proceeds of a conduit
debt obligation and used by third-party obligors in the course of their activities. Payments from
third-party obligors are intended to cover and coincide with debt service payments. During those
arrangements, issuers retain the titles to the capital assets. Those titles may or may not pass to
the obligors at the end of the arrangements. Issuers should not report those arrangements as
leases, nor should they recognize a liability for the related conduit debt obligations or a receivable
for the payments related to those arrangements. In addition, the following provisions apply:
If the title passes to the third-party obligor at the end of the arrangement, an issuer should
not recognize a capital asset.
If the title does not pass to the third-party obligor and the third party has exclusive use of the
entire capital asset during the arrangement, the issuer should not recognize a capital asset
until the arrangement ends.
If the title does not pass to the third-party obligor and the third party has exclusive use of only
portions of the capital asset during the arrangement, the issuer, at the inception of the
arrangement, should recognize the entire capital asset and a deferred inflow of resources. The
deferred inflow of resources should be reduced, and an inflow recognized, in a systematic and
rational manner over the term of the arrangement.
Disclosures
Issuers are required to disclose general information about their conduit debt obligations,
organized by type of commitment, including the aggregate outstanding principal amount of the
issuers' conduit debt obligations and a description of each type of commitment. Issuers that
recognize liabilities related to supporting the debt service of conduit debt obligations also should
disclose information about the amount recognized and how the liabilities changed during the
reporting period.
Effective Date
December 15, 2020. The GASB encourages earlier application.
GASB Statement No. 92 is Omnibus 2020. It addresses practice issues that have been identified
during implementation and application of certain GASB Statements.
Topics Addressed
Statement No. 92 includes specific provisions about the following topics: The effective date of
Statement No. 87, Leases, and Implementation Guide 2019-3, Leases, for interim financial
reports
Reporting of intra-entity transfers of assets between a primary government employer and a
component unit defined benefit pension plan or defined benefit other postemployment
benefit (OPEB) plan
The applicability of Statements No. 73, Accounting and Financial Reporting for Pensions and
Related Assets Statements 67 and 68, as amended, and No. 74, Financial Reporting for
Postemployment Benefit Plans Other Than Pension Plans, as amended, to reporting assets
accumulated for postemployment benefits
The applicability of certain requirements of Statement No. 84, Fiduciary Activities, to
postemployment benefit arrangements
Measurement of liabilities (and assets, if any) related to asset retirement obligations (AROs) in
a government acquisition
Reporting by public entity risk pools for amounts that are recoverable from reinsurers or
excess insurers
Reference to nonrecurring fair value measurements of assets or liabilities in authoritative
literature
The terminology used to refer to derivative instruments
Effective Date
The requirements of Statement No. 92 are effective as follows:
The requirements related to the effective date of Statement No. 87 and Implementation
Guide 2019-3, reinsurance recoveries, and terminology used to refer to derivative instruments
are effective upon issuance.
The requirements related to intra-entity transfers of assets and those related to the
applicability of Statements No. 73 and No. 74 are effective for fiscal years beginning after June
15, 2020.
The requirements related to the application of Statement No. 84 to postemployment benefit
arrangements and those related to nonrecurring fair value measurements of assets or
liabilities are effective for reporting periods beginning after June 15, 2020.
The requirements related to the measurement of liabilities (and assets, if any) associated with
AROs in a government acquisition are effective for government acquisitions occurring in
reporting periods beginning after June 15, 2020.
Earlier application is encouraged and permitted by topic.
Note
At the time this program went to press, the GASB was reviewing a proposal that would
postpone the effective dates of provisions in certain pronouncements. Updates are
available at https://www.gasb.org/home.
1 K. Summary
This chapter provided an overview of the AICPA Codification of Statements on Auditing
Standards. It also discussed the revisions of Government Auditing Standards (the Yellow Book)
and recent GASB pronouncements, GASB Statement Nos. 88 through 92.
Study Question 1
Which of the following is an auditor requirement related to internal control deficiencies identified
in an audit?
The auditor is required to quantify and communicate, in
A writing or orally, the potential effects of the significant
deficiencies or material weaknesses identified.
The auditor is required to include, in a written
B communication, an explanation of why no significant
deficiencies or material weaknesses were identified.
The auditor is required to communicate orally to those
C charged with governance internal control deficiencies that
are not significant deficiencies or material weaknesses.
The auditor is required to include, in a written
D communication, an explanation of the potential effects of
significant deficiencies and material weaknesses identified.
Study Question 2
What are the consequences for auditor independence if an auditor performs management
responsibilities on behalf of an audited entity?
A The management participation threat is so significant that

no safeguards could reduce it to an acceptable level.
The auditor should determine that management has
B designated an individual with suitable knowledge, skills, or
experience to oversee the auditor's work.
The management participation threat can be overcome by
C obtaining specific written representations from
management.
D The auditor should apply safeguards to eliminate the

management participation threat.
Study Question 3
Which of the following is not a characteristic of a conduit debt obligation?
A All the parties involved are within the same financial

reporting entity.
B The debt obligation is not a parity bond of the issuer.
C The debt obligation is not cross-collateralized with other

debt of the issuer.
D The third-party obligor is primarily obligated for the

payment of all amounts associated with the debt obligation.
Study Question 4
Which of the following statements is true regarding capital assets acquired with the proceeds of a
conduit debt obligation and used by third-party obligors in the course of their activities?
A The issuer should recognize a capital asset if the title passes

to the third-party obligor at the end of the arrangement.
B The issuer should not report the arrangement as a lease.
C The issuer should recognize a capital asset at the inception
of the arrangement if the title does not pass to the third-
party obligor and the third party has exclusive use of only
portions of the capital asset during the arrangement.
The issuer should recognize a capital asset at the inception
D of the arrangement if the title does not pass to the third-
party obligor but the third party has exclusive use of the
entire capital asset during the arrangement.
Chapter 2. Risk Assessment and General Planning Procedures
This chapter discusses risk assessment and other planning procedures. It describes inquiries of
management, analytical procedures, observation and inspection, and discussion among the
engagement team in assessing risks of material misstatement. It also discusses understanding
the entity and its environment, including its internal control, in assessing risks of material
misstatement, in general terms and in terms of entity-level and activity-level controls. This
chapter concludes with a discussion of how the auditor makes planning decisions and judgments,
including materiality and risk levels, as well as additional requirements of the Yellow Book for
financial audits.
identify the importance of and procedures behind risk assessment.
2 A. Overview of Risk Assessment and

Other Planning Procedures
Introduction
The auditor is required to perform risk assessment procedures to provide a basis for identifying
and assessing the risks of material misstatement at both the financial statement and relevant
assertion levels. The auditor uses risk assessment procedures to gather and evaluate information
about the entity. These procedures alone do not provide sufficient appropriate audit evidence on
which to base an opinion. Further audit procedures are necessary in all circumstances to support
an opinion.
Opinion Units
The auditor should consider opinion units during the planning and risk assessment activities. The
assessment of risks of material misstatement of the financial statements is at the opinion unit
level. Opinion units are as follows: governmental activities, business-type activities, aggregate
discretely presented component units, each major governmental fund, each major enterprise
fund, and the aggregate remaining fund information (nonmajor governmental and enterprise
funds, internal service funds, and fiduciary funds).
The Entity and Its Environment
An essential aspect of risk assessment is obtaining an understanding of the entity and its
environment, including the entity's internal control. The information obtained is used to support
the auditor's assessment of the risk of material misstatement. Risk assessment procedures may
also provide audit evidence about relevant assertions related to account balances, transaction
classes, or disclosures, as well as about the operating effectiveness of controls. As a result, risk
assessment procedures may also serve as tests of controls or substantive procedures, or they may
be performed concurrently with those procedures.
Types of Risk Assessment Procedures

The following audit procedures and related activities are necessary risk assessment and other
planning procedures: preliminary engagement activities, including establishing an understanding
with the client; inquiries of management and others within the entity and those charged with
governance; analytical procedures; observation and inspection; and discussion among the audit
team.
Note
Inquiry alone is not sufficient to evaluate the design and implementation of internal
control; therefore, the auditor will likely combine observation and inspection with
inquiry procedures when obtaining an understanding of the entity's internal control.
Procedures Performed in Prior Periods

Audit procedures performed in prior periods can provide audit evidence about the following: the
entity's organizational structure, controls, and operations; past misstatements and whether they
were corrected on a timely basis; and significant changes from the prior period. Before using
information from prior periods, the auditor should determine whether changes have occurred that
may affect its relevance to the current audit.
2 B. Inquiries of Management and Others

Introduction
The auditor is required to inquire of management and others in the entity, including internal audit
personnel, about the following matters relevant to audit planning: the entity and its environment,
fraud-related matters, accounting estimates, and related parties and related-party transactions.
The auditor may consider interviewing the chief executive officer, the chief financial officer, and
the controller. Depending on the circumstances, the auditor may interview those charged with
governance, internal audit staff, and other employees.
Yellow Book Requirements for Inquiry

The Yellow Book requires auditors to make inquiries about findings and recommendations from
previous engagements and evaluate whether appropriate corrective actions have been taken to
address findings that could have a material effect on the financial statements. Auditors should
ask management to identify previous audits, attestation engagements, and other studies that
relate to the objectives of the audit, including whether related recommendations have been
implemented. Auditors should use this information when assessing risk and determining the
nature, timing, and extent of audit work, including the testing of implementation of corrective
actions.
Fraud-Related Inquiries
The consideration of fraud is an integral part of obtaining an understanding of the entity and its
environment and assessing the risks of material misstatement. During planning, the auditor
should consider the results of the fraud risk assessment with the other information obtained as
part of identifying the risks of material misstatement. The discussion among the audit team
should include fraud brainstorming. In addition, the auditor should consider fraud risks in
identifying significant risks.
Inquiries of Management
The inquiries of management made in audit planning should include the following:
A. Whether management has knowledge of any actual, suspected, or alleged fraud
B. Management's process for identifying, responding to, and monitoring the risks of fraud in the
entity
C. The nature, extent, and frequency of management's assessment of fraud risk and the results
of those assessments
D. Any specific risks of fraud that management has identified or that have been brought to its
attention
E. The classes of transactions, account balances, or disclosures for which a fraud risk is likely to
exist
F. Management's communications, if any, to those charged with governance on its process for
identifying and responding to fraud risks and to employees on its views on appropriate
business practices and ethical behavior
Management's Responses
Auditors will give more weight to information about risks and knowledge of fraud if management
has effective processes and assessment methods. Management is often in the best position to
perpetrate fraud. Therefore, the responses of members of senior management concerning the
likelihood of fraud perpetrated by themselves are less meaningful than in respect to perpetration
by lower levels within the entity.
Inquiries of Those Charged with Governance
The auditor is required to inquire directly of those charged with governance (or the audit
committee or its chair) about their views of the risks of fraud and whether they have knowledge of
any actual, suspected, or alleged instances of fraud. If applicable, the auditor should obtain an
understanding of their role in overseeing the entity's fraud risk assessment and monitoring
process.
Inquiries of Others within the Entity
The auditor is required to inquire of internal auditors if the entity has an internal audit function.
The auditor also is required to make specific inquiries of persons involved in the financial reporting
process about inappropriate or unusual activity relating to the processing of journal entries and
other adjustments. Making inquiries of employees outside the accounting department or those at
varying levels of authority may be useful in providing a different perspective about the risks of
fraud. Their responses may corroborate responses received from management or may provide
information about the possibility of management override of controls. Their responses may also
provide information about the effectiveness of management's communication and support of the
entity's values or ethics.
Inquiries about Related Parties
Some related-party relationships and transactions give rise to higher risks of material
misstatement than transactions with unrelated parties. The auditor is required to inquire of
management about the identity of related parties, including changes from the prior period; the
nature of related-party relationships; and whether there were any transactions with those related
parties during the period and, if so, the transaction type and purpose. Auditors also are required
to inquire of management and others within the entity and perform risk assessment procedures as
needed to understand the controls established to identify, account for, and disclose related-party
relationships and transactions; authorize and approve significant related-party transactions and
arrangements; and authorize and approve significant transactions and arrangements outside the
normal course of business.
Inquiries about Accounting Estimates

Accounting estimates can contain a high degree of uncertainty, which can lead to a risk of
material misstatement. When obtaining an understanding of how management identifies
transactions, events, and conditions requiring accounting estimates, the auditor should inquire of
management about whether any changes in circumstances have occurred that may give rise to
new accounting estimates or the need to revise existing estimates. Inquiries of management
about such changes may include matters such as whether the following have occurred: the entity
has entered into new types of transactions that may give rise to accounting estimates, transaction
terms that affect accounting estimates have changed, accounting policies relating to accounting
estimates have changed as a result of changes to generally accepted accounting principles
(GAAP), or new conditions or events have occurred that may give rise to new or revised estimates.
Documentation of Inquiries
Auditing standards contain no specific documentation requirements for inquiries made as risk
assessment procedures. However, the auditor should consider recording the inquiries made, the
dates of the inquiries, and the names and job designations of the personnel.
2 C. Analytical Procedures
Introduction
Risk assessment procedures should include analytical procedures, which may include both
financial and nonfinancial information. The identification of unusual or unexpected relationships
may help the auditor identify risks of material misstatement, especially risks due to fraud.
However, when analytical procedures use data aggregated at a high level, the results provide only
a broad initial indication about whether a material misstatement may exist.
Knowledge of the Entity

Knowledge of the entity and the industry in which it operates is interrelated with the use of
analytical procedures in audit planning. The auditor is required to understand the entity's
operations and industry (for example, a state government, a local government, or a special
district) and know what relationships would be expected to exist, what relationships would be
considered unusual or unlikely, and what plausible explanations might exist for observed
relationships.
Opinion Units
The auditor should perform analytical procedures during audit planning for each opinion unit. For
example, the auditor could compare the general fund's actual results to the budget, even if the
budgetary comparison information is not presented as a basic financial statement. Or the auditor
could compare general and special revenue fund expenditures by function and revenue by source
for the past five years, which provides an understanding of the entity's operations and may identify
a revenue source that requires increased attention.
Audit Areas That Need Special Emphasis

Except for analytical procedures related to revenue (discussed next), the procedures used in the
planning stage only need to be designed to point out audit areas that may be indicative of
potential risks and need special emphasis. Analytical procedures may vary widely, depending on
the size and complexity of the entity. For example, they might include reviewing changes in
account balances from the prior year using the general ledger or the auditor's preliminary or
unadjusted working trial balance.
Procedures Related to Revenue
The auditor is required to include analytical procedures related to revenue. Auditors perform
preliminary analytical procedures related to revenue to identify unusual or unexpected
relationships that may indicate fraudulent financial reporting. Ordinarily, a comparison of current
and prior-period account balances for revenue accounts is not sufficient to achieve that objective.
Other types of procedures are used.
Unusual or Unexpected Relationships
Examples of unusual or unexpected relationships relating to revenue that may indicate a material
misstatement due to fraud include the following:
A. Actual revenues at significant variance from originally budgeted revenues
B. Actual revenues at significant variance from prior-period actual revenues without similar
changes in the revenue base or rates
C. A significant increase in actual revenues over those of the prior period that is just enough to
keep the entity from reporting annual or accumulated fund balance or net position deficits, or
from violating debt covenants
D. Large miscellaneous or one-time revenues
E. Significant differences in resources received in advance and deferred inflows of resources from
the prior period
F. Revenue from sales of assets without a similar reduction in the asset accounts
G. Investment income that is contrary to market conditions
H. Expenditure-driven grant revenue without offsetting grant expenditures
Update during Final Review
The analytical procedures related to revenue should be updated in the final review stage of the
audit.
Documentation of Analytical Procedures
Documentation of preliminary analytical procedures should be sufficient to provide support for

the auditor's risk assessment. The results can be documented using a narrative memorandum,
comparative carryforward schedule, or other form of documentation. The documentation may
also include the effect on the audit plan or indicate that the results have been considered when
identifying fraud risks.
2 D. Observation and Inspection

Introduction
Risk assessment procedures should include observation and inspection. When obtaining an
understanding of the entity and its environment, observation or inspection may be the key
procedure that enables the auditor to fully obtain pertinent information and identify related risks.
For example, to gain an understanding of the entity's financial arrangements and underlying
covenants, the auditor could review the client's bond agreements and other related documents.
That procedure, coupled with a review of the entity's financial statements, could be the key
procedure that helps the auditor identify risks related to potential noncompliance with bond
covenants. Determining when to use observation and inspection is generally left to the auditor's
judgment.
Corroboration or Follow-up on the Results of Inquiries

Observation and inspection are frequently used to corroborate or follow up on the results of
inquiries made of management and others. For example, when evaluating the design and
implementation of the entity's internal control, members of management might tell the auditor
that they communicate the importance of ethical values to employees through a written code of
conduct and by example. The auditor may corroborate this response by examining the written
code. The auditor may determine that a risk exists based on observation of management's
interactions with employees that contradict the behavior standards in the written code.
Documentation of Observation and Inspection
The auditor should record the identifying characteristics of the specific items or matters tested.
For an inspection of documents, the auditor could indicate the title and date of the report or the
document name and number. For an observation of procedures, the auditor could document the
process or subject matter observed, the individuals involved and their titles, and where and when
the observation was performed.
2 E. Discussion among the Engagement

Team
Introduction
Key members of the audit team, including the engagement partner, are required to discuss the
susceptibility of the entity's financial statements to material misstatements, including a
discussion of the applicability of GAAP to the entity's facts and circumstances. Audit team
members are also required to exchange ideas, or brainstorm, about how and where they believe
an entity's financial statements might be susceptible to material misstatement due to fraud, how
management could perpetrate and conceal fraudulent financial reporting, and how assets of the
entity could be misappropriated. These discussions can be held concurrently to consider both
error and fraud.
The auditor should consider the susceptibility to fraud as a distinct part of any
combined discussion to avoid potential dilution of this critical consideration.
Focus of the Discussion
The focus of the audit team discussion should be to allow individual members to gain a better
understanding of the potential for material misstatements resulting from error or fraud in the
specific areas assigned to them and to understand how the results of audit procedures they
perform affect other aspects of the audit. The partner or more experienced members of the audit
team can share their insights based on their cumulative knowledge of the entity and its
environment. It is not always necessary or practical for the discussion to include all members in a
single discussion, and not all members need to be informed of all decisions made. The
engagement partner and key engagement members should take part in the team discussion. The
engagement partner should determine the matters to be communicated to team members who
are not involved in the team discussion.
Matters to Be Discussed
The discussion is designed to identify areas of vulnerability to material misstatement. The
discussion should open the minds of members of the audit team to potential material
misstatements from error and fraud. Any high-risk areas that have already been identified should
be communicated to the team members.
Specific Requirements
The following matters are specifically required to be included in the engagement team discussion:
A. Information about the engagement provided by the engagement partner as part of her/his
responsibility to direct the engagement team
B. Related-party relationships and transactions
C. The susceptibility of the entity's financial statements to material misstatement
D. Application of GAAP to the entity's facts and circumstances in light of its accounting policies
E. Fraud-related matters
Note
The team also may include a discussion of critical issues and areas of significant audit
risk; areas susceptible to management override of controls; unusual accounting
practices used by the entity; important control systems; significant IT applications and
how the use of IT may affect the audit; materiality at the opinion unit level and account
level; how materiality will be used to determine the extent of testing; and the need to
exercise professional skepticism throughout the audit, to be alert for information or
other conditions that indicate that a material misstatement due to fraud or error may
have occurred, and to be rigorous in following up on such conditions.
Control Systems and Potential Risks

In addition to discussing important control systems, it may be appropriate to discuss potential
risks that may exist due to limitations in the audited entity's personnel and assignment of
responsibilities. For some entities, the engagement team might consider issues regarding the
background and competence of individuals in key processing and financial decision-making roles,
particularly if concerns had been noted in previous audits.
Discussion of Related Parties
As part of the engagement team discussion, auditors are required to consider how related-party
relationships and transactions could affect the susceptibility of the financial statements to
material misstatement. The team might discuss the following matters: the nature and extent of
the entity's relationships and transactions with related parties; the importance of maintaining
professional skepticism regarding related parties throughout the audit; circumstances or
conditions that may indicate the existence of unidentified related-party relationships or
transactions; the types of records or documents that might indicate the existence of related-party
relationships or transactions; the importance that management and those charged with
governance attach to the identification of, accounting for, and disclosure of related-party
relationships and transactions and the related risk of management override; and how related
parties might be involved in fraud.
Discussion of Fraud-Related Matters
The team discussion should include the following fraud-related matters: how and where the
entity's financial statements might be susceptible to material misstatement due to fraud; how the
entity's assets could be stolen; external and internal factors that might create incentives or
pressures, provide opportunities, or enable rationalization of fraud; the risk of management
override of controls; circumstances that might be indicative of manipulation of the budget or
other financial measures; practices management might use to manipulate the budget or other
financial measures that could lead to fraudulent financial reporting; how the auditor might
respond to the susceptibility of the financial statements to material misstatement due to fraud;
and the importance of maintaining professional skepticism regarding the potential for material
misstatement due to fraud.
Fraudulent Financial Reporting and Misappropriation of Assets
The discussion should consider financial misstatement from both fraudulent financial reporting
and misappropriation of assets. Key considerations in assessing fraud risk are the motivations that
may exist for management to intentionally misstate the financial statements and missing controls
that could result in misappropriation of assets, including fraudulent disbursements.
Audit Response
The discussion should include the appropriate audit response to the areas identified as
susceptible to material misstatement due to fraud or error. For example, the auditor might
identify the accounts that would be affected and the nature of the procedures that could be
performed to address the risks.
Professional Skepticism
The auditor should maintain professional skepticism throughout the audit, recognizing that a
material misstatement due to fraud could exist regardless of the auditor's past experience with
the honesty and integrity of entity management and those charged with governance. Professional
skepticism is an attitude that includes a questioning mind and being alert to conditions that may
indicate possible misstatement due to fraud or error and a critical assessment of audit evidence.
Note
A belief that management and those charged with governance are honest and have
integrity does not allow the auditor to be satisfied with less than persuasive audit
evidence.
Documentation of the Engagement Team Discussion

Regarding the team discussion of the susceptibility of the entity's financial statements to material
misstatement, the auditor is required to document how and when the discussion occurred,
participating audit team members, and significant decisions reached concerning planned
responses at the opinion unit and relevant assertion levels. Additional documentation
requirements related to the risk of fraud include the following.
Discussion of Susceptibility to Material Misstatement Due to Fraud
The auditor should document the engagement team discussion on the susceptibility of the entity's
financial statements to material misstatement due to fraud, including significant decisions
reached and how and when the discussion occurred and who participated.
Discussion of Identified and Assessed Risks
The auditor should document the identified and assessed risk of material misstatement due to
fraud at the financial statement level and at the assertion level.
Responses to the Assessed Risks
The auditor should document responses to the assessed risks of material misstatement due to
fraud, including the following:
A. Overall responses at the financial statement level
B. Specific responses at the assertion level—the nature, timing, and extent of audit procedures
and linkage to assessed risks
C. The results of audit procedures, including those that address the risk of management override
Revenue Recognition Risk
The auditor also should document how s/he overcame the presumption that improper revenue
recognition is a fraud risk, if applicable.
2 F. Understanding the Entity and Its
Environment
Introduction
The auditor needs to obtain an understanding of the entity and its environment, including its
internal control, to provide a basis for designing and implementing responses to the assessed
risks. The auditor must obtain a level of knowledge sufficient to identify the risks of material
misstatements of the financial statements and to design the nature, timing, and extent of further
audit procedures. This section addresses the auditor's understanding of the entity and its
environment. Another section addresses the auditor's understanding of the entity's internal
control.

Value of the Understanding Obtained
The auditor focuses on matters that could cause material misstatement of an opinion unit,
including potential fraud risk factors, undisclosed related-party transactions, illegal acts, and
uncertainties.
Planning Materiality
The understanding assists the auditor in establishing planning materiality and evaluating whether
the planned level remains appropriate throughout the audit.
Risk Considerations
The understanding assists the auditor in evaluating whether certain observed conditions, such as
unusual or unexpected relationships from preliminary analytical procedures, do not make sense
and indicate possible risk of material misstatement.
Fraud Risk Factors
The understanding assists the auditor in considering fraud risk factors, such as the existence of
significant or complex related-party transactions.
Audit Evidence
The understanding also assists the auditor in evaluating the appropriateness and sufficiency of
audit evidence.
Documentation of the Auditor's Understanding
In addition to documenting the discussion among the engagement team, the auditor should
document key elements of the understanding obtained regarding each aspect of the entity and its
environment, the sources of information from which the understanding was obtained, and the risk
assessment procedures performed.
Components of the Understanding
The auditor's understanding of the entity and its environment includes industry, regulatory, and
other external factors; the nature of the entity, including its opinion units; objectives, strategies,
and related business risks that may result in a material misstatement of an opinion unit;
measurement and review of the entity's financial performance; and the selection and application
of accounting policies. In addition, the consideration of fraud risk factors is an important objective
of performing risk assessment procedures.
Industry, Regulatory, and Other External Factors
The objective of the auditor's understanding of industry, regulatory, and other external factors is
to evaluate whether the entity is subject to specific risks of material misstatement arising from the
nature of the government industry, degree of regulation, or other external forces, such as political,
social, or technological factors.
Characteristics of a Governmental Unit That Affect Audit Approach

1. A governmental unit lacks a profit motive and thus lacks a relationship between revenues and
expenses that is present in a for-profit entity. Many balance sheet account balances are
relatively minor in amount compared to the level of revenues and expenditures in a fiscal year.
The public is sensitive to fraud, waste, and abuse involving resources it provided to the
government. Governmental entities often have material grants from other levels of
government with significant restrictions.
Note
The Yellow Book requires auditors to design their audits to provide reasonable
assurance of detecting noncompliance with the provisions of contracts or grant
agreements that could have a material effect on the financial statements.
2. These characteristics mean that an audit of a governmental unit will have a more focused
consideration on compliance with laws and regulations, a greater emphasis on transaction
testing, and more concern with internal control. Generally, information that may be useful in
gaining an understanding of the entity and its environment can be obtained from various
sources—such as federal and state laws and regulations, local charters, budget documents,
recent bond offerings, prior-period financial reports, the request for proposals for audit
services, and discussions with management.
Laws, Regulations, and Similar Requirements

The auditor should inquire of management and read pertinent statutes, regulations, and charter
provisions and excerpt significant items for the permanent section of the audit documentation.
Federal or state statutes and regulations often have an important influence on operations, control
activities, and accounting systems. The budgetary process and related legal requirements are
important. Examples of the types of compliance requirements that can have a direct and material
effect on the determination of financial statement amounts are as follows:
1. Many governments are required by legal or contractual provisions to prepare their financial
statements in accordance with GAAP or some other comprehensive basis of accounting.
2. Tax reports (such as payroll tax forms and tax-exempt debt requirements) must be filed in
accordance with federal and state laws and regulations.
3. Transactions should be properly (and legally) authorized at execution.
4. Legal or contractual provisions may require the use of separate funds to account for and
report on particular activities.
5. Budgets and appropriations often specify that particular funds finance particular costs and
establish the nature and amount of interfund activity. Budgets and appropriations also may
specify spending limits that may not be exceeded without prior approval from a governing
body.
6. Governmental units may be subject to laws and regulations that place limits on taxing
authority, place ceiling limitations and other issuance criteria on debt, or place limits on the
use of debt proceeds.
7. Governmental units often have legally limited deposit and investment options. For local
governments, it is not unusual for investments in derivative instruments, hedge funds, and
debt instruments with long maturities to be prohibited.
8. Governmental units often are prohibited from purchasing certain products or services without
obtaining competitive bids or following other purchasing laws and regulations.
9. Nonexchange transactions must be recognized in accordance with time and other eligibility
requirements and purpose restrictions. Noncompliance may result in the government being
forced to refund amounts received. Such requirements may also affect the recognition and
reporting of nonexchange transactions.
10. Providers of resources in nonexchange transactions may impose other requirements. For
example, federal financial assistance programs often stipulate procurement and cash
management policies.
11. Contractual compliance requirements can relate to exchange transactions, such as for debt
issuances.
Political Environment
Political considerations include both general and specific matters that may have an influence on
the conduct of the engagement. The visibility of governmental operations and related news media
coverage can provide a potential source of information.
Reporting Requirements
The auditor should inquire of management and review bond covenants, grant requirements,
requirements of higher levels of government, and pertinent statutes to identify the entity's legal
reporting requirements.
Note
The Yellow Book also requires reports on compliance with laws and regulations and on
internal control in a financial statement audit.
Economic Environment
The auditor should consider economic trends and indicators. Factors such as unemployment
rates, age and income demographics of the population, assessed values of real property,
population trends, and commercial economic indicators may influence the level and type of
governmental activities. This type of information is available from state economic agencies and
local chambers of commerce. Another source of information is bond rating agencies that rate
securities of governments.
Nature of the Entity and Its Opinion Units
The auditor should obtain an understanding of the nature of the entity and its opinion units. The
nature of the entity includes its operations, its governance, the types of its existing and future
investments, and its structure and financing. This understanding helps the auditor understand the
classes of transactions, account balances, and disclosures that would be expected in the financial
statements.
Structure and Governance Characteristics: The structure of a governmental unit and its
governance are affected by the allocation of administrative responsibilities. The executive and
legislative branches may share these responsibilities. By inquiry and inspection of documents, the
auditor should be able to obtain the following information:
1. The authorities, responsibilities, and duties of the executive branch and legislative branch and
the relationship between the two
2. The composition of the legislative or governing body, including the composition and activities
of an audit committee, if any
3. The organization of the executive branch, including overall and personnel organization charts
4. The authorities, duties, and responsibilities of key administrative and financial personnel,
including any formal position descriptions
Operating Characteristics: Based on inquiry, observation, and reading of statutes and ordinances,
the auditor should obtain an understanding of and document a general description of the
following: taxing procedures and procedures for other major sources of revenue and revenue
management; purchasing procedures; treasury functions, including major financing sources,
major investments, and the use of high-risk investments; budgeting procedures; fund accounting
requirements, including specified funds and overall fund structure; and potentially high-risk
operations, such as hospitals, landfills, and social service programs.
Objectives, Strategies, and Related Business Risks
The auditor should focus on risks that have financial reporting implications. The auditor obtains
an understanding of management's objectives and strategies to identify the related business risks.
The auditor's risk assessment procedures may be influenced by the size and sophistication of the
entity. When making inquiries, the auditor will generally restrict questioning to upper
management. These inquiries should prompt management to describe the entity's future trends,
expectations, objectives, and strategies.
Measurement and Review of the Entity's Financial Performance
The auditor should obtain an understanding of the measurement and review of the entity's
financial performance made by management and external parties.
Information used by management may include the following:
key financial and nonfinancial performance indicators,
trends,
key ratios and other operating and financial statistics,
forecasts and variance analyses,
budget-to-actual financial performance,
period-on-period financial performance, employee performance measures,
enterprise fund performance reports, and
comparisons to performance of similar governmental units (benchmarking).
Information prepared by external parties includes bond rating agency reports. A downgrade in an
entity's bond rating is an important risk indicator.
Selection and Application of Accounting Policies and Accounting Estimates
The auditor should obtain an understanding of management's selection and application of
accounting policies and evaluate whether the policies are appropriate for the entity's activities and
consistent with policies used in governmental financial reporting.
Accounting Estimates: The auditor should obtain an understanding of the following regarding
accounting estimates:
1. Requirements of the applicable financial reporting framework relevant to the accounting
estimates, including those related to disclosures
2. How management identifies transactions, events, and conditions that may give rise to
accounting estimates
3. How management makes accounting estimates and the data on which estimates are based,
including methods used, relevant controls, whether a specialist was used, assumptions
underlying accounting estimates, any changes in methods or assumptions made (or that
should have been made) from the prior period and reasons for the changes, and whether and
how management has assessed the effect of estimation uncertainty
Risks of Material Misstatement: The auditor's assessment of the appropriateness of the entity's
accounting policies and accounting estimates is important for considering the risks of material
misstatement at the financial statement and relevant assertion levels, whether due to fraud or
error. The auditor uses the understanding of management's selection and application of
accounting policies along with the identification of fraud risk factors to evaluate whether an
overall response is necessary.
Risk of Fraud in Selection and Application of Accounting Policies: In determining overall
responses to fraud risk, the auditor should evaluate whether the selection and application of
accounting policies—particularly policies related to subjective measurements and complex
transactions—may be indicative of fraudulent financial reporting. These may be used to
manipulate budget and other financial information, or bias that may create a material
misstatement. Management bias in the selection and application of accounting principles may
individually or collectively involve matters such as contingencies, fair value measurements,
revenue recognition, accounting estimates, related-party transactions, and transactions without a
clear activity or purpose.
Fraud Risk Factors
Fraud risk factors are events or conditions that indicate an incentive or pressure to perpetrate
fraud, provide an opportunity to commit fraud, or indicate attitudes or rationalizations to justify a
fraudulent action. The auditor should evaluate whether the information obtained from risk
assessment procedures indicates that one or more fraud risk factors are present.
Risks of Material Misstatement: The identification of fraud risk factors is a part of performing risk
assessment procedures. In addition, with the other information obtained about the entity and its
environment, the fraud risk factors are an important component in identifying the risks of material
misstatement at the financial statement and relevant assertion levels. The auditor's primary
concern is to identify whether a risk factor is present and needs to be considered in identifying and
assessing risks of material misstatement due to fraud. The presence of a particular fraud risk
factor does not necessarily indicate the existence of fraud.
Fraudulent Financial Reporting: Broad examples of fraud risk factors for fraudulent financial
reporting include the following:
1. Financial stability is threatened by economic, industry, or entity operating conditions.
2. Excessive pressure exists for management to meet the requirements or expectations of third
parties.
3. Information available indicates that the personal financial situation of management or those
charged with governance is threatened by the entity's financial performance.
4. Management or operating personnel are under excessive pressure to meet financial targets
established by those charged with governance.
5. The nature of the industry or the entity's operations provides opportunities to engage in
fraudulent financial reporting.
6. The monitoring of management is not effective.
7. The entity's organizational structure is complex or unstable.
8. Internal controls are deficient.
9. Management has failed to remedy known significant deficiencies or material weaknesses in
internal control on a timely basis.
Misappropriation of Assets: One of the primary fraud risks in governmental units is fraudulent
cash disbursement. The auditor may become aware of information that indicates potential
financial stress or dissatisfaction of employees who have access to assets susceptible to
misappropriation. Examples of risk factors include unfavorable changes in employee benefit plans
and failure to receive expected pay raises.
2 G. Understanding the Entity's Internal

Control
Introduction
The five components of internal control are the entity's control environment, risk assessment,
information and communication, monitoring activities, and control activities. This section provides
an overview of the general requirements related to obtaining an understanding of internal control.
Other sections discuss entity-level controls (control environment, risk assessment, information
and communication, and monitoring activities) and control activities. The reason for discussing
the auditor's understanding of internal control in separate sections is that, in assessing the risk of
material misstatement of an opinion unit in order to develop an overall audit strategy, auditors
generally focus on understanding entity-level controls. The understanding of control activities
(activity-level controls) is not needed until planning the nature, timing, and extent of further audit
procedures at the assertion level.
Nature of the Auditor's Understanding
The auditor is required to obtain an understanding of internal control that is sufficient to assess
the risk of material misstatement of an opinion unit's financial statements due to fraud or error
and to design the nature, timing, and extent of further audit procedures. The auditor performs risk
assessment procedures to evaluate the design of controls that are relevant to the audit and to
determine if controls have been implemented. A key consideration is whether and how a
particular control prevents—or detects and corrects—material misstatements in relevant
assertions related to transactions, account balances, or disclosures.
Evaluation of Control Design
Evaluation of design considers whether the control, individually or in combination with other
controls, is capable of effectively preventing, or detecting and correcting, material misstatements.
If a control is improperly designed, it may represent a control deficiency that should be
communicated to management and those charged with governance.
Evaluation of Control Implementation
The auditor uses risk assessment procedures to obtain audit evidence that the control has actually
been implemented. (Determination of whether a control has been implemented is different from
evaluating its effectiveness.) Generally, the auditor uses procedures such as inquiry, observation,
and inspection to verify implementation. Inquiry alone cannot provide a sufficient understanding
of internal control.
Extent of the Auditor's Understanding
The auditor is required to use professional judgment in determining which controls are relevant to
the audit and, thus, require an understanding and evaluation. The extent of the auditor's
understanding and the extent of the associated risk assessment procedures performed to obtain
the understanding are affected by factors such as the following:
the auditor's prior experience with the entity;

materiality;
the significance of the related risk;
the nature of the entity's operations and organizational structure;
the size of the entity;
the diversity and complexity of entity operations;
the nature and complexity of the entity's systems;

the entity's use of service organizations;
the nature of the governmental industry;
applicable legal and regulatory requirements;
the nature of compliance auditing requirements and/or special reporting requirements;
the level of business and financial sophistication of entity personnel; and
whether a specific control, individually or in combination with other controls, prevents, or
detects and corrects, material misstatements.
Controls Related to Significant Risks
The auditor's understanding of internal control should include the entity's programs and controls
that address risks of material misstatement that are considered significant risks that require
special audit attention.
Fraud Risk and Other Significant Risks
Fraud risks are always considered to be significant risks, as are risks related to nonroutine
transactions, such as with related parties and accounting estimates. Revenue recognition issues
often pose significant risks. After completing risk assessment procedures to evaluate internal
control design and implementation, the auditor determines whether a sufficient understanding
has been obtained of controls that would prevent, or detect and correct, material misstatements
related to fraud risks and other significant risks. If not, the auditor performs additional risk
assessment procedures to obtain a better understanding of controls relating to those risks. Fraud
risk and other significant risks, because of their nature, may not be subject to routine controls. The
auditor also should understand whether and how management responds to those risks.
Misappropriation of Assets
The auditor should consider the control activities that are relevant to account balances with a
significant inherent risk of misappropriation of assets. The risk of misstatement due to fraud for
misappropriation of assets depends on whether the entity has controls to prevent or detect
concealment of theft in the accounting records.
When Substantive Procedures Alone Are Not Sufficient
The auditor is required to understand and evaluate controls related to risks for which substantive
procedures alone are not sufficient, such as in some IT environments. For those risks, the auditor
must perform tests of the operating effectiveness of controls to obtain sufficient audit evidence.
Effect of IT on Internal Control
The auditor should consider how IT affects an entity's control activities, since IT affects the way
that transactions are initiated, authorized, recorded, processed, and reported. In obtaining an
understanding of the entity's control activities, the auditor should understand how the entity has
responded to risks arising from IT. The auditor should evaluate the design of IT general controls
and determine whether they have been implemented when assessing the risks of material
misstatement. The auditor tests general controls when s/he plans to rely on IT application
controls to modify the nature, timing, and extent of substantive procedures.
Availability of Information
The auditor should be aware that the use of IT may impact the availability of information needed
for the audit. In certain situations, the auditor is precluded from using only substantive procedures
when the role of IT is significant to processing the transaction.
For example, in highly automated processing with little or no manual intervention
when information is initiated, authorized, recorded, processed, or reported
electronically, the auditor may determine that detection risk cannot be adequately
reduced without testing the operating effectiveness of controls.
Specialized IT Skills
The auditor should consider whether specialized IT skills are needed to determine the effect of IT
on the audit, identify and assess IT risks, understand IT controls, design and perform tests of IT
controls or substantive procedures, or identify IT control deficiencies. The following factors may be
considered in determining whether the audit team needs to include individuals with specialized IT
skills:
A. The complexity of the entity's systems and IT controls and the manner in which they are used
in conducting the entity's business
B. The significance of changes made to existing systems or the implementation of new systems
C. The extent to which information is shared among systems
D. The extent of the entity's use of electronic commerce
E. The entity's use of emerging technologies
F. The significance of audit evidence that is available only in electronic form
When an IT Specialist Is Used
When an auditor uses an IT specialist on the engagement team, the auditor should be
knowledgeable enough to communicate the audit objectives to the specialist, evaluate whether
the procedures performed by the specialist meet the auditor's objectives, and determine the
effects of the procedures on the nature, timing, and extent of other planned procedures. The
auditor also should determine that the specialist is independent, has adequate technical
knowledge, and meets applicable continuing professional education requirements.
Control Objectives
When obtaining an understanding of internal control, auditors often consider control objectives
when identifying controls and evaluating their design and implementation. A control objective
states the purpose of a control or controls in relation to risks and what could go wrong in the
financial statements. Control objectives relate to entity-level controls, such as control
environment and monitoring activities, as well as controls at the account balance, transaction
class, and disclosure level.
An example of a control objective could be, “All capital asset additions are recorded
correctly.” Failure to achieve that control objective could result in overstatement or
understatement of capital assets and depreciation expense.
When considering control objectives at the relevant assertion level, the auditor may choose to
identify existing controls and evaluate their design effectiveness.
Key Controls
The auditor should focus attention on those controls that are most important in achieving
particular control objectives related to identified risks of material misstatement. Key controls are
considered the most important in achieving the entity's control objectives. The failure of key
controls could materially affect a relevant assertion. On the other hand, the operation of a key
control might prevent, or detect on a timely basis, other control failures. When determining which
controls are key controls, the auditor might consider factors such as the following: the nature of
the risks being addressed; the characteristics of related account balances or transaction classes;
whether the control is preventive or detective; whether the control works in combination with or
relies on the operation of other controls; whether the control is manual or automated; whether the
control addresses more than one control objective; and the nature and type of potential
misstatements that the control would prevent, or detect and correct.
Documentation of the Auditor's Understanding

The auditor is required to document the understanding obtained for each of the five components
of internal control, including the sources of the information used and risk assessment procedures
that were performed to obtain the understanding.
2 H. Understanding Entity-Level Controls

Introduction
Entity-level controls consist of the control environment, risk assessment, information and
communication, and monitoring activities. These controls typically have a pervasive effect on the
entity's internal control system and can potentially influence the design and operating
effectiveness of other controls. Therefore, auditors typically obtain an understanding of the entity-
level control components first, beginning with the control environment. The IT environment and
general computer controls also have a pervasive effect and are considered entity-level controls.
Control Environment
The control environment sets the tone of an entity and influences the control consciousness of its
people. It is the foundation for all other components of internal control and provides structure and
discipline. The auditor generally obtains knowledge of the control environment as a result of
performing risk assessment procedures to understand the attitudes, awareness, and actions of
management and those charged with governance concerning internal control and its importance
in achieving reliable financial reporting. The auditor should evaluate whether the control
environment elements collectively provide support for the other components of internal control or
whether those other components are undermined by deficiencies in the control environment.
Risk Assessment Procedures
The auditor should corroborate through observation or inspection the responses of management
and employees to inquiries about the control environment. For example, by interviewing
management and employees, the auditor obtains an understanding of management's
commitment to ethical values and competence. The auditor should then observe the behavior and
attitude of management in managing the entity. When documentary evidence is available, the
auditor may inspect documents such as a written code of conduct as evidence of how
management communicates its views of business practices and ethical behavior.
Impact on Assessed Risk
The auditor should concentrate on the collective effect of the strengths and weaknesses in the
control environment on the risks of material misstatement. This assessment generally affects
decisions and judgments made in establishing the overall audit strategy, such as using only
substantive procedures in more audit areas, if the control environment is weak. If management
demonstrates a poor attitude about the need for a strong accounting and financial reporting
function, there is a reduced likelihood that the entity will have strong risk assessment, information
and communication, monitoring activities, and control activities components of internal control.
Documentation of the Entity's Control Environment
The auditor should document her/his understanding of the control environment, including the
sources of information and procedures performed to obtain or update the understanding. The
auditor should provide an overall conclusion about whether the control environment is properly
designed and implemented considering the overall size and complexity of the entity.
Risk Assessment
Risk assessment is the entity's process of setting objectives; prioritizing and linking those
objectives; and identifying, analyzing, and managing risks relevant to achieving those objectives.
With respect to the objective of reliable financial reporting, the entity's risk assessment process
involves the identification, analysis, and management of the risks of material misstatement. An
entity's risk assessment process includes financial reporting objectives, management of financial
reporting risks, consideration of fraud risk, and consideration of changes that could impact
internal control. The auditor generally obtains sufficient knowledge of management's risk
assessment process to understand how management considers risks relevant to reliable financial
reporting objectives and decides about actions to address those risks.
The auditor considers both the following:
(a) the aspects of the entity's risk assessment process that enable management to identify,
analyze, and address risks, and
(b) any difficulties the entity has in identifying and addressing those risks.
Risks include changes in operations, new personnel, new or revised information systems,
new operating approaches or activities, restructurings, and new accounting standards.

The auditor can generally tailor risk assessment procedures based on the size and complexity of
the entity. In many situations, documented evidence of the entity's risk assessment process will be
minimal, and the auditor will rely on inquiries of management about how risks are identified and
addressed. The auditor often can rely on experience with the client, general observations of entity
operations, and discussions with management. If risks such as restructurings or new accounting
standards have occurred, the auditor can ask management about the associated risks and what
actions were taken to address them. Those inquiries may be corroborated by inquiries of
accounting and other personnel, as well as by inspecting any other supporting written evidence or
by determining whether risks occurred that were not identified by management.
Documentation of the Entity's Risk Assessment
The auditor should document her/his understanding of the entity's risk assessment process,
including the sources of information and procedures performed to obtain or update the
understanding. The auditor should provide an overall conclusion about whether the entity's risk
assessment component is properly designed and implemented considering the overall size and
complexity of the entity.

Information and Communication
In the context of a financial statement audit, information refers to the entity's financial reporting
system, which includes the accounting system and encompasses the procedures and records
established to initiate, authorize, record, process, and report the entity's transactions. It also
includes the accountability over assets, liabilities, and equity. Communication is the process of
providing an understanding of roles and responsibilities to individuals within the entity regarding
internal control over financial reporting.
Risk Assessment Procedures for the Entity's Information Process
For most small and medium-sized entities, the auditor can gain an understanding of the entity's
information process based on experience with the client; general observations about how financial
information is identified, captured, and used within the entity; and discussions with management.
Risk Assessment Procedures for the Entity's Communication Process
Auditors often use a combination of risk assessment procedures to understand the
communication process, since communication may be written, electronic, oral, or through the
direct involvement of management. The auditor will inquire of management and corroborate
management's responses to determine if the communication process as designed has been
implemented. Corroboration procedures can include, for example, inquiring of employees about
the communication they have received regarding their duties and management's expectations as
they relate to financial reporting.
Documentation of the Entity's Information and Communication
The auditor should provide an overall conclusion about whether the information and
communication process is properly designed and implemented, considering the overall size and
complexity of the entity.
Monitoring Activities
Monitoring activities are performed by an entity to assess the quality of its internal control over
time. They involve assessing the design and operation of controls on a timely basis, capturing and
reporting identified control deficiencies, and taking action as necessary. Monitoring activities can
also reveal potential fraud. Poor monitoring activities can allow fraud or error to remain
undetected. The auditor should obtain an understanding of the major types of activities that
management uses to monitor internal control over financial reporting. The auditor's
understanding should include the sources of information related to monitoring and the basis on
which management considers information to be sufficiently reliable for that purpose.
The auditor can obtain an understanding of the entity's monitoring activities through direct
inquiries of management, review of policies and procedures manuals to determine monitoring
functions (such as a review of bank reconciliations), or procedures performed to obtain an
understanding of other components of the entity's internal control.
Note
For example, when performing a walkthrough of the cash disbursements transaction
processing system and inspecting the monthly bank reconciliation, the auditor may
notice that the bank reconciliation has been initialed. Upon inquiry of the bookkeeper,
the auditor learns that the senior official placed her initials on the reconciliation to
evidence her review. In this way, the auditor obtains an understanding of both the
design of the monitoring controls and their implementation.
Consideration of the Internal Audit Function
If an entity has a designated internal audit function, the auditor should obtain an understanding
of that function to understand its responsibilities, how it fits into the organizational structure, and
the activities it performs. The auditor is required to inquire of appropriate individuals in the
internal audit function about their understanding of the risks of error and fraud within the entity.
The auditor also is required to inquire about whether the internal audit function has performed
any procedures to identify or detect fraud during the year, whether management has satisfactorily
responded to any findings resulting from their procedures, and whether they have knowledge of
any actual or suspected fraud.
Documentation of the Entity's Monitoring Activities
The auditor should document an understanding of the entity's monitoring activities, including the
sources of information and procedures performed to obtain or update the understanding. The
auditor should document an overall conclusion about whether the monitoring activities are
properly designed and implemented considering the overall size and complexity of the entity.
IT Environment and General Controls
IT systems and their related general controls may enhance the effectiveness and efficiency of an
entity's internal control because of the consistency, timeliness, and accuracy inherent in
automated systems. However, an IT system also poses certain risks, such as reliance on systems or
programs that are inaccurately processing data or are processing inaccurate data. The auditor is
required to obtain an understanding of how the entity has responded to IT-related risks. General
controls generally include controls related to such areas as data center and network operations
and physical security and access to programs and data.
When obtaining an understanding of the IT environment, the auditor should consider what
procedures the computer performs and what information is stored in electronic files. The auditor
obtains an understanding of the extent to which IT is being used for significant transaction
classes. The auditor should evaluate the design of IT general controls and determine whether they
have been implemented when assessing the risks of material misstatement. Deficient general
controls may allow application controls to operate improperly, which can result in material
misstatements in the financial statements.
Documenting the Entity's IT Environment and General Controls
The auditor should document her/his understanding of the extent to which IT is used in significant
transaction classes and the auditor's understanding of and conclusion about the design and
implementation of general computer controls.
2 I. Understanding Activity-Level Controls

Introduction
Activity-level controls and processes operate at the assertion level. They are directly related to
initiating, authorizing, recording, processing, correcting, transferring to the general ledger, and
reporting the entity's transactions. As a result, the understanding of activity-level controls directly
supports the auditor's risk assessment at the relevant assertion level for account balances,
transaction classes, and disclosures. In obtaining an understanding of activity-level controls, the
auditor also should remember the requirements to obtain an understanding of controls related to
fraud and other significant risks, controls related to risks for which substantive procedures alone
are not adequate, and the effects of IT on the entity's control activities.
Financial Reporting System
The auditor should obtain sufficient knowledge of the financial reporting system, including related
procedures, to understand how misstatements might occur at any point from the occurrence of
transactions and events or conditions to the final presentation in the financial statements.
Classes of Transactions
The auditor should understand the classes of transactions in the entity's operations that are
significant to the financial statements.
Accounting Procedures
The auditor should understand the procedures, within both automated and manual systems, by
which transactions are initiated, authorized, recorded, processed, corrected as necessary,
transferred to the general ledger, and reported in the financial statements.
Accounting Records
The auditor should understand the accounting records, whether electronic or manual, supporting
information, and specific accounts in the financial statements involved in initiating, authorizing,
recording, processing, and reporting transactions.
Other Events and Conditions
The auditor should understand the methods used to capture significant events and conditions—
other than classes of transactions—that are significant to the financial statements.
Note
Examples include asset impairment, commitments and contingencies, subsequent
events, compliance with debt covenants, related-party transactions, going concern
uncertainties, and fair values of financial instruments.
Financial Reporting Process

The auditor should understand the financial reporting process, including the closing process, used
to prepare the entity's financial statements, as well as significant accounting estimates and
disclosures.
Journal Entries
The auditor should understand the controls over standard and nonstandard journal entries.
Risk assessment procedures performed to understand the financial reporting system include
inquiries of management and others, observation of entity procedures and controls, inspection of
documents and records, and tracing of transactions through the system.
Control Activities
Control activities are a component of internal control that consist of the entity's policies and
procedures that help ensure that management directives are carried out. In the context of a
financial statement audit, control activities relate to reliable financial reporting.
The Required Understanding
The auditor is required to obtain an understanding of control activities relevant to the audit and to
explain why the auditor considers certain activities are necessary to understand in order to assess
the risks of material misstatement at the relevant assertion level and design further audit
procedures in response to the assessed risks. The auditor should understand the entity's controls
related to fraud risks and other significant risks, as well as risks for which substantive procedures
alone will not be adequate. The auditor also should understand how the entity has responded to
risks arising from IT when considering control activities.
Documentation of Control Activities
The auditor should document control activities and the sources of information used and the
procedures performed. The auditor also should document a conclusion about whether the
controls over the significant transaction classes in the audit area are properly designed and
implemented.
2 J. Planning Decisions and Judgments

Introduction
The primary planning decisions and judgments based on the information the auditor obtains
about the entity and its environment include the following: the materiality level for each opinion
unit as a whole (preliminary planning materiality); materiality for particular items of lesser
amounts than planning materiality; the risks of material misstatement at the financial statement
level; the overall audit strategy; performance materiality at the individual transaction class,
account balance, or disclosure level; the risks of material misstatement at the relevant assertion
level related to transaction classes, account balances, and disclosures; and the specific nature,
timing, and extent of further audit procedures. The risks of material misstatement at the relevant
assertion level and the specific nature, timing, and extent of further audit procedures are
described in subsequent chapters of this course.
Determining Materiality at the Opinion Unit Level
In a governmental audit, the concept of materiality for the financial statements as a whole is at
the opinion unit level. The preliminary judgment about materiality at the financial statements
level of an opinion unit is referred to as planning materiality. The auditor uses the concept of
materiality in planning and performing the audit (planning materiality), as well as in evaluating
the effect of identified misstatements on the audit and the effect of uncorrected misstatements on
the financial statements, referred to as evaluation materiality. The auditor's determination of
materiality is a matter of professional judgment and is affected by her/his perception of the
financial information needs of users of the financial statements.
In Yellow Book financial audits, it may be appropriate to use lower materiality levels
than in a GAAS audit because of the public accountability of governmental entities and
entities receiving government funding, various legal or regulatory requirements, and
the sensitivity of government programs.
Level of Financial Statements

The auditor makes separate materiality determinations for each of the following opinions units, if
applicable: governmental activities; business-type activities; each major governmental fund; each
major enterprise fund; aggregate discretely presented component units; and aggregate remaining
fund information, which includes nonmajor governmental and enterprise funds, internal service
fund types, and fiduciary fund types. Each major fund is a separate opinion unit regardless of
whether the major fund designation is based on the quantitative calculation or management
discretion.
The two aggregate opinion units (discretely presented component units and remaining
fund information) can be combined into one opinion unit when either of the two is
quantitatively and qualitatively immaterial to the primary government. The resulting
combined opinion unit is called the aggregate discretely presented component unit and
remaining fund information.
The auditor should consider the information in the required reconciliations from the funds
financial statements to the government-wide financial statements.
Selecting a Benchmark
To determine planning materiality, the auditor must select a benchmark. The characteristics the
auditor desires are that the benchmark has relative stability and predictability and be
representative of the entity's size. For many governmental units, total assets or total revenue
provide a good benchmark. Both are relevant because of the emphasis on financial resources in
the governmental environment.
A. In determining total assets for calculation of planning materiality, the auditor excludes
interfund receivables and agency fund assets. In determining total revenue, the auditor
excludes interfund transfers and bond and other debt proceeds. These adjustments make the
benchmark more representative of the actual size of recurring activity.
B. Auditors may consider qualitative factors when determining planning materiality, such as
when large-dollar activity or balances distort quantitative measures. In this situation, auditors
may eliminate certain large-dollar items from the calculation and set separate materiality
levels for the excluded items and for the remaining items. For example, the governmental
activities opinion unit may have general capital assets that exceed the total of other assets in
that opinion unit. The auditor could set one level of materiality for general capital asset
activity and balances and another set for the opinion unit's other activities and balances.
However, the auditor would render a single opinion on the opinion unit.
C. In certain cases, the use of total assets or total revenues as a benchmark may be
inappropriate because they are not the most relevant. For example, many capital projects
funds are substantially completed at year-end, and revenues are typically not significant. In
this case, total assets or total project expenditures may be the most relevant benchmark. For
an enterprise fund, such as a utility, the primary reporting focus is often the level of
operations. In this case, total revenues or total expenses is a more appropriate benchmark
than total assets.
Selecting a Percentage to Apply to the Benchmark
The next step in making a preliminary judgment about planning materiality is to specify a
percentage to apply to the benchmark.
A. Although there is no authoritative requirement, many auditors believe that the materiality
percentage should be adjusted in relation to the size of the entity. The percentage is larger for
a very small government to recognize the practical limits on the effectiveness of audit
procedures. The percentage is smaller for a very large government to recognize that a large
enough absolute amount is often considered material.
B. The reduction of the percentage as the benchmark amount increases will prevent planning
materiality from becoming disproportionately large in relation to the operating statement.
However, the auditor also uses judgment about the entity and its circumstances in
determining the planning materiality amount.
C. Planning materiality judgments are reconsidered as the audit progresses. Because the
calculation made during initial planning may use annualized interim financial information, the
base amounts in the audited financial statements may differ. The auditor adjusts planning
materiality if s/he becomes aware of changes that would have affected its calculation. In
addition, at the conclusion of the audit, the auditor considers whether the audit scope was
adequate in the circumstances.
Materiality for Particular Items of Lesser Amounts
In addition to determining materiality at the financial statement level, the auditor should
determine whether there are particular transaction classes, account balances, or disclosures for
which a lower planning materiality amount is appropriate based on user perceptions of the items.
Auditors often use a lower planning materiality level for related-party transactions and the
remuneration of management and those charged with governance.
Performance Materiality
Performance materiality is the amount or amounts set by the auditor at less than materiality for
the financial statements of an opinion unit to reduce to an appropriately low level the probability
that the aggregate of uncorrected and undetected misstatements exceeds materiality for those
financial statements. When applicable, performance materiality also refers to the amount set by
the auditor at less than the materiality level for a particular transaction class, account balance, or
disclosure. The auditor determines performance materiality to assess the risks of material
misstatement and determine the nature, timing, and extent of further audit procedures.
A. Performance materiality differs from tolerable misstatement. The application of performance
materiality to a particular audit sampling procedure is called tolerable misstatement.
Tolerable misstatement is materiality at the test or procedure level for a specific account
balance or transaction class when that procedure or test is applied using audit sampling.
B. The auditor should establish at least one level of performance materiality for each opinion
unit. Different amounts can be established for various transaction classes, account balances,
and disclosures. The determination of performance materiality is affected by the auditor's
understanding of the entity, any need for revision identified in the performance of risk
assessment procedures, the nature and extent of misstatements identified in previous audits,
and the auditor's expectations regarding misstatements in the current period.
Documentation of Materiality
The auditor should document the following, including factors considered in their determination
and any revisions made during the audit: materiality at the opinion unit financial statement level;
if applicable, materiality levels for particular transaction classes, account balances, or disclosures;
and performance materiality. The auditor should also document the amount below which
misstatements would be considered clearly trivial.
Assessing Risks at the Financial Statement and Relevant Assertion
Levels
Audit risk in a financial statement audit is the risk that the auditor may unknowingly fail to
appropriately modify her/his opinion on financial statements that are materially misstated. It is a
function of the risk that the financial statements are materially misstated and the risk that the
auditor will not detect such material misstatement. In other words, audit risk is the risk of material
misstatement remaining in the financial statements after the audit. Audit risk is a judgmental
rather than a mathematical determination since it cannot be precisely measured as a percentage.
Levels of Risk Assessment
The auditor should identify and assess the risks of material misstatement, whether due to fraud or
error, at the opinion unit financial statement and relevant assertion levels. These risks are
identified and assessed by obtaining an understanding of the entity and its environment,
including its internal control. This understanding provides a basis for designing and implementing
responses to the assessed risks of material misstatement.
A. Risks of material misstatement at the opinion unit financial statement level often relate to the
entity's control environment and are not necessarily identifiable with specific relevant
assertions at the transaction class, account balance, or disclosure level. These overall risks are
relevant to the auditor's consideration of the risks of material misstatement arising from
fraud, such as management override of internal control.
B. The risks of material misstatement at the transaction class, account balance, or disclosure
level consist of inherent risk and control risk.
Response to Risks at the Financial Statement Level
The auditor should design and implement overall responses to address the assessed risks of
material misstatement at the opinion unit financial statement level.
A. Responses may include the following: emphasis to the audit team to use professional
skepticism; assigning staff with higher experience levels or specialized skills or using
specialists; increasing the level of supervision; using a greater degree of unpredictability in
selecting audit procedures; and changing the nature, timing, and extent of substantive
procedures, such as modifying the nature of audit procedures to obtain more persuasive
evidence. The auditor also should consider any specific relevant assertions that may be
affected by the overall risks and develop responses at that level when designing the nature,
timing, and extent of further audit procedures.
B. One fraud risk that is always present is the risk of management override of controls. Overall
responses to this risk include the following: considering the knowledge, skill, and ability of
individual engagement team members when assigning and supervising them; evaluating the
client's selection and application of accounting principles, especially in subjective areas; and
incorporating an element of unpredictability in the selection of audit procedures from year to
year, such as testing account balances and assertions otherwise considered immaterial or low
risk.
Documenting the Risks of Material Misstatement
The auditor should document both the identified and assessed risks at the opinion unit financial
statement level and the overall responses to them.
Establishing an Overall Audit Strategy
The auditor should establish an overall strategy for the audit. The audit strategy is the auditor's
operational approach to achieving the objectives of the audit. It is a high-level determination that
includes the identification of overall risks, the overall responses to those risks, and the general
approach to each audit area as being substantive procedures or a combination of substantive
procedures and tests of controls.
How the Auditor Establishes the Strategy
In establishing the overall audit strategy, the auditor should do the following: determine the key
characteristics of the engagement that define its scope; determine the reporting objectives of the
engagement to plan the timing of the audit and the nature of communications required; consider
significant factors that will determine the focus of the engagement team's efforts, the results of
preliminary audit activities, and knowledge from other engagements performed for the entity, if
any; and determine the nature, timing, and extent of resources needed to perform the audit.
Aspects of the Audit Strategy
The auditor's overall strategy should be developed considering the following: materiality; areas
that may be at higher risk of misstatement; risk of material misstatement at the opinion unit
financial statement level; previous audit's internal control deficiencies; management's
commitment to internal control; volume of transactions; significant changes in accounting
standards; and whether the auditor plans to use substantive procedures alone or a combination of
substantive procedures and tests of controls. The auditor should consider whether the client's
computer system provides a clear audit trail. The auditor also must consider the audit resources
necessary to perform the engagement.
Documenting the Audit Strategy
The auditor should document the overall audit strategy, the audit plan, any significant changes
made to them during the audit, and the reasons for changes. Many of the matters that relate to
the overall audit strategy will be documented in the normal course of gathering information about
the entity and its environment. Professional standards do not necessarily require that a separate
audit strategy memorandum be prepared to document in one place all matters that affect the
audit strategy.
Additional Yellow Book Requirements
The Yellow Book establishes additional requirements related to the following: noncompliance
with contracts and grant agreements; abuse; ongoing investigations or legal proceedings; and
communication of fraud, noncompliance, and abuse. Auditors should design their audits to
provide reasonable assurance of detecting misstatements resulting from noncompliance with the
provisions of contracts or grant agreements that could have a direct or indirect material effect on
financial statement amounts or other financial data significant to the audit objectives.
Noncompliance with Laws, Regulations, Contracts, and Grant Agreements
The auditor is responsible for considering laws, regulations, contracts, and grant agreements and
how they affect the audit. The auditor should assess whether management has identified
compliance requirements that have a material effect on financial statement amounts, obtain an
understanding of the possible effects of the compliance requirements on the determination of
financial statement amounts, assess the risk that a material misstatement occurred because of
noncompliance, and design and perform the audit to provide reasonable assurance of detecting
such material noncompliance.
Abuse
Abuse involves behavior that is deficient or improper when compared with behavior that a prudent
person would consider reasonable and necessary business practice given the facts and
circumstances. Abuse also includes misuse of authority or position for personal financial interests
or those of an immediate or close family member or business associate (often referred to as
“corruption”). Abuse may or may not involve fraud or noncompliance, but often results from
noncompliance, particularly noncompliance with laws and regulations that specify allowable
costs and activities. If auditors become aware of abuse that could be material, either
quantitatively or qualitatively, to the financial statements, they should perform additional
procedures to determine its potential effect on the financial statements or other financial data
significant to the audit, including whether the situation or transaction is indicative of fraud or
noncompliance.
Ongoing Investigations or Legal Proceedings
Auditors should avoid interfering with ongoing investigations or legal proceedings. When
investigations or legal proceedings have been initiated or are in process, the auditor should
evaluate the impact on the audit. The auditor may be required to work with investigators or legal
authorities, withdraw from the engagement, or defer further work on the engagement (or a
portion of it) to avoid interfering with the process.
2 K. Summary
This chapter discussed risk assessment and other planning procedures. It described inquiries of
management, analytical procedures, observation and inspection, and discussion among the
engagement team in assessing risks of material misstatement. It also discussed understanding
the entity and its environment, including its internal control, in assessing risks of material
misstatement, in general terms and in terms of entity-level and activity-level controls. This
chapter concluded with a discussion of how the auditor makes planning decisions and judgments,
including materiality and risk levels, as well as additional requirements of the Yellow Book for
financial audits.
Study Question 5
Under what circumstances may risk assessment procedures serve as tests of controls or
substantive procedures?
A Under no circumstances
B Only when they are performed concurrently with tests of

controls or substantive procedures
C When the auditor has chosen to assess control risk for an

audit area at the maximum level
When they provide audit evidence about the operating
D effectiveness of controls or about relevant assertions related
to account balances, transaction classes, or disclosures
Study Question 6
Which of the following statements is true regarding the audit team's discussion about the
susceptibility of the entity's financial statements to material misstatement?
A The discussion excludes the applicability of GAAP to the

entity's facts and circumstances.
The discussion excludes a consideration of how individual
B team members understand the potential for material
misstatement and how the results of audit procedures they
perform affect other aspects of the audit.
C All members of the engagement team should be included

in every discussion and be informed of all decisions made.
D Any high-risk areas that have already been identified should

be communicated to the team members.
Study Question 7
What is the importance of the auditor's assessment of the entity's accounting policies and
accounting estimates?
A Considering the risk of material misstatement at the entity

level
B Considering the risks of material misstatement at the

financial statement and relevant assertion levels
C Determining the risk of significant deficiencies and material
weaknesses in internal control
D Determining the risk of abuse that could be material to the

financial statements of an opinion unit
Study Question 8
Which of the following statements is true regarding an entity's risk assessment process for reliable
financial reporting?
A The auditor cannot tailor her/his risk assessment

procedures based on the size and complexity of the entity.
The entity's process includes identification and analysis of
B the risks of material misstatement but not how those risks
are managed.
C The auditor cannot rely on inquiries of management about

how risks are identified and addressed.
The risks include new personnel, new or revised information
D systems, new operating approaches or activities,
restructurings, and new accounting standards.
Study Question 9
How do the risks of material misstatement at the opinion unit financial statement level related to
the entity's control environment affect the auditor's response?
A These risks are relevant to the auditor's consideration of the

risks of material misstatement due to fraud.
These risks are easily identifiable with specific relevant
B assertions at the transaction class, account balance, or
disclosure level.
C These risks consist of inherent risk and control risk.
D These risks are identified solely on the basis of auditor

inquiry.
Chapter 3. Assessing Risks and Developing the Detailed Audit Plan

This chapter discusses the classes of financial statement assertions and how to identify, assess,
and respond to risks of material misstatement at the relevant assertion level. It provides a
separate discussion of how to identify, assess, and respond to risks of material misstatement due
to fraud. It also discusses the auditor's considerations in developing a detailed audit plan.
recognize the process of assessing risk, and
develop detailed audit plans.
3 A. Chapter Overview
This chapter discusses how the auditor identifies and assesses the risks of material misstatement
at the relevant assertion level and then prepares a detailed audit plan that appropriately
addresses those risks. This chapter also includes a discussion of the auditor's consideration of the
risks of material misstatement due to fraud.
3 B. Financial Statement Assertions
Introduction
Assertions are explicit or implicit representations by management that are embodied in the
financial statements of an opinion unit. The auditor uses these assertions to consider the different
types of potential misstatements that may occur in the entity's financial statements, whether due
to fraud or error. The assertions are described in the professional literature for transaction classes,
account balances, and presentation and disclosure. In an audit of a governmental entity,
management also asserts that transactions and events have been carried out in accordance with
laws and regulations, and those assertions may fall within the scope of the financial statement
audit.

Assertions about Transaction Classes
The assertions about transaction classes relate to the entire period under audit.
Occurrence
Transactions and events that have been recorded have occurred and pertain to the entity.
Completeness
All transactions and events that should have been recorded have been recorded.
Accuracy/Valuation and Allocation
Amounts and other data relating to the recorded transactions and events have been recorded
appropriately.
Cutoff
Transactions and events have been recorded in the correct accounting period.
Classification and Understandability
Transactions and events have been recorded in the proper amounts.
Assertions about Account Balances

The assertions about account balances relate to the period end.
Occurrence/Existence
Assets, deferred outflows of resources, liabilities, and deferred inflows of resources exist.
Rights and Obligations
The entity holds or controls the rights to assets, and liabilities are the obligations of the entity.
Completeness
All assets, deferred outflows of resources, liabilities, and deferred inflows of resources that should
have been recorded have been recorded.
Assets, deferred outflows of resources, liabilities, deferred inflows of resources, fund balances, and
net position are included in the financial statements at appropriate amounts, and any resulting
valuation or allocation adjustments are recorded appropriately.
Valuation relates to account balances that require an estimate after initial recording to
determine value, such as uncollectible receivables, obsolete inventory, or other asset
impairments. Allocation refers to items for which an expense related to usage is
allocated over useful life, such as property and certain intangibles or amortization of
premiums or discounts related to liabilities.

Classifications between current and noncurrent assets and liabilities of proprietary funds, and
classifications of net positions and fund balances are properly presented.
Assertions about Presentation and Disclosure
The assertions about presentation and disclosure can relate to matters during the period or at the
period end.
Occurrence/Existence
Disclosed events and transactions have occurred.
Rights and Obligations
Disclosed events and transactions pertain to the entity.
Completeness
All disclosures that should have been included in the financial statements have been included.
Financial and other information is disclosed fairly and at appropriate amounts.
Financial information is appropriately presented and described, and information in disclosures is
expressed clearly.

Relevant Assertions
The auditor assesses risks of material misstatement at the relevant assertion level and designs
audit procedures to mitigate that risk. A relevant assertion is an assertion that has a reasonable
possibility of containing a misstatement or misstatements that would cause the financial
statements to be materially misstated. Determining whether an assertion is relevant is made
without regard to the effect of internal controls.
Note
For example, the valuation assertion is usually not relevant to the gross amount of the
accounts receivable balance but is usually relevant to the related allowance for
uncollectible accounts.
The Auditor's Focus

The auditor focuses on assertions that have a reasonable chance of being misstated for a
particular item. The auditor identifies and assesses risks of material misstatement to prepare the
audit plan and determine the nature, timing, and extent of further audit procedures at the
relevant assertion level.
Identifying Relevant Assertions
For each significant transaction class, account balance, and disclosure, the auditor determines the
relevance of each financial statement assertion by evaluating the following: the source of likely
potential misstatement; the nature of the assertion; the volume of transactions or data related to
the assertion; and the nature and complexity of the systems, including the use of IT, by which the
entity processes and controls information supporting the assertions.
Linking Further Audit Procedures to Risks
By understanding the assertions that are relevant to a transaction class, account balance, or
disclosure and how identified risks relate to them, the auditor can design and link further audit
procedures that are responsive to the assessed risk of material misstatement.
Categories of Assertions That May Be Used
Many auditors combine assertions for transactions and events, account balances, and
presentation and disclosure as follows: existence or occurrence, completeness, rights or
obligations, valuation or allocation, accuracy or classification, and cutoff.
3 C. Identifying Risks of Material
Misstatement at the Relevant Assertion
Level
Introduction
To assess the risk of material misstatement at the relevant assertion level for transaction classes,
account balances, and disclosures, the auditor should do the following: identify risks throughout
the process of obtaining an understanding of the entity and its environment, including relevant
internal controls that relate to the risks; assess the identified risks and evaluate whether they
potentially affect many assertions because of their pervasive effect on the financial statements;
relate the identified risks to what can go wrong at the relevant assertion level, considering the
relevant controls to be tested; consider whether the risks are of a magnitude that could result in a
material misstatement of the financial statements; and consider the likelihood that the risks,
including the potential for multiple misstatements, could result in a material misstatement of the
Information from Risk Assessment and Other Planning Procedures

Previously, we discussed the procedures the auditor performs to obtain an understanding of the
entity and its environment, including its internal control, and the information the auditor gathers
throughout that process to identify risks of material misstatement. The auditor uses professional
judgment to combine the information gathered to identify the areas in which the entity's financial
statements may be susceptible to material misstatement due to fraud or error. Once the auditor
understands what can go wrong in the financial statements, s/he can develop an appropriate
response to such risks.
Specialized Considerations for Governmental Units
In identifying risks unique to governmental units that could affect an opinion unit's financial
statements, the auditor should consider the following: whether the entity relies heavily on income
from a single source (such as income, sales, or property taxes) and the likelihood that the source
could be negatively impacted (such as due to a poor economy); whether bond rating agencies are
considering downgrading the entity's bond rating; whether there have been changes in the terms
or volume of the entity's federal awards (for example, whether the awards have become for
shorter periods or are being phased out); whether changes in the economy have affected major
taxpayers or major utility customers; and the results of grantor agency reviews.
Past Experience with the Entity
Past experience with the entity is a primary way of identifying the risk of misstatement from error.
For example, the auditor will know whether the entity maintains current accounting policies and
procedures manuals; whether reports required by state or federal agencies are submitted on a
timely basis; whether internal control deficiencies or compliance findings from previous audits
were resolved on a timely basis; and whether the entity maintains its day-to-day accounting
records on a cash basis and converts the financial statements to a GAAP basis only at year-end.
There is an increased risk that the financial statements will be materially misstated when an entity
does not follow GAAP during the year and attempts to record material correcting entries at year-
end.
Accounting and Reporting Personnel and System
The competence of accounting personnel and the quality of the accounting and financial
reporting system are the other primary sources of information on the risk of material
misstatement arising from error. Employee training and skills can affect the effectiveness of
internal control. Segregation of duties may be inadequate or nonexistent. Low pay scales may
result in personnel with limited accounting education or experience. Rapid employee turnover
may result in inadequate training for replacements.
Combining the Information
Once auditors have accumulated information for identifying potential risks, they evaluate the
information in combination to determine whether it indicates areas susceptible to material
misstatement. The auditor considers the information in the context of whether the risk relates to
fraud or error; whether the risk is pervasive to the financial statements as a whole or related to
relevant assertions for specific transaction classes, account balances, or disclosures; how the
potential risk could affect specific assertions; if the risk is a potential fraud risk, the extent to which
fraud conditions (incentives or pressures, opportunities, and attitudes or rationalization) have
been observed; and whether the risk is of a magnitude that could result in material misstatement
of the financial statements.
This process helps the auditor identify what could go wrong at the relevant assertion
level, assess the risks, and develop appropriate responses.
Magnitude of the Risk

Magnitude refers to whether a risk could result in a material misstatement of the financial
statements. It is a consideration of materiality, including both quantitative and qualitative factors.
In quantitative terms, the auditor considers whether there is a risk of misstatement that could be
material to an opinion unit. The auditor also should consider the qualitative aspect of materiality
in terms of the magnitude of misstatement that might be considered material to financial
statement users. Qualitative considerations are particularly important in evaluating the
magnitude of potential fraudulent financial reporting risks because fraud involves deception of
financial statement users. In quantitative terms, the fraudulent misstatement may not be
material, but the auditor ordinarily would conclude that the matter is of a magnitude that could
be significant to financial statement users.
Documentation of Identified Risks

The auditor is required to document key elements of the understanding of the entity and its
environment; sources of information from which the understanding was obtained; the risk
assessment procedures performed; and the assessment and identification of risks of material
misstatement at the financial statement and relevant assertion levels. At the relevant assertion
level, these risks include significant risks, and those for which substantive procedures alone do not
provide sufficient appropriate evidence. Auditors are also required to document the specific risks
of material misstatement due to fraud that were identified and the reasons for that conclusion.
3 D. Assessing Risks of Material

Misstatement at the Relevant Assertion
Level
Introduction
The auditor's consideration of audit risk at the individual transaction class, account balance, or
disclosure level directly assists the auditor in determining the nature, timing, and extent of further
audit procedures for relevant assertions related to the classes, balances, or disclosures. To assess
the risk of material misstatement at the assertion level, the auditor has to consider the likelihood
that the identified risks could result in a material misstatement of the opinion unit's financial
statements. Likelihood is a function of the assessed level of inherent and control risks.
The Audit Risk Model
Audit risk is the risk that the auditor expresses an inappropriate audit opinion when the financial
statements are materially misstated. Audit risk is a function of the risk of material misstatement
and detection risk.
Risk of Material Misstatement
The risk of material misstatement (RMM) is the risk that the financial statements are materially
misstated prior to the audit. This risk consists of inherent risk and control risk at the assertion
level.
A. Inherent risk (IR) is the susceptibility of an assertion about a transaction class, account
balance, or disclosure to a misstatement that could be material, either individually or when
aggregated with other misstatements, before considering any related controls. Some items in
a governmental unit's financial statements are inherently risky, such as those with complex
legal and/or regulatory requirements and those requiring accounting estimates. Inherent risk
exists regardless of the entity's controls.
B. Control risk (CR) is the risk that a misstatement that could occur in an assertion about a
transaction class, account balance, or disclosure and that could be material, either
individually or when aggregated with other misstatements, will not be prevented, or detected
and corrected, on a timely basis by the entity's internal control.
Note
Inherent risk and control risk are entity risks, meaning that they exist within the entity
regardless of any procedures the auditor performs. The aggregate risk of material
misstatement in the risk assessment model is expressed as follows: RMM = IR × CR.
Detection Risk
Detection risk (DR) is the risk that the procedures performed by the auditor to reduce audit risk to
an acceptably low level will not detect a misstatement that could be material, either individually
or when aggregated with other misstatements. It is a function of the effectiveness of the nature,
timing, and extent of substantive procedures applied by the auditor and consists of the risk
associated with tests of details (TD) and the risk associated with substantive analytical procedures
(AP).
Detection risk is the auditor's risk. It exists outside the entity and depends on the
auditor's skill in determining the appropriate audit procedures and performing them
correctly to reduce the risk that the auditor will provide an inappropriate opinion on the
Risk of Material Misstatement at the Relevant Assertion Level

The assessment of risk at the relevant assertion level is a judgment rather than a precise
measurement. The auditor can use quantitative terms (such as a percentage) or nonquantitative
terms (such as high, moderate, or low). The auditor should have an appropriate basis for the
judgment about risk at the relevant assertion level. This basis is obtained through the risk
assessment procedures performed to obtain an understanding of the entity and its environment
and, if applicable, through performing tests of controls.
General Risk Assessment Factors
The auditor's identification of risks at the financial statement level may identify factors that
increase the specific risk of material misstatement for particular transaction classes, account
balances, or disclosures. For example, if the auditor's overall risk assessment indicates a high risk
of senior management manipulating the financial statements, the auditor may identify significant
accounting estimates as having a higher specific risk of material misstatement because of the
general susceptibility of estimates to senior management bias. In this situation, the auditor would
identify specific risks related to the valuation assertion for account balances or transaction classes
that involve a relatively large degree of estimation. This example illustrates how risks at the
financial statement level can also result in risks at the assertion level.
Note
The auditor would also identify those risks as fraud risks because they relate to
fraudulent financial reporting.
Accounting Estimates
As part of risk assessment, the auditor should evaluate the degree of estimation uncertainty of
accounting estimates and determine whether those with a high degree of estimation uncertainty
represent significant risks. The auditor is required to determine whether all of the following are
true:
A. Management has appropriately applied GAAP to the accounting estimate.
B. The method for making the estimate is appropriate and applied consistently.
C. Any change in the estimate or method from the prior period is appropriate.
Related Parties
The auditor should identify and assess the risks of material misstatement associated with related-
party relationships and transactions to determine whether they represent significant risks. In
addition, if related-party fraud risk factors are identified, the auditor should consider them in
identifying and assessing fraud risks.
Significant Audit Areas
The auditor then identifies significant audit areas. An audit area consists of the related transaction
classes, account balances, and disclosures. The auditor should consider the following factors in
determining which audit areas are significant:
A. The relative materiality of an account balance to the opinion unit financial statements
B. The relative significance of a transaction class to the entity's operations or the overall opinion
unit financial statements because of, for example, the materiality or volume of transactions
flowing through the account during the period
C. The susceptibility of the account balance or transaction class to fraud, including both theft
and similar loss of related assets and intentional misstatement by management
D. Audit areas that for other reasons have a high assessed level of inherent risk or contain
significant risks
Note
Reasons include complex calculations, difficult or contentious accounting issues,
new accounting standards, need for judgment, unusual nature of transactions,
past history of significant adjustments, past history of significant adjustments, or
other engagement risk factors.
E. Disclosures that require additional effort at the account balance level in individual audit areas
to ensure their accuracy and completeness
Specific Risks of Material Misstatement
For each audit area, the auditor describes the specific risks of material misstatement affecting the
account balance, transaction class, or related disclosures. The description should include the
cause and direction of potential misstatement and the financial statement assertions affected.
The auditor considers the cause of misstatement—error, fraudulent financial reporting, or theft—
and the effect on the direction of misstatement. The auditor should evaluate whether the
following two specific types of risk are present: significant risks that require special audit
consideration and risks for which substantive procedures alone do not provide sufficient
appropriate evidence.
Significant Risks Requiring Special Audit Consideration
Significant risks require special audit consideration. One or more significant risks normally arise
on most audits. They are likely to exist even in situations in which there are no new or unusual
circumstances at the entity. The auditor's determination of significant risks is based primarily on
the consideration of inherent risk. To determine whether the risk is such that it requires special
audit consideration, the auditor should focus on the nature of the risk; the likely magnitude of the
potential misstatement, including the possibility of multiple misstatements; and the likelihood of
the misstatement occurring.
Nature of the Risk: The nature of the risk is particularly important. The nature of the risk should be
evaluated by considering whether any of the following are true:
1. The risk is a risk of fraud.
2. The risk is related to recent significant economic, accounting, or other developments.
3. The transactions are complex.
4. The risk involves significant transactions with related parties.
5. There is a large degree of subjectivity in the measurement of the financial information related
to the risk.
6. The risk involves significant transactions outside the normal course of business or that
otherwise appear unusual.
Effect on Further Audit Procedures: The auditor should document the significant risks that were
identified and related controls that were evaluated. The identification of significant risks has
important implications for further audit procedures. The auditor must determine whether the
audit approach will involve reliance on controls. If so, the auditor must perform tests of controls in
the current period; reliance on evidence from tests of controls performed in prior periods is not
permitted. The auditor will perform substantive procedures that are specifically responsive to the
risk. If the auditor decides not to rely on controls and instead to perform only substantive
procedures, those procedures should include tests of details.
Risks for Which Substantive Procedures Alone Are Not Sufficient

The auditor may identify risks for which it is not possible or practicable to reduce detection risk at
the relevant assertion level to an acceptably low level with audit evidence obtained only from
substantive procedures. These risks often occur in audit areas in which a significant amount of the
entity's information is initiated, authorized, recorded, processed, or reported electronically. In this
situation, the auditor will need to test controls over the related assertions.
Inherent Risk
The auditor's assessment of inherent risk can significantly affect planned further audit procedures.
Inherent risk is higher for some assertions and related transaction classes, account balances, or
disclosures than for others. Inherent risk is assessed before consideration of related controls. The
auditor may consider factors such as the following in assessing inherent risk:
A. The effect of risk factors identified at the opinion unit or engagement level
B. The complexity and contentiousness of accounting issues
C. The frequency or significance of difficult-to-audit transactions or disclosures
D. The nature, cause, and materiality of misstatements detected in prior audits
E. The susceptibility to fraud, including both misappropriation of assets and fraudulent financial
reporting
F. The competence and experience of entity personnel assigned to process data or make
decisions
G. The extent of judgment or estimates involved
H. The size and volume of items comprising the account balances or transaction classes
I. The complexity of calculations
Control Risk
The next step is for the auditor to assess control risk. Most auditors use a scale of high, moderate,
or low. A control risk assessment of less than high should be supported by tests of the operating
effectiveness of controls. Reliance on procedures performed when evaluating internal control
design and implementation is only appropriate if the auditor has assurance about the operating
effectiveness of controls throughout the period under audit. Ordinarily, risk assessment
procedures will not be sufficient to support a control risk assessment below moderate.
Combined Risk of Material Misstatement
The risk of material misstatement is the product of the auditor's combined assessment of inherent
risk and control risk. The auditor is permitted to make a combined assessment of the risk of
material misstatement at the assertion level. Alternatively, the auditor can make separate
assessments of inherent risk and control risk and then combine them. The auditor evaluates the
combined risk as high, moderate, or low.

Documentation of the Risk of Material Misstatement
The auditor is required to document the assessment of the risk of material misstatement at the
relevant assertion level. The auditor should identify significant audit areas; identify fraud risks and
other significant risks; document the auditor's assessment of inherent risk, control risk, and
combined risk of material misstatement at the assertion level; and describe the auditor's planned
response.
3 E. Considering Fraud Risks

Introduction
The auditor's assessment of the risks of material misstatement encompasses misstatements
caused by both error and fraud. This section discusses in more detail how the auditor considers
fraud risks. Identified fraud risks may require an overall response; a response that is specific to a
particular account balance, transaction class, or disclosure at the relevant assertion level; or both.
An overall response generally is considered when establishing the overall audit strategy, while a
specific response is considered when developing the detailed audit plan.
Fraud Risk Factors

When obtaining an understanding of the entity and its environment, including its internal control,
the auditor is required to consider whether fraud risk factors are present. Fraud risk factors are
events or conditions that indicate the presence of an incentive or pressure to commit the fraud, an
opportunity to carry out the fraud, and/or an attitude or a rationalization to justify the fraud. All
three factors need not be present for fraud to be committed. The two types of fraud relevant to the
audit are fraudulent financial reporting and misappropriation of assets.
Note
The auditor's primary concern when considering fraud risk factors is to identify whether
a risk factor is present and should be considered in identifying and assessing risks of
material misstatement due to fraud. The presence of a particular fraud risk factor does
not necessarily indicate the existence of fraud. When evaluating whether a fraud risk
factor is present, the auditor does not consider significance of the risk or any mitigating
controls. Those matters are considered later.
Identifying Risks of Material Misstatement Due to Fraud
The auditor identifies and assesses the risks of material misstatement due to fraud at the
assertion level for transaction classes, account balances, and disclosures. The auditor then
describes those fraud risks in terms of their potential effects on the financial statements. The
nature of the observed fraud risk conditions may help the auditor determine the type of risk. For
example, information related to employee dissatisfaction, assets susceptible to theft, and
inadequate safeguarding controls generally indicates susceptibility to misappropriation of assets.
Information related to external pressures to present favorable financial condition or operating
results, accounts or transactions susceptible to manipulation, and inadequate monitoring and
financial reporting controls generally indicates susceptibility to fraudulent financial reporting.
Magnitude of the Risk
The auditor is only responsible for detecting material fraud. Therefore, the auditor considers
whether an identified fraud risk is of a magnitude that could result in material misstatement of
the financial statements or would be likely to occur in material amounts, recognizing that
materiality has both quantitative and qualitative aspects.
Presumption of Revenue Recognition as a Fraud Risk
Material misstatement of the financial statements due to fraudulent financial reporting often
results from improper revenue recognition. Auditors should ordinarily presume that improper
revenue recognition is a risk of material misstatement due to fraud. Absent an effective oversight
process, the opportunity for improper revenue recognition almost always exists because of the
possibility of management override of controls. In a governmental entity, management may
intentionally misstate revenue in the following ways:
A. Recognizing significant revenues on a cash basis instead of on an accrual or a modified
accrual basis
B. Recording revenue in the wrong fund
C. Understating or overstating the allowance for uncollectible receivables
D. Failing to net revenue against expenses or expenditures when required, such as when
insurance recoveries are received in the same year as an impairment loss
E. Recognizing revenue from a legal judgment before the amount is realizable
F. Recognizing revenue from cost reimbursement grants for costs that were not incurred
Overcoming the Presumption of Revenue Recognition as a Fraud Risk
The presumption that improper revenue recognition is a fraud risk may be overcome. For example,
the auditor may note an absence of significant pressures or incentives and an absence of realistic
opportunities. However, the auditor should consider whether a specific opinion unit may have
revenue recognition as a fraud risk. Because revenue is generally material to the financial
statements, the auditor may not be able to overcome the presumption if one or more indications
of potential improper revenue recognition have been identified. If improper revenue recognition is
not identified as a risk of material misstatement due to fraud, the auditor is required to document
the reasons supporting that conclusion.
Assessing Risks of Material Misstatement Due to Fraud
The auditor is required to assess identified fraud risks, taking into account an evaluation of the
entity's antifraud programs and internal control. In other words, before developing a response to
identified fraud risks, the auditor evaluates whether the risks are mitigated by internal controls
and other antifraud programs that address those risks. In determining whether an identified fraud
risk is mitigated, the auditor considers the risk assessment and other procedures performed to
obtain an understanding of the entity and its environment, including its internal control.
Mitigating Controls
As part of the risk assessment and other procedures performed to obtain an understanding of the
entity and its environment, the auditor evaluates whether the entity's antifraud programs and
internal controls that address identified fraud risks have been properly designed and
implemented, and whether those programs and controls mitigate the identified fraud risks. In
some cases, control deficiencies may exacerbate the risks. Because assessed risks of material
misstatement due to fraud are considered to be significant risks, the auditor is required to
understand and evaluate controls, including control activities, relevant to those risks.
For many governmental units, a major mitigating factor may be the oversight provided by the
governing body. As a general rule, there is no motivation for the governing body to materially
misstate the financial statements. Therefore, an active governing body can be a strong mitigating
factor. However, the auditor should regularly reassess the body's effectiveness, since the members
may turn over often. Another mitigating factor in many governmental units is management's
monitoring of budget-to-actual revenues and expenditures, which can reduce the risk of
improperly classified amounts.
Tests of Controls and Substantive Procedures
Ordinarily, the auditor tests controls only if it is efficient or if detection risk cannot be reduced to
an acceptable level without testing controls. Although the auditor's response to identified fraud
risks may include testing controls, tests of controls alone cannot reduce audit risk to an
appropriately low level. Regardless of the assessed risks of material misstatement, the auditor
should design and perform substantive procedures for all relevant assertions related to each
material transaction class, account balance, and disclosure. Thus, even if controls are tested, the
auditor must perform some substantive procedures, including substantive tests of details. The use
of only substantive analytical procedures is not permitted.
Controls Related to Misappropriation of Assets
Inadequate controls for preventing or detecting misappropriation of assets, including fraudulent
cash disbursements, may increase the susceptibility of assets to theft. When considering fraud risk
factors, the auditor may identify deficiencies in such controls, which create an opportunity for
misappropriation. At that point, the auditor's consideration of controls may be influenced by the
degree to which assets susceptible to misappropriation are present. If the auditor identifies a risk
of material misstatement due to misappropriation of assets, the auditor generally has already
considered risk factors related to control deficiencies that exacerbate the risk by creating an
opportunity for misappropriation of assets. If the auditor has identified such risk factors and
concluded that a risk of material misstatement of an opinion unit's financial statements related to
misappropriation exists, it is unlikely that the auditor will be able to identify antifraud programs
and controls sufficient to overcome the previous consideration of risk factors.
Note
In this situation, the auditor will include substantive procedures, including tests of
details, in her/his further audit procedures.
Responding to Identified Fraud Risks

The auditor responds to identified fraud risks in the following three ways: overall responses;
specific responses that involve the nature, timing, and extent of further audit procedures; and
responses to further address the risk of management override of controls. The way the auditor
responds generally depends on the nature and significance of the identified risks and the
antifraud programs and controls that address the risks.
Documentation of Risks of Material Misstatement Due to Fraud

The auditor is required to document when the engagement team discussion regarding the entity's
susceptibility to fraud occurred, who participated, and the significant decisions reached. Identified
and assessed fraud risks at both the financial statement and assertion levels are required to be
documented, as should overall responses to assessed fraud risks at the financial statement level;
the nature, timing, and extent of audit procedures at the assertion level; and linkage of the risks
with the procedures at the assertion level. The auditor is required to document the results of
procedures, including those designed to address management override of controls, and the
nature of communications about fraud. If applicable, the auditor is required to document how
s/he overcame the presumption that improper revenue recognition is a fraud risk.
3 F. Responding to the Risk Assessment

and Preparing the Detailed Audit Plan
Introduction
The auditor should design and perform further audit procedures whose nature, timing, and extent
respond to the assessed risks of material misstatement at the relevant assertion level. In
designing further audit procedures, the auditor considers the reasons for the assessed risk of
material misstatement—including the related inherent risk and control risk—and obtains more
persuasive evidence in higher risk areas. The design and performance of audit procedures that are
based on and responsive to the assessed risks of material misstatement at the relevant assertion
level provide a clear linkage between the risk assessment and further audit procedures.
Planned Further Audit Procedures at the Relevant Assertion Level

A significant component of the audit plan is a description of the nature, timing, and extent of
planned further audit procedures at the relevant assertion level. The audit plan documents the
audit procedures to be performed that are expected to reduce audit risk to an acceptably low
level. The audit plan (often called an audit program) is more detailed than the audit strategy.
Once the audit strategy has been established, the auditor can start to develop a more detailed
audit plan to address the matters identified in the audit strategy. The audit plan should describe
the nature and extent of planned risk assessment procedures; the nature, timing, and extent of
planned further procedures at the relevant assertion level; and other planned procedures required
by GAAS.
In considering assertions and procedures for governmental units, the auditor may develop the
audit approach by the following broad categories: governmental funds, proprietary funds,
fiduciary funds, reconciliation of funds statements to government-wide statements, and
component units.
The Audit Approach

The purpose of the risk assessment is to determine the nature, timing, and extent of further audit
procedures to be performed. The auditor identifies risks of material misstatement due to error or
fraud, considers management's responses to those risks through operating decisions and controls,
and addresses the risk of material misstatement at the relevant assertion level. Based on that risk
assessment, the auditor determines what audit procedures need to be performed.
Chapter 4 of this course discusses substantive procedures in detail. Chapter 5

discusses tests of controls in detail.
Documentation of the Detailed Audit Plan

The auditor is required to document several considerations in relation to the detailed audit plan.
What Should Be Documented
The auditor should document the following related to preparing the detailed audit plan:
The overall responses to address the assessed risks of material misstatement at the
opinion unit financial statement level
The nature, timing, and extent of further audit procedures
The linkage of further audit procedures with the assessed risks at the relevant assertion
level
The results of the audit procedures and conclusions that are not otherwise clear
What Should Be Included in the Audit Plan

The detailed audit plan should describe the following:
A. The nature, timing, and extent of planned further audit procedures at the relevant assertion
level for each material transaction class, account balance, and disclosure
B. Other audit procedures planned to be performed in order to comply with GAAS, such as
seeking direct communication with the entity's lawyers
Planning for audit procedures takes place during the course of the audit, and the risk
assessment procedures may cause the auditor to change specific further audit
procedures. The auditor should document changes to the original audit plan.
3 G. Chapter Summary
This chapter discussed the classes of financial statement assertions and how to identify, assess,
and respond to risks of material misstatement at the relevant assertion level. It provided a
separate discussion of how to identify, assess, and respond to risks of material misstatement due
to fraud. It also discussed the auditor's considerations in developing the detailed audit plan.
Chapter 4 of this course provides a more detailed discussion of substantive procedures, while
Chapter 5 provides a more detailed discussion of tests of controls.
Study Question 10
How does an auditor determine relevant assertions in a financial statement audit?
By testing the effectiveness of controls over each assertion
A in a material or significant transaction class, account
balance, or disclosure
B By relying exclusively on the auditor's knowledge of and

experience with the entity gained in previous audits
C By focusing on assertions that have a reasonable chance of

being misstated for a particular item
D By inquiring of management, others within the entity, and

those charged with governance
Study Question 11
Why does the auditor consider both inherent risk and control risk when considering the risk of
material misstatement at the relevant assertion level?
A The risk of material misstatement at the relevant assertion

level consists of inherent and control risk.
B The risk of material misstatement at the relevant assertion
level consists of inherent risk, control risk, and detection
risk.
Inherent risk and control risk are directly related to the risk
C associated with tests of details and substantive analytical
procedures.
Inherent risk and control risk determine whether audit risk
D will be reduced to an acceptably low level by the auditor's
procedures.
Study Question 12
What is the effect on further audit procedures when the auditor decides to perform only
substantive procedures?
A The auditor may need a different level of assurance than if

tests of controls were to be performed.
B The auditor may rely on evidence from prior-period tests of

controls.
C The substantive procedures should rely solely on positive

confirmations.
D Substantive procedures cannot consist of solely analytical

procedures.
Chapter 4. Substantive Procedures

This chapter discusses issues related to substantive testing in a financial statement audit. It
describes the substantive procedures that are required in every audit. It discusses ways to
determine which substantive procedures to perform, as well as the application of tests of details
and substantive analytical procedures to transactions and account balances, including tests of
details of compliance with laws, regulations, contracts, or grant agreements. This chapter
concludes with a discussion of how the auditor can use audit sampling in tests of details.
identify issues related to substantive testing in a financial statement audit.
Substantive procedures are further audit procedures performed to detect material misstatements
at the relevant assertion level. For each relevant assertion within a material account balance,
transaction class, or disclosure, the auditor determines the nature, timing, and extent of
substantive procedures necessary to obtain sufficient, appropriate audit evidence to express an
opinion on the opinion unit's financial statements. Substantive procedures consist of tests of
details and substantive analytical procedures.
4 B. Specialized Considerations for

Governmental Units
Governmental units typically maintain multiple funds. Auditors can increase audit efficiency by
designing audit procedures that can be applied to more than one fund. When an auditor performs
audit procedures based on transaction cycles, such as the cash disbursements cycle, the
procedures should be designed to give appropriate coverage to each opinion unit. Frequently, a
government's internal control for a transaction cycle is the same regardless of the funds in which
the transactions and balances are reported in the financial statements. In this situation, the
auditor's consideration of internal control for that transaction cycle would apply equally to all
applicable opinion units.
4 C. Substantive Procedures Required in

Every Audit
Introduction
Because of the judgmental nature of the auditor's risk assessments and the inherent limitations of
internal control, particularly the risk of management override, auditing standards prescribe
certain substantive procedures to be performed in every audit. The specific procedures that need
to be performed depend on the auditor's judgment about the sufficiency and appropriateness of
audit evidence in the circumstances.
Material Account Balances, Transaction Classes, and Disclosures

Regardless of the assessed risk of material misstatement, the auditor should design and perform
substantive procedures for all relevant assertions related to each material account balance,
transaction class, and disclosure.
Financial Close and Reporting Process

The auditor is required to agree or reconcile the financial statements, including the accompanying
notes, to the underlying accounting records. The auditor's documentation should demonstrate
that agreement or reconciliation. In addition, the auditor is required to examine material journal
entries and other adjustments made during the course of preparing the financial statements.
Governments often maintain accounting systems on a basis of accounting other than GAAP and
prepare journal entries supported by worksheets to convert accounting system information for the
basic financial statements.
Management Override of Controls
Substantive procedures are required in all audits to address the risk of management override of
controls.
Journal Entries and Other Adjustments
The auditor is required to examine journal entries and other adjustments for evidence of possible
material misstatement due to fraud. Required procedures are as follows:
A. Obtain an understanding of the financial reporting process and controls over journal entries
and other adjustments and the suitability of design and implementation of those controls.
B. Inquire of employees involved in the financial reporting process about inappropriate or
unusual journal entry activity related to the processing of journal entries and other
adjustments.
C. Consider fraud risk factors, the nature and complexity of accounts, and entries processed
outside the normal course of business.
D. Select journal entries and other adjustments made at the end of the reporting period.
E. Consider the need to test journal entries and other adjustments made throughout the period.
Accounting Estimates
The auditor is required to review accounting estimates for biases that could result in material
misstatement due to fraud. Required procedures are as follows:
A. Evaluate whether management's judgments and decisions, even if individually reasonable,
indicate possible bias that may represent a material misstatement due to fraud and, if so,
reevaluate the accounting estimates as a whole.
B. Perform a retrospective review of management's judgments and assumptions related to
significant prior-year accounting estimates.
Unusual Transactions
The auditor is required to evaluate the business rationale for significant unusual transactions.
Significant Risks
When the audit approach to significant risks consists only of substantive procedures, those
procedures should be tests of details only or a combination of tests of details and substantive
analytical procedures. The use of only substantive analytical procedures is not permitted for
significant risks.
Other Specific Requirements
Presumptively mandatory requirements for substantive procedures for particular account
balances include confirmation of accounts receivable and observation of inventory. Requirements
that do not relate to particular account balances or transaction classes include reviewing for
subsequent events and reading minutes of meetings of those charged with governance.
Documentation of Substantive Procedures
The auditor is required to document substantive procedures, including responses to fraud risks, as
follows: the nature, timing, and extent of substantive procedures; the linkage of those procedures
with the assessed risks at the relevant assertion level; and the results of the procedures, including
procedures to address the risk of management override of controls.
4 D. Choosing Which Substantive

Procedures to Perform
Sufficiency and Appropriateness of Audit Evidence
The auditor should consider the sufficiency and appropriateness of audit evidence to be obtained
when assessing risks and designing further audit procedures. Sufficiency is the measure of the
quantity of evidence. Appropriateness is the measure of the quality of evidence—its relevance and
reliability in providing support for the conclusions on which the auditor's opinion is based.
Reliability of Audit Evidence
The reliability of audit evidence is affected by both the nature and source of the evidence.
A. Audit evidence is more reliable when it is obtained from knowledgeable independent sources
outside the entity.
B. Audit evidence that is generated internally is more reliable when the related controls imposed
by the entity are effective.
C. Audit evidence obtained directly by the auditor is more reliable than audit evidence obtained
indirectly (such as by inquiry) or by inference.
D. Audit evidence is more reliable when it exists in documentary form, whether paper, electronic,
or other medium.
E. Audit evidence provided by original documents is more reliable than audit evidence provided
by photocopies, faxes, or electronic images.
Electronic images can include documents that have been filmed, digitized, or
otherwise transformed into an electronic form.
Audit Evidence of Questionable Reliability

If audit evidence obtained from different sources is inconsistent or there is doubt about the
reliability of information to be used as audit evidence, the auditor should determine what changes
or additions to audit procedures are needed to resolve the matter and consider the effects on
other aspects of the audit. Examples of such situations include the following: explanations
obtained from different sources conflict; management's explanations for significant fluctuations
differ from the auditor's expectations; and responses to inquiries about analytical relationships are
vague, implausible, or inconsistent with the auditor's knowledge or other audit evidence.
Nature, Timing, and Extent of Substantive Procedures
As the risk of material misstatement increases, the quantity and quality of audit evidence to be
obtained from substantive procedures also increase. A high-risk situation may affect both the
combination and types of audit procedures to be performed. The auditor generally decides the
timing of audit procedures (at an interim date or at period end) when establishing the overall
audit strategy. As a result, in designing further audit procedures, the auditor will focus on the
nature and extent of substantive procedures. The nature of audit procedures is most important in
responding to the assessed risks of material misstatement. Increasing the extent of an audit
procedure generally is effective only if the audit procedure itself is relevant to the specific risk.
Basic Types of Substantive Procedures

Substantive procedures can be classified and described based on their nature. Basic types of
procedures include the following: inspection of tangible assets (i.e., physical examination),
confirmation, inspection of documents (including vouching and tracing), reperformance and
recalculation, inquiry, analytical procedures (including scanning), and observation of entity
activities or locations.
4 E. Tests of Details
Application to Transactions and Balances
Tests of details may be applied to transactions and to balances. Tests of transactions are tests of
the processing of individual transactions by inspecting the documents and accounting records
involved in processing, for example, inspecting supporting documents for a cash disbursement.
Tests of balances are tests applied directly to the details of balances in general ledger accounts,
such as confirming accounts receivable balances.
Note
Tests of transactions and balances are related because each class of transactions
affects a related account balance. An auditor may test the transactions that enter an
account balance, the individual items included in the ending balance, or both.

Transaction testing is relatively more important than account balance testing in a governmental
audit because of compliance testing requirements. The auditor often can perform tests of
compliance simultaneously with tests of the details of transactions. Generally, revenue and
expenditure transactions should be tested. Major classes of revenue transactions have to be
identified to develop audit programs. Major classes of revenue transactions can include income,
property, and sales taxes; licenses and fees; special assessments; fines; grants or shared revenues;
interfund transfers; and bond proceeds. Major classes of expenditure transactions can include
personal services; goods and other services; capital expenditures; and indirect cost allocations.
Common Areas of Transaction Testing
Common areas in a governmental engagement in which the focus is primarily on transactions are
as follows: revenue, receivables, and receipts for governmental funds; expenditures for goods and
services and accounts payable; and payroll and related liabilities. Other areas that are concerned
with both statement of net position account balances and transaction classes are capital assets
and capital expenditures, and debt and debt service expenditures.
Where Transactions Are Reported
Generally, the statement of net position amounts are presented in the government-wide financial
statements and in the reconciliation to the funds statements. The related expenditures are
presented as current expenditures of governmental funds. Therefore, the auditor must be
concerned with both the statement of net position accounts and the transaction classes.
Selecting Items for Testing
An important consideration in the effectiveness of audit evidence from tests of details is selecting
the items to test. Items should be selected in a way that is effective in meeting the purpose of the
test. Alternative methods include selecting all items, selecting specific or individually significant
items, and audit sampling.
Audit sampling in tests of details is discussed later in this chapter.
Documentation of Tests of Details

Audit documentation should include identifying characteristics of the items tested. The auditor
can list the items; include a schedule, such as an aged trial balance, on which the items are
identified; or document the source and selection criteria.
4 F. Substantive Analytical Procedures

Types and Purposes of Analytical Procedures
The use of substantive analytical procedures is optional. Analytical procedures are evaluations of
financial information made by a study and comparison of plausible relationships among both
financial and nonfinancial data. They include trend analysis, ratio analysis, and predictive or
reasonableness tests. Using analytical procedures generally involves the following: developing an
expectation of what an account balance should be; comparing the expected amount with the
recorded amount; determining whether any difference between the recorded and expected
amount is significant; investigating the cause of any unexpected significant difference; evaluating
the likelihood of material misstatement; and documenting the procedures.
Examples of analytical procedures are the comparison of an account balance with the
balance of the prior period or with a budgeted amount; computation of the ratio of one
financial statement account balance to the balance in another account with which it
would be expected to have a predictable relationship, such as computation of the ratio
of interest expense to debt and comparison of the resulting ratio to the known interest
rate on the debt; and estimation of investment income by considering the amount
invested and the average earnings rate.

Importance of Analytical Procedures
Analytical procedures include scanning and inquiry as well as computations and comparisons.
Scanning accounting records to identify unusual or unexpected relationships, or the absence of
expected relationships, is an integral aspect of applying analytical procedures. Inquiry is also
important because it can help identify useful analytical procedures, sources of information for
developing expectations, and explanations for differences between recorded amounts and
expectations.
Focus of Analytical Procedures
Substantive analytical procedures are focused on particular account balances. At this point in the
audit, the auditor will have already assessed the risk of material misstatement of the balance and
the likely direction of the misstatement. The auditor will have decided that performing analytical
procedures alone or in combination with tests of details is likely to provide reasonable assurance
that the account balance is not materially misstated in relation to the overall financial statements
of the opinion unit. To use the analytical procedure, the auditor will have concluded that a
sufficiently precise expectation of the recorded amount being tested can be developed from
reliable financial or nonfinancial data. Substantive analytical procedures will either be the primary
test of the account balance or will be used in combination with tests of details.
Differences from Expectations
If differences from expectations are sufficiently small, the auditor can conclude that there is
reasonable assurance the account balance is not misstated. Larger differences must be
investigated by obtaining corroborating explanations.
Designing Analytical Procedures
Substantive analytical procedures can be used to translate the auditor's understanding of the
entity's environment into reasonable assurance that a particular account balance is not materially
misstated. In designing analytical procedures, the auditor should consider whether the following
conditions exist: the use of substantive analytical procedures is appropriate considering the
relevant assertions; the data from which the expectation of recorded amounts or ratios is
developed is reliable; the expectation is sufficiently precise to identify the possibility of a material
misstatement at the desired level of assurance; and the amount of any difference in recorded
amounts from expected values is acceptable.
Inquiry of Management
A good first step in designing substantive analytical procedures is to ask management what
ratios, relationships, or internal or external data management finds useful, particularly in
identifying and monitoring risks. The auditor can find out the key factors that management
monitors, such as industry or trade publications or published statistics on the economy or the
industry, that help management be aware of important trends or patterns. In some cases,
management may have prepared reports with ratio analyses and comparisons the auditor can
use.
The Entity's Budget
Budget data can be a good source of auditor expectations. The auditor can use the original
budgeted amount for an account balance as her/his expectation of the recorded amount. The
auditor can then determine why actual amounts changed from the original estimate, particularly
if the entity amends the budget to conform to actual activity during the period. At a minimum, the
auditor's inquiries about budget preparation and inspection of budgets and variance reports
provide the auditor with a good working knowledge of the key factors that affect particular
account balances and the stability of plausible relationships.
In most governmental units, the budget has the force of law. Budgets often specify that
particular funds finance particular costs and establish the nature and amount of
interfund activity. The budget allocates anticipated resources. As a general rule,
expenditures that exceed budgeted amounts are legally prohibited. Either a
government's basic financial statements or RSI must include an analysis of significant
budget variations (original versus final budget and final budget versus actual results)
for the general fund and each major special revenue fund with a legally adopted
budget.
Audit Procedures Related to the Budget

Based on inquiry, observation, and reading of relevant statutes and/or ordinances, the auditor
should obtain an understanding of and document a general description of the entity's budgeting
procedures. The auditor should obtain an understanding of the process for adopting and
amending budgets, controlling expenditures, and monitoring adherence to budgets. For example,
the auditor could ask management whether department heads are required to address budget
variances on a monthly, quarterly, or annual basis. The existence of such controls may enforce
accountability over expenditures, which may, in turn, allow the auditor to limit audit procedures to
inquiry and substantive analytical procedures.
Comparisons among Governmental Units
Making comparisons among general purpose governments can be difficult because they engage
in a variety of activities and are affected by political factors. It may be meaningful to compare
segments of a general government, such as proprietary funds that provide utility service, with
similarly sized governmental or commercial entities. It also may be meaningful to make
comparisons among similarly sized and located specialized entities, such as school districts. In
addition, the auditor may be able to make a meaningful comparison with another general
purpose government of similar size, geographic location, demographic makeup, and type of
administration.
Historical Information of the Entity
The auditor could develop a set of ratios and analyses of the entity's historical financial
information that could be used to analyze financial trends. For example, comparing revenue by
source for the past five years improves the auditor's understanding of the entity's activities and
may identify a revenue source that requires increased attention in the current audit.
Inquiry of Operating Personnel
Operating departments often can be a source of reliable data if the data are outside the influence
of accounting personnel who record the transactions and outside potential manipulation of senior
management. If these conditions are met, the auditor can use operating data to design analytical
procedures that provide persuasive audit evidence about the validity and completeness of, for
example, service revenue and receivables. Total service revenue can be computed by multiplying
the quantity of service provided during the period by the average rate. Engineering or production
reports may be available that provide reliable information on quantity of service provided.
Circumstances Favorable to Analytical Procedures
Many governmental units are well-suited to the application of analytical procedures, particularly
in the areas of governmental fund revenue, proprietary fund service revenue, payroll and
employee benefits, and debt service expenditures.
Likely Cause of Potential Misstatements
Analytical procedures tend to be more useful as the primary substantive procedure when the risk
of misstatement has been assessed as being primarily from error. By nature, errors are as likely to
be understatements as overstatements, and a substantive analytical procedure is effective for
testing for both. For example, a predictive test of revenue developed from operating data can be
effective for detecting either overstatement or understatement of recorded revenue. Tests of
details tend to be directed to either overstatement or understatement.
For example, detection of understatement of revenue is the focus of tracing from

records of service provided to recorded service revenue. Detection of overstatement of
revenue is more likely to be detected by inspecting supporting documents or
confirming balances.
Availability of Reliable Data
The availability of reliable data to develop expectations is another circumstance that favors the
use of analytical procedures. As a general rule, data obtained from an independent outside source
(such as a property tax valuator located in another governmental unit) are better than internally
generated data. Nonfinancial data from an independent operating department tend to be more
reliable than data under the influence and control of the accounting department when the entity
has effective controls over collection of the operating data. Data from the accounting department
are more reliable when controls over the accounting system are effective. Audited data (such as
that audited by objective and competent internal auditors) are more reliable than unaudited data.
Precision of the Expectation
Another consideration is whether the expectation can be developed with reasonable precision.
Precision is the term that describes the degree of accuracy of the auditor's expectation to the
actual amount. When the auditor combines the evidence from substantive analytical procedures
with evidence from tests of details, a less precise expectation may be appropriate. A more precise
expectation may be necessary when the substantive analytical procedure is the only procedure
planned to address a particular risk of material misstatement.
A. Other things remaining equal, the larger the recorded amount, the more difficult it is to
develop a precise expectation. The reason is that a small percentage of a very large recorded
amount can be material to the financial statements of an opinion unit. The auditor may need
to break down the recorded amount into more predictable components, since expectations
developed at a more detailed level have a greater chance of detecting a material
misstatement of a given amount. For example, expectations developed concerning monthly
amounts are generally more precise than annual amounts. Comparisons by location or
department are generally more precise than entity-wide comparisons. An account balance
can sometimes be separated into different categories of transactions.
B. Analytical procedures can be effective in testing payroll. The auditor can compare payroll
expenditures to the prior-period actual amount and current budget (by department or
function and in total) and relate it to the number of personnel (by department or function and
in total).
C. Analytical procedures can be effective in testing employee benefits. The auditor can compare
vacation and sick leave amounts to the prior-period actual amount and the current budget
and can compare the ratio of amounts to gross pay with the ratio for the prior period. The
relation of these and other employee benefit expenditures, such as pension expenditures, to
the number of covered employees can be compared to the same relationship in the prior
period.
D. To apply analytical procedures to debt service expenditures or expense, the auditor may be
able to obtain persuasive evidence about the reasonableness of interest expenditures by
comparing the amount to the computation of average rate times average debt outstanding.
Normally, the auditor can review the entity's schedule of debt service for reasonableness in
conjunction with the analytically tested interest cost.

Analytical Procedures and Fraud Detection
The auditor is required to evaluate whether analytical procedures performed as substantive
procedures or in the overall review stage of the audit indicate a previously unrecognized risk of
material misstatement due to fraud. Analytical procedures are generally useful for identifying
audit areas in which there is an increased risk of material misstatement. The auditor should
remember that the absence of significant fluctuations is not reliable evidence of the absence of a
risk of material misstatement due to fraud. Management can manipulate recorded amounts to
make relationships appear normal to conceal fraud.
Material Misstatement Due to Fraud
Analytical procedures are generally useful for identifying audit areas in which there is an increased
risk of material misstatement due to financial reporting fraud. They direct the auditor's attention
to account balances that require investigation of a potential fraud.
Corroboration of Management's Explanations
An important consideration related to detecting fraud, as well as errors, is the evaluation and
corroboration of management's explanations for significant differences from the auditor's
expectations. Professional skepticism is the key to interpreting management's explanations.
Analytical Procedures and Accounting Estimates
Examples of accounting estimates that are relevant to governmental units include the following:
investments with no market-established fair value or with permanent impairments, derivative
transactions, uncollectible taxes receivable, useful lives of capital assets that are being
depreciated, obligations for compensated absences, claims and judgments, termination benefits,
landfill closure and postclosure care costs, pension benefits, postemployment benefits other than
pensions, and pollution remediation obligations.
How to Use Analytical Procedures on Accounting Estimates
The auditor identifies the need for accounting estimates using knowledge of the government and
the results of risk assessment procedures. The auditor generally inquires of management and
accounting personnel responsible for identified estimates to obtain an understanding of the
methods and procedures used to make the estimates. The auditor can use analytical procedures
to evaluate the reasonableness of an estimate by developing an expectation of what the estimate
should be (generally a range of values) and comparing the expectation to the reported estimate.
Note
For example, the auditor may estimate the uncollectible accounts of a utility to be
between $20,000 and $24,000. If the entity has estimated the uncollectible accounts
at $15,000, the auditor would consider the entity's estimate to be outside the range of
reasonableness.
Using a Combination of Procedures

The auditor often uses a combination of tests of details and analytical procedures in evaluating
the reasonableness of an accounting estimate. Supporting data, such as the aging of accounts
receivable, are tested for reliability using tests of details. Analytical procedures (such as scanning
the aging, considering the historical trend of write-offs per age category, and computing the ratio
of days revenue in receivables and comparing to the prior year) are used to assess the
reasonableness of the estimate. The auditor may also scan the results of collection activity in the
subsequent period.
Identifying and Evaluating Significant Differences
Authoritative literature does not define significant differences encountered as the result of
performing analytical procedures. The amount of difference that can be accepted without further
investigation is influenced by materiality and the level of assurance desired from the analytical
procedures, taking into account the possibility that a misstatement may cause the financial
statements to be materially misstated. If the difference is significant, the auditor should
investigate the difference by the following: inquiring of management and obtaining appropriate
audit evidence to corroborate management's responses, and performing other audit procedures
as necessary in the circumstances.
Evaluating the Significance of Differences
The significance of the difference relates to what is material individually and in the aggregate to
the financial statements by opinion unit rather than being evaluated in terms of the percentage of
the account balance. The difference is not necessarily a reliable estimate of the amount of
misstatement in the account balance, because the expectation could be wrong. If a difference is
considered not significant, it is not a misstatement and is not accumulated and posted to a
summary of audit differences.
Corroborating the Explanation of Differences
If the auditor evaluates the difference as significant and concludes that the expectation is precise
enough, s/he generally performs additional inquiry and analysis. The auditor can obtain an
explanation of the difference from accounting personnel, but should corroborate the explanation
with information from operating personnel, such as utility personnel. The auditor also considers
whether there is a pattern of differences.
Deciding Whether to Propose an Adjustment
The auditor is not required to explain the entire amount of the difference. The auditor only has to
corroborate a sufficient explanation to reduce the difference to an acceptable level or determine
whether the difference indicates the existence of a misstatement. If there is a misstatement, the
auditor considers its nature and cause and how to quantify it. The quantified misstatement is
proposed as an audit adjustment.
Documentation of Substantive Analytical Procedures
The auditor's documentation of substantive procedures includes the following: the expectation
and the factors used in its development (unless readily determinable from the work performed);
the results of comparing recorded amounts to the expectation; and any additional procedures
performed to address significant unexplained differences and the results of those procedures,
such as the amount of any misstatement quantified as a result of the analytical procedures
performed.
4 G. Audit Sampling in Tests of Details

Definition and Uses of Audit Sampling
Audit sampling is the selection and evaluation of less than 100 percent of a population in such a
way that the auditor expects the sample items to be representative of the population and likely to
provide a reasonable basis for conclusions about that population.
Tolerable Misstatement
Tolerable misstatement is the application of performance materiality to a particular sampling
procedure. Performance materiality is materiality at the account balance or transaction class
level. Tolerable misstatement is materiality at the test or procedure level for a specific account
balance or transaction class when that test or procedure is applied using audit sampling.
Statistical and Nonstatistical Sampling
Audit sampling can be either statistical or nonstatistical sampling. Statistical sampling is an
approach that has the following two characteristics: random selection of the sample items and
the use of an appropriate statistical technique to evaluate sample results, including measurement
of sampling risk. An audit approach that does not have both characteristics is nonstatistical
sampling. Either approach is acceptable audit practice.
Tests of Account Balances
The auditor uses a substantive test of a general ledger account balance to decide whether the
balance is materially misstated. Audit sampling is usually necessary in applying a substantive test
of an account balance when the balance is composed of a large number of items, and the
remaining balance (after identifying individually significant items) exceeds tolerable misstatement
for the opinion unit containing the balance. In a governmental audit, a common audit sampling
application for a substantive test of an account balance is confirmation of accounts receivable for
residential customers of an enterprise fund.
Tests of Transactions
The auditor uses a substantive test of transactions to decide whether the total of a transaction
class is materially misstated. The auditor inspects documents supporting the recorded
transactions to determine whether the transactions are valid and are valued and coded correctly
as to fund, account, amount, and period. This type of test is a common audit sampling approach
in a governmental audit. It may be used for most types of expenditures as well as for types of
revenue that are recorded when cash is received, such as licenses, fees, permits, fines,
performance bonds, and court fees.
Tests of Compliance
The auditor uses a substantive test of compliance in a Yellow Book audit to determine whether the
entity has complied with the provisions of laws, regulations, contracts, or grant agreements that
could have a material effect on the financial statements and to provide a basis for the auditor's
opinion on compliance. This type of audit procedure is frequently applied using audit sampling.
The auditor typically selects a sample of revenue and/or expenditure transactions and inspects
supporting documentation to determine compliance with applicable requirements. In many
instances, the auditor may conduct these procedures simultaneously with tests of transactions.
Planning the Extent of Tests of Details
The extent of an audit procedure judged necessary is determined after considering materiality,
assessed risk, and the degree of assurance the auditor plans to obtain. Generally, the extent of
substantive procedures increases as the risk of material misstatement increases.
Assessing the Level of Tolerable Misstatement
In many governmental engagements, tolerable misstatement may be equal to performance
materiality and can be determined using 75 percent of the amount material to the opinion unit's
financial statements as a whole. If only a portion of an account or audit area is being tested using
audit sampling, then tolerable misstatement may need to be less than performance materiality. In
addition, certain other factors can lead to the auditor setting tolerable misstatement at an
amount less than performance materiality, such as when management resists making
adjustments and that resistance was not considered when the auditor established performance
materiality.
Determining an Amount for Individually Significant Items
Individually significant items include those that are individually significant dollar items and those
that are unusual. Both may be considered high risk. When performing tests of details, the auditor
examines all items that equal or exceed tolerable misstatement. Therefore, the cutoff amount for
determining individually significant dollar items cannot exceed tolerable misstatement. Auditors
often use one-third of tolerable misstatement as the cutoff for individually significant dollar items.
However, auditors may choose any amount less than tolerable misstatement to reduce the risk of
material misstatement of the remaining balance to an acceptable level. Items that are individually
significant because they are unusual include related-party transactions and negative accounts
receivable balances. Unusual items may be identified based on prior experience with the client,
the results of analytical procedures, or unusual characteristics, particularly in the area of
compliance. After the individually significant items have been selected, the remaining balance is
calculated by subtracting the individually significant items from the total account balance.
Considering the Remaining Balance
Normally, the auditor will not have to apply additional procedures to the remaining balance if it is
less than tolerable misstatement. However, misstatements detected in applying audit procedures
to individually significant items may be so large or so numerous that the auditor may decide to
apply additional procedures to the remaining balance even if it is less than tolerable
misstatement. The auditor considers the characteristics of the remaining balance and the risk of
material misstatement of the account.
A. The auditor may have some knowledge of the account based on prior experience and other
audit procedures performed, including procedures performed on individually significant items.
Using that knowledge, the auditor considers the nature, size, and frequency of misstatements
necessary for the remaining balance to be materially misstated.
Note
For example, if the auditor determines that the remaining balance is composed of
many small dollar items and believes there is a low rate of misstatements in the
remaining balance, then it may be possible to assess the risk of material
misstatement of the remaining balance as low. In this situation, the auditor may
decide to perform no further audit procedures on the remaining balance.
B. The risk of material misstatement of the remaining balance is related to the risk of material
misstatement of the entire account. Those risks are not necessarily the same because the
auditor may be able to separately identify items that are prone to misstatement and perform
audit procedures on them individually. As a result, the risk of material misstatement of the
remaining balance may be lower than the risk for the account. In this situation, the auditor
may decide to scan the remaining balance for unusual items and test them.
C. If the remaining balance is to be tested, the auditor may be able to use analytical procedures
or consider the contribution of other substantive procedures. If not, the auditor may decide to
use audit sampling on the items in the remaining balance or expand the audit procedures
performed on individually significant items.
Requirements for All Audit Samples
An auditor using nonstatistical sampling is not required to compute sample size using statistical
theory. Nonetheless, the sample sizes of statistical and nonstatistical samples are expected to be
comparable when the same sampling parameters are used. Given the same planning decisions
concerning tolerable misstatement, desired level of assurance, and expected misstatement,
nonstatistical and statistical sample sizes are expected to be about the same. Regardless of the
sampling approach used, the auditor should properly plan, perform, and evaluate the results of
the sample.
Basic Requirements
Certain basic requirements relate to all audit samples, as follows:
A. The auditor defines the population and sampling unit. The auditor should consider the
purpose of the procedure and the characteristics of the population being sampled. The
auditor should relate the account balance, transaction class, or portion of the balance or class
to the objective of the audit procedure.
B. The auditor selects items that can be expected to be representative of the population.
C. The auditor performs appropriate audit procedures on each sample item and investigates the
nature and cause of any deviations or misstatements.
D. The auditor projects sample results to the population, considers sampling risk, and evaluates
whether the use of sampling provided a reasonable basis for drawing conclusions about the
population tested.
Defining the Population and Sampling Unit
The population is usually the account balance or transaction class, excluding those items selected
for testing because of individual significance. Sampling results can be projected only to the
population from which the sample is drawn. The use of the wrong population for a sampling
application can lead to invalid conclusions. The sampling units are the individual items within the
population that are subjected to audit procedures. Sampling units may be physical units (such as
checks listed on deposit slips, credit entries on bank statements, invoices, or accounts receivable)
or monetary units. When using information provided by the audited entity, the auditor should
obtain evidence about the completeness of the population from which the sample is drawn.
For example, if the auditor is sampling accounts payable for confirmation from the
accounts payable subsidiary ledger and plans to project the results to the accounts
payable balance, the auditor can review the reconciliation of the subsidiary ledger to
the general ledger to make sure the population from which the accounts are being
selected is complete.
Representative Selection
All items in the population should have an opportunity to be selected. Methods commonly used
include the following:
A. Simple random selection—Regardless of whether the auditor uses statistical or nonstatistical
sampling, simple random selection gives each item in the population an equal chance of
being selected.
B. Systematic selection—This method can be used with statistical or nonstatistical sampling to
give every item in the population an equal chance of being selected if a random start is used.
It does not produce an equal chance for all combinations of sampling units to be selected
unless numerous random starts are made. The population is divided by the number of sample
items to determine the sampling interval to use.
C. Haphazard selection—This method may not be used for statistical samples because it is not
considered a random selection technique. Under this method, sample items are selected in no
specific pattern without bias for or against any items in the population. For example, the
auditor could select a sample of items from the paid invoices for the year if there were no bias
for or against large ones.
Qualitative Evaluation of the Sample
The auditor also qualitatively evaluates whether the sample seems representative of the
population and is likely to provide a reasonable basis for drawing conclusions about the
population. For example, if the auditor is selecting a sample of expenditure checks with a sample
size of 40, a sample that includes 15 employee travel reimbursement checks may not be
considered representative of the population subjected to the audit procedure or likely to provide a
reasonable basis for drawing conclusions about operating expenditures. If the sample does not
seem representative, it should be selected again.
Performing the Sampling Application
The auditor is required to perform procedures on each item selected or on a replacement item, if
necessary. Replacement items should be used if the test is not applicable for a selected item, such
as when a source document has been legitimately voided. The inability to apply the test or
suitable alternative procedures to a selected item should be considered an error. For example, an
error would be counted when the auditor is unable to test a source document that was used but
cannot be located.
A. The auditor is required to investigate the nature and cause of any misstatements that are
identified when performing the sampling application. Thus, the auditor needs a clear
definition of what constitutes a misstatement for purposes of the test.
B. The auditor's consideration of misstatements also includes evaluating the possible effect of
those items on the objectives of the test and on other aspects of the audit. For example, if all
the misstatements have a common attribute—such as the same type of transaction, time
period, location, activity, or program—the auditor may identify all items in the population that
possess that attribute and extend procedures on those items. The auditor also considers
whether the misstatements may be intentional, indicating the possibility of fraud.
Evaluating the Sample Results
The auditor should evaluate whether the sample has provided a reasonable basis for drawing
conclusions about the population being tested. This evaluation includes an overall evaluation of
the sample results and whether additional procedures are necessary, such as asking entity
management to investigate and make necessary corrections or changing the nature, timing, or
extent of the auditor's procedures.
4 H. Chapter Summary
This chapter discussed issues related to substantive testing in a financial statement audit. It
described the substantive procedures that are required in every audit. This chapter discussed ways
to determine which substantive procedures to perform, as well as the application of tests of
details and substantive analytical procedures to transactions and account balances, including
tests of details of compliance with laws, regulations, contracts, or grant agreements. This chapter
concluded with a discussion of how the auditor can use audit sampling in tests of details.
Study Question 13
Which of the following statements is true regarding substantive procedures that are required in
every audit?
A The specific procedures that need to be performed depend
on the auditor's judgment about the sufficiency and
appropriateness of audit evidence.
The procedures are performed only on relevant assertions
B related to each material account balance, transaction class,
and disclosure with a high assessed risk of material
misstatement.
The auditor's reconciliation or agreement of the financial
C statements to the underlying accounting records excludes
the notes to the financial statements.
The auditor need not address the risk of management
D override of controls when control risk is assessed at a low
level.
Study Question 14
Why is the auditor required to perform a retrospective review of management's judgments and
assumptions related to significant prior-year accounting estimates?
A To compare current-year controls over accounting estimates

to prior-year controls
B To question the results of the prior-year audit
C To corroborate the information in minutes of meetings of

those charged with governance
D To search for biases that could result in material

misstatement due to fraud
Study Question 15
Why is transaction testing relatively more important than account balance testing in a
governmental audit?
A Because governments typically have no large account

balances
B Because of compliance testing requirements
C Because fraud and errors occur in transactions but not in

account balances
D Because state laws generally require tests of transactions
Study Question 16
Which of the following statements is true regarding substantive analytical procedures?
A They exclude the effect of nonfinancial data.
B They include scanning, inquiry, computations, and

comparisons.
C They are of little use in governmental audits.
D They help the auditor assess the risk of material

misstatement.
Study Question 17
In evaluating the results of a substantive analytical procedure, why is a significant difference not
necessarily a reliable estimate of the amount of misstatement in the account balance?
A The internal controls over the account may be properly

designed.
B The difference has been recalculated.
C The analytical procedure may not relate to the account

balance.
D The auditor's expectation could be wrong.
Chapter 5. Tests of Internal Control

This chapter discusses how the auditor decides when to test controls and, after deciding to test
controls, which ones to test. It covers how the auditor performs tests of controls, including IT
controls, and how the auditor evaluates the tests of controls and assesses control risk. This
chapter discusses how the auditor can use audit sampling in tests of controls and describes how
the auditor can test controls and compliance in the same audit procedure.
identify the process of deciding when and how to perform tests of controls.
This chapter discusses the auditor's tests of the operating effectiveness of controls. Topics covered
include the nature of tests of controls, including the following: inquiry and observation, inspection
of documents, walkthroughs, review of reconciliations, and reperformance of control activities. It
also discusses the timing and extent of tests of controls, including audit sampling, and how to
evaluate the audit evidence obtained to determine whether the evidence supports a reduced
control risk assessment.
5 B. Deciding Whether to Test Controls

When Tests of Controls Should Be Performed
The auditor's decision about whether to test controls is made on an assertion-by-assertion basis
for each audit area. Such decisions may result in audit responses at the relevant assertion level
that consist of substantive procedures alone or a combination of substantive procedures and tests
of controls. The auditor should test controls in two circumstances.
Auditor Expectation That Controls Are Operating Effectively
The auditor should test controls when her/his risk assessment at the relevant assertion level
includes an expectation that the controls are operating effectively. When the auditor has made a
reduced control risk assessment, s/he performs tests of controls to obtain the necessary audit
evidence to support that expectation.
Substantive Procedures Alone Are Not Sufficient
The auditor should test controls when substantive procedures alone are not effective to achieve
audit objectives related to a relevant assertion.

The auditor's considerations for tests of controls in audits of governmental entities include
transaction cycles that span opinion units and financial statement reconciliations.
Opinion Units
The auditor considers whether tests of controls are appropriate within the context of opinion units.
If the internal control for a transaction cycle is handled by the same system, regardless of where
the transactions and balances are reported in the financial statements, the auditor's consideration
of internal control and assessment of control risk for that system would apply equally to all
affected opinion units, even if transactions and balances reported in an individual opinion unit are
not included in a test of controls.
Note
When designing substantive procedures for financial statement assertions, the auditor
should design audit procedures that will provide appropriate substantive evidence for a
separate opinion on each opinion unit.
Financial Statement Reconciliations

Most governments maintain their primary accounting records on the basis of individual funds and
separately develop the additional information needed for the government-wide financial
statements. Much of that additional information is presented in reconciliations between the fund
financial statements and the government-wide financial statements, such as information on
capital assets and long-term debt. However, some additional information is not displayed in the
reconciliations, such as the eliminations and reclassifications of internal service fund activities.
The auditor should consider internal controls over the additional information developed for the
government-wide financial statements.
An Expectation of Operating Effectiveness of Controls

When the auditor's risk assessment for a relevant assertion in an audit area includes an
expectation of the operating effectiveness of controls, the auditor has done the following:
obtained a sufficient understanding of the specific controls that are likely to prevent or detect and
correct material misstatements in the relevant assertion; evaluated the design of those controls
and is satisfied that they are capable of preventing or detecting and correcting a material
misstatement in the relevant assertion; determined that the controls exist and are being used;
and decided to rely on the effective operation of those controls when designing substantive
procedures.
Effect on the Audit Approach
The auditor plans to reduce the control risk assessment based on the expectation that controls
are operating effectively and to design substantive procedures that provide sufficient additional
audit evidence to reduce detection risk to an acceptably low level. The audit approach consists of
a combination of tests of controls and substantive procedures that provide sufficient audit
evidence about the assertion being tested. An expectation of operating effectiveness of controls
typically means that the auditor's planned control risk assessment is less than high.
Materiality and Inherent Risk Considerations
After gaining an understanding of the entity and its environment, including its internal control,
the auditor first considers the materiality and inherent risk related to specific audit areas by
account-balance assertion when determining the appropriate response. A reduction of the extent
of substantive procedures may be possible based on materiality considerations and the inherent
risk assessment alone. In this situation, the auditor need not develop an expectation of the
operating effectiveness of controls or consider tests of controls.
Note
The terms of the engagement may require the auditor to set the scope of the audit and
assess materiality at a more detailed level than by the opinion units required for the
basic financial statements. In some cases, for example, the auditor may be required to
assess materiality at the fund level because of debt covenants or grant agreements.
Feasibility of Performing Tests of Controls

In deciding whether to test controls, the auditor considers whether the amount and
persuasiveness of available evidence would be adequate to support the planned reduced control
risk assessment. For example, based on the nature of the control, observation and inquiry may be
the only procedures that can be used to determine effective operation. If the auditor determines
that the control needs to be tested throughout the year, observing the performance of the control
when the auditor was not present would be impossible. Since inquiry alone is not sufficient when
testing controls, there may be insufficient persuasive evidence available to support a reduced
assessment of control risk. Likewise, if the planned test of controls involves inspecting documents,
the auditor needs to determine that such documentation is available for the entire period being
audited.
Audit Efficiency Considerations
The auditor may elect to exclude her/his expectation of operating effectiveness of controls from
the relevant risk assessment. This situation may exist when the auditor's risk assessment
procedures have not identified any effective controls relevant to an assertion or because testing
controls would be inefficient. Therefore, the auditor does not intend to rely on the operating
effectiveness of controls in determining the nature, timing, and extent of substantive procedures.
However, in practice, tests of controls that involve tests of transactions ordinarily are efficient and
can permit a substantial modification to substantive procedures in the following circumstances:
1. The volume of transactions is relatively high.
2. The transactions are recurring and relatively uniform within the transaction class.
3. The transactions are not complex.
4. The transactions are routinely processed in information systems with well-designed control
activities.
5. The entity's control environment, monitoring activities, and risk assessment processes are
conducive to effective controls.
Substantive Procedures Alone Do Not Provide Sufficient Audit
Evidence
The auditor should identify risks for which substantive procedures alone are not effective. Such
risks often occur in audit areas in which there is highly automated processing with little or no
manual intervention.
When Tests of Controls May Be Necessary
The auditor may decide that it is necessary to test controls when an entity's accounting data and
corroborating evidence are available only in electronic form. In those instances, the risk of
improperly initiating or altering information without detection is greater if appropriate controls are
not operating effectively. In addition, the appropriateness and sufficiency of the audit evidence
usually depend on effective controls over the accuracy and completeness of processing.
Because of the risk of theft of cash, auditors often find it necessary to test controls over cash
receipts and disbursements in audits of governmental units.
A. With respect to revenues received primarily in cash, it may be difficult to limit audit risk for the
completeness assertion to an appropriate level without an assessed level of control risk at less
than high. With respect to cash disbursements, the auditor may test high-level controls, such
as the reconciliation process, segregation of duties, and management oversight of the
process. If the effectiveness of high-level controls is not sufficient to allow assessing control
risk as low, the auditor may also test a selection of disbursements for controls designed to
prevent or detect theft, such as evidence of an invoice and evidence of proper authorizations,
as well as for proper account coding.
B. A small government may have additional characteristics that increase the assessed level of
control risk, such as the following: an elected governing body that may be political in nature
and unfamiliar with internal control considerations; part-time or relatively unknowledgeable
administrators and employees who are not aware of the importance of adhering to specified
procedures; accounting personnel with minimal education or experience in accounting; and
too few employees to permit adequate segregation of duties.
5 C. Deciding Which Controls to Test

Top-Down Approach
An efficient and effective approach to deciding which controls to test is to take a top-down
approach. The auditor begins with the opinion unit financial statements and identifies significant
accounts and disclosures. Then the auditor identifies the significant transaction classes and
processes that result in those accounts and disclosures. Within those transaction classes and
processes, the auditor identifies the controls that individually, or in combination with other
controls, prevent or detect and correct material misstatements in the relevant assertions related
to identified risks. This approach generally results in emphasizing the areas in which material
misstatements are most likely to occur.
Entity-Level Controls
The auditor also will find it efficient and effective to consider entity-level controls before testing
control activities. If the controls at the top level are weak, it creates an environment that is not
conducive to effective controls, and even well-designed and implemented control activities may
not be effective. In that case, testing control activities may not be productive. On the other hand,
some controls at the top may operate at a direct and detailed enough level to reduce the risk of
material misstatement at the relevant assertion level. In that case, it may be more efficient to test
the entity-level controls instead of the control activities, or to use the test of entity-level controls
to reduce the extent of testing control activities.
Controls That Are Improperly Designed or Not Implemented
The auditor will gain no benefit from testing the operating effectiveness of a control that is
inappropriately designed to prevent or detect a material misstatement in a relevant assertion.
Likewise, the auditor will gain no benefit from testing a control that has not been properly
implemented.
Note
An auditor may conclude that the documentation of controls in the entity's accounting
procedures manual indicates that controls are effectively designed to address risks of
material misstatement and satisfy relevant control objectives. When determining
whether the controls are implemented by performing risk assessment procedures, the
auditor may find that the controls, as designed, are not properly communicated or
followed. In this situation, the auditor would not test the controls.
Controls Relevant to Identified Risks for Relevant Assertions
Tests of controls are directed to those controls that are relevant to the risk that an assertion is
misstated. In many audits, the auditor is able to test only one or two selected controls relating to
the risk of concern for a specific assertion for an account. The auditor does not always have to test
all the control activities relating to an assertion to assess control risk at less than high.
Key Controls
The auditor normally focuses on the controls that are key to preventing or detecting material
misstatements in the relevant assertions. Key controls often involve the actions of supervisors and
managers—and may include documentation of supervision, budgeting, reporting, review, and so
forth—that can be tested by inquiry, observation, and inspection of reports and documents. It is
easier and more efficient to test such controls, such as by reviewing the entity's investigation and
variance reports, than it is to perform tests of transactions. Also, the tests may provide more
assurance about the controls than tests of transactions will. For example, management may
prepare budgets, periodically compare them to actual results, and investigate significant
variations in a timely manner. Reports of the variations, investigative actions, explanations of the
variations resulting from the investigations, and corrective actions taken may provide evidence of
the effective operation of the control. Such a control may be a key control with respect to relevant
assertions for revenues and expenditures or expenses.
Indirect or Complementary Controls

In designing and performing tests of controls, the auditor should determine whether the controls
to be tested depend on other controls (indirect or complementary controls). If so, the auditor
should determine whether it is necessary to obtain audit evidence supporting the operating
effectiveness of those other controls. For example, if the auditor decides to test the operating
effectiveness of a user review of a computer-generated exception report, s/he also considers
whether it is necessary to test the operating effectiveness of controls over the accuracy of
information in the report. Indirect or complementary controls may include controls over the
accuracy and completeness of information used in the performance of the direct control, IT
general controls, segregation of duties, and the control environment.
5 D. Selecting Appropriate Procedures

Nature and Types of Tests of Controls
Inquiry alone is not sufficient to obtain reasonable assurance of the operating effectiveness of a
control. Inquiry combined with inspection, recalculation, or reperformance may provide more
assurance than inquiry and observation because an observation is pertinent only at the point in
time at which it is made. For example, the auditor may inquire about and observe the procedures
for opening mail and processing cash receipts. To obtain greater assurance, the auditor could also
inspect the prelists of cash receipts and perhaps even reperform the comparison of amounts on
prelists to accounting records and bank deposits.
Inquiry and Observation
Inquiry and observation are often used in the general planning and risk assessment phase of the
audit to obtain an understanding of controls and whether they have been implemented. While
making those inquiries and observations, the auditor may also gain evidence about the control's
operating effectiveness. Inquiry and observation are typically used to test controls that do not
produce documentary evidence of performance, such as segregation of duties, controls over
access to assets and records, certain control environment factors, or some control activities
performed by a computer.
Inspection of Documents, Reports, or Electronic Files
This procedure includes inspection of source documents (such as invoices and receiving reports),
log books (such as receiving logs), reports (such as internal auditor's reports and exception
reports), accounting procedures manuals, and electronic files (for operating effectiveness).
Documents are inspected for an indication that the control activity was performed, such as
evidence of the person who approved a transaction or a person's checkmark indicating that a total
was footed or an extension checked. Reports (which may include internally produced financial or
operational reports or externally produced reports of financial institutions, regulatory agencies,
service entity auditors, and so forth) are reviewed for a description of the activity or investigation
performed, the results of findings, and the entity's response to problems that were detected.
Walkthroughs
Walkthroughs are commonly used in gaining an understanding or a further understanding of
controls. A walkthrough can also serve as a test of controls and, in some cases, along with other
tests of controls, can provide a valid basis for assessing control risk at less than high. However,
this approach by itself generally does not provide a sufficient basis for assessing control risk as
low.
Reviews of Reconciliations and Similar Bookkeeping Activities
Reviews of reconciliations and other similar bookkeeping activities can be efficient tests of
controls. The auditor's approach generally consists of the following: inspecting evidence that the
activity was performed throughout the period; inspecting examples of the activity having been
performed; and investigating the resolution of significant misstatements or exceptions disclosed
by the activity, or investigating a few if none are significant.
Reperformance of a Control Activity

Examples of reperformance tests of controls include recomputing extensions and totals on
vendor's invoices and recomputing gross pay. These tests are commonly performed in conjunction
with inspection of documents. For example, the auditor may test the clerical accuracy of vendors'
invoices and inspect supporting documents for evidence of proper approval. An advantage of
reperformance is that it usually provides substantive audit evidence about the transaction as well
as about the control activity. For example, the auditor will obtain evidence that the transaction is
recorded in the proper account at the proper amount and that it was properly approved.
5 E. Performing Tests of Controls
Introduction
The objective of performing tests of controls is to obtain sufficient appropriate audit evidence
about their operating effectiveness to support the auditor's assessment of control risk. Testing of
controls includes obtaining audit evidence about how controls were applied at relevant times
during the audit period; the consistency of application; and who applied the controls and their
means of application, including whether the person performing them has the necessary authority
and competence.
Timing of Tests of Controls
The timing of tests of controls depends on the auditor's objective and the period of time for which
reliance is needed about the operating effectiveness of controls. When a control is tested at a
point in time, the audit evidence can only support a conclusion about the operating effectiveness
at that point in time. When a control is tested over a period of time, the audit evidence can be
used to form a conclusion about operating effectiveness over that period. Other considerations
related to the timing of tests of controls include whether to perform the test at an interim date or
at period end and whether to use audit evidence about the operating effectiveness of controls
obtained in previous audits.
Note
In some cases, the control need only be tested at a point in time, such as controls over
the annual physical inventory of supplies. Other controls may operate throughout the
audit period, requiring the auditor to collect evidence about the operating effectiveness
for the entire period. For an automated control, the auditor may be able to test the
operation of the control at a point in time and collect evidence about its continued
operation through tests of general IT controls.
Interim Testing of Controls

Based on the audit strategy, the auditor may decide to perform tests of controls through an
interim date prior to year-end. When performing tests of controls through an interim date, the
auditor should obtain audit evidence about significant changes in those controls that occurred
during the remaining period and determine what additional audit evidence to obtain for the
remaining period. Additional audit evidence about the operating effectiveness of controls over the
remaining period can be obtained by extending the tests of controls over the remaining period or
testing the entity's monitoring controls.
Audit Evidence Obtained in Previous Audits
The auditor may be able to use audit evidence about the effectiveness of controls obtained in
previous audits subject to certain restrictions. If these restrictions are met, the practice of rotating
tests of controls over a three-year cycle may be used. The following guidelines explain the practice
of rotating tests of controls.
A. When the auditor plans to use evidence from a previous audit about the operating
effectiveness of controls, the auditor should determine if changes have occurred since the
previous audit, such as changes in the system, personnel performing the controls, or the
control environment that affect the relevance of previous audit evidence.
B. Evidence about whether changes have occurred should be obtained by performing inquiry
combined with observation and inspection to confirm the understanding of those specific
controls. Inquiry alone is not enough.
C. If changes have occurred that affect the continuing relevance of the audit evidence obtained
in a previous audit, the auditor should test the controls in the current audit. Rotation of
testing is not appropriate if changes have occurred.
D. If no changes have occurred, the auditor should test the controls at least once in every third
year in an annual audit.
E. If a number of controls are tested on a rotating basis, the auditor should perform some tests
of controls each year. It is not acceptable for the auditor to test all controls in one audit period
with no testing in the subsequent two audit periods.
F. Rotation of testing of controls is not permitted if the auditor plans to rely on controls that
mitigate a fraud risk or other significant risk. For controls related to fraud and other significant
risks, the tests of controls should be performed in the current period.
Time Period between Rotated Tests of Controls
As a general rule, the higher the auditor's risk assessment or the greater the planned reliance on
controls, the shorter the time period between tests of controls. Factors that may decrease the
time between retesting or cause the auditor to reconsider the appropriateness of rotating tests of
controls include the following: deficiencies in the control environment; deficiencies in the entity's
monitoring activities; deficiencies in IT general controls; significant manual intervention in the
application of controls; personnel changes; and changing circumstances that indicate the need
for changes in controls.
Extent of Tests of Controls
In designing tests of controls, the auditor should obtain more persuasive audit evidence for a
greater degree of reliance on the effectiveness of a control. When more persuasive audit evidence
is needed, it may be appropriate for the auditor to increase the extent of testing the control in
question. In addition to the degree of reliance on controls, other factors the auditor may consider
would include the following: the frequency with which the control is performed during the period;
the length of time that the auditor is relying on the control's effectiveness; the relevance and
reliability of the audit evidence about operating effectiveness of the control at the relevant
assertion level; the extent to which audit evidence is obtained from tests of other controls related
to the relevant assertion; and the expected deviation rate of the operation of the control.
5 F. Testing IT Controls
How IT Affects Internal Control
Some entities have simple computer operations. They use personal computers, which may be
linked in a local area network, and purchased software packages. Users often do not have
specialized computer training and cannot write or edit computer programs. Other entities use
sophisticated IT systems to conduct operations and may have internal control that depends
heavily on IT. These entities often have highly integrated IT systems that share data and are used
to support all aspects of financial operations and reporting.
Effect of the IT System on Internal Control
The effect of IT on the entity's internal control is related more to the nature and complexity of the
system than to the entity's size. An entity with a simple IT system may use primarily paper-based
manual procedures and manual controls, such as approvals, reconciliations, reviews, and follow-
up of exceptions. An entity with a complex IT system may use automated procedures to initiate,
authorize, record, process, and report transactions. Records may be in electronic format rather
than on paper. Controls in that environment generally consist of a combination of manual and
automated controls programmed into computer applications.
Automated controls include processes such as edit and validation routines embedded
in computer programs.
In addition, the nature of the manual controls may be different. Manuals controls may be
independent of the system, may use information produced by the system, or may be limited to
monitoring the effective functioning of automated controls and handling exceptions.
Risks Posed by IT Systems
IT systems pose the following risks to internal control, the extent and nature of which depend on
the nature and characteristics of the entity's system:
A. Reliance on systems or programs that are incorrectly processing data, processing inaccurate
data, or both
B. Unauthorized access to data resulting in destruction or improper changes to data
C. Inappropriate access by IT personnel, which negates segregation of duties
D. Unauthorized changes to data in master files, systems, or programs
E. Failure to make necessary changes to systems or programs
F. Inappropriate manual intervention
G. Loss or destruction of data or inability to access data as required
Note
For example, in a system in which users can access a common database of information
that affects financial reporting, a lack of control over a single user entry point could
compromise the security of the entire database and result in improper changes to or
destruction of data.
Types of IT Controls
The auditor should obtain an understanding of how the entity has responded to risks arising from
IT. These responses generally involve two types of computer controls: application controls and
general controls.
Application Controls
Application controls apply to the processing of individual transaction applications, such as payroll
and purchases. They relate to the use of IT to initiate, authorize, record, process, and report
transactions or other financial data. Application controls help ensure that transactions occurred,
are authorized, and are completely and accurately recorded and processed. Examples include edit
checks of input data and numerical sequence checks.
A. Application controls performed by IT are referred to as automated controls. Application
controls performed by individuals are referred to as user controls. User controls can include
checks of the completeness and accuracy of computer output against source documents or
other input and manual follow-up of exception reports. For example, a computerized payroll
system may calculate all debit and credit amounts from transaction data and a master file.
The user control would be to manually check the accuracy of the output produced by the
computer by recomputing amounts such as gross pay. User controls also include certain
reconciliation and processing controls over computer-generated data, such as reconciling
subsidiary ledgers to control accounts, and accounting for the sequence of source documents.
B. The effectiveness of user controls, such as reviews of computer-produced exception reports,
may depend on the accuracy of the review, as well as the accuracy of the information in the
report. If the auditor tests the manual follow-up activities, s/he should also determine
whether it is necessary to test the accuracy of the computer-produced reports.
General Controls
General controls are policies and procedures that relate to many applications. They are directed at
ensuring the continued proper operation of IT systems and thus support the effective functioning
of application controls. General controls include controls over the following: data center and
network operations; access security; program change; system software acquisition, change, and
maintenance; and application system acquisition, development, and maintenance.
The auditor considers general controls in relation to their effect on applications and data
that become part of the financial statements.
The auditor first focuses on identifying applications that are significant to the financial
statements. Then the auditor assesses whether there are general controls that, if
ineffective, would permit application controls to operate improperly and allow
misstatements to occur and not be detected.
The auditor can then perform tests of those general controls that are important to the
effectiveness of application controls on which the auditor plans to rely.
Approaches to Testing IT Controls

There are no hard-and-fast rules for testing IT controls. Depending on the system, the auditor
may test manual user controls, automated application controls and manual follow-up activities,
and/or general controls and manual follow-up activities.
Manual User Controls
In a simple financial reporting system, effective user controls may provide assurance with respect
to the completeness and accuracy of computer-processed transactions. User controls may also
provide evidence that the automated application controls are operating effectively. For example, if
the entity has manual procedures that determine that the detailed listing of accounts receivable is
complete and accurate, the auditor may be able to focus solely on user controls in that area.
However, if user controls are limited to checking completeness, other procedures may be needed
to provide assurance about accuracy.
Automated Application Controls and Manual Follow-up Activities
The auditor may determine it is necessary to test automated application controls and manual
follow-up activities. The auditor should perform tests of controls to determine that the automated
control is functioning effectively and continues to do so. When applicable to a relevant assertion,
the auditor normally also tests manual follow-up activities, such as those used to follow up on
items listed in an exception report.
General Controls and Manual Follow-up Activities
A testing approach that focuses on general controls may often apply to financial reporting
systems that are heavily dependent on complex computer systems. The auditor performs tests of
controls to obtain evidence about whether programs are properly designed and tested in
development, changes to programs are properly made, and adequate access controls reduce the
risk of unauthorized changes to the program and data files.
Use of a Specialist
The auditor should consider whether individuals with specialized IT skills are needed to test
general or automated application controls and/or to perform substantive procedures. Factors to
consider in deciding whether an IT specialist is needed include the following:
A. The complexity of the entity's system and IT controls and the way in which they are used
B. The significance of changes made to existing systems or the implementation of new systems
C. The extent to which data are shared among systems
D. The extent of the entity's participation in electronic commerce
E. The entity's use of emerging technologies
F. The significance of audit evidence that is available only in electronic form
Testing Procedures
The auditor may use the following testing procedures: inquiry; observation; inspection of
documents, reports, and electronic files; walkthroughs; review of reconciliations; and
reperformance of the control activity to test IT control activities. Evidence about the operating
effectiveness of IT controls may be obtained from tests of those controls performed in previous
audits.
5 G. Evaluating Tests of Controls and
Assessing Control Risk
Evidence about Operating Effectiveness
Tests of controls may detect deviations from prescribed procedures. Deviations may be caused by
changes in personnel, human error, or significant fluctuations in the volume of transactions. A
deviation does not necessarily mean that control risk is high; however, the auditor cannot assume
that an instance of error or fraud is an isolated instance. As a result, the auditor should
understand the cause of any deviation and its implications by making specific inquiries or
performing other tests related to indirect controls.
Use of Sampling in Tests of Controls
If sampling is used in tests of controls, the auditor compares the number of deviations detected to
the number of allowable deviations established when planning the procedure. When the deviation
rate in the sample exceeds the expected deviation rate used in planning the sample, the
implication is that there are deficiencies in the design or operating effectiveness of controls.
Controls at a Service Organization
When the entity uses a service organization, the auditor should obtain evidence about the
operating effectiveness of relevant service organization controls.
Evidence from Substantive Procedures
Substantive procedures may provide additional evidence that either supports the auditor's
conclusion about the operating effectiveness of controls or creates the need to reevaluate the
prior assessment of control risk. When evaluating the operating effectiveness of controls, the
auditor is required to evaluate whether misstatements detected by substantive procedures
indicate that controls are not operating effectively.
A. When an auditor discovers that a material misstatement of the financial statements would
not have been detected by the entity's internal control, it is a strong indicator of a material
weakness.
B. When substantive procedures do not detect misstatements, however, the lack of
misstatements does not provide audit evidence about the operating effectiveness of controls.
Communicating Internal Control Deficiencies
The auditor should evaluate identified control deficiencies to determine whether, individually or in
combination with other deficiencies, they represent significant deficiencies or material weaknesses
that are required to be communicated to management and those charged with governance. In a
Yellow Book audit, auditors are also required to issue a written report that describes the scope of
their testing of internal control over financial reporting and reports significant deficiencies and
material weaknesses in internal control.
Amount of Audit Evidence Needed to Support a Control Risk
Assessment
In choosing procedures to test a control activity, the auditor considers the degree of assurance
provided by the procedure in relation to the degree of assurance needed to support a control risk
assessment and a reduction of substantive procedures. The quantity and persuasiveness of audit
evidence that is sufficient to support a specific risk assessment depends on factors such as the
type, source, and timeliness of the evidence, and whether other evidence related to the risk
assessment exists and supports or contradicts the same conclusion.
Type of Evidence
The nature of a control generally directs the type of audit procedure necessary to obtain audit
evidence about whether the control was operating effectively. For some controls, evidence about
their design or operation may exist in documented form that the auditor can inspect. Other
controls, such as segregation of duties or control activities performed by the IT system, may have
no documentation of their design or operation. In this situation, the auditor may have to use a
combination of inquiry and observation and, perhaps, computer-assisted audit techniques.
Source of Evidence
Audit evidence about controls obtained directly by the auditor generally provides more assurance
than evidence obtained indirectly. Evidence obtained through observation is generally superior to
inquiry. Evidence obtained from externally produced documents, records, or reports is more
persuasive than evidence from those produced internally.
Evidence about the Operation of Entity-Level Controls
The auditor may be able to support a lower assessed level of control risk for an assertion by
considering evidence about the operation of entity-level controls. For example, the auditor may be
able to reduce the extent of tests of a key control activity through evidence about the operation of
controls from the control environment or monitoring activities components of internal control.
Control Risk at Reduced Levels Based on Risk Assessment Procedures
Auditing standards do not specify the amount of audit evidence needed to assess control risk at
less than high. Many procedures used in the risk assessment process to gain an understanding of
internal control also may provide evidence about a control's operating effectiveness. However,
tests of controls generally need to be performed to support operating effectiveness.
Effect of Control Risk Assessment on Substantive Procedures
All else being equal, as the assessed level of control risk for an audit area is reduced, the auditor
can reduce the extent of substantive procedures without increasing audit risk. Reductions of the
extent of substantive procedures could include, for example, applying an analytical procedure
instead of a test of details, examining fewer items in a test of details, or sending fewer
confirmations.
Substantive procedures cannot be omitted entirely for material items. Substantive

procedures should be designed and performed for all relevant assertions for each
material transaction class, account balance, and disclosure.
5 H. Documentation of Tests of Controls

and the Control Risk Assessment
The auditor should document the following matters related to tests of controls: the nature, timing,
and extent of tests of controls; the linkage of tests of controls with the control risk assessment at
the relevant assertion level; the results of the tests of controls; the conclusions reached when not
otherwise clear; and the conclusions reached with respect to relying on audit evidence about the
operating effectiveness of controls obtained in a previous audit.
5 I. Audit Sampling in Tests of Controls

When Sampling Is Appropriate
As a general rule, audit sampling is used for tests of controls directed toward operating
effectiveness when the entity has documentation of the operation of controls. These tests
normally include inspecting documents and reperforming the application of the control. In some
cases, it may be efficient to perform a test of controls in combination with a substantive test of
details. When sampling is used in such a dual-purpose test, the size of the sample should be the
larger of the samples that would otherwise have been designed for the two separate purposes. In
evaluating the results of such tests, deviations from the prescribed control and monetary
misstatements should be evaluated separately using the risk levels acceptable for the respective
purposes.

Sampling Terminology
The following factors typically influence the auditor's determination of sample size for a test of
controls: tolerable rate of deviation of the population to be tested; expected rate of deviation of
the population to be tested; desired level of assurance (complement of risk of overreliance) that
the tolerable rate of deviation is not exceeded by the actual rate of deviation in the population;
and the number of sampling units in a very small population.
Deviation
A deviation is a departure from the prescribed control policy or procedure.
Tolerable Rate of Deviation
The tolerable rate of deviation is the maximum rate of deviations that would still support the
planned assessed level of control risk.
Risk of Overreliance
The risk of overreliance is the risk of erroneously concluding that the controls are more effective
than they actually are. This risk relates to audit effectiveness because the auditor who overrelies
on controls inappropriately reduces the evidence obtained from substantive procedures.
Expected Rate
The expected rate is the rate of deviations the auditor expects based on prior experience with and
knowledge of the characteristics of the population.
Population
The population is the class of transactions being sampled.
Identifying Controls and Related Substantive Procedures

In planning a sample, the auditor first identifies the controls to be tested and, if applicable, the
related substantive procedures to be reduced. The auditor identifies controls relevant to specific
assertions. Some auditors specify audit objectives and control objectives for each major
transaction class to help link the controls to financial statement assertions.
Considering Whether Testing Controls Is Practical

A test of controls using audit sampling is directed toward operating effectiveness. The auditor
performs tests of controls when her/his risk assessment includes an expectation of the operating
effectiveness of controls (based on the control's adequate design to prevent or detect a material
misstatement in a relevant assertion), or when substantive procedures alone do not provide
sufficient appropriate evidence at the relevant assertion level. The auditor also considers whether
the entity has documented evidence of the application of the identified controls.
Selecting and Performing Tests of Controls
Without documented evidence about the application of identified controls (such as initials or
matched source documents), it may be difficult to test those controls using audit sampling. The
auditor generally samples the documents in the population, inspects the selected items for
evidence that the control activities were performed, and reperforms the procedure to test its
effectiveness.
Defining the Population and Deviations
The population generally consists of all transactions of a particular type, such as expenditures for
goods and services, for a specified period, generally the fiscal year under audit. If the auditor
obtains evidence about controls during an interim period, s/he should determine what audit
evidence to obtain for the remaining period. Tests of controls using audit sampling are usually
tests of transactions because the sampling unit is individual transactions of a particular type.
A. The auditor specifies the physical sampling unit that will be selected, such as canceled checks
when the population is cash disbursements. The auditor also specifies the conditions that will
be regarded as a deviation from prescribed controls.
B. The auditor should focus only on those controls that are important to respond to identified
risks of material misstatement and that will have a bearing on the related substantive
procedures.
Determining the Tolerable Rate of Deviation
The tolerable rate of deviation is an auditor judgment. The auditor has to specify the rate of
deviation that would correspond to the level of control risk to be used (high, moderate, or low). In
establishing the tolerable rate, the auditor should recognize that a deviation from a control does
not automatically mean there is a monetary misstatement. Also, some substantive procedures will
be applied to detect monetary misstatement.
Note
Some auditors use a tolerable rate of 5 to 7 percent for a low planned assessed level of
control risk, and a tolerable rate of 8 to 10 percent for a moderate planned level of
control risk.
Determining the Allowable Risk of Overreliance

The allowable risk of overreliance on controls is an aspect of sampling risk. When a test of controls
using audit sampling is the primary source of evidence about whether a procedure is being
applied as prescribed, the auditor should allow for a low risk of overreliance. Thus, the auditor sets
a low risk that the controls will be assessed as more effective than they actually are.
Note
Many auditors use a risk of overreliance of 10 percent, which means that there is 90
percent assurance that the auditor is not over-relying on controls. The 10 percent
sampling risk is allowed because the auditor never places complete reliance on the
control risk assessment.
Determining the Expected Rate of Deviation

The auditor considers the expected rate of deviation from a particular control. As a general rule, if
the expected rate is more than one-half of the tolerable rate, audit sampling is not efficient. Many
tests of controls using sampling plans assume a zero-expected rate of deviation, which is efficient.
Determining the Sample Size
In determining the sample size for a test of controls, the auditor considers the tolerable rate of
deviation, the risk of overreliance, and the expected rate of deviation from the prescribed controls.
The only relevant population characteristic is generally the rate of deviation. Population size is
usually assumed to be infinite. Only very small population sizes influence sample size. Generally,
if the population is smaller than 2,000 items, the conclusions are conservative, meaning that the
characteristics of the population are actually better than the test indicates. If the population is
less than 200 items, sample sizes may be larger than necessary.
The AICPA Audit Sampling Guide shows how the auditor can choose sample sizes for
large and small populations.
Determining the Sample Selection Method

The same methods of selecting samples for substantive procedures (simple random selection,
systematic selection, and haphazard selection) are appropriate for tests of controls. Block
sampling (selecting all transactions of a particular type for a day, week, or month) is not
acceptable.
A. When a selected item is missing, the item should be treated as a deviation from the
prescribed policy or procedure unless suitable alternative procedures can be performed. In
tests of controls, suitable alternative procedures generally are not available.
B. If a voided item is selected, for example, because its number matches a random number
generated by the auditor, the voided item should be replaced if it is determined to be
legitimately voided. Documents that have been improperly voided may represent control
deficiencies. Unused documents also should be replaced.
C. If an auditor estimates the population size and numbering sequence during interim testing,
the population may be overestimated or underestimated. If the population is overestimated,
any items outside the actual population that are selected as part of the sample are treated as
unused documents. If the population is underestimated, the auditor generally will design
additional audit procedures to apply to the items not included in the population.
In applying audit sampling in tests of controls for a governmental unit, the auditor should ensure
that the sample represents all applicable opinion units or, if applicable, whether it appropriately
represents the population in testing across opinion units.
Statistical versus Nonstatistical Approaches
There are no nonstatistical sampling plans for tests of controls similar to those for substantive
procedures. Some auditors use tables that relate qualitative levels of control risk to sample size.
The sample sizes are the same as would be determined from a statistical formula or attribute
sampling table using the same factors for tolerable rate, risk of overreliance, and expected rate.
Evaluating the Results of Tests of Controls
The auditor compares the projected rate of deviation from the sample to the tolerable rate while
also considering the effect of sampling risk. Some auditors use tables that can be used to
determine sample size during planning and to evaluate sample results. Such tables incorporate
the risk of overreliance (sampling risk) into the evaluation. If such a table is not used, the auditor
judgmentally considers the risk that the true rate of deviation may differ from the rate in the
sample.
Assessing Control Risk

In assessing control risk based on the sample, the auditor applies the evaluation of the test of
controls to the assertions with which it was matched. The auditor determines whether the audit
evidence obtained from the test provides an appropriate basis for reliance on the controls tested,
indicates that additional tests of controls are necessary, or indicates that the auditor should
address the potential risks of material misstatement through the use of substantive procedures.
For controls that are determined to be effective, control risk for the related assertions is assessed
as moderate or low, depending on the sufficiency and appropriateness of the evidence obtained.
Control risk is assessed as high for remaining assertions because either no related tests of
controls were performed, or the related controls were tested and determined to be ineffective.
Documentation of Tests of Controls
Auditors are required to identify in their documentation the identifying characteristics of the
specific items tested. However, there are no specific documentation requirements for audit
sampling.
AICPA Audit Sampling Guide
Auditors should consider documenting the following, based on suggestions in the AICPA Audit
Sampling Guide: a description of the control being tested; the control objectives related to the
sampling application, including relevant assertions; the definitions of the population and
sampling unit, including how the auditor considered the completeness of the population; the
definition of a deviation; the acceptable risk of overreliance (or desired assurance level), the
tolerable deviation rate, and the expected population deviation rate; the method of determining
the sample size; the selected sample items; a description of how the sampling procedure was
performed; and the evaluation of the sample results and the overall conclusion.
Further Audit Procedures
Auditing standards require the auditor to document the nature, timing, and extent of the tests of
controls; the linkage of those procedures to the assessed risks at the relevant assertion level; the
results of those procedures; and the conclusions reached.
5 J. Tests of Controls and Tests of

Compliance
The auditor may combine tests of controls with tests of compliance with laws, regulations,
contracts, or grant agreements. The auditor selects a sample of transactions and inspects
supporting documentation to determine indications of the performance of controls and
indications of compliance with applicable requirements. Sometimes, the auditor may be able to
combine these tests with tests of details; in this case, the auditor also inspects supporting
documentation to determine that transactions were recorded in the correct amount, account, and
period. In either case, the sample size should be the largest sample size necessary to satisfy any of
the purposes of the test.
5 K. Chapter Summary
This chapter discussed how the auditor decides when to test controls and, after deciding to test
controls, which ones to test. It covered how the auditor performs tests of controls, including IT
controls, and how the auditor evaluates the tests of controls and assesses control risk. This
chapter discussed how the auditor can use audit sampling in tests of controls. It also described
how the auditor can test controls and compliance in the same audit procedure.
Study Question 18
Aside from audit efficiency considerations, under what circumstances is it not necessary for an
auditor to develop an expectation of the operating effectiveness of controls or consider tests of
controls?
A When the auditor's planned control risk assessment is less

than high
B When the audit area or assertion is not material and

inherent risk is less than high
When the auditor has determined that the extent of
C substantive procedures may be reduced based on relevant
controls
D When the audit approach consists of a combination of tests
of controls and substantive procedures
Study Question 19
Which of the following statements is true regarding tests of controls that involve tests of
transactions?
They ordinarily do not permit a substantial modification to
A substantive procedures when the volume of transactions is
relatively high.
B They ordinarily are inefficient when the transactions are

recurring and relatively uniform within the transaction class.
They ordinarily are inefficient and should not be performed
C in an audit of a governmental unit because of the nature of
the transactions.
Tests of controls that involve tests of transactions ordinarily
D are efficient in an audit of a governmental unit when the
transactions are not complex.
Study Question 20
Why may the auditor find it more efficient to test controls involving the actions of supervisors and
managers than testing transactions?
Controls involving the actions of supervisors and managers
A can be tested by inquiry, observation, and inspection of
reports and documents.
Controls involving the actions of supervisors and managers
B can be used to override controls over transaction
processing.
C Tests of transactions provide little audit evidence about the

effectiveness of controls over transaction processing.
Tests of transactions are often subject to flaws in sample
D selection that can lead the auditor to reach incorrect
conclusions about the effectiveness of documented
controls.
Study Question 21
Which of the following statements is true regarding the practice of rotating tests of controls over a
three-year cycle?
When the auditor plans to use evidence from a previous
A audit about the operating effectiveness of controls, the
auditor should determine whether changes will be made in
the subsequent period.
The auditor obtains sufficient appropriate evidence about
B whether changes have been made since the previous audit
by inquiry only.
If changes have been made since the previous audit that
C affect the continuing relevance of the audit evidence in a
previous audit, the auditor should test the controls every
two years.
Rotating tests of controls is not permitted if the auditor
D plans to rely on controls that mitigate a fraud risk or other
significant risk.
Study Question 22
Which of the following best describes the auditor's evaluation of the results of a test of controls
using audit sampling?
A The auditor compares the number of observed deviations to

the expected rate.
B The auditor compares the number of observed deviations to

the tolerable rate.
The auditor compares the projected rate of deviation from
C the sample to the tolerable rate and considers the effect of
sampling risk.
The auditor compares the projected rate of deviation from
D the sample to the tolerable rate without consideration of
the effect of sampling risk.
Chapter 6. Audit Programs for Specific Audit Areas

This chapter discusses the auditor's considerations in developing audit programs (or detailed
audit plans) for the following audit areas: cash, investments, and derivative instruments; revenues
and receivables; expenditures or expenses and liabilities; payroll and related liabilities; operating
assets, debt, and equity; insurance and self-insurance; and grant and similar programs. Relevant
assertions and an overview of audit procedures are provided for each audit area. Where
applicable, compliance requirements are also discussed. Pensions and other postemployment
benefits (OPEB) are discussed later in this course.
recognize the process of developing audit programs and detailed audit plans for various audit
areas.
The auditor develops audit programs for individual financial statement audit areas to correspond
with her/his risk assessments and decisions about the audit approach at the assertion level. This
chapter discusses how to develop the necessary audit programs.
6 B. Cash, Investments, and Derivative
Instruments
Introduction
Cash includes currency and checks on hand and demand deposits, including deposits in accounts
and pools that have the characteristics of demand deposit accounts. Deposits include the
following: checking accounts and demand deposits; savings and time accounts; negotiable orders
of withdrawal accounts; nonnegotiable certificates of deposit; money market accounts at financial
institutions; and bank investment contracts.
Relevant Assertions for Cash
Relevant assertions for each opinion unit for cash are as follows:
A. Existence or occurrence. This deals with whether cash exists at a given date and whether
recorded transactions have occurred.
B. Completeness. All cash transactions have been recorded. Cash balances reflect all cash and
cash items on hand, in transit, or on deposit with third parties. All required disclosures have
been included in the financial statements.
C. Rights or obligations. Cash is owned by the entity, and any restrictions on the availability of
funds are identified and properly disclosed.
D. Accuracy or classification. Cash transactions have been recorded properly as to account and
amount. Cash balances are properly classified in the financial statements. Disclosures are
accurate and clearly expressed.
E. Cutoff. Cash balances reflect a proper cutoff of receipts and disbursements.
Substantive Procedures for Cash
Substantive procedures for cash focus primarily on obtaining assurance about the reliability of the
entity's bank reconciliation, which provides audit evidence about existence or occurrence,
completeness, accuracy or classification, and cutoff. Although auditing standards do not require
cash confirmations, auditors often confirm the balance of selected cash accounts as the primary
test of the existence assertion, as well as to obtain evidence about rights or obligations. Other
substantive procedures for cash consist of analytical procedures, such as scanning bank
reconciliations for reasonableness and scanning cash receipts and disbursements for significant or
unusual transactions near year-end, which provide assurance about existence or occurrence,
rights or obligations, completeness, and cutoff. Auditors may also review loan and debt
agreements, governing board minutes, and other documentation; make inquiries of management;
and perform other auditing procedures to obtain evidence about matters that include the
following:
A. Guarantees, endorsements, and/or letters of credit, including guarantee arrangements for
related parties
B. Whether amounts are appropriately classified as cash, cash equivalents, or other short-term
investments
C. Whether overdrawn cash balances are correctly reported as liabilities instead of negative cash
balances
D. Whether the allocation of pooled cash balances and transactions is reasonable, accurate, in
accordance with GAAP, and properly classified and disclosed in the financial statements
E. Whether the entity is in compliance, during the year and at year-end, with requirements that
could have a direct and material effect on the determination of material amounts and
disclosures in the financial statements (such as those relating to legal or contractual
provisions that require separate bank accounts for certain amounts; cash restrictions,
including withdrawal restrictions and minimum balance requirements; designations of
amounts for special purposes; and types of deposits authorized by legal and contractual
provisions and, if applicable, any violations of those provisions during the period)
F. Whether deposits are appropriately collateralized and, if applicable, the portion of bank
balances for which there is custodial credit risk at year-end
G. Whether cash disclosures are in accordance with GAAP and include all appropriate balances,
including balances held by fiduciary funds
Electronic Bank Confirmations
Some financial institutions only respond to electronic confirmation requests submitted via a
designated third-party provider. An electronic form represents audit evidence. However, electronic
confirmations have risks related to reliability because the response may not be from an authentic
source, the respondent may not be knowledgeable about the information, and the integrity of the
transmission may be compromised. The auditor may also use confirmations for arrangements
such as minimum balance requirements related to debt agreements. In addition, the auditor may
confirm authorized check signers.
Canceled Checks
Auditors often use canceled checks when testing bank reconciliations or examining support for
transactions in other audit areas. However, many banks no longer return canceled checks. If the
auditor cannot obtain canceled checks, check images, or substitute checks, the following
alternative procedures may provide satisfactory audit evidence about disbursements:
A. Some banks list the payee on the bank statement and the check number, amount, and date
paid, which provide evidence of the actual payee.
B. Details of disbursements can be confirmed with the payee if neither the check nor a
sufficiently detailed bank statement is available, and the auditor wants independent evidence.
C. The auditor may be able to rely on a combination of information from the bank statement
(check number, amount, and date paid), the entity's internally generated information about
the disbursement, and the entity's control procedures related to disbursements, such as the
following: the use of prenumbered checks and numerical control of checks used; recording of
check numbers in the disbursements journal; designation of authorized check signers;
restricted access to checks and signature plates; and approval of payments, signing of checks,
and timely preparation of bank reconciliations by persons other than the person who prepares
checks and posts disbursements to the accounts.
Pooled Cash
Governmental units typically pool the cash accounts of several funds. Each fund, activity, and
component unit reports its own cash, including its amount of pooled cash. If one fund overdraws
its share of the pooled cash account, the fund should report an interfund liability to the fund that
management determines “loaned” the cash to the overdrawn fund. If a pooled cash account is
overdrawn in total, the balance should be reported as a liability.
Restricted Cash
Some cash must be classified as restricted because, for example, its use is limited by legal or
contractual arrangements, such as debt covenants. In this situation, the auditor's procedures
could include evaluating the adequacy of the entity's compliance with the restrictions and the
reporting of the restrictions.
For example, if the auditor finds that assets restricted for debt retirement include
amounts due from other funds, the implication is that the underlying assets have not
been appropriately restricted. In this situation, the entity is not in compliance with the
requirement to restrict the assets.
Warrants
A warrant is an order drawn by a legislative body or a government official that directs the
treasurer to pay a specified amount to a specified person or the bearer. A warrant that is payable
on demand is the same as a bank check and reduces cash. A warrant may also be payable only
from certain revenues if and when those revenues are received. In this case, it is recorded as a
warrant payable.
Deposit Collateral and Insurance
State statutes often require that cash deposits in excess of deposit insurance be collateralized by
the depository institution. In this situation, the depository institution pledges specified types of
securities as collateral. The auditor should understand the current collateralization laws and
determine the existence and value of collateral throughout the year and at year-end. The auditor
may obtain from the finance director's records a schedule of collateral pledged to secure deposits,
including the name of the depository, a description of the collateral, and the amount. In
determining the extent of collateralization, the auditor should use the market values of the
securities used. The auditor may examine the collateral pledged to secure deposits or confirm the
collateral with banks and agencies holding the pledged securities, and determine if the collateral
complies with legal requirements.
Investments and Derivative Instruments
Governmental units often own a variety of investments, including derivative instruments. Some
derivative instruments are considered to be hedging derivative instruments instead of investment
derivative instruments. Governmental units are generally required to include changes in the fair
value of investments as an element of investment income. However, changes in the fair value of
investments held pursuant to irrevocable split-interest agreements are required to be recognized
as changes in a deferred inflow of resources related to the investment. Realized gains and losses
should not be reported separately from the changes in the fair value of investments on the face of
the financial statements other than by external investment pools. Realized gains and losses may
be disclosed in the notes to the financial statements.
Relevant Assertions for Investments
Relevant assertions of each opinion unit for investments and investment-related transactions,
such as securities lending transactions and reverse repurchase agreements, are as follows:
A. Existence or occurrence. Investments reflected in the financial statements exist, and
investment-related transactions occurred and pertain to the entity.
B. Completeness. Investments reflected in the accounts represent a complete list of all
investments. All investment-related income (including net appreciation or depreciation in fair
value) and expenditures or expenses have been reported. All required disclosures have been
included in the financial statements.
C. Rights or obligations. Investments and investment-related transactions are initiated in
accordance with the established investment policies and comply with laws, regulations, and
plan or trust provisions, if applicable. All investments are owned by the entity, and are free of
liens, pledges, and other trust provisions, if applicable; if not free from security interest, the
investments are identified and properly disclosed.
D. Valuation or allocation. Investments are properly valued in accordance with GAAP.
Investments and investment-related transactions are disclosed at appropriate amounts.
E. Accuracy or classification. Investments are properly identified and classified. Investments and
investment-related income (including net appreciation or depreciation in fair value) and
expenditures or expenses are accurately reported. Disclosures are accurate and clearly
expressed.
F. Cutoff. Investments and investment-related income and expenditures or expenses are
recorded in the proper accounting period.
Substantive Procedures for Investments
Substantive procedures for investments and investment-related transactions generally consist of
a combination of inquiry and analytical procedures. If balances are material, procedures may also
include the following: reviewing state and local laws and regulations; reviewing the entity's
investment policy, debt agreements, governing board minutes, and other supporting documents;
vouching activity during the year and comparing market values to quoted prices; confirmation;
and inspection of documents. These procedures provide evidence about the following:
A. Whether the requirements of laws and regulations, debt issuance documents, contribution
and grant agreements, and other similar documents are appropriately considered in the
entity's written investment policy
B. Whether the investment policy and changes to it have been authorized by the governing body
C. Whether investments and investment-related transactions, during the year and at year-end,
are types authorized by the entity's investment policy and legal and contractual provisions
and, if applicable, actions have been taken to address significant violations of those provisions
during the period
D. Whether the entity is in compliance, during the year and at year-end, with other compliance
requirements that could have a direct effect on the determination of material amounts and
disclosures in the financial statements
E. Whether procedures for establishing and complying with investment risk policies are
adequate
F. Whether policies for valuing investments are in conformity with GAAP and appropriately
applied
G. Whether the entity has considered the need to record impairment losses on investments using
cost-based measures
H. Whether the allocation of internal investment pool balances and transactions is reasonable,
accurate, in conformity with GAAP, and properly classified and disclosed in the financial
statements
I. Whether disclosures for investment and investment-related transactions are in accordance
with GAAP and include all appropriate balances, including balances held by fiduciary funds
Relevant Assertions for Derivative Instruments
The relevant assertions for each opinion unit for derivative instruments are as follows:
A. Existence or occurrence. Reported derivative instruments represent current valid investment,
embedded investment, hedging, or embedded hedging derivative instruments. Reported
deferred outflows of resources and deferred inflows of resources represent changes in
hedging or hybrid hedging derivative instruments for current valid hedging derivative
arrangements. Reported derivative transactions occurred and pertain to the entity.
B. Completeness. All derivatives-related income related to the period and all derivative
instrument balances, deferred outflows of resources, and deferred inflows of resources have
been reported. All required disclosures have been included in the financial statements.
C. Rights or obligations. Conditions and agreements that affect the entity's rights and
obligations concerning investment, hedging, and embedded derivative instruments have been
properly reflected in the financial statements.
D. Valuation or allocation. Derivative instruments, deferred outflows of resources, and deferred
inflows of resources are properly valued in accordance with GAAP. Derivative instruments,
deferred outflows of resources, deferred inflows of resources, and derivatives-related income
are disclosed at appropriate amounts.
E. Accuracy or classification. Derivative instruments and derivatives-related income, including
amounts relating to deferred outflows of resources and deferred inflows of resources, are
properly identified and classified. Derivative instruments, deferred outflows of resources,
deferred inflows of resources, and derivatives-related income are accurately reported.
Disclosures are accurate and clearly expressed.
F. Cutoff. Derivative instruments and derivatives-related income, including reversals of deferred
inflows of resources and deferred outflows of resources, are recorded in the proper accounting
period.
Substantive Procedures for Derivative Instruments
As a general rule, audit procedures for derivative instruments are the same as those for
investments. The auditor may need special skill or knowledge to audit derivative instruments
because the risk of material misstatement may be high due to complex accounting requirements.
The auditor may need to perform additional risk assessment procedures or further audit
procedures relating to fair value estimates.
Basic Audit Procedures for Investments and Derivative Instruments
Routine procedures used to audit investments and derivative instruments include confirmation,
physical inspection, and vouching. When auditing fair value measurements, the auditor should
perform risk assessment procedures to identify and assess the risks of material misstatement
arising from estimates (including fair value estimates) and perform further audit procedures in
response to those risks. The auditor may be able to respond to the assessed risks of material
misstatement by testing how management made the estimate, including an evaluation of the
appropriateness of the method, the reasonableness of the assumptions, and the reliability of the
underlying data.
A. Some fair values are readily determinable from quoted market prices. When there is no
observable market price or when items have characteristics requiring an estimate to be made,
a valuation method acceptable under GAAP should be used. The auditor can test the entity's
valuation, including management's assumptions (or those of a specialist), the valuation
model, and the underlying data; develop an independent estimate and compare it to the
entity's valuation; or review subsequent events and transactions to corroborate
management's valuation.
B. The accuracy, completeness, and relevance of the underlying data should be tested. The
auditor should ensure that the resulting valuation properly reflects both the assumptions and
the data. Tests can include verification of the data source, recomputation, and review of
information for internal consistency.
C. When auditing the valuation of investments in debt and equity securities measured at fair
value, the auditor is required to do the following:
1. Determine whether GAAP specifies a method for measuring fair value.
2. If so, evaluate whether fair value is measured in accordance with that method.
3. For fair value based on a valuation model, test management's determination of fair value
or, if applicable, understand the method used by a broker-dealer or other third party to
determine fair value and consider the guidance for use of management's specialist.
4. Evaluate management's conclusion about the need for an impairment loss and test any
impairment adjustment, including compliance with GAAP.
D. For derivative instruments, the auditor is also required to test the unrealized appreciation or
depreciation in fair value that is recognized or disclosed because of the ineffectiveness of a
hedge, including an evaluation of compliance with GAAP.
6 C. Revenues and Receivables

Introduction
Because revenue and receivables are closely related, the auditor may find it efficient and effective
to integrate the audit of receivables with the substantiation of revenues. The auditor should
determine that adequate procedures are performed on activity and balances in each opinion unit
that has material revenues and receivables.
Compliance Requirements
Revenues of governmental units are often subject to compliance requirements such as the
following: eligibility requirements, purpose restrictions, or other requirements imposed by
intergovernmental grants or private donations; legal limits on the ability to tax citizens, such as
maximum millage rates, budgetary processes that require public notification and hearings, or
restrictions that limit spending authority; requirements to obtain voter approval to issue debt and
levy taxes to repay that debt; requirements to obtain voter approval to increase tax rates or
restrictions on the use of the additional taxes; and special assessments on a specific group of
property owners that can only be used to benefit those property owners.
Relevant Assertions
Relevant assertions of each opinion unit for revenues and receivables are described below.
Existence or Occurrence
Reported revenues represent amounts relating to the period and pertain to the entity. Reported
receivables represent amounts uncollected as of the end of the period. Reported revenue-related
liabilities and deferred outflows of resources represent amounts received or receivable that have
not met the criteria for revenue recognition. Reported revenue-related liabilities and deferred
inflows of resources are properly classified. Disclosed transactions have occurred and pertain to
the entity.
Completeness
All revenues related to the period and all receivables, revenue-related liabilities, and deferred
outflows of resources, and deferred inflows of resources as of the end of the period are reported.
All required disclosures are included in the financial statements.
Rights or Obligations
Conditions and agreements that affect the entity's receivables, revenue-related liabilities, and
deferred inflows of resources as of the end of the period are properly reflected in the financial
statements.
Valuation or Allocation
Receivables, revenue-related receivables, and deferred inflows of resources are reported at the
proper amounts. Information pertaining to revenues, receivables, revenue-related liabilities, and
deferred inflows of resources is disclosed fairly and at appropriate amounts.
Accuracy or Classification
Amounts and other data relating to revenue transactions and events are recorded appropriately
and in the proper accounts. The financial statements properly classify, describe, and disclose
revenues, receivables, revenue-related liabilities, and deferred inflows of resources, including
classification in the proper fund and activity. Financial and other information is appropriately
presented and described and is disclosed fairly and at appropriate amounts in accordance with
GAAP. Disclosures are accurate and clearly expressed.
Cutoff
Revenue transactions and events are recorded in the correct accounting period.
Substantive Procedures
The auditor obtains audit evidence for revenues, receivables, revenue-related liabilities, and
deferred inflows of resources primarily through reviewing statutes and regulations; reviewing
governing board minutes and other supporting documents; and using confirmation, inquiry, and
analytical procedures.
Evidence That Is Needed

The auditor performs substantive procedures to obtain evidence about the following matters:
A. Whether the entity is in compliance, during the year and at year-end, with requirements that
could have a material effect on the determination of financial statement amounts
B. Whether tax, fee, and service rates are billed consistently and rate changes are incorporated
into the billing system on a timely basis
C. Whether tax, fee, and service rates are in compliance with legal and regulatory requirements
or limitations
D. Whether abatements, exonerations, refunds, and similar matters have been properly
approved
E. Whether tax exemptions of properties and organizations are proper
F. Whether taxpayer-assessed tax returns were calculated in accordance with laws and
regulations
G. Whether revenue recognition and classification principles are in conformity with GAAP and
are consistently applied
H. Whether the allowances for uncollectible revenues are adequate and the entity filed liens or
took other legally required steps to ensure collectibility
I. Whether amounts reported for probable revenue-related refunds, such as for taxes, are
adequate
J. Whether revenues collected by another entity are properly recorded
K. Whether amounts collected for other governments are properly accounted for and segregated
L. Whether disclosures are in conformity with GAAP
Basic Audit Procedures for Receivables
Audit procedures at the account balance level for receivables can consist primarily of analytical
procedures with a few tests of details. For example, the auditor can compare the balance in
receivables with the balance for prior years or other auditor-developed expectations and
investigate unusual variations. Compute the ratio of the receivables balance to related revenue for
the current and prior years and investigate any unexpected results. Review a reconciliation of the
aged receivables balance to the general ledger account balance, document an explanation for any
unusual reconciling items, and consider whether it is necessary to review documentation
supporting the reconciling items and explanations. Scan the trial balance for unusual items, such
as large credit balances, unusual names, receivables from known related parties; propose
reclassifications, if necessary. Confirm selected receivables. Test the adequacy of the allowance for
uncollectible accounts by inquiring about the entity's process for estimating the allowance,
perform analytical procedures, and investigate any unusual results. Compare revenues for the last
month of the year to the rest of the year and to the first month after year-end. Compare credit
memos for the last few months of the year to the first few months after year-end to test cutoff.
Basic Audit Procedures for Revenues
Because of the interrelationship of receivables and revenues, substantive procedures (generally
analytical procedures) provide audit evidence for assertions related to revenues and may also
provide additional audit evidence for assertions related to receivables. Examples of substantive
procedures for revenues are as follows:
A. Inquire of responsible officials about how the entity raises revenue and identify the major
revenue sources. Obtain an understanding of the entity's revenue recognition policies and
determine whether they are in accordance with GAAP. Inquire of management about and
evaluate changes in revenue recognition policies and significant, unusual, and complex
revenue transactions occurring at or near year-end.
B. Scan a schedule summarizing revenues by fund and type of revenue for the year and compare
amounts to those of prior periods and to the adopted budget or to other auditor-developed
expectations. Investigate any unexpected results.
C. Consider the allocation of revenues to the entity's funds in accordance with the intent of the
governing body and the requirements of laws, regulations, contracts, and grant agreements.
D. Scan the accounting records and review supporting documentation for large or unusual
transactions near year-end.
E. Test compliance with legal and contractual provisions that could have a material effect on the
determination of financial statement amounts and disclosures.
F. Test tax, fee, and service rates for compliance with legal and regulatory requirements or
limitations.
Note
If the auditor does not overcome the presumption of a risk of material misstatement
due to fraud related to improper revenue recognition, the auditor should perform
procedures relating to revenue to respond to that risk.
Basic Audit Procedures for Revenue-Related Liabilities

Examples of specific procedures at the account balance level for revenue-related liabilities are as
follows: Compare the balances in revenue-related liabilities accounts with the balances for prior
years or other auditor-developed expectations and investigate unusual variations; and compute
the ratio of revenue-related liabilities balances to the applicable revenues for the current year and
compare to the ratios of prior years or other auditor-developed expectations and investigate
unusual variations.
Basic Audit Procedures for Deferred Inflows of Resources
Examples of specific procedures at the account balance level for deferred inflows of resources are
as follows: Identify the nature and sources of deferred inflows of resources; and compare the
balance in deferred inflows of resources accounts with the balance for prior years or other auditor-
developed expectations and investigate unusual variations.
6 D. Expenditures or Expenses and

Liabilities
Introduction
In the government-wide statement of activities, resource outflows are reported as expenses
(generally classified by function or activity), special items, or extraordinary items. In governmental
funds, resource outflows are reported as expenditures, other financing uses, special items, or
extraordinary items. In proprietary funds, resource outflows are classified as operating expenses,
nonoperating expenses, special items, or extraordinary items. Trust funds classify resource
outflows as deductions. Expenditures or expenses and liabilities should be reported in a
consistent manner from year to year. Deferred outflows of resources may also be reported. Certain
items previously reported as assets and liabilities are reclassified and reported as deferred
outflows of resources or deferred inflows of resources.
The expenditure or expense and liability activities of governmental units often are subject to
compliance requirements. For example, budgetary constraints may limit spending for particular
funds, functions, departments, or object classes. State and local laws and regulations, debt
agreements, and grant agreements often require competitive bidding for large purchases, and
certain vendors (contractors) may be barred from providing goods and services. Grants,
entitlements, contributions, and trust agreements may require that funds be spent for particular
purposes or during a particular period, or that matching funds be provided. They also may require
that cash be disbursed within a short time after its receipt by a government. Governments are
sometimes permitted to allocate indirect costs to a grant, often based on an approved indirect
cost allocation plan or rate.
Relevant Assertions
Relevant assertions for each opinion unit for expenditures or expenses, liabilities, and deferred
outflows of resources and deferred inflows of resources are described below.
Existence or Occurrence
Reported expenditures or expenses represent amounts relating to the period and pertain to the
entity. Reported liabilities represent amounts unpaid as of the end of the period. Reported
deferred outflows of resources represent the consumption of net assets that is applicable to a
future reporting period, and deferred inflows of resources represent the acquisition of net assets
applicable to a future reporting period. Disclosed expenditures or expenses, liabilities, deferred
outflows of resources, and deferred inflows of resources have occurred and pertain to the entity.
Completeness
All expenditures or expenses related to the period and all liabilities, deferred outflows of
resources, and deferred inflows of resources as of the end of the period have been reported. All
required disclosures are included in the financial statements.
Rights or Obligations
Conditions and agreements that affect the entity's liabilities, deferred outflows of resources, and
deferred inflows of resources as of the end of the period are properly reflected in the financial
statements.
Valuation or Allocation
Liabilities, deferred outflows of resources, and deferred inflows of resources are reported at
appropriate amounts. Information pertaining to expenditures or expenses, liabilities, deferred
outflows of resources, and deferred inflows of resources is disclosed at appropriate amounts.
Accuracy or Classification
Amounts and other data relating to expenditures or expenses are recorded appropriately and in
the proper accounts. Financial information relating to expenditures or expenses, liabilities,
deferred outflows of resources, and deferred inflows of resources is appropriately presented and
described and is disclosed fairly and at appropriate amounts in accordance with GAAP.
Disclosures are accurate and clearly expressed.
Cutoff
Expenditures or expenses are recorded in the correct accounting period.
The auditor obtains evidence for expenditures or expenses, accounts payable and other liabilities,
deferred outflows of resources, and deferred inflows of resources primarily through reviewing
governing body minutes; reviewing grant and contribution agreements and correspondence from
grantor agencies, contributors, and others; reviewing other supporting documents; inquiring of
management and others; and performing analytical procedures.
Evidence That Is Needed
The auditor performs substantive procedures to obtain audit evidence about the following
matters:
B. Whether the entity adheres to its policy regarding first applying restricted or unrestricted
resources when an expense is incurred for purposes for which both restricted and unrestricted
components of net position are available
C. Whether expenditures or expenses, liabilities, deferred outflows of resources, and deferred

inflows of resources are properly recorded and classified
D. Whether encumbrances at year-end for outstanding contracts and purchase orders are valid
and are recorded and reported in conformity with GAAP
Note
The entity is prohibited from reporting encumbrances on the face of the
governmental fund balance sheet. Generally, encumbrances are included in the
committed or assigned fund balance.
E. Whether the entity has appropriately reversed long-outstanding checks and unclaimed
amounts have been handled properly in accordance with escheat laws
F. Whether expenditures or expenses, liabilities, commitments, deferred outflows of resources,
and deferred inflows of resources are measured, presented, and disclosed in the financial
statements in conformity with GAAP
Basic Audit Procedures for Liabilities
Substantive procedures for accounts payable and other liabilities consist of analytical procedures
and tests of details. For example, the auditor can compare the balances in accounts payable and
other liabilities with those of prior years or other auditor-developed expectations and investigate
any unusual fluctuations, considering known changes in the entity's activities. Inquire of entity
personnel about their knowledge of any unprocessed invoices and whether they have been
accrued. Trace receiving cutoff information to the accounting records and determine whether the
liability is recorded in the proper accounting period. Scan the listings of accounts payable and
other liabilities for amounts payable to related parties and any other unusual items and consider
whether appropriate financial statement disclosures are made.
Basic Audit Procedures for Expenditures or Expenses
The interrelationship of liabilities and expenditures or expenses may allow auditors to conclude
that they have obtained, completely or in part, sufficient appropriate audit evidence for relevant
assertions related to expenditures or expenses by applying procedures to relevant assertions
related to accounts payable and other liabilities. If so, analytical procedures will generally provide
sufficient appropriate audit evidence for relevant assertions related to expenditures or expenses.
For example, the auditor can compare balances in expenditure or expense accounts by function,
program, and opinion unit with those of prior years and with budgeted amounts or other auditor-
developed expectations. Determine that expenditures or expenses are recorded correctly as to
account, fund, budget category, period, and amount, and investigate any unexpected variations.
Compute the ratio of individual expenditure or expense accounts to total expenditures or
expenses (for the function, program, or opinion unit), compare to prior-year ratios, and investigate
any unexpected variations. Scan the accounting records, including nonstandard journal entries,
and obtain an understanding of the business rationale for any significant or unusual transactions.
Because of the importance of classification, a basic procedure is to select a sample of

expenditures (concurrently with cash disbursements) and review them for correctness
of account distribution, agreement of details with supporting documents, and
recording in the correct period. This sample can also be used to determine compliance
with requirements of laws, regulations, contracts, and grant agreements, when
applicable.
6 E. Payroll and Related Liabilities

Introduction
The auditor's objective in the area of payroll and related liabilities is to obtain reasonable
assurance that payroll disbursements are made only for all work authorized and performed;
payroll is computed using rates and other factors in accordance with contracts and relevant laws
and regulations; and payroll and related liabilities are recorded correctly as to amount and period
and distributed properly by account, fund, and budget category.
The auditor's considerations of compliance for expenditures or expenses and accounts payable
and other liabilities also apply to payroll and related liabilities. However, payroll and related
liabilities also may be affected by the following: state and local laws that require certain fringe
benefits; federal laws and regulations that require payment of prevailing wage rates on
construction projects; federal laws and regulations relating to overtime, compensatory time, and
employment taxes; civil service requirements for hiring, promoting, and terminating employees;
union contracts; budgetary constraints that may limit the number of employees by department or
function; and grants or contributions that limit the amount of personnel cost that can be charged
to a program. Noncompliance with such requirements may lead to contingent liabilities.
Relevant Assertions
The relevant assertions for expenditures or expenses and accounts payable and other liabilities for
each opinion unit, discussed earlier in this chapter, also apply to payroll and related liabilities.
The audit of payroll and related liabilities is similar to that for expenditures or expenses and
accounts payable and other liabilities. For example, the auditor can compare payroll expenditures
or expenses to the prior period actual and current budget (by function or program and in total)
and relate them to the number of personnel or other auditor-developed expectation. The auditor
may also consider computing the average payroll cost per employee and comparing it to prior
periods. In both cases, unexpected variations would be investigated. Compare accruals for
compensated absences to the prior-period actual and current budget, and compare the
relationship of amounts to gross pay with the same ratio for the prior period or other auditor-
developed expectation and investigate unexpected variations. Compute the ratio of payroll tax
and other employee benefit expenditures or expense as at the end of the period to total payroll
and compare with the ratios of prior years or other auditor-developed expectation and investigate
unexpected variations. Consider the reasonableness of accrued payroll at the end of the period by
performing a predictive test, such as comparing it to the subsequent payroll or other auditor-
developed expectation and investigate unexpected variations.
6 F. Operating Assets, Debt, and Equity

Introduction
In the audit areas of operating assets, debt, and equity, the primary emphasis is on balance sheet
accounts, and the audit approach is almost entirely substantive. The approach consists mainly of
analytical procedures supplemented by transaction testing. This section of the chapter is divided
into subsections for inventories, capital assets and expenditures, debt and debt service
expenditures, and equity and financial statement reconciliations.
Inventories
Inventories usually consist of materials and supplies used in operations. The scope of audit work is
influenced by the accounting treatment of inventories; the number of physical sites for storage
and significance of inventories at each site; safeguarding measures used at each site; and the
effectiveness of counting and pricing procedures.
Relevant Assertions
The relevant assertions for inventories of each opinion unit are similar to those for expenditures or
expenses and liabilities.
Basic Audit Procedures
Substantive tests of inventories often can be accomplished with analytical procedures. The auditor
should consider audit risk and materiality of inventories before conducting tests of details.
Inventory amounts are often well below tolerable misstatement. If the entity's controls are
reasonable, the auditor may analytically test inventory, using procedures such as the following:
Compare the dollar amount of inventory by fund to prior periods and consider
reasonableness in relation to knowledge of activity during the period.
Inquire about the individual funds that have recorded inventory and the accounting
method used by each fund to record inventory.
Determine whether inventory amounts reported in the financial statements are properly
classified, whether disclosures are adequate, and whether nonspendable fund balance
has been reported.
Note
If inventories are material and/or audit risk associated with inventories is high, the
auditor may consider the need to count inventory items and compare those counts to
the entity's counts.
Capital Assets and Expenditures

Capital assets may be acquired by purchase, construction, lease, donation, or foreclosure, or may
be internally generated (such as computer software). The method of acquisition may dictate the
valuation of, or accounting for, an asset.
Legal and contractual requirements often dictate terms for capital asset acquisition and disposal.
Noncompliance with these requirements can lead to contingent liabilities. Acquisitions generally
require budgetary authorization and governing board approval. Legal provisions often stipulate
procedures for bidding and awarding contracts. Other legal restrictions may require the entity to
dispose of assets that are no longer used either by selling them at auction or donating them to
other governments or not-for-profit organizations. If the asset was financed through a bond issue,
the entity may be subject to debt covenant compliance requirements. If the asset was funded
entirely or in part by intergovernmental revenues or donations from nongovernmental entities, the
entity may be subject to compliance requirements for their acquisition and disposal as well as for
maintenance and recordkeeping.
Relevant Assertions
The relevant assertions of each opinion unit for capital assets and expenditures are as follows:
A. Existence or occurrence. Reported capital assets represent items owned or otherwise required
to be reported (such as capital assets acquired under a capital lease) or intangible assets that
are required to be capitalized, considering the entity's capitalization policies, as of the end of
the period. Reported deferred inflows of resources represent the acquisition of net assets
applicable to a future reporting period. Reported capital expenditures and depreciation
represent amounts relating to the period and pertain to the entity. Disclosed capital assets,
accumulated depreciation, capital expenditures, depreciation expense, and deferred inflows
of resources have occurred and pertain to the entity.
B. Completeness. All capital expenditures and depreciation expense related to the period and all
capital assets, accumulated depreciation, and deferred inflows of resources as of the end of
the period are reported. All required disclosures are included in the financial statements.
obligations concerning capital assets have been properly reflected in the financial statements.
D. Valuation or allocation. Capital assets, accumulated depreciation, and deferred inflows of
resources are reported at the proper amounts. Information pertaining to capital assets is
disclosed at appropriate amounts.
E. Accuracy or classification. Amounts and data pertaining to capital expenditures and
depreciation expense are recorded appropriately and in the proper accounts. The financial
statements properly classify, describe, and disclose the activity and balances relating to
capital assets, including classification in the proper fund and activity. Financial information for
capital assets, accumulated depreciation, deferred inflows of resources, capital expenditures,
and depreciation expense is disclosed fairly and at appropriate amounts in accordance with
GAAP. Disclosures are accurate and clearly expressed.
F. Cutoff. Capital expenditures and depreciation expense are recorded in the correct accounting
period.
Even though capital assets generally are material, when the risk of material misstatement is low,
substantive analytical procedures generally provide sufficient appropriate audit evidence for
relevant assertions related to capital assets and expenditures. Tests of details, such as
recalculating depreciation and vouching additions, retirements, and maintenance accounts,
typically are not necessary. In addition, because auditors generally have audited the capital assets
accounts in prior years, current-period substantive procedures can focus primarily on additions
and dispositions during the year.
Auditors generally can establish the continuing relevance of audit evidence obtained in
prior years that substantiates the beginning balance by making inquiries,
supplemented by observation and inspection, and considering whether the property is
fundamentally the same as in the prior year.
Evidence
The auditor obtains evidence for capital assets and expenditures primarily through reviewing
governing body minutes, statutes and regulations, grant agreements and donor letters, contracts
to lease or sell capital assets, and other supporting documents; inquiring of management and
others; and performing analytical procedures to obtain evidence about the following:
B. Whether the entity has satisfactory title to capital assets or other evidence to support the
reporting of infrastructure assets, whether any liens exist, and whether any capital assets have
been pledged
C. Whether the entity has entered into any service concession arrangements
D. Whether transfers of capital assets between funds, component units, or other entities are
properly recorded
E. Whether depreciation expense has been properly charged to various entity functions
F. Whether the value of donated capital assets has been properly recorded
G. Whether capital asset impairments have been properly reported
H. Whether the asset management system and documentation of the condition of assets comply
with the standards in GASB Statement No. 34 if the modified approach is used for
infrastructure assets
I. Whether financial statement disclosures for capital assets and related accounts are in
conformity with GAAP
J. Whether the entity has maintained and disposed of capital assets in accordance with the
requirements of entities that provided funds to acquire the assets (such as intergovernmental
grants)
Examples of Substantive Analytical Procedures
Examples of substantive analytical procedures at the account balance level are as follows:
A. Compare balances in the capital assets and accumulated depreciation accounts with
balances for prior years and the capital budget or other auditor-developed expectations.
Investigate any unexpected results.
B. Inquire of entity personnel if all additions and deletions have been reflected in the capital
assets schedule and relate such responses to capital expenditures, significant lease
payments, and significant sales of capital assets.
C. Inquire of entity personnel whether there has been any change in depreciable lives or
depreciation methods and whether there are significant amounts of fully depreciated assets.
D. Scan the capital assets schedule and consider whether the lives of assets are reasonable,
depreciation methods are in accordance with GAAP and consistent, and depreciation expense
for the year appears reasonable. Determine whether capital asset impairments have been
properly reported.
E. Inquire of entity personnel about the factors used in determining the depreciable lives of
infrastructure and consider whether the estimate of the remaining useful lives has been
appropriately modified over the years, as evidence became available that the likely useful lives
would be longer or shorter than originally expected.
Debt and Debt Service Expenditures
Governmental units issue debt to provide capital facilities, to finance other significant long-term
commitments such as OPEB obligations, and sometimes to provide short-term financing. Much of
the short-term debt issued is used for interim financing during the construction period of capital
projects.
Debt-related activities usually are subject to various compliance requirements, such as the
following:
A. State and local laws generally impose limits on the amount of debt an entity can issue and
often require approvals by senior levels of government or voters to issue debt. These
limitations can apply to all forms of debt or may be structured so that there are separate
limits and voter requirements for different types of debt (such as general obligation, revenue,
installment, and lease purchase debt) or purposes (such as debt issued for equipment, water
and sewer, or transportation purposes). Local governments may not be able to issue debt
without explicit authority in state law, and state law may limit the form of debt that can be
issued. Other limitations on the form, type, or amount of debt are imposed by federal tax laws
and related Internal Revenue Service regulations relating to tax-exempt debt.
B. The use of debt proceeds is restricted to specific purposes and may restrict other entity
activities. For example, a debt agreement may require that the fund that will repay the debt
must maintain certain levels of equity or changes in equity; that particular revenues must be
used to pay debt service; and that a reserve fund, such as a sinking fund, must be used to set
aside resources for the future payment of debt service obligations.
C. Debt agreements require the payment of principal and interest in specific amounts and on
specific dates.
D. Debt agreements often require the entity to file continuing disclosure documents with certain
distributing organizations.
Relevant Assertions
The relevant assertions of each opinion unit are similar to those for expenditures or expenses and
liabilities.
The nature and extent of audit procedures for debt and debt service expenditures are influenced
by considerations such as the following: the nature and amount of the entity's debt and similar
obligations; how often and in what amounts the entity issues debt or enters into debt agreements;
the legal requirements for issuing debt or entering into debt agreements; the identity of the
trustees or fiscal agents used for debt; and the debt covenants or similar debt-related restrictions.
The auditor obtains evidence for debt and debt service expenditures primarily through reviewing
governing body minutes, debt agreements, and other supporting documents; inquiring of
management and others; and performing analytical procedures to obtain evidence about whether
the entity is in compliance (during the year and at year-end) with compliance requirements that
could have a direct and material effect on the determination of financial statement amounts; and
whether the entity's debt issuances are measured, presented, and disclosed in the financial
statements in conformity with GAAP. Examples of substantive procedures for debt and debt
service expenditures include the following:
A. Compare balances of debt and related interest expense accounts with those of prior years.
Investigate any unexpected results.
B. Review documentation for debt coverage and determine whether taxes levied or other
revenues dedicated to service the debt are adequate.
C. Review minutes or other appropriate documents (such as bond referendums) approving

issuance of debt. Trace authorized debt to the accounting records and consider the
appropriateness of classification.
D. Inquire of entity personnel about whether all debt has been recorded, identified, and
disclosed. Compare balances to amounts confirmed on bank or other confirmations.
E. Inquire of management about the existence of derivative financial instruments or securities
lending agreements. If the entity has such instruments or agreements, determine whether the
accounting and disclosures are in conformity with GAAP.
F. Analytically test the reasonableness of interest cost and accrued interest.
Note
The auditor may be able to obtain persuasive evidence on the reasonableness of
interest expenditures by comparing the amount to the computation of average rate
times average debt outstanding. The auditor also can review a schedule of debt
service prepared by the entity for reasonableness in conjunction with analytically
testing interest cost.
G. Review documentation supporting compliance with debt covenants or other restrictions.

Reperform tests to determine whether the entity is in compliance with restrictive covenants.
Equity and Financial Statement Reconciliations
Equity of a governmental fund is referred to as fund balance. Equity of proprietary fund types,
fiduciary funds, and financial statements in the government-wide financial statements is referred
to as net position. The amount of equity reported in the government-wide statement of net
position generally will differ from the aggregate amount of equity reported in the fund financial
statements. Similarly, there will be differences between the changes in equity reported in the
government-wide statements and the fund financial statements. To explain those differences,
governments provide summary reconciliations to the government-wide financial statements
either on the fund financial statements or in an accompanying schedule. If aggregated
information obscures the nature of a particular reconciling item, more detailed information must
be provided in the notes to the financial statements.
The Effect of Reconciliations on the Audit
Individual items in the reconciliations reflect recognition and scope differences between the
financial statements. As a result, audit objectives for the transactions underlying those differences
are also audit objectives for the components of the reconciliations. An additional audit objective
relates to whether the reconciliations are presented and disclosed in accordance with GAAP. The
auditor should obtain sufficient appropriate audit evidence for each opinion unit with material
equity accounts. The nature, extent, and timing of audit procedures on the reconciliations depend
on the risks of material misstatement for the governmental and business-type activities opinion
units in the government-wide financial statements. Because the reconciliations explain the
differences between financial statements, they do not relate to opinion units in the fund financial
statements, such as individual major governmental funds.
The Effect of Different Major Funds between Years
The requirements for selecting major funds can result in different funds being reported as major
from year to year. Each major fund is a separate opinion unit. This means that, if a current-year
major fund was not audited as major in the previous year, the auditor should consider the need to
perform procedures on the opening equity balance of the fund to evaluate whether the equity
amount is properly stated and supported by underlying assets and liabilities.
Relevant Assertions
The relevant assertions of each opinion unit for equity and financial statement reconciliations are
described below:
A. Existence or occurrence. Reported changes in equity are based on actual transactions or other
events relating to the period and pertain to the entity. Reported equity and its components
are based on actual transactions or other events as of the end of the period. Disclosed equity
events and transactions occurred and pertain to the entity.
B. Completeness. All equity as of the end of the period and all changes in equity related to the
period are reported. All required disclosures are included in the financial statements.
obligations concerning equity and its components are properly reflected in the financial
statements.
D. Valuation or allocation. Equity and its components are reported at the proper amounts.
Information pertaining to equity and its components is disclosed at appropriate amounts.
E. Accuracy or classification. Equity transactions and events are recorded in the proper accounts.
Amounts and other data relating to recorded equity transactions and events are recorded
appropriately. The financial statements properly classify, describe, and disclose equity and its
components, including classification in the proper fund and activity. Financial information for
equity is appropriately presented and described and disclosed fairly and at appropriate
amounts in accordance with GAAP. Disclosures are clearly expressed.
F. Cutoff. Equity transactions and events have been recorded in the correct accounting period.
The auditor obtains evidence for equity and financial statement reconciliations through reviewing
the following: minutes; the entity's constitution, charter, statutes, and ordinances; debt issuance
documents; contribution and grant agreements; and other similar documents. The auditor also
inquires of management and others and performs procedures to obtain evidence about the
following matters:
could have a direct and material effect on the determination of financial statement amounts
B. Whether changes in equity accounts are properly reported in the financial statements or the
notes
C. Whether reconciling items between the fund and the government-wide financial statements
are properly calculated and the reconciliations are properly presented
D. Whether financial statement disclosures for equity are in accordance with GAAP
E. Whether equity restrictions, commitments, and assignments have been made in compliance
with applicable legal and contractual requirements and management policies
F. Whether restricted resources are used for their intended purpose and in accordance with
management's policy regarding whether to first apply restricted or unrestricted resources
when an expenditure or expense is incurred for purposes for which both restricted and
unrestricted fund balance or net position are available
G. Whether committed or assigned amounts are used for their intended purpose and in
accordance with management's policy regarding whether committed, assigned, or
unassigned amounts are considered to have been spent when an expenditure or expense is
incurred for which amounts in any of those unrestricted fund balance classifications could be
used
H. Whether restrictions, commitments, and assignments are removed when no longer required
I. Whether overspending of restricted, committed, or assigned resources creates or increases a
negative unassigned fund balance at year-end
J. Whether encumbrances are included within the applicable fund balance classification and not
displayed separately
Examples of Substantive Procedures
Examples of substantive procedures for equity and financial statement reconciliations include the
following:
A. Read minutes, debt agreements, or other relevant documents to identify, as applicable,
authorizations for restrictions, commitments, assignments, or nonspendable amounts.
B. Inquire of management about the existence of equity restrictions, commitments,
assignments, and nonspendable amounts.
C. Review documentation supporting commitments and assignments.
D. Determine whether restrictions, commitments, assignments, and nonspendable amounts
have been made in compliance with applicable legal and contractual provisions and
management policies and are properly disclosed.
E. Review policies and procedures related to fund balance classifications, stabilization
arrangements, and minimum fund balance, and determine whether they are properly
disclosed.
F. Determine whether formal action to commit fund balance to a specific purpose was taken at
the government's highest level of decision-making authority prior to the end of the reporting
period.
G. If formal action to commit fund balance occurred prior to the end of the reporting period, but
specific amounts were not known until the subsequent period, determine whether the
amounts were properly reported at the end of the reporting period.
H. For special revenue funds, determine that such funds are used only when the proceeds of
specific revenue sources are restricted or committed to expenditure for specified purposes
other than debt service or capital projects and that resources not meeting this criterion are
reported in the general fund or another fund type; identify the specific restricted or committed
revenue sources accounted for and reported in special revenue funds; determine that the
resources accounted for in a special revenue fund were not initially reported in another fund
and subsequently transferred to the special revenue fund; determine whether other resources
accounted for and reported in special revenue funds have been restricted, committed, or
assigned to the fund's specific purpose; determine whether the restricted or committed
proceeds of the specific revenue sources are expected to continue to be a substantial portion
of the inflows reported in the funds; and determine that a special revenue fund is not reported
when a substantial portion of the inflows is not expected to come from restricted or
committed resources and that any remaining resources are reported in the general fund or
another fund type.
I. For permanent funds, determine whether only earnings (and not principal) were expended,
were for the purposes to which the earnings are restricted, and were only to benefit the entity
or its citizens; and determine whether the amount of corpus legally required to be maintained
in perpetuity has been properly maintained.
J. Test expenditures or expenses to determine whether restricted, committed, or assigned

resources are used for their restricted, committed, or assigned purpose and in accordance
with management's policy regarding which resources are considered to be spent first when
more than one resource classification is available.
K. Determine whether deficit fund balances or net positions of individual nonmajor funds are
properly disclosed in the financial statements.
L. Determine whether assigned fund balances create or increase a negative unassigned fund
balance at year-end.
M. Determine whether encumbrances have been properly excluded from unassigned fund
balance.
N. Determine whether restrictions, commitments, assignments, or nonspendable amounts are
removed if they are no longer required or relevant.
O. Analyze changes to net position accounts for the year to determine whether they are properly
reported in the financial statements or the notes to the financial statements.
P. Evaluate whether reconciling items between the fund and the government-wide financial
statements are properly calculated and whether the reconciliations are properly presented.
6 G. Insurance and Self-Insurance
Introduction
The basic requirements for insurance and self-insurance are as follows: claims and judgments
should be reported as liabilities in government-wide and proprietary and trust fund financial
statements when the loss is probable and reasonably estimable; in governmental funds, claims
liabilities and expenditures should be reported when due and payable. If a government chooses to
report its risk-financing activities in a single fund, that fund should be a governmental fund or an
internal service fund.
Relevant Assertions
The relevant assertions of each opinion unit for insurance and self-insurance are similar to those
for expenditures or expenses and liabilities.

The auditor usually begins by inquiring about the entity's controls for administering and financing
insurance claims, including whether insurance policies are carried for excess liabilities or
particular categories of coverage. The general audit approach is a combination of analytical
procedures and tests of details. The auditor compares claims expenditures and other fund
transactions (such as employee contributions, insurance premiums, and administrative fees) to
the prior period and relates to the number of employees in the current and prior periods.
Unexpected results are investigated. The auditor reviews the method used to estimate the reserve
for claim losses with a responsible official and considers whether the estimate is adequate but not
excessive. The primary tests of details are the inspection of documents supporting claims
expenditures and confirmation (with the entity's legal counsel) of the status of claims filed. Then
the auditor normally selects all claims expenditures above a specified cutoff amount, inspects
supporting documents, and reviews for recording accuracy and conformity of the payment with
the entity's established policies for approval and payment limits.
6 H. Grant and Similar Programs

Introduction
Grants and similar programs include shared revenue, entitlements, and similar funds received
from other governments. Intergovernmental revenues are generally recognized as revenue when
all conditions or eligibility requirements have been met. Governments are required to report all
pass-through grants received that are transferred to or spent on behalf of a secondary recipient
(subrecipient). In general, cash pass-through grants are recognized as both revenue and
expenditures or expenses.
Relevant Assertions
The relevant assertions of each opinion unit for grant and similar programs are similar to those for
revenues and receivables and for expenditures and expenses and liabilities.
Substantive procedures for grant and similar programs include the following: reading minutes
and grant agreements to identify grants received and related restrictions, as well as inquiring
about applicable compliance requirements and discussing the entity's procedures for monitoring
grants; identifying financial reports required by grants and reconciling the reports to the
accounting records; comparing grant revenues and expenditures to prior-period amounts and the
current budget and investigating unusual trends or significant differences; and reviewing selected
grant receipts and expenditures charged to grant programs for proper classification and
compliance with regulations and contracts. Audit sampling generally is applicable to testing
individual grant transactions.
Audit Risk and Materiality
The auditor considers the relative audit risk and materiality associated with grants and similar
programs. The auditor inquires about the following matters:
A. The number and nature of grants or similar programs
B. The duration and amount of each grant
C. The degree of administrative involvement in grants passed through to secondary recipients
D. Whether single audit or other governmental compliance audit requirements apply
E. The compliance and reporting requirements of grants
F. The restrictions, conditions, and matching requirements of each grant
G. The methods of receiving funds for each grant
H. Whether any grants permit the allocation of indirect costs and, for each of those grants,
whether the grantor has accepted and approved an allocation plan
Reasonable Assurance
The auditor should obtain reasonable assurance that grant revenues and expenditures charged to
grants are valid and complete and (if applicable) that indirect costs are allocated properly; grants
are administered, and grant revenues and expenditures are recorded, in accordance with grant
provisions and related laws and regulations; and grant-related amounts are properly presented in
the combined financial statements, and related disclosures concerning restrictions and
compliance are adequate.
Nature and Extent of Procedures
In planning the nature and extent of audit procedures for grants and similar programs, the auditor
considers the likelihood that grant compliance requirements have been overlooked or
intentionally violated; grant funds have been overspent or misspent; illegal expenditures have
been made; grant funds have been misappropriated; indirect costs have been misallocated; or
grant charges may be disallowed as unnecessary, unreasonable, or otherwise not in accordance
with limitations and restrictions.
6 I. Chapter Summary
This chapter discussed the auditor's considerations in developing audit programs (or detailed
audit plans) for the following audit areas: cash, investments, and derivative instruments; revenues
and receivables; expenditures or expenses and liabilities; payroll and related liabilities; operating
assets, debt, and equity; insurance and self-insurance; and grant and similar programs. Relevant
assertions and an overview of audit procedures were provided for each audit area. Where
applicable, compliance requirements were also discussed.
Study Question 23
Substantive procedures for cash focus primarily on which of the following?
A Cash confirmations
B Analytical procedures
C Reliability of the entity's bank reconciliation
D Review of loan and debt agreements
Study Question 24
Which of the following is not an example of a compliance requirement for revenues of a
governmental unit?
A Eligibility requirements and/or purpose restrictions imposed

by intergovernmental grants or private donations
B Limitations on the amount of revenues received based on

budgeted amounts
C Legal limits on the ability to tax citizens
D Requirements to obtain voter approval to issue debt and

levy taxes to repay the debt
Study Question 25
Why should the auditor review the allocation of revenues to the entity's funds?
To consider whether revenues were allocated in accordance
A with the intent of the governing body and compliance
requirements
B To determine whether revenues are allocated in conformity

with GAAP
C To inquire of responsible officials about how the entity raises

revenue and to identify the major revenue sources
D To scan the accounting records for large or unusual

transactions from prior years
Study Question 26
How may compliance requirements of grants or contributions affect an entity's payroll and related
liabilities?
A They may override civil service requirements for hiring,
promoting, and terminating employees.
B They may limit the effect of federal laws and regulations

relating to overtime.
C They may override the prevailing wage rate requirement on

construction projects.
D They may limit the amount of personnel cost that can be

charged to a program.
Study Question 27
What is the auditor's primary emphasis in the audit areas of operating assets, debt, and equity?
A Operating statement accounts
B Balance sheet accounts
C Notes to the financial statements
D Tests of controls
Study Question 28
Which of the following is not a typical compliance requirement area for capital assets and
expenditures?
A The entity may be required to save money in a specific fund

to replace an asset when it is no longer in service.
B The entity may be subject to debt covenant requirements.
C The entity may be subject to certain procedures for bidding

and awarding contracts.
D Budgetary authorization is required.
Chapter 7. Special-Purpose and State Governments

This chapter discusses the unique accounting, financial reporting, and auditing characteristics of
the following types of special-purpose governmental units: school districts, hospitals and other
healthcare providers, airports, public housing authorities, financing authorities, utilities,
transportation systems, public entity risk pools, external investment pools, and colleges and
universities. It also discusses the unique accounting, financial reporting, and auditing
characteristics of Indian tribal governments and state governments. Aspects of state government
operations discussed include the following: the financial reporting entity, Medicaid, the
Supplemental Nutrition Assistance Program, unemployment compensation benefit plans,
lotteries, escheat property, state tuition programs, and multistate legal agreements.
identify unique accounting, reporting, and auditing characteristics in various special purpose
governmental units.
7 A. Introduction
Overview
This chapter builds on the auditing considerations discussed in the first six chapters of the course
by providing specific accounting and financial reporting information for special-purpose and state
governments. Special-purpose governments are legally separate entities that perform only one
activity or a few activities, such as school districts and utilities. A special-purpose government may
be a primary government, a component unit, or a stand-alone government. Stand-alone
governments include joint ventures, jointly governed organizations, and pools.
Examples of entities that may be stand-alone governments are regional airports and
regional transportation authorities.
Compliance requirements have been discussed in previous chapters of this course. The auditor
should consider applicable compliance requirements when auditing a special-purpose or state
government since additional requirements often apply.
7 B. Special-Purpose Governments
School Districts
Depending on state laws, a school district generally operates as one of the following: part of the
legal entity of the sponsoring government, a primary government, a stand-alone government, or a
legally separate entity that is a component unit of another government. School districts may have
component units of their own.
School districts are subject to legal and contractual provisions, including state-established
accounting and reporting requirements, that may affect their financial statements. For example,
many states require their school districts to use a standardized chart of accounts for their basic
financial statements and for specialized annual reports. The auditor should consider whether
noncompliance with legal and contractual requirements could have a material effect on the
Attendance Reporting
Most school districts receive financial assistance from a state government based on a measure of
school attendance. Attendance data also affect the amount of certain types of federal financial
assistance. Attendance data typically are determined at individual schools and reported on a
district-wide basis. Some states require the auditor to audit or otherwise perform procedures on
attendance data. Those engagements should be performed under the provisions of AT-C §315,
Compliance Attestation. The auditor should consider whether incorrect attendance data could
have a material effect on the financial statements of a school district.
In many cases, a school district's attendance reporting does not have a material effect
on the current year's financial statements but affects the calculation of state and
federal subsidies to the district in a future period.
Summer Payroll
Some school districts pay teachers twelve times a year for services provided during a nine-month
academic year. Payroll costs are exchange transactions that should be recognized when teachers
provide the services. As a result, school districts should accrue expenditures or expenses and
liabilities at year-end for summer salaries earned but not yet paid. Some school districts facilitate
that expenditure or expense accrual by writing the checks for summer payroll as of year-end and
holding them for later distribution. In this situation, the auditor should evaluate the internal
controls over the safeguarding and subsequent distribution of those checks, as well as the
controls over proper recording of the amounts to be paid during the summer months.
Student Activity Funds
Most school districts have petty cash or bank accounts for student-generated money. In some
cases, the money may be under the control of a school principal or an employee and not subject
to the district's budgetary or centralized accounting and purchasing controls. States have
different legal provisions for how the money in student activity funds may or must be used.
Student activity funds should be reported in a district's financial statements as, for example,
special revenue or agency funds, depending on the requirements concerning the use of the
money.
A district's student activity funds may be of concern to the auditor despite the small
amounts involved because of the opportunity for misappropriation. Many receipts are
in cash and may be handled by several individuals after the district becomes
accountable for the money but before it is deposited. Adverse publicity can result from
a loss or misuse of the money.
A district's accountability for student activity money may differ depending on state law and the
nature of the fundraising activity. For example, a school district may be accountable for gate
receipts for functions held on its campus but not accountable for receipts from an off-campus
fundraising activity until a district employee or official takes custody of the money.
Student Nutrition Programs
Most school districts participate in the U.S. Department of Agriculture (USDA) programs that
provide cash and commodities to ensure nutritious meals for eligible students. The auditor should
consider whether it is necessary to evaluate a district's compliance with the USDA regulations for
those programs as part of the financial statement audit. Revenue should be recognized when the
cash and commodities are received, provided that all eligibility requirements are met. In addition,
some states have established specific accounting and financial reporting requirements for student
nutrition programs.
Charter Schools
Many states have enacted laws that permit the creation of charter schools, which are publicly
funded, nonsectarian schools that operate free of many of the regulations, restrictions, and
mandates of traditional public schools. State laws define the entities that grant the charters
(usually local school districts or the state department of education) as well as eligible applicants
(usually governmental or nonprofit entities or one or more persons or organizations). Charter
schools are typically established under law, and they contract as separate legal entities and are
accountable for their results at the end of the contract period, which is usually three to five years
in length. Per-student state and local funds generally follow the students to a charter school.
Depending on legal and contractual provisions, a charter school may be a governmental or
nongovernmental entity, and it may be a component unit of a governmental entity. Standardized
accounting and financial reporting requirements that states have developed for public schools
may also apply to charter schools.
Hospitals and Other Healthcare Providers
Governmental hospitals and other healthcare providers generally use enterprise fund accounting
and financial reporting standards. If the entity does not meet the criteria requiring the use of
enterprise funds, it may use either governmental fund or enterprise fund accounting and financial
reporting. Often, governments do not use enterprise funds to report activities relating to the long-
term institutional care of the elderly, children, and persons with behavioral or developmental
disabilities because the activities do not meet the criteria requiring the use of enterprise funds,
and user fees are not a principal revenue source for the activities. Governmental hospitals and
other healthcare providers may have component units. In addition, they are subject to legal and
contractual provisions that may affect their financial statements.
Airports
As a general rule, governmental airports are reported in enterprise funds. If an airport does not
meet the criteria for using an enterprise fund, it may use either governmental or enterprise fund
accounting and financial reporting. Airports are subject to legal and contractual provisions that
may affect their financial statements. For example, provisions of grants from the U.S. Federal
Aviation Administration (FAA) may require that the airport's revenues and other resources be used
only for on-airport purposes and not be diverted to off-airport uses. The auditor should consider
whether it is necessary to evaluate the airport's compliance with those requirements as part of a
financial statement audit.
Passenger Facility Charges
Some airports receive revenue from passenger facility charges (PFCs), which are small-dollar
passenger fees that airports charge to help pay for capital development projects. An airport is
required to receive approval from the FAA to impose PFCs and to comply with the FAA's
requirements for the use of PFCs. Airlines collect PFCs through the ticket sales process and remit
them to the appropriate airports.
Note
Federal regulations require an audit of PFCs. The FAA's “Passenger Facility Charge
Audit Guide for Public Agencies” provides auditors with the procedures for auditing
and reporting on PFCs received and expended by airports.
Revenue Recognition of PFCs
PFCs normally are not reported as components of operating income in a proprietary fund. PFCs
are considered exchange-like transactions. Revenue recognition should be based on the
occurrence of the exchange, that is, when the passenger boards the aircraft. Therefore, the auditor
may consider evaluating whether PFCs have been properly classified and recognized in the
Public Housing Authorities
A public housing authority (PHA) provides shelter to low-income persons and typically receives
substantial capital and operating grants from the U.S. Department of Housing and Urban
Development (HUD). A PHA provides shelter by owning and managing housing developments or
by giving participants vouchers for rent subsidies that are paid directly to private landlords. Some
finance low-interest mortgages and engage in urban renewal activities. A PHA generally operates
as a department of the sponsoring government, a stand-alone government, or a legally separate
entity that is a component unit of another government. A legally separate PHA may be created by
a single sponsoring government, as a joint venture of several governments, or as an independent
regional authority. PHAs generally are reported using enterprise funds. If a PHA does not meet
the criteria that require reporting as an enterprise fund, it may use either governmental fund or
enterprise fund accounting and financial reporting.
Additional Reporting Requirements
HUD has issued Uniform Financial Reporting Standards and written guidelines that require PHAs
that own HUD-assisted housing to submit financial information electronically to HUD using a
template called the Financial Data Schedule (FDS). For those submissions, HUD requires PHAs to
prepare their basic financial statements in conformity with GAAP and to have them audited. HUD
requires PHAs to include the FDS as supplementary information that accompanies their basic
financial statements and for auditors to determine whether the information is fairly presented in
relation to the financial statements. HUD also requires PHAs to obtain an agreed-upon
procedures engagement in which the auditor compares the PHA's electronically submitted data
to the hard copies of the audit report and FDS.
The auditor should obtain an understanding of the HUD grant program requirements, as well as
other compliance requirements that affect the PHA (such as other federal housing grant
programs and/or state requirements), and consider whether it is necessary to evaluate the PHA's
compliance with those requirements as part of the financial statement audit.
HUD grant agreements include compliance requirements for the PHA. Some relate to
transactions, projects, or activities that span more than one financial reporting period,
such as construction programs, construction loans, and beneficiary loan programs.
Others require matching or involve noncash transactions, such as the use of a building
or having grant-related services provided by HUD personnel.
The auditor also may consider confirming directly with HUD the operating subsidies, program
grants, and loans and other housing development and modernization debt relating to the PHA to
determine whether receivable and revenue amounts are properly recognized and reported.
Financing Authorities
Governmental financing authorities make loans to specific types of recipients to lower the costs of
borrowing for the recipients while advancing or achieving a public purpose. Recipients of the loans
may be members of a special-interest group (such as veterans), other governmental or not-for-
profit entities (such as school districts that want to construct new facilities), or for-profit entities
(such as companies that want to finance plant expansions). Financing authorities typically issue
revenue bonds to finance their activities. They generally meet the criteria that require reporting as
an enterprise fund. If not, they may use either governmental fund or enterprise fund accounting
and financial reporting. Financing authorities are subject to various compliance requirements.
Involvement in Purchasing or Constructing Capital Assets
An authority may finance the purchase or construction of capital assets for other entities, take title
to the assets, and lease the assets to the recipients. Ownership of the assets passes to the lessees
when the bonds mature and are retired. The lease or loan payments the authority receives are
used to pay the revenue bond principal and interest and, generally, the authority's administrative
costs. Some financing authorities develop a permanent capital base that is used for making loans
and/or grants to recipients.
No Involvement in Purchasing or Constructing Capital Assets
An authority that finances capital assets may not be directly involved in either purchasing or
constructing the assets or repaying the debt. A financial institution acting as trustee usually
administers the debt service. In this situation, practice supports either reporting the debt and
related capital lease receivable in the authority's financial statements or disclosing the debt and
related capital lease in the notes to the financial statements. However, the authority should report
fees and administrative expenses in its financial statements.
Financing an Entity's Own Capital Assets
An entity may create a financing authority solely to finance its own capital assets, such as state
office buildings or university dormitories. The sponsoring entity usually creates the authority to
shield the borrowing from its own debt limits or other debt restrictions. The authority generally
issues revenue bonds, takes title to the assets and leases them to the sponsoring government,
and uses the lease payments to repay the debt principal and interest. If a legally separate entity,
the authority is a component unit of the sponsoring government. The accounting and financial
reporting depend on whether the authority is presented in the reporting entity's financial
statements as part of the primary government, including as a blended component unit or as a
discretely presented component unit.
If reported as part of the primary government's financial statements, the authority's debt
and assets should be reported as a form of the primary government's debt and assets. For
example, the leased assets would be reported as general capital assets, and the related
debt would be reported as a general long-term liability in the government-wide
statement of net position. The debt service activity of the authority would be reported as a
debt service activity of the primary government.
If the authority is a discretely presented component unit, the lease arrangement should
be treated in the same manner as any other lease agreement of a state or local
government. Related capital lease receivables and payables should not be combined with
other amounts due to or from discretely presented component units, or with capital lease
receivables and payables with organizations outside of the reporting entity.
Related-Party Transactions
When lease arrangements exist between governmental entities and public authorities, related-
party issues should be considered to determine if special reporting and disclosure requirements
are present because it is clear that the terms of the transaction have been significantly affected by
the relationship between the lessee and lessor. The classification and accounting should be
modified as necessary to recognize economic substance rather than legal form. In addition, the
nature and extent of leasing transactions with related parties should be disclosed.
Utilities
Electric, gas, water, sewer, and other utility operations often meet the criteria for the use of
enterprise funds. If not, they may use either governmental fund or enterprise fund accounting and
financial reporting. Utilities are subject to many legal, regulatory, and contractual provisions that
may affect their financial statements. Utility services often are rate regulated. In auditing a public
utility, the auditor should determine whether the services are rate-regulated and, if so, the entity's
accounting policy with regard to applying the provisions of GAAP.
Transportation Systems
A legally separate transportation system (which provides bus, subway, rail, or other services) may
be created by a single sponsoring government, as a joint venture of several governments, or as an
independent regional authority. Some transportation systems meet the criteria requiring
reporting as an enterprise fund. If not, they may use either governmental fund or enterprise fund
accounting and financial reporting. A significant accounting, financial reporting, and auditing
consideration for some transportation systems is infrastructure. Because of low rates or low
ridership, many public transportation systems receive grants and appropriations from other
governments to finance facilities, equipment, or operating expenses. These grants and
appropriations subject a system to legal and contractual provisions that may affect its financial
statements. Such grants and appropriations reported in enterprise funds generally should not be
reported as operating revenue. Rather, they are reported as nonoperating revenue or as capital
contributions (reported separately after nonoperating revenues and expenses).
For example, the U.S. Department of Transportation's Federal Transit Administration

issues circulars that contain grant management guidelines for its programs.
Public Entity Risk Pools
A public entity risk pool is a cooperative group of governmental entities that join together to
finance an exposure, liability, or risk, which may include property and liability, worker's
compensation, or employee healthcare claims. A pool may be a stand-alone entity or a
component unit of or part of a governmental entity that acts as the pool's sponsor. Public entity
risk pools are subject to legal and contractual provisions that may affect their financial
statements.
Enterprise Fund Accounting
All public entity risk pools account for their activities in an enterprise fund regardless of whether
there is a transfer or pooling of risk and regardless of whether the criteria requiring the use of
enterprise fund accounting are met.
Transfer or Pooling of Risk
Public entity risk pools in which there is some transfer or pooling (sharing) of risk have specific
requirements for recognizing certain revenues and costs, valuation of investments, and financial
statement disclosures. Some of those requirements are described below.
A. Premiums or required contributions generally are recognized as revenue over the contract
period in proportion to the amount of risk protection provided. If a portion of the premium is
specifically identified as being collected for future catastrophe losses, that amount is
recognized as revenue over the contract period and is separately identified as restricted net
position under certain conditions.
B. A liability for unpaid claims costs, including estimates of costs relating to incurred but not
reported (IBNR) claims, is accrued when insured events occur or, for claims-made policies, in
the period in which the event that triggers coverage occurs. That liability is based on the
estimated ultimate cost of settling the claims. IBNR claims should be accrued if it is probable
that a loss has been incurred and the amount can be reasonably estimated.
C. If no accrual is made for an insured event because either a loss is not probable or the amount
of the loss cannot be estimated, or if an exposure to loss exists in excess of the amount
accrued, the contingency should be disclosed if there is at least a reasonable possibility that a
loss or an additional loss may have been incurred.
D. Policy or participation contract acquisition costs (costs that vary with and are primarily related
to acquiring new and renewal contracts) are capitalized and charged to expense in proportion
to premium revenue recognized. Unamortized acquisition costs are classified as an asset.
E. Other costs (such as those relating to investment management, general administration, and
policy maintenance) are expensed as incurred.
F. Investments generally are reported at fair value, with certain exceptions. For example,
mortgage loans are reported at outstanding principal balances if acquired at par value.
G. Disclosures include, but are not limited to, a description of the risk transfer or pooling
agreement, the basis for estimating liabilities for unpaid claims, and a reconciliation of total
claims liabilities, including an analysis of changes in aggregate liabilities for claims and claim
adjustment expenses for the current and prior fiscal years.
H. Certain revenue and claims development information is presented as RSI including, but not
limited to, the amount of gross premium or required contribution revenue and reported
investment revenue for each of the past ten fiscal years, and the cumulative net amount paid
as of the end of the accident year, report year, or policy year.
No Transfer or Pooling of Risk
Public entity risk pools that do not transfer or pool risk among participants are acting as claims
servicers and not insurers. The activity statements of these pools report claims servicing revenue
and administrative costs. Amounts collected or due from pool participants and paid to settle
claims are reported as a net asset or liability on an accrual basis.
External Investment Pools
An external investment pool is an arrangement that commingles, or pools, the moneys of more
than one legally separate entity and invests in an investment portfolio on the participants' behalf.
At least one of the participants is not part of the sponsor's reporting entity. An external
investment pool sponsored by individual state or local governments or jointly by more than one
government is referred to as a governmental external investment pool. Such pools are subject to
compliance requirements that affect how they operate, including allowable investments,
investment income allocation, and distributions and reports to pool participants.
Valuation of Investments
The way a governmental external investment pool values its investments depends on whether it
meets the criteria as a qualifying pool. Generally, those that are not a qualifying external
investment pool report investments at fair value. A qualifying external investment pool may elect
to measure all of its investments at amortized cost if both of the following criteria are met: (a) the
pool transacts with its participants at stable net asset value per share, and (b) the portfolio meets
certain maturity, quality, diversification, liquidity, and shadow pricing requirements.
Financial Reporting
Separate or stand-alone annual financial reports for external investment pools include a
statement of net position and a statement of changes in net position prepared on the economic
resources measurement focus and the accrual basis of accounting. All investment income,
including changes in the fair value of investments, should be reported in the statement of
changes in net position. When the change in the fair value of investments is identified separately
as an element of investment income, it is captioned “net increase (decrease) in the fair value of
investments.”
A. Governments that sponsor one or more external investment pools (sponsoring governments)
report the external portion of each pool as a separate investment trust fund, presenting
statements of fiduciary net position and changes in fiduciary net position for each investment
trust fund and captioning the difference between pool assets, deferred outflows of resources,
and liabilities, and deferred inflows of resources as “net position amounts held in trust for
pool participants.”
Note
The external portion of a pool is the portion that belongs to legally separate
entities that are not part of the sponsoring government's financial reporting entity.
The internal portion is the portion that belongs to the primary government and its
component units and is reported as assets in those funds and component units.
B. The requirement to report each pool as a separate fund applies to the sponsoring
government's combining and individual fund financial statements, which are not part of the
government's basic financial statements. Combining and individual fund financial statements
are presented as supplementary information.
C. If an external investment pool issues a separate report, the sponsoring government must
describe in the notes to the financial statements how to obtain that report. If the pool does
not issue such a report, the sponsoring government's notes to the financial statements should
include certain disclosures such as condensed statements of net position and changes in net
position for each pool.
Colleges and Universities
Some governmental colleges and universities are part of the legal entity of a state or local
government, whereas others are primary governments, stand-alone governments, or component
units of a primary government. Governmental colleges and universities, often referred to as public
institutions, are subject to legal and contractual provisions that may affect their financial
statements. For example, compliance requirements may relate to grants, appropriations from
other governments, contributions, endowments, split-interest agreements, and debt issuances.
Financial Reporting
A public institution that is not a legally separate entity should be reported within the fund
structure of the government, of which it is a part. A public institution that is a legally separate
entity should report as a special-purpose government engaged only in business-type activities,
engaged only in governmental activities, or engaged in both governmental and business-type
activities.
A. A primary government or other entity with financial reporting oversight may require a
particular financial statement presentation for public institutions. The auditor should evaluate
whether a mandated financial statement presentation is in conformity with GAAP. A public
institution's other accounting and financial reporting policies or processes also may be
mandated by other entities.
Note
For example, a primary government may require a component unit institution to
report expenses by function (such as instruction, academic support, student
services, and so forth) rather than by natural or object classification (such as
salaries and wages, employee benefits, supplies, and utilities).
B. If a legally separate public institution reports as engaged only in business-type activities, it

presents its activities using the three financial statements required for enterprise funds: a
statement of fund net position; a statement of revenues, expenses, and changes in fund net
position; and a statement of cash flows. An institution generally is not required to present
individual enterprise funds in its financial statements.
C. If a legally separate public institution is engaged only in governmental activities or engaged in
both governmental and business-type activities, it presents both the government-wide
financial statements and the applicable fund financial statements.
Tuition and Fees
Revenues from tuition and student fees of an academic term that encompass two fiscal years—for
example, a summer session—should be recognized partly in each year by accruing the amount
earned each year.
Scholarship Discounts and Allowances
Scholarship discounts and allowances provided by the institution satisfy a student's tuition and
fees, housing, meals, books, and other goods and services. Enterprise funds report revenues net of
discounts and allowances with the discount or allowance amount parenthetically disclosed on the
face of the statement of revenues, expenses, and changes in fund net position or in a note to the
financial statements. Alternatively, revenues may be reported gross with the related discounts and
allowances reported directly beneath the revenue amount. The same reporting requirements are
applied to discounts and allowances reported for governmental activities in the government-wide
statement of activities.
Pell Grants
Pell Grants are funded by the federal government as an entitlement program and are a major
source of aid to college and university students. Institutions have administrative and direct
financial involvement with Pell grants because they determine, for example, that students are
enrolled in eligible programs and in the number of credit hours required for the level of awards,
and they are liable for disallowed costs. Institutions report Pell grants as nonoperating revenues.
Enterprise Fund Revenue and Cash Flow Classifications
Public institutions classify certain resource inflows as operating revenues, nonoperating revenues,
or capital contributions in the enterprise fund statement of revenues, expenses, and changes in
fund net position; and as cash flows from operating, noncapital financing, capital and related
financing, or investing activities in the enterprise fund statement of cash flows.
A. Public institutions receive research grants and contracts from the federal government, state
and local governments, businesses, and individuals. Cash flows from operating activities
include cash receipts from grants for specific activities that are considered to be operating
activities of a grantor government, since a grant agreement of this type is essentially the same
as a contract for services. Therefore, revenue from research grants and contracts that meet
the criterion for reporting as cash flows from operating activities also generally should be
reported as operating revenue. The auditor should understand the predominant
characteristics and substance of research grants and contracts to evaluate how management
has classified those amounts in the statement of cash flows and the statement of revenues,
expenses, and changes in fund net position.
B. Many public institutions receive appropriations from state or local governments.
Nonoperating revenues generally include revenues from appropriations between a primary
government and its component units for operating purposes or that may be used, at the
recipient's discretion, for either operating purposes or capital outlay.
Note
Institutions cannot establish a policy to include state appropriations in operating
revenues. In the statement of cash flows, appropriations are reported as cash flows
from noncapital financing activities and/or capital and related financing activities.
C. In the past, the federal government provided land to certain institutions to be used to
generate funds for these institutions in perpetuity. Those assets provide support to the
institutions through investment of money from the sale of the land or income produced by the
land through mineral or other rights. Those assets are endowments if held by the institution;
however, the assets usually are administered by a state land office or other governmental
agency. State statutes or other externally imposed restrictions often govern the use of the
income from those grants. The source of the revenues and any externally imposed restrictions
on their use should be considered in determining the proper revenue classification in
enterprise funds.
D. Many students or their parents secure loans from a source other than the institution to assist
with the cost of attending the institution. These transactions are between the students or
parents and the lender, such as the U.S. Department of Education, a state loan program, or a
financial institution. Public institutions receive funds from the lenders and then disburse funds
to students or apply amounts to the student's accounts. These third-party transactions are
not pass-through grants. No GASB standard requires institutions to report the loan amounts
received and disbursed as revenue. Institutions that report as engaged only in business-type
activities and that have an accounting policy to report undisbursed loans at year-end as
assets and liabilities in an enterprise fund statement of fund net position should report the
cash flows for these third-party loans in the enterprise fund statement of cash flows. The
GASB has not provided guidance about the appropriate category for reporting the loans as
cash flows. Some believe that reporting them as cash flows from noncapital financing
activities is appropriate, whereas other believe they should be reported as cash flows from
operating activities. Actual practice varies.
E. Public institutions often make student loans from institutional funds and earn interest on the
loans. Student loans from an institution's funds are not intended to be investments but are
undertaken to fulfill a governmental responsibility. Because such “program loans” are made
and collected as part of a governmental program and are part of the operating activities of
the governmental enterprise, the related cash flows are classified as operating activities.
Interest income on the loans is reported as operating revenue.
Note
The principal amounts of the loans made and collected are reported as balance
sheet transactions and do not affect the enterprise fund statement of revenues,
expenses, and changes in fund net position.
F. Investment income on endowment resources generally is classified as nonoperating revenues

in the enterprise fund statement of revenues, expenses, and changes in fund net position. The
change in fair value of investments may be presented separately or combined with other
investment income as a single amount. Endowments report their land and other real estate
held as investments at fair value.
G. A public institution that presents its financial statements using enterprise fund accounting
and financial reporting may also be presented in a government-wide statement of activities.
This situation occurs when a component unit institution is included in a reporting entity's
financial statements. In the statement of activities, revenues that are not presented as
contributions to term or permanent endowments, contributions to permanent fund principal,
or special or extraordinary items are presented either as program revenues or general
revenues.
H. Public institutions may have endowments. The auditor should understand the legal and
contractual provisions for endowments that could have a material effect on the financial
statements, which may involve understanding the types of endowments, the applicable state
law, how the institution manages the investment of the amounts, how the institution decides
how much of the revenue to spend currently, and the proper financial reporting of both the
earnings and net position.
1. Permanent (or true) endowments are amounts for which donors or other outside entities
have stipulated that the principal is to be maintained in perpetuity. Terms of the gift
instrument will stipulate how earnings on the endowment principle are to be used. The
net position of permanent endowments is reported as restricted and nonexpendable. Net
position resulting from earnings is reported in a component of net position based on the
stipulations in the gift instrument.
2. Term endowments are similar to permanent endowments except that, upon the passage
of a stated period of time or the occurrence of a particular event, all or a part of the
principal may be expended. Terms of the gift instrument will stipulate how earnings are to
be used. The net position of term endowments is reported as restricted and expendable.
Net position resulting from earnings is reported in a component of net position based on
the stipulations in the gift agreement.
3. Quasi-endowments are amounts that the institution's governing board, rather than a
donor or other outside entity, has determined should be managed as if they were a
permanent or term endowment. Net position should be reported as if the board had not
designated the amounts as quasi-endowments. Thus, net position is reported as
restricted and expendable or as unrestricted, depending on whether there are restrictions
on the resources used to create the quasi-endowment.
I. Public institutions often have split-interest agreements, which include charitable gift annuity
contracts, pooled life income trusts, charitable remainder unitrusts, charitable remainder
annuity trusts, and charitable lead annuity trusts. Individual agreements may contain specific
provisions on permissible investments, permissible use of funds when the split interest ends,
or other matters. Some investments may be pooled with those of endowment accounts,
unless separate investments are required. In enterprise funds, earnings on the investment of
these assets are reported as nonoperating revenues. Net position usually should be reported
as restricted and as expendable or nonexpendable based on the conditions attached to the
agreement on how the institution can use the funds when the split interest terminates.
J. If an institution presents its enterprise fund statement of revenues, expenses, and changes in
fund net position using functional classifications, GASB standards neither require it to
allocate nor prohibit it from allocating expenses for depreciation and operations and
maintenance of plant to each function. The statement of activities should present activities
accounted for in enterprise funds by different identifiable activities. Determining whether an
activity is different generally is based on the goods, services, or programs provided by an
activity.
Note
For public institutions reported in enterprise funds, the activities common to those
institutions (such as food service, bookstore, residence halls, and student unions)
generally are not required to be reported separately because they may be
considered incidental to the delivery of a common product or service—higher
education.
K. Some public institutions are required to include information about other legally separate
organizations in their financial statements, often by presentation as component units. This
requirement may apply in the case of research foundations, fundraising foundations, and
university hospitals.
7 C. Federally Recognized Indian Tribes
Governmental Entities
Federally recognized Indian tribes are sovereign entities, and the federal government considers
them to be similar to state governments. They meet the definition of governmental entities
because they have the power to enact and enforce a tax levy and have the ability to issue debt that
pays interest exempt from federal taxation directly (rather than through a state or municipal
authority). As a result, they use governmental accounting and financial reporting standards to
prepare their financial statements. Federally recognized Indian tribes usually are considered
primary or stand-alone governments and present both government-wide and fund financial
statements.
Tribal Programs
Indian tribes often operate housing programs, healthcare facilities, schools, colleges, and other
activities for the benefit of their members. The guidance for these activities discussed earlier in
this chapter applies to Indian tribes. As with state and local governmental entities, Indian tribes
often receive substantial federal awards that are subject to federal audit requirements.
Business Activities
Indian tribes also may operate significant business activities in industries such as gaming,
hospitality, recreation, real estate management and development, utilities, farming, and ranching.
In some cases, these business activities meet the criteria requiring the use of enterprise funds. If
not, the activities may be reported in either governmental or enterprise funds.
7 D. State Governments
The Financial Reporting Entity

Determining a state's financial reporting entity may be difficult because of the number, diversity,
and autonomy of state component units, the existence of financially independent agencies and
departments, and decentralized accounting systems. States also tend to be involved in more joint
ventures than are local governments.

Medicaid
Medicaid is a federal program that provides healthcare services to low-income persons. Medicaid
services may be administered by states or through local governments on behalf of the states. In
either case, healthcare providers (such as hospitals, physicians, dentists, nursing facilities, and
pharmacies) are required to follow guidelines established by the state in accordance with federal
guidelines.
Cost Sharing
The costs of Medicaid services are shared between the federal government and states and, in
some cases, local governments. Such cost-sharing (or matching) varies by state and the type of
service rendered. State or local governments also share in the costs of the program
administration. The auditor may need to become familiar with the types of services provided and
the cost-sharing arrangements and to evaluate whether the shares have been properly allocated
among the funding levels of government. The auditor also should consider whether it is necessary
to evaluate the state's compliance with other Medicaid requirements, such as recipient eligibility,
as part of the financial statement audit.
Revenue and Expense Recognition
Governments that administer the program should recognize revenue and expenditures or
expenses from Medicaid in the same way that they recognize revenue and expenses from other
sources. In many cases, the state will have to estimate IBNR (incurred but not reported) amounts
for amounts payable to providers. If the amounts are material or a significant risk area, the auditor
should evaluate the relevant assertions and may consider whether such payables (or receivables
estimated for overpayments to providers) and related expenditures or expenses and revenues are
properly estimated and recorded at year-end, including whether revenue recognition in
governmental funds considers the “availability” criterion.
Supplemental Nutrition Assistance Program

The Supplemental Nutrition Assistance Program (SNAP), also known as food stamps, is a federal
program that helps low-income persons buy food and certain necessary household items. States
recognize SNAP benefits as revenue and expenditures in the general fund or a special revenue
fund, regardless of whether the state distributes the benefits directly or through agents when the
benefits are distributed to the individual recipients. SNAP balances held by the state or its agents
at the date of the financial statements are reported as an asset offset by a liability. Revenue,
expenditures, and balances are measured based on face value. In the government-wide financial
statements, SNAP-related balances and transactions are measured using the economic resources
measurement focus and the accrual basis of accounting. The auditor may consider physical
controls over debit cards when assessing the risk of material misstatement. The auditor may
consider whether SNAP balances and transactions are properly reported in the financial
statements, as well as whether it is necessary to evaluate the state's compliance with federal
program requirements as part of the financial statement audit.
Unemployment Compensation Benefit Plans
Unemployment compensation is a federal-state partnership program providing payments to
eligible unemployed workers that is funded principally by “experience-rated” federal and state
taxes on employers. Unemployment compensation benefit plans are required to be reported as
enterprise funds because the employer taxes are considered exchange-like or insurance
transactions. Administrative costs related to a state's unemployment compensation program
should be included in the general fund unless legal provisions require them to be reported in
another fund; these costs should not be reported in the unemployment compensation enterprise
fund.
A significant accounting and financial reporting consideration for unemployment

compensation plans is the calculation of the benefit liability and disclosure of
additional contingencies. The auditor also should consider whether it is necessary to
evaluate the state's compliance with the federal government's program requirements
as part of the financial statement audit.
Lotteries
Most states conduct lotteries individually or through a multi-state arrangement or both. Lottery
activities may be part of the state's legal entity or a legally separate entity that may be a
component unit of the state. Lottery activities generally meet the criteria requiring the use of
enterprise funds. If not, they may be reported using either governmental fund or enterprise fund
accounting and financial reporting. The auditor may consider whether the financial statement
amounts for lottery activities are properly measured and reported. The auditor also may consider
whether it is necessary to evaluate the state's compliance with legal and contractual provisions
that affect the financial statements, such as legal provisions relating to the use of lottery
revenues. Although a legally separate state lottery qualifies as a component unit, it does not meet
the criteria for blending because the lottery operation does not exclusively or almost exclusively
benefit the primary government. Rather, the primary financial gain accrues to the winners.
Prize Costs
Lottery prize costs normally are accrued based on a percentage of ticket sales revenue. For
example, if a lottery game is designed to pay out 40 percent of ticket sales as prizes, prize costs of
40 percent should be accrued for each dollar of revenue recognized for ticket sales. Accounting
and financial reporting considerations may arise relating to prizes won and claimed but not yet
paid, prizes won but not yet claimed, and games-in-progress at year-end.
Method of Prize Payment
Prize winners generally can choose to have large prizes paid to them currently at present value in
a lump sum or over a period of years at future values. If the periodic payment option is used, the
state may finance the prize liability, for example, by purchasing an annuity from an insurance
company or U.S. Treasury securities matched in timing and amount to the future payments. If a
purchased annuity is in the name of the prize winner, the state should not recognize a liability or
asset because it has discharged the primary liability. However, the state may be required to
disclose a contingent liability. If the state does not purchase an annuity in the name of the prize
winner, any assets specifically identified to pay the liability and the present value of the liability
should be included in the state's financial statements.
Prizes Won but Not yet Claimed
The prize liability should be measured using present value. The liability should include lottery
prizes that have been won but not yet claimed, as well as anticipated prizes for games-in-
progress at year-end. In addition, a gain contingency should be considered for prizes that will be
forfeited because the winners will not claim them within the required time frame. State statutes
may restrict the use of forfeited prizes to future lottery games or other specific purposes.
Receivables
Lottery tickets are generally sold in stores and other designated locations through both online
computer access to the state lottery agency and “instant” games that use paper tickets. The state
should estimate the amounts receivable from sales locations for lottery tickets, adjusted for an
allowance for uncollectible receivables. The auditor should evaluate the reasonableness of the
estimate.
Use of Revenues
State law often requires a certain percentage of lottery sales revenues to be used for particular
programs, such as elementary and secondary education. Such sales revenues should be reported
as program revenues of the lottery function, not of the function that the revenues support.
Escheat Property
Escheat property is property that eventually reverts to a government, usually a state, because
legal claimants or heirs have not been identified. Many state laws provide that a rightful owner or
heir can reclaim escheat property or its value into perpetuity. Because large portions of escheat
property are never reclaimed, most states use some of that property to finance operations.
Financial Reporting
Escheat property generally should be reported as an asset in the governmental or proprietary
fund to which the property ultimately escheats. Escheat property held for individuals, private
organizations, or another government should be reported in a private-purpose trust fund or in an
agency fund, as appropriate, or in the governmental or proprietary fund in which escheat property
is otherwise reported, with a corresponding liability. If reported in a governmental or proprietary
fund, escheat revenue should be reduced, and a fund liability reported to the extent that it is
probable that the escheat property will be reclaimed and paid to claimants.
Note
The liability should represent the best estimate of the amount ultimately expected to
be reclaimed and paid, considering previous and current trends in amounts reclaimed
and paid relative to amounts escheated, and anticipated changes in those trends.
Payments to claimants reduce the liability.
Measurement Focus and Basis of Accounting
In the government-wide financial statements, escheat-related balances and transactions are

measured using the economic resources measurement focus and the accrual basis of accounting.
Such balances and transactions reported in private-purpose trust or agency funds are not
reported in the government-wide statements.
Audit Considerations
The auditor should consider determining whether the entity has established accounting policies
for escheat property, including noncash property, and applied them consistently. The auditor also
may consider evaluating the entity's support for its measure of the amounts payable to claimants.
State Tuition Programs
States administer Qualified State Tuition Programs (QSTPs), which permit participants to pay
currently for or to save money toward future college costs in tax-advantaged programs governed
by the Internal Revenue Code.
Types of Programs
QSTPs generally fall into one of the following two categories:
A. In a prepaid tuition plan, participants pay for years or units of education at current tuition
rates and receive those years or units of education in the future even though tuition rates will
have increased.
B. In a savings plan, participants save money in a special account that offers a variable rate of
return and may guarantee a minimum rate of return.
Although the Internal Revenue Code contains some basic requirements, each state-sponsored
program varies, and each state controls how contributions are to be invested. The auditor should
consider the need to evaluate a state's compliance with legal and contractual provisions
governing these programs. The fund type used to report a QSTP depends on the facts and
circumstances of a particular program. However, the auditor should consider whether the state
has reported an estimated liability for future payments to or on behalf of plan participants that is
appropriate to the financial statements in which the program is reported.
Multistate Legal Settlements
States sometimes have common litigation against certain parties and settle that litigation jointly,
often leading to large amounts of payments to be received over several years. A typical example of
this situation is the Master Settlement Agreement between the states (settling governments) and
tobacco companies that releases participating tobacco companies from present and future
smoking-related claims by the states in exchange for perpetual annual payments to the settling
governments.
Tobacco Settlement Authorities
Some settling governments have created legally separate entities, referred to as Tobacco
Settlement Authorities (TSAs), to issue tobacco settlement revenue debt that is backed by the
rights to all or a portion of the future tobacco settlement resources (TSRs). A TSA generally
should be reported as a blended component unit of the settling government that created it.
Certain conditions may exist that would result in other reporting, such as presentation as a
discretely presented component unit. The auditor should consider evaluating whether
management's conclusions about how to report a TSA are appropriate.
Asset and Revenue Recognition
TSRs are exchange transactions; therefore, settling governments and TSAs recognize assets and
revenue for TSRs based on the domestic sales of cigarettes. Because annual TSR payments are
based on cigarette sales from the preceding calendar year, governments estimate accrued TSRs
that derive from sales from January 1 to their respective fiscal year-ends. Under the modified
accrual basis of accounting, revenue is recognized to the extent that the event occurs and
resources become available.
Audit Considerations
Although the Master Settlement Agreement imposed no binding restrictions on the use of the
TSRs, many states have enacted budgetary or other legislation providing for specific uses for the
payments. The auditor should consider evaluating whether the resources have been spent for the
specified purposes and whether the legislation should result in the reporting of restrictions of the
resulting net position (or fund balances) or commitments of fund balance (or, in governmental
funds, of fund balance designations). In addition, the auditor also should consider evaluating the
settling government's estimate of accrued revenue that derives from cigarette sales from January
1 to its fiscal year-end.
7 E. Chapter Summary
This chapter discussed the unique accounting, financial reporting, and auditing characteristics of
the following types of special-purpose governmental units: school districts, hospitals and other
healthcare providers, airports, public housing authorities, financing authorities, utilities,
transportation systems, public entity risk pools, external investment pools, and colleges and
universities. It also discussed the unique accounting, financial reporting, and auditing
characteristics of Indian tribal governments and state governments. Aspects of state government
operations discussed included the following: the financial reporting entity, Medicaid, the
Supplemental Nutrition Assistance Program, unemployment compensation benefit plans,
lotteries, escheat property, state tuition programs, and multistate legal agreements.
Study Question 29
What is the potential importance of student attendance data on the audit of a school district?
A Most school districts receive financial assistance from a

state government based on a measure of attendance.
B All states require the auditor to audit or otherwise perform

procedures on attendance data.
A school district's reporting of attendance data has a
C material effect on the current year's financial statements in
the majority of audits.
D Incorrect reporting of attendance data can cause the state
to discontinue funding to an individual school within a
district.
Study Question 30
Why may an auditor consider confirming directly with the U.S. Department of Housing and Urban
Development (HUD) the operating subsidies, program grants, and loans and other debt relating
to a public housing authority?
A To develop substantive analytical procedures for receivables

and revenues
B To avoid considering the entity's revenue recognition as a

fraud risk
C To determine whether matching requirements were met
D To determine whether receivables and revenues are properly

recognized and reported
Study Question 31
Which of the following statements is true regarding public entity risk pools?
A Public entity risk pool accounting depends on whether there

is a transfer or pooling of interest.
Public entity risk pool accounting depends on whether the
B criteria requiring the use of enterprise fund accounting are
met.
C All public entity risk pools account for their activities in an

enterprise fund.
D All public entity risk pools account for their activities in a

special revenue fund.
Study Question 32
Which of the following is generally not an auditor consideration for the Supplemental Nutrition
Assistance Program (SNAP)?
A Physical controls over debit cards
B The number of ineligible recipients of debit cards
C Whether SNAP balances and transactions are properly

reported in the financial statements
D Whether it is necessary to evaluate the state's compliance

with SNAP program requirements
Chapter 8. Defined Benefit Pension Plans

This chapter addresses accounting and auditing considerations for governmental defined benefit
pension plan financial statements. It also addresses accounting and auditing considerations for
employers participating in defined benefit pension plans, as well as considerations for
governments whose employees are provided with pensions not administered through a qualifying
trust.
identify unique accounting, reporting, and auditing characteristics for defined benefit pension
plans.
8 A. Introduction
Overview
This chapter addresses topics related to accounting, financial reporting, and auditing
considerations for governmental defined benefit pension plans and participating governmental
employers in those plans. This chapter is based on the requirements in GASB Statement No. 67,
Financial Reporting for Pension Plans—an amendment of GASB Statement No. 25, as amended;
No. 68, Accounting and Financial Reporting for Pensions—an amendment of GASB Statement
No. 27, as amended; No. 73, Accounting and Financial Reporting for Pensions and Related Assets
That Are Not within the Scope of GASB Statement 68; and No. 82, Pension Issues—an
amendment of GASB Statements No. 67, No. 68, and No. 73. Because the pension-related
elements for employers depend on information maintained by the plan, significant interaction
among the plans, participating employers, and related auditors is necessary to corroborate the
pension amounts in employer financial statements.
Public Employee Retirement Systems

Governments establish plans to provide postemployment benefits. A common approach is to use
a public employee retirement system (PERS). A PERS is a special-purpose government that
administers one or more defined benefit pension plans and sometimes other types of employee
benefit plans, such as defined contribution, deferred compensation, and other postemployment
benefit plans.
Qualifying Trusts
This chapter focuses on pension plans that are administered through qualifying trusts or
equivalent arrangements. A qualifying trust or equivalent arrangement is one in which all the
following conditions are met:
A. Contributions from employers and nonemployer contributing entities to the pension plan and
earnings on those contributions are irrevocable.
B. Pension plan assets are dedicated to providing pensions to plan members in accordance with
the benefit terms.
C. Pension plan assets are legally protected from the creditors of employers, nonemployer
contributing entities, and the pension plan administrator. If the plan is a defined benefit
pension plan, plan assets also are legally protected from creditors of the plan members.
The Employee Retirement Income Security Act (ERISA) does not apply to most governmental
entities. Instead, state and local laws and regulations that govern the operation of a pension plan
may affect allowable investments, investment income allocation, funding requirements, member
eligibility and vesting, and payments to plan members and beneficiaries.
8 B. Types of Defined Benefit Pension Plans
Defined benefit pensions are pensions for which the income or other benefits that the plan
member will receive at or after separation from employment are defined by the benefit terms. The
pensions may be stated as a specified dollar amount or as an amount that is calculated based on
one or more factors such as age, years of service, and compensation. Pensions include retirement
income and, if provided through a pension plan, postemployment benefits other than retirement
income (such as death benefits, life insurance, and disability benefits). Pensions do not include
postemployment health care and termination benefits.

Classifications
Defined benefit pension plans are classified according to: (a) the number of employers whose
employees are provided with pensions through the pension plan, and (b) whether pension
obligations and pension plan assets are shared. For purposes of this classification, a primary
government and its component units are considered to be one employer. As a result, plans are
classified in one of the following categories:
A. Single-employer pension benefits are provided to the employees of only one employer.
B. Cost-sharing multiple-employer (cost-sharing) pension obligations to the employees of more
than one employer are pooled and pension plan assets can be used to pay the benefits of the
employees of any employer that provides pensions through the pension plan.
C. Agent multiple-employer (agent) pension plan assets are pooled for investment purposes, but
separate accounts are maintained for each individual employer so that each employer's share
of the pooled assets is legally available to pay the benefits of only its employees.
Note
Defined benefit pension plans can be offered through insured plans whereby premiums
are paid to an insurance company while employees are in active service, in return for
which the insurance company unconditionally undertakes an obligation to pay the
pensions as defined in the pension plan terms. Defined benefit pension plans other
than insured plans are classified according to the number of employers whose
employees are provided with pensions through the plan.
Number of Plans
A separate defined benefit pension plan should be reported for a portion of the total assets, even
if the assets are pooled with other assets for investment purposes, if that portion of assets meets
both of the following criteria:
A. The portion of assets is accumulated solely for the payment of benefits to certain classes or
groups of plan members or to plan members who are active or inactive employees of certain
entities (such as state government employees).
B. The portion of assets may not legally be used to pay benefits to other classes or groups of
plan members or other entities' plan members (such as local government employees).
Census Data
The measurement of certain financial statement elements of defined benefit pension plan
financial statements (total pension liability, contributions, contributions receivable, and benefit
payments) depends on plan members' demographic data, which is referred to as census data.
Similarly, certain financial statement elements of employers that participate in defined benefit
pension plans (net pension liability, deferred outflows of resources, deferred inflows of resources,
and pension expense) depend on members' census data. As a result, the relevance of census data
to the measurement of certain financial statement elements depends on the basis upon which
those financial statement elements are calculated. The relevance of census data also depends on
the type of plan (single-employer, cost-sharing, or agent), because accounting and disclosures
differ.
8 C. Plan Accounting and Financial

Reporting
General Recognition Standards

The financial statements of a defined benefit pension plan should include the following:
A. A statement of fiduciary net position, which includes information about assets, deferred
outflows of resources, liabilities, deferred inflows of resources, and fiduciary net position (as
applicable) as of the end of the pension plan's reporting period.
B. A statement of changes in fiduciary net position, which includes information about the
additions to, deductions from, and net increase (or decrease) in fiduciary net position for the
pension plan's reporting period.
Combining Statements
A PERS that administers more than one defined benefit plan (pension benefits, postemployment
benefits other than pensions, or both) that is administered through a qualifying trust is required to
present combining financial statements for all plans administered by the system and, if
applicable, required schedules for each plan. A PERS should satisfy this requirement by
presenting: (a) a separate column for each plan administered on the statement of fiduciary net
position and the statement of changes in fiduciary net position, or (b) combining statements for
those plans as part of the basic financial statements.
If a pension plan is not administered through a qualifying trust, any assets

accumulated for pension purposes should continue to be reported as assets of the
employer or nonemployer contributing entity. When a government holds assets in a
fiduciary capacity (such as for other governments that are not included in the reporting
entity), those assets should exclude amounts that pertain to the employer or
nonemployer contributing entity that reports the agency fund.
Statement of Fiduciary Net Position

Pension plan assets should be subdivided into: (a) the major categories of assets held (for
example, cash and cash equivalents, receivables, investments, and assets used in pension plan
operations), and (b) the principal components of the receivables and investments categories.
Receivables are generally short term and consist of contributions due at the end of the reporting
period. Purchases and sales of investments are recorded on a trade-date basis. Liabilities
generally consist of benefits due to plan members and accrued investment and administrative
expenses. Assets, plus deferred outflows of resources, less liabilities, less deferred inflows of
resources at the end of the pension plan's reporting period are reported as net position restricted
for pensions.
Statement of Changes in Fiduciary Net Position

The additions section of the statement of changes in fiduciary net position separately displays
contributions from employers, contributions from nonemployer contributing entities, contributions
from plan members, and net investment income, including separate display of investment income
and investment expense. The additions section includes contributions received directly by the plan
from any nonemployer contributing entity, regardless of whether in a special funding situation.
Investment income includes the net increase (decrease) in the fair value of pension plan
investments and interest income, dividend income, and any other income. The net increase
(decrease) in fair value of investments includes realized gains and losses on investments that were
both bought and sold during the period. The deductions section of the statement should
separately display benefit payments, including refunds of plan member contributions, and
administrative expenses.
Note Disclosures and Required Supplementary Information
Note disclosures in the financial statements applicable to all plans, regardless of type, include
plan description, pension plan investments, receivables, allocated insurance contracts, reserves,
and deferred retirement option program balances. The plan includes other applicable disclosures
required by other GASB standards as well as required supplementary information (RSI), such as
management's discussion and analysis.
Single-Employer and Cost-Sharing Plans
Required disclosures for single-employer and cost-sharing plans include the following:
Components of net pension liability, including total pension liability, plan's fiduciary net
position, net pension liability, and plan's fiduciary net position as a percentage of the total
pension liability
Significant assumptions used to measure total pension liability, including inflation, salary
changes, discount rate, and mortality
Date of actuarial valuation on which the total pension liability is based
Agent Plans
Agent plans have no specific note disclosure requirements or RSI related to pension liabilities or
actuarial information. They are required to disclose as RSI a 10-year schedule of the annual
money-weighted rate of return on pension plan investments.
Net Pension Liability in Single-Employer and Cost-Sharing Plans
The net pension liability equals the total pension liability for the pension plan, less the fiduciary
net position of the plan. Total pension liability is the actuarial present value of projected benefit
payments attributed to past employee service. Fiduciary net position is determined using the
same valuation methods that are used for the plan's financial reporting. Determining the total
pension liability is a three-step process: (1) project future payments, (2) discount projected future
benefit payments to present value, and (3) attribute present value of projected future benefits to
past and future periods.
Timing and Frequency of Actuarial Valuations
The total pension liability should be determined by: (a) an actuarial valuation as of the pension
plan's most recent fiscal year-end, or (b) the use of update procedures to roll forward to the
pension plan's most recent fiscal year-end amounts from an actuarial valuation as of no more
than 24 months earlier than the pension plan's most recent fiscal year-end. For financial reporting
purposes, an actuarial valuation of the total pension liability should be performed at least
biennially. The GASB encourages more frequent actuarial valuations.
Projection of Benefit Payments
Projected benefit payments include all benefits to be provided to current active and inactive
members through the pension plan in accordance with the benefit terms and any additional legal
agreements to provide benefits that are in force at the pension plan's fiscal year-end. In addition,
projected benefit payments should include the effects of the following:
Projected ad hoc postemployment benefit changes, including ad hoc cost-of-living
adjustments (ad hoc COLAs), to the extent they are considered to be substantively
automatic
Projected salary changes (in circumstances in which the pension formula incorporates
future compensation levels)
Projected service credits (both in determining a member's probable eligibility for benefits
and in projecting benefit payments in circumstances in which the pension formula
incorporates years of service)
Discounting Projected Future Benefits
The discount rate is the single rate of return that, when applied to all projected benefit payments,
results in an actuarial present value of projected benefit payments equal to the total of the
actuarial present values. A single blended rate should be based on the following:
A. The long-term expected rate of return on pension plan investments that are expected to be
used to finance the payment of benefits, to the extent that plan fiduciary net position is
projected to be sufficient to make projected benefit payments, and plan assets are expected
to be invested using a strategy to achieve that return; and
B. A yield or index rate for 20-year, tax-exempt general obligation municipal bonds with an
average rating of AA/Aa or higher (or equivalent quality on another rating scale), to the extent
that the conditions in (A) are met.
Attributing Actuarial Present Value of Projected Benefit Payments to Periods
Attribution of the present value of projected future benefit payments to specific periods is based
on the entry age actuarial cost method.
8 D. Auditing Considerations for the

Pension Plan
Determining the strategy for the audit of the pension plan requires the auditor to understand the
type of plan (single-employer, cost-sharing, or agent plan), whether there are multiple plans in a
system, and what activities the various parties perform. Example activities include investing and
holding plan assets, maintaining records, determining pension liabilities, receiving contributions,
and disbursing benefits. The auditor also should understand key provisions of the plan document,
such as eligibility, contributions, vesting, and benefit payments.
Plan Investments and Related Income

Considerations specific to plan investments may include obtaining an understanding of
investment policies, investment management arrangements, valuation techniques, and the
relevant investment activities performed by plan management, trustee or other asset custodian,
and investment managers. In governmental plans, investment provisions are often dictated by
state statutes rather than a plan document.
Relevant Assertions
The relevant assertions for plan investments and investment income include the following:
A. Investments and investment transactions are initiated in accordance with the established
investment policies and comply with plan provisions, laws, and regulations.
B. All investments are recorded and exist.
C. All investments are owned by the plan and are free of liens, pledges, and other security
interests; if not free from security interest, the interest is identified and properly disclosed.
D. All investments are properly valued as of the plan's fiscal year-end.
E. All investment income, including net appreciation or depreciation, is accurately reported.
F. Investment disclosures, including the money-weighted rate of return on plan investment, are
complete and accurate.
Substantive Audit Procedures
General audit procedures for investments and investment income are provided in an earlier
chapter of this course and are applicable to pension plans.
Contributions and Contributions Receivable
Considerations specific to contributions may include obtaining an understanding of the types of
contributions legally required to be remitted to the plan and the eligibility requirements, if
applicable. In governmental plans, contribution provisions often are dictated by state statutes
rather than a plan document.
Relevant Assertions
The relevant assertions for contributions and contributions receivable are as follows:
A. Amounts received or due the plan for employer (including those from a nonemployer
contributing entity) and member contributions have been appropriately calculated, recorded,
and disclosed in the financial statements in the proper period, in accordance with the plan
provisions.
B. Amounts received or due the plan consist only of contributions pursuant to legal
requirements and are recognized in full in the period the receivable arises.
C. Receivables arising from installment contracts are properly recorded in full in the period the
receivable arises. If the receivable is recognized at its discounted present value, interest is
properly accrued using the effective interest method.
D. Appropriate allowance has been made for uncollectible contributions receivable, if applicable.
Additional Considerations for Cost-Sharing Plans

E. Member census data—including payroll information, used in determining employer and
member contributions—is complete and accurate.
F. Receivables due from withdrawing employers in a cost-sharing plan have been accurately
calculated and reported in the proper period.
Additional Considerations for Agent Plans
G. Employer (including nonemployer contributing entity) and member contributions are
recorded in the appropriate employer's separate account.

The following are examples of substantive procedures for auditing contributions and reconciling
to the general ledger for the plan:
A. Obtain a subsidiary ledger (schedule) for contributions and reconcile to the plan's general
ledger.
B. Perform substantive analytical procedures on contributions disaggregated by type of
contribution (such as employers, nonemployer contributing entity, and members), and by
individual employer.
C. Confirm employer and member contributions with the employer.
D. Confirm nonemployer contributing entity contributions with the nonemployer contributing
entity, if applicable.
E. Select a sample of employer (and nonemployer contributing entity) and member
contributions and recalculate the contributions based on the required contribution rate or
amount and trace to cash received.
F. Review criteria used by the plan in accruing employer, nonemployer contributing entity, and
member contributions receivable and determine if all legally enforceable accruals have been
recorded.
G. Evaluate whether accruals for long-term receivables are in accordance with the installment
contract. If the receivable is recognized at discounted present value, determine that interest
was accrued using the effective interest method, unless use of the straight-line method would
not produce significantly different results.
H. Trace the subsequent receipt of contributions receivable to supporting documentation.
I. Evaluate the reasonableness of the plan's allowance for estimated uncollectible amounts, if
applicable, based on testing collections subsequent to the date of the financial statements,
and review the status of unpaid amounts.
Additional Considerations for Single-Employer Plans

J. In lieu of confirming contributions with the employer, consider tracing employer and member
contributions to the employer's payroll records.
Additional Considerations for Cost-Sharing Plans
K. Obtain a list of participating employers and test its completeness by examining appropriate
plan records; for example, a record of contributing employers, pensionable wages, and
delinquency records could be obtained from the plan administrator.
L. Obtain a schedule of contributions received or receivable and agree with the contributors to
the list of participating employers for completeness.
M. If contributions are based on actuarially determined amounts, test the census data at
employer locations.
N. For employers who have withdrawn from the plan, recalculate the termination receivable
based on the plan provisions or employer contract.
O. Confirm census data directly with employers not selected for testing in accordance with item
(M).
Additional Considerations for Agent Plans
P. Select a sample to test whether contributions by individual employers have been credited to
the appropriate employer's separate account in accordance with the plan document.
Q. Select a sample to test whether contributions from the nonemployer contributing entity, if
applicable, have been credited to the appropriate employer's separate account.
Benefit Payments and Benefits Payable
Considerations specific to benefit payments and benefits payable may include obtaining an
understanding of the types of benefits offered by the plan, the eligibility requirements, and the
methods of calculating the benefits. A governmental plan's benefit provisions may be dictated by
state statutes.
Relevant Assertions
The relevant assertions related to benefit payments and benefits payable include the following:
A. Benefit payments have been calculated and paid in accordance with plan provisions and
related documents.
B. Benefit payments are made only to persons entitled to them (that is, payments are not being
made to deceased beneficiaries or persons other than eligible members and beneficiaries).
C. Unpaid benefits due under the plan are recorded as liabilities, and benefits payable are valid
liabilities of the plan.
D. Amounts have been accurately calculated, recorded, and disclosed in the financial statements
in the proper period.
E. Member census data—including payroll and personnel records, used in determining benefit
payments—is complete and accurate.
F. For agent plans, benefit payments to members have been made from the appropriate
employer's separate account.
The following are examples of substantive procedures for auditing benefit payments and benefits
payable:
A. Obtain a subsidiary ledger (schedule) of all benefit payments (such as benefits paid to
members and purchase of allocated annuity contracts) by type made to plan members for the
current plan year and reconcile to the general ledger of the plan.
B. Perform substantive analytical procedures on benefit payments disaggregated by type, such
as recurring (annuity) payments, lump-sum payments, and death and disability payments.
The plan provisions and census data may provide a basis for developing expectations.
C. For agent plans, select a sample of benefit payments to test whether the benefit payment has
been recorded as a disbursement from the appropriate employer's account.
Additional procedures should be performed on recurring (annuity) payments; lump-sum
payments (distributions); death, disability, and related benefits; and disbursements by a third
party.
Investment and Administrative Expenses and Related Liabilities
Relevant Assertions
The relevant assertions for investment and administrative expenses and related liabilities include
the following:
A. Investment management and performance fees and administrative expenses have been
accurately calculated and reported in the financial statements in the proper period.
B. Reported liabilities represent amounts unpaid and due as of the fiscal year-end.
C. Amounts payable are valid liabilities of the plan.
Earlier in this course, we provided auditing considerations related to expenses and liabilities. The
following are examples of substantive procedures for auditing investment and administrative
expenses and related liabilities:
A. Perform substantive analytical procedures on recurring types of administrative procedures.
B. Select a sample of investment managers and recalculate the (base) investment management
fee and the performance (incentive) fee based on the investment agreement. Determine
whether the appropriate amount was accrued as of year-end.
C. Evaluate whether investment and administrative expenses are properly classified in the
statement of changes in fiduciary net position.
All investment-related costs should be reported as investment expense if they are

separate from: (a) investment income, and (b) the administrative expenses of the plan.
Investment-related costs include management and custodial fees and all other
significant investment-related costs, such as the allocable share of salary and fringe
benefits for employees who spend a significant portion of time on tasks related to
investments.
Total Pension Liability, Net Pension Liability, and Related Disclosures
for Single-Employer and Cost-Sharing Plans
Considerations specific to total pension liability, net pension liability, and related disclosures may
include obtaining an understanding of the actuary's objectives, scope of work, methods and
assumptions, and consistency of application.
Relevant Assertions
The relevant assertions related to the total pension liability, net pension liability, and related
disclosures for single-employer and cost-sharing plans include the following:
A. Member census data used in calculating the actuarially computed total pension liability are
B. Actuarial assumptions in computing the total pension liability are in accordance with GAAP
requirements and the Actuarial Standards of Practice issued by the Actuarial Standards
Board.
C. The total pension liability, fiduciary net position, and net pension liability have been properly
calculated and disclosed in accordance with GAAP requirements.
The following are examples of substantive procedures for auditing total pension liability, net
pension liability, and related disclosures for single-employer and cost-sharing plans:
A. Obtain the actuarial valuation report used to measure the total pension liability as of the
plan's fiscal year-end.
B. Evaluate the professional qualifications of the actuary, including his or her competence,
capabilities, and objectivity.
C. Inquire about the nature of any interests or relationships the actuary may have with the plan
or employer(s) that may create threats to the actuary's objectivity (such as financial interests,
business or personal relationships, or the provision of other services) and any applicable
safeguards.
D. Read the actuarial certification for potential exclusions from the scope of the actuary's work or
for qualifications on the actuary's certification relating to actuarial methods, actuarial
assumptions, or census data.
E. Inquire of management and the actuary about whether the actuarial valuation considers all
pertinent provisions of the plan, including any changes or amendments to the plan or other
events affecting the actuarial calculations that are effective as of the plan's fiscal year-end.
F. Determine whether the actuarial valuation was performed as of a date within 24 months of
the plan's fiscal year-end.
G. Evaluate whether the methods and assumptions used in determining the total pension
liability and actuarially determined contributions information are in accordance with GAAP
and Actuarial Standards of Practice.
H. If the actuarial valuation was performed as of a date prior to the plan's fiscal year-end, review
the appropriateness of the update procedures to roll forward the total pension liability to the
plan's fiscal year-end and determine whether all significant known events have been properly
included.
I. Test the reliability and completeness of the member census data used.
J. Evaluate the propriety of the long-term expected rate of return used in calculating the
discount rate.
K. Evaluate whether the discount rate is reasonable and is a single rate in accordance with
GAAP.
L. Verify whether the fiduciary net position used in calculating the net pension liability is the
same as the fiduciary net position reported in the plan's statement of fiduciary net position.
M. Recompute the calculation for the net pension liability, which is the total pension liability less
the plan fiduciary net position as of the plan's fiscal year-end.
Census Data
Considerations specific to census data may include obtaining an understanding of the following:
A. Assumptions used by the actuary in changing census data, if applicable
B. The plan's processes and controls used by management to accurately and completely
maintain records for significant elements of census data for all plan members (active, inactive
members entitled to but not yet receiving benefits, and inactive currently receiving benefits)
C. The plan's processes and controls used by the plan's management to accumulate census data
reported by the employers, including enrollment, status changes, and employer (payroll)
transmission reports
D. For the employer in a single-employer plan or the employers selected to test in a cost-sharing
plan, the employers' processes for enrolling new employees and reporting status changes to
the plan, and the employers' payroll accounting systems and systems of reporting information
included in the employer (payroll) transmission reports submitted to the plan
Substantive Audit Procedures for Single-Employer and Cost-Sharing Plans
Procedures at Employer Locations
The following are procedures that may be performed at the employer locations to test the
underlying payroll and personnel records:
A. Identify the payroll registers and payroll cycles for all reporting units of the government.
B. Obtain the population of employer (payroll) transmission reports submitted to the plan since
the previous valuation and: (1) evaluate whether the population of reports received is
complete, and (2) select a sample of reports to verify the mathematical accuracy of reports
and whether the correct contribution rates were used.
C. Obtain a list of new employees hired during the period from the prior valuation to the current
valuation from the employer and: (1) select a sample to determine whether eligible new
employees were appropriately enrolled in the plan and properly included in the employer
(payroll) transmission reports, and (2) for each employee selected, verify the significant
elements of census data reported to the plan upon enrollment to the payroll and personnel
records (for example, name, Social Security number, date of birth, gender, date of hire, marital
status, and position or job code).
D. Obtain a list of status changes reported to the plan during the period from the prior valuation
to the current valuation (other than those reported through the employer [payroll]
transmission reports) and select a sample to determine whether they were appropriate based
on the relevant plan criteria and underlying payroll and personnel records.
E. Select a sample of active members and: (1) agree details included in the applicable employer
(payroll) transmission report to the payroll register, or vice versa, and agree the underlying
information to the payroll and personnel records, (2) evaluate whether the selected employee
is eligible to participate in the plan based on the eligibility criteria included in the plan
document (state statutes), and (3) recalculate service credits.
Procedures at the Plan

The following are procedures that may be performed at the plan level related to the accumulation
of information reported by the employer(s) and the completeness and accuracy of the census data
file:
A. Review the actuarial certification (in the actuarial valuation report) to determine whether any
exceptions identified related to the census data, and test the resolution of any exceptions.
B. Obtain the census data file sent to the actuary from either the actuary or the plan. If obtained
from the plan, obtain evidence that information obtained from the plan was the same
information reported to and used by the actuary (for example, obtain a written confirmation
from the actuary).
C. Confirm with the actuary whether any information was missing, or changes were made to the
census data file provided by plan management.
D. Evaluate the potential impact of assumptions used by the actuary in changing census data
(such as corrections to address missing data) on the total pension liability.
E. Obtain and test a reconciliation of aggregate census data from plan records to the census
data file and the actuarial valuation report (for example, the number of members and
pensionable wages reported in the census data file to amounts shown in the actuarial
valuation report).
F. Obtain and test a roll forward of the census data from the prior valuation to the current
valuation, and test significant reconciling items.
G. Compare the number of plan members for the current year versus the prior year, as well as
the number of plan members versus the number of employees.
H. Select a sample of new employees during the period from the prior valuation to the current
valuation from the employee enrollments and determine whether they are properly included
in the current census data file.
I. Select a sample of active members and perform procedures such as evaluating whether the
employee is eligible to participate in the plan based on information included in the census
data file and criteria included in the plan document.
J. Select a sample of inactive members entitled to but not yet receiving benefits and compare
the census data information from the current census data file to the prior census data file, or
vice versa.
K. Select a sample of inactive members currently receiving benefits and perform procedures
such as comparing the static census data information from the current census data file to the
prior census data file.
Substantive Audit Procedures for Agent Plans
Because the financial statements of agent plans do not reflect any liabilities, deferred outflows of
resources, deferred inflows of resources, or expenses that are based on actuarial information, the
auditor of an agent plan generally does not need to test census data at participating employers.
The auditor's procedures focus on the accumulation and maintenance of census data by the plan
based on its role as the record keeper. As a result, the auditor generally performs procedures
similar to those performed at the plan level for cost-sharing plans, as described above.
8 E. Single and Agent Employer Accounting
and Financial Reporting
Financial Statements Prepared Using the Economic Resources
Measurement Focus and the Accrual Basis of Accounting
Governmental employers that provide defined benefit pensions through a single-employer plan or
an agent multiple-employer (agent) plan that is administered through a qualifying trust are
required to recognize net pension liability, pension expense, and certain deferred outflows of
resources and deferred inflows of resources in their financial statements prepared using the
economic resources measurement focus and the accrual basis of accounting.
Net Pension Liability
The net pension liability is measured as the portion of the actuarial present value of projected
benefit payments that is attributed to past periods of employee service (total pension liability) net
of the pension plan's fiduciary net position. The assumptions used in measuring the total pension
liability are the same as those used for the plan, as discussed above. The fiduciary net position
component of net pension liability is determined using the same valuation methods that are used
by the pension plan for purposes of preparing its statement of fiduciary net position. The net
pension liability is measured as of a date (measurement date) no earlier than the end of the
employer's prior fiscal year, consistently applied from period to period.
For pensions not administered through a qualifying trust, the concept of net pension
liability does not exist. In such plans, the total pension liability should be measured as of a
date (measurement date) no earlier than the end of the employer's prior fiscal year and no
later than the end of the employer's current fiscal year, consistently applied from period to
period.
Pension Expense, Deferred Outflows of Resources, and Deferred Inflows of Resources
The pension expense, deferred outflows of resources, and deferred inflows of resources related to
pensions that are required to be recognized by an employer primarily result from changes in the
components of the net pension liability during the measurement period (i.e., changes in the total
pension liability and the pension plan's fiduciary net position). Most changes in the net pension
liability during the measurement period are included in pension expense. For example, changes in
the total pension liability during the measurement period resulting from current-period service
cost, interest on the total pension liability, and changes of benefit terms are required to be
recognized as pension expense in the current reporting period. Projected earnings on the pension
plan's investments also are required to be included in the determination of pension expense in the
current reporting period.
Pensions not administered through a qualifying trust have no assets in a qualifying trust.
As a result, no fiduciary net position or plan investments exist. Instead, pension expense,
deferred outflows of resources, and deferred inflows of resources related to pensions that
are required to be recognized by an employer primarily result from changes in the total
pension liability during the measurement period.
Financial Statements Prepared Using the Current Financial Resources

Measurement Focus and Modified Accrual Basis of Accounting
In financial statements prepared using the current financial resources measurement focus and
modified accrual basis of accounting, a net pension liability is recognized to the extent the liability
is normally expected to be liquidated with expendable available financial resources. Pension
expenditures are recognized equal to the total of: (a) amounts paid by the employer to the
pension plan, and (b) the change between the beginning and ending balances of amounts
normally expected to be liquidated with expendable available financial resources. Net pension
liabilities are normally expected to be liquidated with expendable available financial resources to
the extent that benefit payments have matured (i.e., benefit payments are due and payable, and
the pension plan's fiduciary net position is not sufficient for payment of those benefits).
For pensions not administered through a qualifying trust, pension expenditures are
recognized equal to the total of: (a) amounts paid by the employer for pensions as the
benefits come due, and (b) the change between the beginning and ending balances of
amounts normally expected to be liquidated with expendable available financial
resources. Total pension liabilities are normally expected to be liquidated with
expendable available resources to the extent that benefit payments have matured (i.e.,
benefit payments are due and payable).

The following are among the required note disclosures: plan description; changes in net pension
liability; significant assumptions used to measure total pension liability; measurement date of the
net pension liability and the date of the actuarial valuation on which the liability is based;
information about the plan fiduciary net position; amount of pension expense recognized by the
employer in the reporting period; and the employer's balances of deferred outflows of resources
and deferred inflows of resources related to pensions by type. In addition, single and agent
employers have to present certain 10-year schedules of RSI and related notes, including
information on contributions.
Special Funding Situations
Special funding situations are defined as circumstances in which a nonemployer entity is legally
responsible for making contributions directly to a pension plan that is used to provide pensions to
the employees of another entity or entities and either of the following criteria is met: (a) the
amount of contributions for which the nonemployer entity is legally responsible does not depend
on one or more events unrelated to pensions, or (b) the nonemployer is the only entity with a legal
obligation to make contributions directly to a pension plan. An employer that has a special
funding situation for defined benefit pensions has certain recognition and disclosure
requirements.
A. The employer is required to recognize a pension liability and deferred outflows of resources
and deferred inflows of resources related to pensions with adjustments for the involvement of
nonemployer contributing entities.
B. The employer is required to recognize its proportionate share of the collective pension
expense, as well as additional pension expense and revenue related to the expense
recognized by nonemployer contributing entities.
C. The employer is required to disclose in the notes to the financial statements information
about the amount of support provided by nonemployer contributing entities and to present
similar information about the involvement of those entities in 10-year schedules of RSI.
8 F. Auditing Considerations for Single and
Agent Employers
This section of the chapter focuses on specific considerations for testing certain financial
statement elements of the employer's financial statements affected by defined benefit pension
plans, including net pension liability, deferred outflows of resources, deferred inflows of resources,
and pension expense.
Census Data
The employer auditor's consideration of the relevant financial statement assertions that depend
on census data begins with understanding the processes and internal controls used by the
employer and the plan to support the completeness and accuracy of significant elements of
census data that are provided to the actuary. Significant elements of census data include those
elements that, either individually or when combined with other elements, could result in a
material misstatement to one or more elements of the employer's financial statements (net
pension liability, deferred outflows of resources, deferred inflows of resources, and pension
expense).
Significant Elements of Census Data
Significant elements of census data may include some or all of the following:
A. Name,
B. Social Security number,
C. Date of birth,
D. Date of hire,
E. Marital status,
F. Pensionable wages,
G. Service credits (periods of time worked),
H. Class of employee,
I. Position or job code or both,
J. Contributions,
K. Gender,
L. Date of termination or retirement,
M. Spouse's date of birth, and
N. Employment status (active, inactive entitled to but not receiving benefits, or retired).
The substantive procedures for census data at the employer generally focus on testing
incremental changes to the census data file since the prior actuarial valuation, assuming: (a) the
prior-year financial statements were audited, (b) there were no modifications to the auditor's
report in the prior year related to census data, and (c) the auditor has concluded there is no
significant risk of material misstatement due to incomplete or inaccurate census data from prior
years.
Net Pension Liability, Deferred Outflows of Resources, Deferred
Inflows of Resources, and Pension Expense for Single and Agent
Employers
Considerations specific to total pension liability, net pension liability, deferred outflows of
resources, deferred inflows of resources, and pension expense include obtaining an understanding
of the actuary's objectives, scope of work, methods and assumptions, and consistency of
application.
Relevant Assertions
Relevant assertions related to net pension liability, deferred outflows of resources, deferred
inflows of resources, and pension expense for single and agent employers include the following:
A. Member census data reported to the plan is complete and accurate.
B. Member census data accumulated and maintained by the plan is complete and accurate.
C. Actuarial assumptions used in computing the total pension liability are in accordance with
GAAP and Actuarial Standards of Practice.
D. The employer pension amounts (including net pension liability, deferred outflows of
resources, deferred inflows of resources, and pension expense) have been properly calculated
and reported in the financial statements in accordance with GAAP and in the proper period
and are properly disclosed.

Substantive Audit Procedures for Total Pension Liability
The following are examples of substantive procedures for auditing the total pension liability
component (excluding census data) of net pension liability for single and agent employers:
A. Obtain the actuarial valuation report used to measure the total pension liability as of the
measurement date.
or employer(s) that may create threats to the actuary's objectivity and any applicable
safeguards.
qualifications on the actuary's certification relating to actuarial methods, actuarial
E. Inquire of management or the actuary whether the actuarial valuation considers all pertinent
provisions of the plan, including any changes or amendments to the plan or other events
affecting the actuarial calculations that are effective as of the measurement date.
F. Determine whether the actuarial valuation was performed as of a date no more than 30
months and 1 day from the employer's fiscal year-end.
G. Evaluate whether the methods and assumptions used in determining the total pension
liability are in accordance with GAAP and Actuarial Standards of Practice and are the same as
those used by the plan.
H. If the actuarial valuation was performed as of a date prior to the measurement date, review
the appropriateness of the update procedures to roll forward the total pension liability to the
measurement date and determine whether all significant known events occurring between
the valuation date and the measurement date have been properly included.
J. Evaluate the propriety of the long-term expected rate of return used in the calculation of the
discount rate.
GAAP.
L. Verify that the fiduciary net position used in calculating the net pension liability is the same as
the fiduciary net position reported in the plan's statement of fiduciary net position.
M. Recompute the calculation for the net pension liability.
Substantive Audit Procedures for Single Employer Fiduciary Net Position

This section addresses the fiduciary net position component of net pension liability and, thus, is
not applicable to pensions not administered through a qualifying trust.
Employer Auditor Performs All the Substantive Procedures
The following are examples of substantive procedures for auditing the fiduciary net position for
single employers when the employer auditor is performing all the substantive procedures:
A. Obtain a detailed schedule of fiduciary net position for the plan as of the measurement date
that includes all plan assets, deferred outflows of resources, liabilities, and deferred inflows of
resources and perform substantive procedures on the elements similar to those performed for
a single-employer plan as described earlier in this chapter, and reconcile to fiduciary net
position used by the actuary in the calculation of the net pension liability.
B. Obtain a detailed schedule of changes in fiduciary net position for the plan that includes all
additions and deductions for the measurement period and agree beginning fiduciary net
position to the prior-year audited financial statements, and perform substantive procedures
on the relevant elements of additions (e.g., contributions and investment income) and
deductions (e.g., benefit payments and administrative expenses) during the measurement
period similar to those performed for a single-employer plan.
Employer Auditor Obtains Audited Plan Financial Statements and Performs Additional
Procedures on Changes in Fiduciary Net Position
single employers when the employer auditor is obtaining audited plan financial statements
(audited by another auditor) and is performing additional procedures on components of changes
in fiduciary net position:
A. Obtain audited plan financial statements and determine whether the plan auditor's report is
adequate and appropriate for the employer auditor's purposes.
B. Agree beginning fiduciary net position for the employer to the prior-year audited financial
statements.
C. Verify the completeness and accuracy of the employer and employee contributions attributed
to the employer.
D. Perform analytical procedures over benefit payments by developing an expectation based on
prior-year benefit payments adjusted for changes in employer census data.
E. Perform analytical procedures on investment income and administrative expense by
developing an expectation based on expected return on average investments and the prior-
year administrative expenses adjusted for changes in number of participants.
F. Recompute ending fiduciary net position based on its elements.
G. Reconcile to fiduciary net position used by the actuary in the calculation of the net pension
liability.
H. Agree the fiduciary net position of the net pension liability disclosed in the notes to the plan
financial statements to that reported in the plan statement of fiduciary net position.
Plan Prepares a Schedule of Pension Amounts and Engages Its Auditor to Obtain Reasonable
Assurance and Report
The following are examples of substantive procedures for auditing the net pension liability for
single employers when plan management prepares a schedule of pension amounts that includes
total pension liability, fiduciary net position, and net pension liability, and engages its auditor to
obtain reasonable assurance and report on net pension liability:
A. Evaluate whether the plan auditor's report on the schedule of pension amounts is adequate
and appropriate for the employer auditor's purposes.
B. Evaluate whether the plan auditor has the necessary competence and objectivity for the
employer auditor's purposes.
Substantive Audit Procedures for Agent Employer Fiduciary Net Position
agent employers based on information obtained from the plan:
A. Obtain an audited schedule of changes in fiduciary net position by employer from the plan for
the measurement period and perform procedures on amounts specific to the employer: agree
beginning fiduciary net position for the employer to the prior-year audited financial
statements, verify the completeness and accuracy of the employer and employee
contributions attributed to the employer, perform analytical procedures over benefit
payments by developing an expectation based on prior-year benefit payments adjusted for
changes in employer census data, perform analytical procedures on investment income and
administrative expense for the plan as a whole multiplied by the employer's relative
percentage of fiduciary net position, and recompute ending fiduciary net position.
B. Determine whether the plan engaged an auditor to opine on the schedule of changes in
fiduciary net position by employer either through: (1) an opinion on the schedule as a whole
combined with a Type 2 SOC 1 report on the controls over the calculation and allocation of
additions and deductions to employer accounts, or (2) an opinion on each employer column in
the schedule.
C. Evaluate whether the plan auditor's report and accompanying schedule are adequate and
appropriate for the employer auditor's purposes.
D. Reconcile totals in the schedule of pension amounts to those reported in the audited plan
Substantive Audit Procedures for Single and Agent Employer Deferred Outflows of Resources
and Deferred Inflows of Resources
The following are examples of substantive procedures for auditing deferred outflows of resources
and deferred inflows of resources for single and agent employers. Obtain a detailed schedule of
deferred outflows of resources and deferred inflows of resources by type and period for the
employer and perform the following:
A. Agree recognition (amortization) schedules and recognition (amortization) periods for prior-
period deferral amounts to prior-year audit documentation and audited financial statements,
if applicable.
B. Recalculate the current-year gross incremental deferrals for differences between actual and
expected experience and changes in assumptions based on information in the actuarial
valuation report used to measure the net pension liability.
C. Recalculate the current-year gross incremental deferral for the difference between projected
and actual earnings on pension plan investments for the measurement period.
D. Recalculate the recognition (amortization) amount for the current-period incremental
deferrals for differences between actual and expected experience and changes in
assumptions by dividing the gross incremental deferrals by the current-year amortization
period.
E. Recalculate the recognition (amortization) amount for the current-period deferral for
differences between projected and actual earnings on pension plan investments by dividing
the gross incremental deferral by five (years).
F. Verify contributions made after the measurement date and before the employer's year-end
and compare to the amount reported as deferred outflows of resources.
G. Recalculate the mathematical accuracy of the total deferred outflows of resources and
deferred inflows of resources by type as of the measurement date and the total recognition
(amortization) for the measurement period based on the components tested in procedures (A)
through (F) above.
Substantive Audit Procedures for Single and Agent Employer Pension Expense
The following are examples of substantive procedures for auditing pension expense for single and
agent employers:
A. Obtain a detailed schedule of pension expense for the measurement period.
B. Compare total service cost to the actuarial valuation used to measure the total pension
liability.
C. Compare employee contributions to audited plan financial statements, if applicable, or
contributions tested in conjunction with the substantive procedures described above for
auditing fiduciary net position for single employers when the employer auditor is performing
all the substantive procedures.
D. Recalculate interest on total pension liability by multiplying beginning total pension liability,
adjusted for service cost, and actual benefit payments by the discount rate.
E. Verify changes in benefit terms to the actuarial valuation report and procedures performed
related to the total pension liability, as described above.
F. Compare plan administrative costs to audited plan financial statements, if applicable, or

administrative costs tested in conjunction with the substantive procedures described above
for auditing fiduciary net position for single employers when the employer auditor is
performing all the substantive procedures.
G. Recalculate projected earnings on plan investments by multiplying beginning plan fiduciary
net position, adjusted for contributions, actual benefit payments, and actual administrative
expenses, by the long-term expected rate of return on plan investments.
Note
The long-term expected rate of return should be net of investment expense but not
net of administrative expense and should reflect the expectation of the rate as of
the beginning of the measurement period.
H. Reconcile amounts of deferred outflows of resources and deferred inflows of resources

recognized as pension expense based on procedures performed for auditing deferred outflows
of resources and deferred inflows of resources for single and agent employers.
I. Recalculate the mathematical accuracy of total pension expense based on the individual
components.
8 G. Cost-Sharing Employer Accounting

This section of the chapter addresses specific accounting considerations for employers
participating in cost-sharing multiple-employer defined benefit pension plans.
Measurement Focus and Accrual Basis of Accounting
Governmental employers that provide defined benefit pensions through a cost-sharing multiple-
employer (cost-sharing) plan that is administered through a qualifying trust are required to report
their proportionate shares of the plan's collective net pension liability, pension expense, and
certain deferred outflows of resources and deferred inflows of resources (pension amounts) in
their financial statements.
Proportionate Share of Collective Net Pension Liability
The employer recognizes a liability for its proportionate share of the collective net pension liability,
measured as of a date (measurement date) no earlier than the end of the employer's prior fiscal
year, consistently applied from period to period. The employer's proportionate share of the liability
is measured by determining the employer's proportion and multiplying the collective net pension
liability by that proportion.
The basis for the employer's proportion must be consistent with the way contributions to
the plan are determined.
Collective Pension Expense, Deferred Outflows of Resources, and Deferred Inflows of

Resources
Pension expense, deferred outflows of resources, and deferred inflows of resources related to
pensions are recognized for the employer's proportionate share of collective pension expense and
collective deferred outflows of resources and deferred inflows of resources related to pensions.
The employer's proportionate share is determined using the employer's proportion of the
collective net pension liability.
Change in Proportion
If the employer's proportion of the collective net pension liability changed since the prior
measurement date, the net effect of that change on the employer's proportionate share of the
collective net pension liability and collective deferred outflows of resources and deferred inflows of
resources related to pensions, determined as of the beginning of the measurement period, is
recognized in the employer's pension expense, beginning in the current reporting period, using a
systematic and rational method over a closed period.
Contributions during the Measurement Period
For contributions to the pension plan other than those to separately finance specific liabilities of
an individual employer or nonemployer contributing entity to the pension plan, the difference
during the measurement period between both of the following should be recognized in the
employer's pension expense, beginning in the current reporting period, using a systematic and
rational method over a closed period:
A. The total of such contributions from the employer (and amounts associated with the employer
from nonemployer contributing entities that are not in a special funding situation)
B. The amount of the employer's proportionate share of the total of such contributions from all
employers and all nonemployer contributing entities
Employer Contributions after Measurement Date
Contributions to the plan from the employer subsequent to the measurement date of the net
pension liability and before the end of the reporting period are reported as a deferred outflow of
resources related to pensions. These amounts include contributions made by the employer during
its fiscal year that will be reflected in the net pension liability in the next measurement period.
Collective Net Pension Liability
The collective net pension liability is measured as the portion of the actuarial present value of
projected benefit payments that is attributed to past periods of employee service (total pension
liability) for the plan as a whole, net of the pension plan's fiduciary net position. The pension
plan's fiduciary net position component of net pension liability is determined using the same
valuation methods that are used by the pension plan for purposes of preparing its statement of
fiduciary net position.
Allocation of Pension Amounts to Funds or Departments or Both
GAAP does not establish specific requirements for allocation of the net pension liability or other
pension-related amounts to individual funds or departments. In practice, when governments
allocate pension amounts to funds or departments or both, the allocation methodology described
for employers participating in cost-sharing plans is considered appropriate for that purpose. Such
an allocation approach may result in the recognition of additional deferred outflows of resources
or deferred inflows of resources related to changes in proportion from year to year.
modified accrual basis of accounting, a net pension liability is recognized to the extent the liability
is normally expected to be liquidated with expendable available financial resources. Pension
expenditures are recognized equal to the total of: (a) amounts paid by the employer to the
pension plan, and (b) the change between the beginning and ending balances of amounts
normally expected to be liquidated with expendable available financial resources. Net pension
liabilities are normally expected to be liquidated with expendable available financial resources to
the extent that benefit payments have matured. In other words, benefit payments are due and
payable, and the pension plan's fiduciary net position is not sufficient for payment of those
benefits.

Among the required disclosures are the plan description; the employer's proportionate share
(amount) of collective pension liability; the employer's proportion (percentage) of collective net
pension liability (including the basis on which it was determined) and change in its proportion
since the prior measurement date; significant assumptions used to measure total pension liability,
including inflation, salary changes, discount rate, and mortality; the measurement date of
collective net pension liability and date of actuarial valuation on which the total pension liability is
based; information about fiduciary net position; the amount of pension expense recognized by the
employer in the reporting period; and the employer's balances of deferred outflows of resources
and deferred inflows of resources related to pensions by type. In addition, cost-sharing employers
present certain 10-year schedules of RSI and related notes, including information on the
employer's proportionate share (amount) of the collective net pension liability and information on
contributions.
Special funding situations were described earlier in this chapter. An employer that has a special
funding situation for defined benefit pensions recognizes a pension liability and deferred outflows
of resources and deferred inflows of resources related to pensions with adjustments for the
involvement of nonemployer contributing entities. The employer recognizes its proportionate
share of the collective pension expense, as well as additional pension expense and revenue
related to the expense recognized by the nonemployer contributing entities. The employer
discloses in the notes to the financial statements information about the amount of support
provided by nonemployer contributing entities and presents information about the involvement of
those entities in the 10-year schedules of RSI. The recognition and measurement of liabilities,
deferred outflows of resources, deferred inflows of resources, and expenses by a governmental
nonemployer contributing entity in a special funding situation for defined benefit pensions is
similar to that of cost-sharing employers.
8 H. Auditing Considerations for Cost-

Sharing Employers
statement elements of the employer's financial statements affected by defined benefit pension
plans, including net pension liability, deferred outflows of resources, deferred inflows of resources,
and pension expense. The substantive procedures included in this section for cost-sharing
employers assume that the cost-sharing plans provide employers with the recommended
information and related audit reports.
Census Data
Census data were discussed earlier in this chapter. The employer auditor's consideration of the
relevant financial statement assertions that depend on census data begins with understanding
the processes and internal control used by the employer and the plan to support the
completeness and accuracy of the significant elements of census data that are provided to the
actuary. In a cost-sharing plan, individual employer census data affect the collective pension
amounts reported by the plan. Certain census data elements, such as contributions, directly affect
the individual employer's proportionate share if used as the basis for allocation.
Net Pension Liability, Deferred Outflows of Resources, Deferred
Inflows of Resources, and Pension Expense
Relevant Assertions
Relevant assertions relating to net pension liability, deferred outflows of resources, deferred
inflows of resources, and pension expense for cost-sharing employers include the following:
C. Actuarial assumptions used in computing the total pension liability are in accordance with
D. The employer's proportionate share of the collective pension amounts (including net pension
liability, deferred outflows of resources, deferred inflows of resources, and pension expense)
have been properly determined and recorded in the financial statements in the proper period.
E. The employer's deferred outflows of resources and deferred inflows of resources for
contributions made after the measurement date, changes in proportion, and differences
between the employer's actual contributions and its proportionate share of all employer
contributions have been properly determined and recorded in the financial statements in
accordance with GAAP in the proper period and are properly disclosed.
Substantive Audit Procedures for Cost-Sharing Employers
The following are examples of substantive procedures for auditing net pension liability, deferred
outflows of resources, deferred inflows of resources, and pension expense for cost-sharing
employers:
A. Obtain the actuarial valuation report used to measure the collective total pension liability for
the plan as of the measurement date.
C. Read the actuarial certification for potential exclusions from the scope of the actuary's work or
D. Determine whether the actuarial valuation was performed as of a date no more than 30
E. Evaluate whether the methods and assumptions used in determining the total pension
liability are in accordance with GAAP and Actuarial Standards of Practice and are the same as
those used by the plan.
F. Obtain the audited schedule of employer allocations and compare and recalculate amounts
specific to the employer to the employer's records.
G. Obtain the audited schedule of pension amounts and recalculate the allocated pension
amounts for the employer by multiplying the collective pension amounts for the plan by the
employer's proportionate share (allocation percentage).
H. Evaluate whether the plan auditor's report on the schedule of employer allocations and the
schedule of pension amounts is adequate and appropriate for the employer auditor's
purposes.
I. Evaluate whether the plan has the necessary competence and objectivity for the employer
auditor's purposes.
J. Obtain the audited plan financial statements and: (1) agree or reconcile net pension liability
reported in the schedule of pension amounts (in G above) to the net pension liability disclosed
in the notes to the plan financial statements, and (2) agree the fiduciary net position
component of the net pension liability disclosed in the notes to the plan financial statements
to that reported in the plan statement of fiduciary net position.
K. Obtain a detailed schedule of employer-specific deferred outflows of resources and deferred

inflows of resources by type (including contributions made after the measurement date,
changes in proportion, and differences between the employer's actual contributions and its
proportionate share of total employer contributions) and by period and perform the following:
1. Test contributions made after the measurement date and before the employer's year-end
2. Agree recognition (amortization) schedules and recognition (amortization) periods for
prior-period deferral amounts to prior-year audit documentation and audited financial
statements.
3. Recalculate the current-year gross incremental deferrals for changes in proportion and
differences between the employer's actual contributions and its proportionate share of
total employer contributions.
4. Recalculate the recognition (amortization) amount for the current-period incremental
deferrals for changes in proportion and differences between the employer's actual
contributions and its proportionate share of total employer contributions by, for example,
dividing the current respective gross incremental deferrals by the current-year
amortization period for the plan.
L. Recalculate the mathematical accuracy of the total deferred outflows of resources and
(amortization) for the measurement period based on the components tested in items (G) and
(K).
M. Recalculate pension expense based on the employer's specific pension expense in the
schedule of pension amounts from item (G) plus the recognition (amortization) amount of
employer-specific deferred outflows of resources and deferred inflows of resources from item
(K).

Substantive Audit Procedures for Census Data
Substantive procedures over census data (for both the employer and the plan auditor) are
ordinarily based on a concept that focuses on testing incremental changes to the census data file
since the prior actuarial valuation, assuming: (a) the prior-year plan financial statements were
audited, (b) there were no modifications to the auditor's report in the prior year related to census
data, and (c) the auditor has concluded there is no significant risk of material misstatement due to
incomplete or inaccurate census data from prior years.
The following are examples of substantive procedures for testing the completeness and accuracy
of the census data reported to the plan (for active members) assuming certain census data
elements present a potential risk of material misstatement to the employer:
B. Obtain the population of employer (payroll) transmission reports submitted to the plan during
the period from the prior valuation to the current valuation and: (1) evaluate whether the
population of employer (payroll) transmission reports received is complete based on an
understanding of the employer's payroll registers and cycles, and (2) select a sample of
employer (payroll) transmission reports to verify the mathematical accuracy of reports and
whether the correct contribution rates were used.
valuation from the employer and: (1) select a sample to determine that eligible new
(payroll) transmission reports, and (2) for each employee selected, verify accuracy of the
significant elements of census data reported to the plan upon enrollment to the payroll and
personnel records.
transmission reports) and select a sample to determine that they were appropriate based on
the relevant plan criteria and underlying payroll and personnel records.
(payroll) transmission report to the payroll register (or vice versa), and agree the underlying
This chapter addressed accounting and auditing considerations for governmental defined benefit
pension plan financial statements. It also addressed accounting and auditing considerations for
employers participating in defined benefit pension plans, as well as considerations for
governments whose employees are provided with pensions not administered through a qualifying
trust.
Study Question 33
Which of the following is not a classification of defined benefit pension plans?
A Single-employer
B Cost-sharing
C Defined contribution
D Agent
Study Question 34
Which of the following statements is true regarding a defined benefit pension plan's statement of
fiduciary net position?
Pension plan assets are subdivided into the major
A categories of assets held and the principle components of
the receivables and investments categories.
B Receivables generally are long term.
C Liabilities consist only of benefits due to plan members.
D Net position is reported as unrestricted.
Study Question 35
How is the net pension liability measured for single and agent employers?
A Total pension liability less pension benefits paid during the

year
B Total pension liability net of the pension plan's fiduciary net

position
C Contributions receivable from employees and employers
D Fiduciary net position plus contributions receivable from

employees and employers
Study Question 36
Which of the following is not a method that is used to audit the fiduciary net position for single
employers?
A The employer auditor performs all the substantive

procedures.
B The employer auditor obtains audited plan financial

statements and performs additional procedures.
C The plan prepares a schedule of pension amounts and

engages its auditor to report on net pension liability.
D The plan prepares a schedule of pension amounts and the

employer auditor expresses an opinion on the schedule.
Study Question 37
How are contributions to a pension plan from a cost-sharing employer subsequent to the
measurement date of the net pension liability and before the end of the reporting period reported
in the employer's financial statements?
A Pension expense
B Pension liability
C Deferred outflow of resources related to pensions
D Deferred inflow of resources related to pensions
Chapter 9. Defined Benefit Postemployment Benefits Other Than

Pensions
This chapter addresses accounting and auditing considerations for defined benefit
postemployment benefits other than pensions (other postemployment benefits, or OPEB) plans
that are administered through a trust or equivalent arrangement. It addresses accounting and
auditing considerations for employers participating in single-employer, agent multiple-employer,
and cost-sharing multiple-employer defined benefit OPEB plans that are administered through a
trust or equivalent arrangement. It also addresses accounting and auditing considerations for
governments whose employees are provided with OPEB through OPEB plans that are not
administered through a trust or equivalent arrangement.
identify unique accounting, reporting, and auditing characteristics for defined benefit
postemployment pension plans other than pensions.
This chapter addresses topics related to accounting, financial reporting, and auditing
considerations for governmental defined benefit OPEB plans and participating governmental
employers in those plans. This chapter is based on the requirements in GASB Statement No. 74,
Financial Reporting for Postemployment Benefit Plans Other Than Pensions and GASB
Statement No. 75, Accounting and Financial Reporting for Postemployment Benefits Other Than
Pensions. OPEB includes health care benefits such as medical, dental, prescription drugs, and
vision paid in the period after employment, regardless of whether provided separately from or
provided through a pension plan. OPEB also includes death benefits, life insurance, disability, and
long-term care that are paid in the period after employment when provided separately from a
pension plan. OPEB does not include termination benefits or termination payments for unused
sick leave.
Qualifying Trusts
This chapter discusses accounting and financial reporting for state and local government OPEB
plans, both defined benefit and defined contribution, that are administered through a qualifying
trust or equivalent arrangement that satisfies all the following criteria:
A. Contributions from employers and nonemployer contributing entities to the OPEB plan and
B. OPEB plan assets provide OPEB to plan members in accordance with the benefit terms.
C. OPEB plan assets are legally protected from the creditors of employers, nonemployer
contributing entities, and the OPEB plan administrator. If the plan is a defined benefit OPEB
plan, plan assets also are legally protected from creditors of the plan members.
The Employee Retirement Income Security Act of 1974 (ERISA) does not apply to most
governmental entities. Instead, state and local laws and regulations that govern the operations of
an OPEB plan may affect allowable investments, investment income allocation, funding
requirements, member eligibility and vesting, and payments to plan members and beneficiaries.
9 B. Types of Defined Benefit OPEB Plans

Defined benefit OPEB is OPEB for which benefits that the plan member will receive at or after
separation from employment are defined by the benefit terms. The OPEB may be stated as a
specified dollar amount, as an amount that is calculated based on one or more factors such as
age and years of service, a type or level of coverage such as prescription drug coverage, or a
percentage of health insurance premiums. Defined benefit OPEB plans other than insured plans
are classified first according to the number of employers whose employees are provided with
OPEB through the OPEB plan.

OPEB Plans Administered through a Qualifying Trust
Three types of OPEB plans are administered through a qualifying trust:
A. In a single-employer plan, OPEB is provided to the employees of only one employer.
B. In a cost-sharing multiple-employer (cost-sharing) plan, OPEB obligations to the employees
of more than one employer are pooled and OPEB plan assets can be used to pay the benefits
of the employees of any employer that provides OPEB through the OPEB plan.
C. In an agent multiple-employer (agent) plan, OPEB plan assets are pooled for investment
purposes, but separate accounts are maintained for each individual employer so that each
employer's share of the pooled assets is legally available to pay the benefits of only its
employees.
OPEB Plans Not Administered through a Qualifying Trust
Two types of OPEB plans are not administered through a qualifying trust:
A. In a single-employer plan, OPEB is provided to the employees of only one employer.
B. If an OPEB plan is not administered through a qualifying trust, there is no OPEB plan
reporting. Thus, for employers that provide benefits through multiple-employer defined
benefit OPEB plans that are not administered through a qualifying trust, each individual
employer is considered to be participating in its own OPEB plan, similar to a single-employer
plan that is not administered through a qualifying trust.
OPEB Financing (Risk Management) and Administrative
Arrangements
The nature of OPEB arrangements and the related audit approach depend on how the risks
associated with the current-period benefit payments are financed (paid). The risk associated with
current-period benefit payments may be transferred to a third party (e.g., purchase of health
insurance), fully retained (that is, self-insured), or a combination of the two (e.g., partially self-
insured with the purchase of stop-loss insurance).
Risks Transferred to a Third Party
When the risks associated with current-period benefit payments are transferred to a third party,
an insurance company usually pools the experience of the plan or employer with that of other
similar entities and assumes the financial risk of adverse experience. In such an arrangement, a
plan or employer generally has no obligation for current-period benefit payments covered by the
arrangement other than the payment of premiums due to the insurance company unless it is an
experience-rated, minimum premium, or stop-loss insurance arrangement. The audit approach
will primarily focus on the insurance premiums paid.
Self-Insured Risks
When the risks associated with current-period benefit payments are self-insured, the plan or
employer has retained the risk (that is, assumed the obligation) for those benefit payments. The
audit approach will primarily focus on the claims payments, which are usually made by a third-
party administrator who collects a fee for the services provided.

Number of Defined Benefit OPEB Plans
If, on an ongoing basis, all assets accumulated in a defined benefit OPEB plan for the payment of
benefits may legally be used to pay benefits (including refunds of employee contributions) to any
of the plan members (employees), the total assets should be reported as assets of one defined
benefit OPEB plan. A separate defined benefit OPEB plan should be reported for a portion of the
total assets, even if the assets are pooled with other assets for investment purposes, if that portion
of assets meets both of the following criteria:
A. The portion of assets is accumulated solely for the payment of benefits to certain classes or
groups of plan members or to plan members who are active or inactive employees of certain
entities (such as state government employees); and
B. The portion of assets may not legally be used to pay benefits to other classes or groups of
plan members or other entities' plan members (such as local government employees).
Relevance of Census Data
The measurement of certain financial statement elements of defined benefit OPEB plan financial
statements (e.g., total OPEB liability, contributions, contributions receivable, and benefit
payments) depend on plan members' demographic data, which is referred to as census data.
Similarly, certain financial statement elements of employers that participate in defined benefit
OPEB plans (e.g., net [total] OPEB liability, deferred outflows of resources, deferred inflows of
resources, and OPEB expense) also depend on members' census data. Thus, the relevance of
census data to the measurement of certain financial statement elements depends on the basis
upon which those financial statement elements are calculated, as well as on the type of plan
(single-employer, cost-sharing, or agent), as accounting and disclosure requirements differ.
9 C. Accounting and Financial Reporting for

Defined Benefit OPEB Plans Administered
through a Qualifying Trust
General Recognition Standards
The financial statements of a defined benefit OPEB plan include the following:
A. A statement of fiduciary net position, which includes information about assets, deferred
outflows of resources, liabilities, deferred inflows of resources, and fiduciary net position (as
applicable) as of the end of the OPEB plan's reporting period
B. A statement of changes in fiduciary net position, which includes information about the
additions to, deductions from, and net increase (or decrease) in fiduciary net position for the
OPEB plan's reporting period
Combining Financial Statements
A PERS that administers more than one defined benefit plan (pension, OPEB, or both) that is
administered through a qualifying trust is required to present combining financial statements for
all plans administered by the system and, if applicable, required schedules for each plan. A PERS
meets this requirement by presenting: (a) a separate column for each plan administered on the
statement of fiduciary net position and the statement of changes in fiduciary net position, or (b)
combining statements for those plans as part of the basic financial statements.
Note
If an OPEB plan is not administered through a qualifying trust, any assets accumulated
for OPEB purposes continue to be reported as assets of the employer or nonemployer
contributing entity. When a government holds assets in a fiduciary capacity (e.g., for other
governments that are not included in the reporting entity), those assets are reported in an
agency fund. Balances reported in the agency fund exclude amounts that pertain to the
employer or nonemployer contributing entity that reports the agency fund.
Statement of Fiduciary Net Position

OPEB plan assets are subdivided into: (a) the major categories of assets held (e.g., cash and cash
equivalents, receivables, investments, and capital assets), and (b) the principal components of the
receivables and investments categories.
Receivables
Receivables are generally short-term and consist of contributions due at the end of the reporting
period. Amounts recognized as receivables for contributions should include only those due
pursuant to legal requirements. Receivables for contributions that are payable to the plan more
than one year after the end of the reporting period (such as those under an installment contract)
are recognized in full in the period the receivable arises.
Investments
Purchases and sales of investments are recorded on a trade date basis. With certain exceptions,
investments are reported at fair value.
Liabilities
Liabilities generally consist of benefits due to plan members and accrued investment and
administrative expenses. OPEB plan liabilities for benefits are recognized when the benefits are
currently due and payable in accordance with the benefit terms. Plan liabilities also include
amounts of benefit payments that are owed by employers or nonemployer contributing entities for
OPEB as the benefits come due.
Statement of Changes in Fiduciary Net Position
The additions section of the statement separately displays contributions from employers and
those from nonemployer contributing entities, each including amounts for OPEB as the benefits
come due that will not be reimbursed to the employers using OPEB assets, the total of
contributions from active and inactive plan members not receiving benefits (including those
transmitted by employers), and net investment income, including separate display of investment
income and investment expense. The deductions section separately displays benefit payments
(including refunds of plan member contributions and amounts from employers or nonemployer
contributing entities for OPEB as the benefits come due) and total administrative expenses. The
total difference between total additions and total deductions is reported as the net increase
(decrease) in net position.
The categories of required disclosures include plan description, OPEB plan investments,
receivables, allocated insurance contracts, and reserves. Required supplementary information
(RSI) includes management's discussion and analysis.
Single-Employer and Cost-Sharing Plans
Additional note disclosures for single-employer and cost-sharing OPEB plans include the
following:
A. Components of net OPEB liability, including total OPEB liability, the plan's fiduciary net
position, net OPEB liability, and the plan's fiduciary net position as a percentage of the total
OPEB liability
B. Significant assumptions used to measure total OPEB liability, including inflation, healthcare
cost trend rates, salary changes (if applicable), ad hoc postemployment benefit changes,
sharing of benefit-related costs with inactive plan members, discount rate, and mortality
C. Date of actuarial valuation or alternative measurement method calculation on which the total
OPEB liability is based
Single-employer and cost-sharing OPEB plans present 10-year schedules of RSI, including
information on the changes in the net OPEB liability, key ratios, information on contributions, and
the annual money-weighted rate of return on OPEB plan investments.
Agent Plans
Agent OPEB plans have no specific note disclosure requirements or RSI related to OPEB liabilities
or actuarial information. These plans present as RSI a 10-year schedule of the annual money-
weighted rate of return on OPEB plan investments.
Net OPEB Liability in Single-Employer and Cost-Sharing Plans
The net OPEB liability equals the total OPEB liability for the OPEB plan less the fiduciary net
position of the plan. Total OPEB liability is the actuarial present value of projected benefit
payments attributed to past employee service. Fiduciary net position is determined using the
same valuation methods that are used for the plan's financial reporting. Determining the total
OPEB liability is a three-step process: (1) project future benefit payments, (2) discount projected
future benefit payments to present value, and (3) attribute present value of projected future
benefits to past and future periods.
Timing and Frequency of Actuarial Valuations
The total OPEB liability is determined by: (a) an actuarial valuation as of the OPEB plan's most
recent fiscal year-end, or (b) the use of update procedures to roll forward to the OPEB plan's most
recent fiscal year-end amounts from an actuarial valuation as of no more than 24 months earlier
than the OPEB plan's most recent fiscal year-end.
Projection of Benefit Payments
Projected benefit payments include all benefits to be provided to current active and inactive
members through the OPEB plan (including amounts for OPEB to be paid by employers or
nonemployer contributing entities as the benefits come due) in accordance with the benefit terms
and any additional legal agreements to provide benefits that are in force at the OPEB plan's fiscal
year-end. Projected benefit payments include the effects of the following:
A. Projected ad hoc postemployment benefit changes, including ad hoc cost-of-living
adjustments, to the extent they are considered to be substantively automatic
B. Projected salary changes, in circumstances in which the OPEB formula incorporates future
compensation levels
C. Projected service credits, both in determining a member's probable eligibility for benefits and
in projecting benefit payments in circumstances in which the OPEB formula incorporates
years of service
D. Taxes or other assessments expected to be imposed on benefits
Discounting Projected Future Benefits
The discount rate is the single rate of return that, when applied to all projected benefit payments,
results in an actuarial present value of projected benefit payments equal to the total of the
actuarial present values. A single blended rate should be based on both of the following:
A. The long-term expected rate of return on OPEB plan investments that are expected to be
used to finance the payment of benefits, to the extent that plan fiduciary net position is
projected to be sufficient to make projected benefit payments and plan assets are expected to
be invested using a strategy to achieve that return
B. A yield or index rate for 20-year, tax-exempt general obligation municipal bonds with an
average rating of AA/Aa or higher (or equivalent quality on another rating scale), to the extent
that the conditions in (A) are not met
Attributing the Actuarial Present Value of Projected Benefit Payments to Periods
Attribution of the present value of projected future benefit payments to specific periods is based
on the entry age actuarial cost method.
9 D. Auditing Considerations for OPEB

Plans Administered through a Qualifying
Trust
Plan Investments and Related Income
Considerations specific to plan investments may include obtaining an understanding of
investment policies, investment management arrangements, valuation techniques, and the
relevant investment activities performed by plan management, trustee (or other asset custodian),
and investment managers. Often, in governmental OPEB plans the plan's investment provisions
are dictated by state statutes rather than a plan document. This section addresses plan
investment-related issues specific to OPEB. Chapter 6 of this course addresses other more
general investment considerations.
Relevant Assertions
The relevant assertions for plan investments and investment income include the following:
A. Investments and investment transactions are initiated in accordance with the established
investment policies and comply with plan provisions, laws, and regulations.
B. All investments are recorded and exist.
C. All investments are owned by the plan and free of liens, pledges, and other security interests;
if not free from security interest, it is identified and properly disclosed.
D. All investments are properly valued as of the plan's fiscal year-end.
E. All investment income, including net appreciation or depreciation, is accurately reported.
F. Investment disclosures, including the money-weighted rate of return on plan investments, are
General audit procedures for investments and investment income are discussed earlier in this
course.
Contributions and Contributions Receivable
Considerations specific to contributions may include obtaining an understanding of the types of
contributions legally required to be remitted to the plan and the eligibility requirements, if
applicable.
Relevant Assertions
The relevant assertions for contributions and contributions receivable are as follows:
A. Amounts received or due the plan for employer (including those from a nonemployer
contributing entity) and active member contributions have been appropriately calculated,
recorded, and disclosed in the financial statements in the proper period, in accordance with
plan provisions.
B. Amounts received or due the plan consist only of contributions pursuant to legal
requirements and are recognized in full in the period the receivable arises.
C. Receivables arising from installment contracts are properly recorded in full in the period the
receivable arises. If the receivable is recognized at its discounted present value, interest is
properly accrued using the effective interest method.
D. Appropriate allowance has been made for uncollectible contributions receivable, if applicable.
E. Contributions include the amount, if any, of the age-adjusted premiums in excess of the
blended premium rates for inactive members (implicit rate subsidy).
Additional Considerations for Cost-Sharing OPEB Plans
F. Member census data used in determining employer and member contributions is complete
and accurate.
G. Receivables due from withdrawing employers in a cost-sharing OPEB plan have been
accurately calculated and recorded in the proper period.
Additional Considerations for Agent OPEB Plans
H. Employer (including nonemployer contributing entity) and member contributions are
recorded in the appropriate employer's separate account.

The following are examples of substantive procedures for auditing contributions and related
contributions receivable for the plan:
A. Obtain a subsidiary ledger (schedule) for all contributions and reconcile to the general ledger
of the plan.
B. Perform substantive analytical procedures on contributions disaggregated by type of
contribution (e.g., employers, nonemployer contributing entity, and members), as well as by
individual employer.
C. Confirm employer and active member contributions with the employer.
D. Confirm nonemployer contributing entity contributions with the nonemployer contributing
entity, if applicable.
E. Select a sample of employer (including nonemployer contributing entity, if applicable) and
member contributions, recalculate the contributions based on the required contribution rate
or amount, and trace to cash received.
F. Evaluate whether contributions include amounts for benefits paid directly by employers from
their own resources.
G. Evaluate whether contributions exclude amounts received from inactive members receiving
benefits.
H. Review criteria used by the plan in accruing employer (including nonemployer contributing
entity, if applicable) and member contributions receivable and determine whether all legally
enforceable accruals have been recorded.
I. Evaluate whether contributions include the amount, if any, of the excess of the age-adjusted
premiums over the blended rate premium (implicit rate subsidy).
J. Evaluate whether accruals for long-term receivables are in accordance with the installment
contract. If the receivable is recognized at discounted present value, determine that interest
was accrued using the effective interest method, unless use of the straight-line method would
not produce significantly different results.
K. Trace the subsequent receipt of contributions receivable to supporting documentation.
L. Evaluate the reasonableness of the plan's allowance for estimated uncollectible amounts, if
applicable, based on testing collections subsequent to the date of the financial statements
and review the status of unpaid amounts.
Deposits with and Receivables from Insurance Companies and Other

Service Providers
Relevant Assertions
The relevant assertions for deposits with and receivables from insurance companies (such as
premium stabilization reserves) and other service providers include the following:
A. Deposits with or receivables from insurance companies are properly included in the financial
statements and represent a valid deposit or receivable to the plan.
B. Deposits with or receivables from insurance companies have been appropriately calculated,
recorded, and disclosed in the financial statements in the proper period and in accordance
with the service provider agreement.
The following are examples of substantive procedures for auditing deposits with and receivables
from insurance companies and other service providers for the plan:
A. Review the supporting documents and agreements with insurance companies and other
service providers reflecting the requirements for such deposits.
B. Confirm amounts with insurance companies and other service providers.
C. Test the accuracy of the amounts, as well as the subsequent receipts or disbursements.
Benefit Payments and Benefits Payable
Considerations specific to benefit payments and benefits payable may include obtaining an
understanding of the types of benefits covered by the plan, the eligibility requirements, and the
methods of calculating the benefits.
Relevant Assertions
Health Care Benefits (Self-Insured)
A. Benefit payments (including those paid directly by the employer or a third-party
administrator) have been calculated and paid in accordance with substantive plan provisions,
member elections, and related documents.
B. Benefit payments (including those paid directly by the employer or a third-party
administrator) are made only to persons entitled to them (i.e., payments are not being made
to deceased beneficiaries or persons other than eligible members and beneficiaries).
C. Unpaid benefits due under the plan are recorded as liabilities, and benefits payable are valid
liabilities of the plan.
D. Amounts have been accurately calculated, recorded, and disclosed in the financial statements
in the proper period.
E. Reimbursement from stop-loss insurance has been properly accrued.
Health Care Insurance (Purchase of Insurance)

F. Benefit payments (premiums) are recognized based on age-adjusted premiums as opposed to
a blended rate premium with active employees (implicit rate subsidy).
G. Premiums are paid in accordance with the substantive plan provisions and member elections,
and are properly authorized.
H. Premiums are paid in accordance with agreements with the insurance entity.
I. Premiums are accurately calculated, recorded, and disclosed in the financial statements in the
proper period.
J. Unpaid premiums due under the plan are recorded as liabilities, and benefits payable are
valid liabilities of the plan.
K. Benefit payments to members have been made from the appropriate employer's separate
account.
The following are examples of substantive procedures for auditing benefit payments and benefits
payable:
A. Obtain a subsidiary ledger (schedule) of all benefit payments (e.g., benefits paid directly to
members, purchase of insurance, payments to health care providers for self-insured benefits,
and purchase of allocated insurance contracts) by type for the current plan year and reconcile
to the general ledger of the plan.
B. Perform substantive analytical procedures on benefit payments disaggregated by type, such
as by type of benefit or by month. (The plan provisions and census data may serve as a basis
for developing expectations.)
Health Care Benefits (Self-Insured)
C. Inquire of plan management about the status of denied claims and, if deemed necessary, test
a sample of denied claims and evaluate whether the selected claims were appropriately
denied.
D. Obtain and test a reconciliation of the claims data file for the period to wire transfer
information or bank statements.
E. Select a sample of claims from the schedule of benefit payments and perform the following
procedures:
1. Determine whether the member or beneficiary was eligible on the date of service in
accordance with the provisions of the substantive plan (e.g., whether the payee meets the
eligibility requirements).
2. Verify claim submission for type and amount of claim, as well as the propriety of required
approvals, if applicable.
3. Verify service provider statements or other evidence of service rendered (e.g., provider bill
or data feed from claims clearinghouse).
4. Verify the accuracy of the claim payment based on the plan provisions and related
documents.
5. Compare the benefit payment amount with the amount included in the cash
disbursement records or trustee reports.
6. For benefit payments received directly by members, verify receipt of the benefit payment.
7. Agree the name, type of benefit, and amount to a member data list to determine that the
member or beneficiary was properly classified in the retired category by the actuary.
F. Obtain and review applicable type 2 SOC 1 report for processes outsourced to third-party
claims processors on behalf of the plan administrator.
G. Evaluate the adequacy of the control over the installation and maintenance of key plan
information, such as benefit provisions, employee information, providers, and rate structure at
the service provider.
H. For plans with stop-loss coverage, evaluate whether specific deductibles or aggregate
deductibles (aggregate attachment points) have been reached (because the insurance entity
is liable for amounts in excess of the specific deductible or aggregate attachment points).
I. Determine that fees associated with third-party claims administrators are reported as
administrative expense (separate from benefit payments).
J. Verify the criteria used by the plan to record benefit payments and determine whether the
claim payments have been properly recorded.
Health Care Benefits (Purchase of Insurance)

K. Select a sample of beneficiaries from the schedule of benefit payments and perform the
following procedures: (1) determine whether the member or beneficiary was eligible on the
date of service in accordance with the provisions of the substantive plan; (2) verify the
premium paid based on the health benefit plan selected by the participant and the applicable
premium rate in the insurance contract; and (3) agree the name, type of benefit, and amount
to a member data list to determine that the member or beneficiary was properly classified in
the retired category by the actuary.
L. Compare the number of eligible participants, as shown by the plan's eligibility records, with
the premium computation and trace the applicable premium rates to the insurance contracts.
M. Recalculate premiums paid by multiplying the number of eligible participants by the premium
rate in the insurance contract.
N. Compare periodic premiums paid between years, including subsequent payments, and
investigate the reasons for significant changes.
O. Consider the change in premiums paid between periods by comparing to the increase or
decrease in the number of participants.
P. Confirm total premiums paid during the year, premiums payable to the insurance company,
and other obligations and assets of the plan at year-end directly with the insurance entity.
Death, Disability, and Related Benefits

Q. Select a sample of death and disability payments and perform the following procedures: (1)
verify the participant's or beneficiary's eligibility by examining evidence of employment history
data and comparing employment dates, credited service, earnings, and any employee
contributions with payroll or other records; (2) examine a copy of the death certificate and
beneficiary form, physician's statement, and other appropriate documents; (3) recompute
benefits based on the provisions of the substantive plan, benefit level elected, and pertinent
service or salary history; (4) verify payment made to beneficiary; and (5) for death benefits,
examine the member data list to determine whether the member's or beneficiary's name was
properly removed from the census data.
R. Select a sample of benefit payments to test whether the benefit payment has been recorded
as a disbursement from the appropriate employer's separate account.
Total OPEB Liability, Net OPEB Liability, and Related Disclosures for
Single-Employer and Cost-Sharing OPEB Plans
Considerations specific to total OPEB liability, net OPEB liability, and related disclosures for
single-employer and cost-sharing OPEB plans may include obtaining an understanding of the
actuary's objectives, scope of work, methods and assumptions, and consistency of application.
Relevant Assertions
The relevant assertions related to the total OPEB liability, net OPEB liability, and related
disclosures for single-employer and cost-sharing OPEB plans include the following:
A. Member census data used in calculating the actuarially computed total OPEB liability are
B. Actuarial assumptions in computing the total OPEB liability are in accordance with GAAP and
the Actuarial Standards of Practice.
C. The total OPEB liability, fiduciary net position, and net OPEB liability have been properly
calculated and disclosed in accordance with GAAP.
The following are examples of substantive procedures for auditing total OPEB liability, net OPEB
liability, and related disclosures for single-employer and cost-sharing OPEB plans:
A. Obtain the actuarial valuation report used to measure the total OPEB liability as of the plan's
fiscal year-end.
or employer(s) that may create threats to the actuary's objectivity.
for qualifications on the actuary's certification relating to actuarial methods, actuarial
E. Inquire of management and the actuary whether the actuarial valuation considers all
pertinent provisions of the substantive plan, including any changes or amendments to the
plan or other events or considerations affecting the actuarial calculations that are effective as
of the plan's fiscal year-end.
Note
Other considerations include whether the valuation includes or does not include
the impact of the Medicare subsidy provided by the Medicare Prescription Drug,
Improvement, and Modernization Act of 2003 as well as taxes and other
assessments.
F. Determine whether the actuarial valuation was performed as of a date within 24 months of
the plan's fiscal year-end.
G. Evaluate whether the methods and assumptions used in determining the total OPEB liability
and actuarially determined contributions information are in accordance with GAAP and
Actuarial Standards of Practice.
H. If the actuarial valuation was performed as of a date prior to the plan's fiscal year-end, review
the appropriateness of the update procedures to roll forward the total OPEB liability to the
plan's fiscal year-end and determine whether all significant known events have been properly
included.
I. Test the reliability and completeness of the member census data.
J. Evaluate the propriety of the long-term expected rate of return used in the calculation of the
discount rate.
K. Evaluate whether the discount rate is reasonable and is a single rate in accordance with GAAP
by obtaining the discount rate calculation and supporting schedules as of the plan's fiscal
year-end, testing the mathematical accuracy of the discount rate and supporting schedules,
and performing the following procedures on the components of the projection of the plan
fiduciary net position (the net position roll forward):
1. Trace beginning plan fiduciary net position to audited plan financial statements.
2. Compare employer (including nonemployer contributing entity) and plan member
contributions in (future) year one to actual contributions in current-year audited plan
3. Evaluate the reasonableness of projected future employer (and nonemployer contributing
entity) and plan member contributions based on age demographics of active plan
members.
4. Evaluate the appropriateness of projected future employer (including nonemployer
contributing entity) contributions based on GAAP criteria.
5. Compare (future) year-one benefit payments to actual benefit payments in the current-
year audited plan financial statements.
6. Evaluate the reasonableness of projected future benefit payments based on age
demographics of current plan members, projected retirement dates, projected benefit
payments based on the applicable benefit formula, and mortality assumptions used in
the actuarial valuation.
7. Recalculate investment earnings by year based on the long-term expected rate of return.
L. Perform the following on the calculation of actuarial present values of the projected benefit
payments: (1) trace beginning fiduciary net position for each year presented and projected
benefit payments to net position roll forward tested previously; (2) for future years in which
beginning fiduciary net position is sufficient to pay projected benefits for the respective year,
determine whether the projected benefit payments were properly discounted using the long-
term expected rate of return on plan investments; (3) for future years in which beginning
fiduciary net position is not sufficient to pay projected benefits for the respective year,
determine whether the projected benefit payments were properly discounted using an
appropriate 20-year AA municipal bond yield or index rate as of the plan fiscal year-end; and
(4) recalculate the single (blended) discount rate.
M. Verify the fiduciary net position used in calculating the net OPEB liability is the same as the
fiduciary net position reported in the plan's statement of fiduciary net position.
N. Recompute the calculation for the net OPEB liability as of the plan's fiscal year-end.
Census Data
Considerations specific to census data may include obtaining an understanding of the
assumptions used by the actuary in changing census data, if applicable, and the plan's processes
and controls used by the plan's management to accurately and completely maintain records for
significant elements of census data for all plan members.
Substantive Audit Procedures for Single Employers
The following are examples of substantive procedures when auditing the census data used in the
measure of total OPEB liability for single employers:
A. Review the actuarial certification in the actuarial valuation report to determine whether there
were any exceptions identified related to the census data and test the resolution, as
necessary.
B. Obtain the census data file sent to the actuary from either the actuary or the plan. If from the
plan, obtain evidence that information obtained from the plan was the same information
reported to and used by the actuary (such as obtaining a written confirmation from the
actuary).
C. Confirm with the actuary whether any information was missing or changes were made to the
census data file provided by plan management.
(e.g., corrections to address missing data) on the total OPEB liability.
E. Obtain and test a reconciliation of aggregate census data to the actuarial valuation report
(e.g., the total number of members reported in the census data file to amounts shown in the
actuarial valuation report).
G. Compare the number of plan members for the current year to the number in the prior year, as
well as the number of plan members to the number of employees.
H. Obtain a list of new employees hired during the period from the prior valuation to the current
valuation from the employer and select a sample to determine whether eligible new
employees were appropriately enrolled in the plan and properly included in the census file.
For each employee selected, verify the accuracy of significant elements of census data from
enrollment that are in the census data file to the human resources (personnel) records.
I. Identify the payroll registers and payroll cycles for all reporting units of the government.
J. Select a sample of active members and perform the following procedures: (1) evaluate
whether the employee is eligible to participate in the plan; (2) compare the static census data
(e.g., name, date of birth, date of hire) in the current census data file to the prior census data
file; and (3) for significant elements of census data that change based on current-year events
and activity (e.g., service credits), verify the incremental changes to the payroll and personnel
records and recalculate the census data in the current census data file based on the prior
census data file and the incremental changes for the period.
K. Select a sample of inactive members entitled to but not yet receiving benefits and compare
the census data information from the current census data file to the prior census data file.
L. Select a sample of inactive members currently receiving benefits and: (1) compare the static
census data information from the current census data file to the prior census data file, and (2)
verify or recalculate the significant elements of census data that change, if any, based on
criteria in the plan document.
Substantive Audit Procedures for Agent Plans
Financial statements of agent OPEB plans do not reflect any liabilities, deferred outflows of
resources, deferred inflows of resources, or expenses that are based on actuarial information. As a
result, the auditors of agent OPEB plans generally do not need to test data at participating
employers. The procedures performed focus on the accumulation and maintenance of census
data by the plan based on its role as the record keeper. The auditor generally performs procedures
similar to those performed at the plan level for cost-sharing OPEB plans. The audit procedures
are designed to provide audit evidence to support relevant assertions related to benefit payments
affected by census data.
9 E. Single and Agent Employer Accounting

participating in single-employer and agent multiple-employer defined benefit OPEB plans when
the plan is administered through a qualifying trust. If an OPEB plan is not administered through a
qualifying trust, auditors of participating employers should follow the guidance in section 9I of
this chapter.
Governments (employers) that provide defined benefit OPEB through a single-employer plan or
an agent multiple-employer (agent) plan that is administered through a qualifying trust are
required to recognize net OPEB liability, OPEB expense, and certain deferred outflows of
resources and deferred inflows of resources (OPEB amounts) in their financial statements.
Net OPEB Liability
The net OPEB liability is measured as the portion of the actuarial present value of projected
benefit payments that is attributed to past periods of employee service (total OPEB liability), net
of the OPEB plan's fiduciary net position. However, if an employer has fewer than 100 participants
(active and inactive) as of the beginning of the OPEB plan's fiscal year, the total OPEB liability
may be measured using the alternative measurement method. The assumptions used in
measuring the total OPEB liability are the same as those for the plan, which were discussed
earlier in this chapter. The fiduciary net position component of net OPEB liability is determined
using the same valuation methods that are used by the OPEB plan for purposes of preparing its
statement of fiduciary net position. The net OPEB liability is measured as of a date (measurement
date) no earlier than the end of the employer's prior fiscal year, consistently applied from period to
period.
OPEB Expense, Deferred Outflows of Resources, and Deferred Inflows of Resources
The OPEB expense, deferred outflows of resources, and deferred inflows of resources related to
OPEB that are required to be recognized by an employer primarily result from changes in the
components of the net OPEB liability during the measurement period, that is, changes in the total
OPEB liability and the OPEB plan's fiduciary net position. Most changes in the net OPEB liability
during the measurement period are included in OPEB expense. For example, changes in the total
OPEB liability during the measurement period resulting from current-period service cost, interest
on the total OPEB liability, and changes of benefit terms are recognized as OPEB expense in the
current reporting period. Projected earnings on the OPEB plan's investments also are included in
the determination of OPEB expense in the current reporting period.
Allocation of OPEB Amounts to Funds or Departments or Both
GAAP does not establish specific requirements for allocation of the net OPEB liability or other
OPEB-related amounts to individual funds or departments. In practice, when governments
allocate OPEB amounts to funds or departments or both, the allocation methodology described
modified accrual basis of accounting, a net OPEB liability is recognized to the extent the liability is
normally expected to be liquidated with expendable available financial resources. OPEB
expenditures are recognized equal to the total of: (a) amounts paid by the employer to the OPEB
plan, including amounts paid for OPEB as the benefits come due, and (b) the change between the
beginning and ending balances of amounts normally expected to be liquidated with expendable
available financial resources to the extent that benefit payments have matured (benefit payments
are due and payable, and the OPEB plan's fiduciary net position is not sufficient to pay those
benefits).

The following are among the required note disclosures:
A. Plan description
B. Changes in net OPEB liability (including beginning balances of the components of net OPEB
liability, effects during the reporting period of items that change the components of net OPEB
liability, and ending balances of the components of net OPEB liability)
C. Significant assumptions used to measure the total OPEB liability, including inflation,
healthcare cost trend rates, salary changes (if applicable), ad hoc postemployment benefit
changes (including ad hoc cost-of-living adjustments), sharing of benefit-related costs with
inactive plan members, discount rate, and mortality
D. Measurement date of the net OPEB liability and the date of the actuarial valuation or
alternative measurement method calculation on which the total OPEB liability is based
E. Information about the plan's fiduciary net position
F. Amount of OPEB expense recognized by the employer in the reporting period
G. Employer's balances of deferred outflows of resources and deferred inflows of resources
related to OPEB by type
In addition, single and agent employers present certain 10-year schedules of RSI and related
notes, including information on the changes in the employer's net OPEB liability, key ratios, and
information on contributions.

For OPEB plans that are administered through a qualifying trust, special funding situations are
circumstances in which a nonemployer contributing entity is legally responsible for making
contributions directly to the OPEB plan (including making benefit payments as the OPEB comes
due for benefits provided through such a plan) that is used to provide OPEB to the employees of
another entity or entities and either of the following criteria is met: (a) the amount of contributions
for which the nonemployer entity is legally responsible does not depend on one or more events
unrelated to OPEB, or (b) the nonemployer is the only entity with a legal obligation to make
contributions directly to an OPEB plan. An employer that has a special funding situation for
defined benefit OPEB recognizes an OPEB liability and deferred outflows of resources and
deferred inflows of resources related to OPEB with adjustments for the involvement of
nonemployer contributing entities. The employer recognizes its proportionate share of the
collective OPEB expense, as well as additional OPEB expense and revenue related to the expense
recognized by the nonemployer contributing entities. The recognition and measurement of
liabilities, deferred outflows of resources, deferred inflows of resources, and expense by a
governmental nonemployer contributing entity in a special funding situation for defined benefit
OPEB is similar to that of cost-sharing employers.
9 F. Auditing Considerations for Single and

Agent Employers Administered through a
Qualifying Trust
This section discusses considerations, including describing the relevant assertions, when auditing
the OPEB information included in the employer's financial statements. It focuses on specific
considerations for testing certain financial statement elements of the employer's financial
statements affected by defined benefit OPEB plans, including net OPEB liability, deferred
outflows of resources, deferred inflows of resources, and OPEB expense.
Net OPEB Liability, Deferred Outflows of Resources, Deferred Inflows
of Resources, and OPEB Expense
Auditor considerations specific to total OPEB liability, net OPEB liability, deferred outflows of
resources, deferred inflows of resources, and OPEB expense include obtaining an understanding
of the actuary's objectives, scope of work, methods and assumptions, and consistency of
application.
Relevant Assertions
The relevant assertions related to net OPEB liability, deferred outflows of resources, deferred
inflows of resources, and OPEB expense for single and agent employers include the following:
A. Member census data used in calculating the actuarially computed total OPEB liability are
B. Actuarial assumptions used in computing the total OPEB liability are in accordance with
GAAP and the Actuarial Standards of Practice.
C. The employer OPEB amounts, including net OPEB liability, deferred outflows of resources,
deferred inflows of resources, and OPEB expense have been properly calculated and reported
in the financial statements in the proper period and are properly disclosed.
Substantive Audit Procedures for Total OPEB Liability
The following are examples of substantive procedures for auditing the total OPEB liability
component (including census data) of net OPEB liability for single and agent employers:
A. Obtain the actuarial valuation report used to measure the total OPEB liability as of the
measurement date.
B. Evaluate the professional qualifications of the actuary.
or employers(s) that may create threats to the actuary's objectivity.
provisions of the plan, including any changes or amendments to the plan or other events
affecting the actuarial calculations that are effective as of the measurement date.
are in accordance with GAAP and Actuarial Standards of Practice and are the same as those
used by the plan.
the valuation date and the measurement date have been properly included.
J. Evaluate the propriety of the long-term expected rate of return used in calculating the
discount rate.
GAAP. Obtain the discount rate calculation and supporting schedules as of the measurement
date. Test the mathematical accuracy of the discount rate calculation and supporting
schedules. Perform the following procedures on the components of the projection of the plan
fiduciary net position (net position roll forward):
1. Trace beginning plan fiduciary net position to audited plan financial statements.
2. Compare employer (including nonemployer contributing entity) and employee
contributions in (future) year one to actual contributions in current-year audited plan
3. Evaluate the reasonableness of projected future employer (including nonemployer
contributing entity) and employee contributions based on age demographics of active
plan members.
4. Evaluate the appropriateness of projected future employer (including nonemployer
contributing entity) contributions based on the GAAP criteria.
5. Compare (future) year one benefit payments to actual benefit payments in the current-
year audited plan financial statements.
6. Evaluate the reasonableness of projected future benefit payments based on age
demographics of current plan members, projected benefit payments based on the
applicable benefit formula, and mortality assumptions used in the actuarial valuation.
7. Recalculate investment earnings by year based on the long-term expected rate of return.
L. Perform the following procedures on the calculation of actuarial present values of the
projected benefit payments:
1. Trace beginning fiduciary net position each year and projected benefit payments to net
position roll forward tested previously.
2. For future years in which beginning fiduciary net position is sufficient to pay projected
benefits for the respective year, determine whether the projected benefit payments were
properly discounted using the long-term expected rate of return on plan investments.
3. For future years in which beginning fiduciary net position is not sufficient to pay projected
benefits for the respective year, determine whether the projected benefit payments were
properly discounted using an appropriate 20-year AA municipal bond yield or index rate
as of the measurement date.
4. Recalculate the single (blended) discount rate.
M. Verify whether the fiduciary net position used in calculating the net OPEB liability is the same
as the fiduciary net position reported in the plan's statement of fiduciary net position.
N. Recompute the calculation for the net OPEB liability.
Single Employers' Fiduciary Net Position
Substantive audit procedures for single employers' fiduciary net position depend on whether the
employer auditor is performing substantive procedures on certain elements (accounts) of the plan
financial statements, another auditor has been engaged to issue an opinion on the financial
statements of the (individual) plan, or the plan prepares a schedule of OPEB amounts for which
the plan engages its auditor to obtain reasonable assurance and report on the net OPEB liability.
Substantive Audit Procedures for Single Employer Fiduciary Net Position
This section addresses the fiduciary net position component of net OPEB liability for OPEB
administered through a qualifying trust.
Employer Auditor Performs All the Substantive Procedures
single employers when the employer auditor is performing all the substantive procedures:
A. Obtain a detailed schedule of fiduciary net position for the plan as of the measurement date
that includes all plan assets, deferred outflows of resources, liabilities, and deferred inflows of
resources and perform substantive procedures on the elements similar to those performed for
a single-employer plan as described earlier in this chapter, and reconcile to fiduciary net
position used by the actuary in the calculation of the net OPEB liability.
B. Obtain a detailed schedule of changes in fiduciary net position for the plan that includes all
additions and deductions for the measurement period and agree beginning fiduciary net
position to the prior-year audited financial statements, and perform substantive procedures
on the relevant elements of additions (e.g., contributions and investment income) and
deductions (e.g., benefit payments and administrative expenses) during the measurement
period similar to those performed for a single-employer plan.
Employer Auditor Obtains Audited Plan Financial Statements and Performs Additional
Procedures on Changes in Fiduciary Net Position
single employers when the employer auditor is obtaining audited plan financial statements
(audited by another auditor) and is performing additional procedures on components of changes
in fiduciary net position:
A. Obtain audited plan financial statements and determine whether the plan auditor's report is
adequate and appropriate for the employer auditor's purposes.
B. Agree beginning fiduciary net position for the employer to the prior-year audited financial
statements.
C. Verify the completeness and accuracy of the employer and employee contributions attributed
to the employer.
D. Perform analytical procedures over benefit payments by developing an expectation based on
prior-year benefit payments adjusted for changes in employer census data.
E. Perform analytical procedures on investment income and administrative expense by
developing an expectation based on expected return on average investments and the prior-
year administrative expenses adjusted for changes in number of participants.
F. Recompute ending fiduciary net position based on its elements.
G. Reconcile to fiduciary net position used by the actuary in the calculation of the net OPEB
liability.
H. Agree the fiduciary net position of the net OPEB liability disclosed in the notes to the plan
financial statements to that reported in the plan statement of fiduciary net position.
Plan Prepares a Schedule of Pension Amounts and Engages Its Auditor to Obtain Reasonable
Assurance and Report
The following are examples of substantive procedures for auditing the net pension liability for
single employers when plan management prepares a schedule of OPEB amounts that includes
total OPEB liability, fiduciary net position, and net OPEB liability, and engages its auditor to
obtain reasonable assurance and report on net OPEB liability:
A. Evaluate whether the plan auditor's report on the schedule of OPEB amounts is adequate and
B. Evaluate whether the plan auditor has the necessary competence and objectivity for the

Substantive Audit Procedures for Agent Employer Fiduciary Net Position
agent employers based on information obtained from the plan:
A. Obtain an audited schedule of changes in fiduciary net position by employer from the plan for
the measurement period and perform procedures on amounts specific to the employer: agree
beginning fiduciary net position for the employer to the prior-year audited financial
statements, verify the completeness and accuracy of the employer and employee
contributions attributed to the employer, perform analytical procedures over benefit
payments by developing an expectation based on prior-year benefit payments adjusted for
changes in employer census data, perform analytical procedures on investment income and
administrative expense for the plan as a whole multiplied by the employer's relative
percentage of fiduciary net position, and recompute ending fiduciary net position.
B. Determine whether the plan engaged an auditor to opine on the schedule of changes in
fiduciary net position by employer either through: (1) an opinion on the schedule as a whole
combined with a type 2 SOC 1 report on the controls over the calculation and allocation of
additions and deductions to employer accounts, or (2) an opinion on each employer column in
the schedule.
C. Evaluate whether the plan auditor's report and accompanying schedule are adequate and
D. Reconcile totals in the schedule of OPEB amounts to those reported in the audited plan
Substantive Audit Procedures for Single and Agent Employer Deferred Outflows of Resources
and Deferred Inflows of Resources
and deferred inflows of resources for single and agent employers. Obtain a detailed schedule of
deferred outflows of resources and deferred inflows of resources by type and period for the
employer and perform the following:
if applicable.
valuation report used to measure the net OPEB liability.
C. Recalculate the current-year gross incremental deferral for the difference between projected
and actual earnings on OPEB plan investments for the measurement period.
D. Recalculate the recognition (amortization) amount for the current-period incremental
period.
E. Recalculate the recognition (amortization) amount for the current-period deferral for
differences between projected and actual earnings on OPEB plan investments by dividing the
gross incremental deferral by five (years).
F. Verify contributions made after the measurement date and before the employer's year-end
G. Recalculate the mathematical accuracy of the total deferred outflows of resources and
(amortization) for the measurement period based on the components tested in procedures (A)
through (F) above.
Substantive Audit Procedures for Single and Agent Employer OPEB Expense
The following are examples of substantive procedures for auditing OPEB expense for single and
agent employers:
A. Obtain a detailed schedule of OPEB expense for the measurement period.
B. Compare total service cost to the actuarial valuation used to measure the total OPEB liability.
C. Compare employee contributions to audited plan financial statements, if applicable, or
contributions tested in conjunction with the substantive procedures described above for
auditing fiduciary net position for single employers when the employer auditor is performing
all the substantive procedures.
D. Recalculate interest on total OPEB liability by multiplying beginning total OPEB liability,
adjusted for service cost and actual benefit payments, by the discount rate.
E. Verify changes in benefit terms to the actuarial valuation report and procedures performed
related to the total pension liability, as described above.
F. Compare plan administrative costs to audited plan financial statements, if applicable, or

administrative costs tested in conjunction with the substantive procedures described above
for auditing fiduciary net position for single employers when the employer auditor is
performing all the substantive procedures.
G. Recalculate projected earnings on plan investments by multiplying beginning plan fiduciary
net position, adjusted for contributions, actual benefit payments, and actual administrative
expenses, by the long-term expected rate of return on plan investments.
Note
The long-term expected rate of return should be net of investment expense but not
net of administrative expense and should reflect the expectation of the rate as of
the beginning of the measurement period.
H. Reconcile amounts of deferred outflows of resources and deferred inflows of resources

recognized as OPEB expense based on procedures performed for auditing deferred outflows
of resources and deferred inflows of resources for single and agent employers, as described
above.
I. Recalculate the mathematical accuracy of total OPEB expense based on the individual
components.
9 G. Cost-Sharing Employer Accounting

participating in cost-sharing multiple-employer defined benefit OPEB plans when the plan is
administered through a qualifying trust. If an OPEB plan is not administered through a qualifying
trust, the guidance in 9I of this chapter should be followed.

Governmental employers that provide defined benefit OPEB through a cost-sharing multiple-
employer (cost-sharing) plan that is administered through a qualifying trust are required to report
their proportionate shares of the plan's collective net OPEB liability, pension expense, and certain
deferred outflows of resources and deferred inflows of resources (OPEB amounts) in their financial
statements.
Proportionate Share of Collective Net OPEB Liability
The employer recognizes a liability for its proportionate share of the collective net OPEB liability,
measured as of a date (measurement date) no earlier than the end of the employer's prior fiscal
year, consistently applied from period to period. The employer's proportionate share of the liability
is measured by determining the employer's proportion and multiplying the collective net OPEB
liability by that proportion.
The basis for the employer's proportion must be consistent with the manner in which
contributions to the plan are determined.
Collective OPEB Expense, Deferred Outflows of Resources, and Deferred Inflows of Resources
OPEB expense, deferred outflows of resources, and deferred inflows of resources related to OPEB
are recognized for the employer's proportionate share of collective OPEB expense and collective
deferred outflows of resources and deferred inflows of resources related to OPEB. The employer's
proportionate share is determined using the employer's proportion of the collective net OPEB
liability.
Change in Proportion
If the employer's proportion of the collective net OPEB liability changed since the prior
measurement date, the net effect of that change on the employer's proportionate share of the
collective net OPEB liability and collective deferred outflows of resources and deferred inflows of
resources related to OPEB, determined as of the beginning of the measurement period, is
recognized in the employer's OPEB expense, beginning in the current reporting period, using a
systematic and rational method over a closed period.
Contributions during the Measurement Period
For contributions to the OPEB plan other than those to separately finance specific liabilities of an
individual employer or nonemployer contributing entity to the OPEB plan, the difference during
the measurement period between both of the following should be recognized in the employer's
OPEB expense, beginning in the current reporting period, using a systematic and rational method
over a closed period:
A. The total of such contributions from the employer (and amounts associated with the employer
from nonemployer contributing entities that are not in a special funding situation)
B. The amount of the employer's proportionate share of the total of such contributions from all
employers and all nonemployer contributing entities
Employer Contributions after Measurement Date
Contributions to the plan from the employer subsequent to the measurement date of the net
OPEB liability and before the end of the reporting period are reported as a deferred outflow of
resources related to OPEB.
Collective Net OPEB Liability
The collective net OPEB liability is measured as the portion of the actuarial present value of
projected benefit payments that is attributed to past periods of employee service (total OPEB
liability) for the plan as a whole, net of the OPEB plan's fiduciary net position. The OPEB plan's
fiduciary net position component of net OPEB liability is determined using the same valuation
methods that are used by the OPEB plan for purposes of preparing its statement of fiduciary net
position.
modified accrual basis of accounting, a net OPEB liability is recognized to the extent the liability is
normally expected to be liquidated with expendable available financial resources. OPEB
expenditures are recognized equal to the total of: (a) amounts paid by the employer to the OPEB
plan, and (b) the change between the beginning and ending balances of amounts normally
expected to be liquidated with expendable available financial resources. Net OPEB liabilities are
normally expected to be liquidated with expendable available financial resources to the extent
that benefit payments have matured. In other words, benefit payments are due and payable, and
the OPEB plan's fiduciary net position is not sufficient for payment of those benefits.
Among the required disclosures are the plan description; the employer's proportionate share
(amount) of collective net OPEB liability; the employer's proportion (percentage) of collective net
OPEB liability (including the basis on which it was determined) and change in its proportion since
the prior measurement date; significant assumptions used to measure total OPEB liability,
including inflation, healthcare cost trend rates, salary changes (if applicable), ad hoc
postemployment benefit changes, sharing of benefit-related costs with inactive plan members,
discount rate, and mortality; the measurement date of collective net OPEB liability and date of
actuarial valuation on which the total OPEB liability is based; information about fiduciary net
position; the amount of OPEB expense recognized by the employer in the reporting period; and
the employer's balances of deferred outflows of resources and deferred inflows of resources
related to OPEB by type. In addition, cost-sharing employers present certain 10-year schedules of
RSI and related notes, including information on the employer's proportionate share (amount) of
the collective net OPEB liability and information on contributions.

Special funding situations were described earlier in this chapter. An employer that has a special
funding situation for defined benefit OPEB recognizes an OPEB liability and deferred outflows of
resources and deferred inflows of resources related to OPEB with adjustments for the involvement
of nonemployer contributing entities. The employer recognizes its proportionate share of the
collective OPEB expense, as well as additional OPEB expense and revenue related to the expense
recognized by the nonemployer contributing entities. The employer discloses in the notes to the
financial statements information about the amount of support provided by nonemployer
contributing entities and presents information about the involvement of those entities in the 10-
year schedules of RSI. The recognition and measurement of liabilities, deferred outflows of
resources, deferred inflows of resources, and expenses by a governmental nonemployer
contributing entity in a special funding situation for defined benefit OPEB is similar to that of cost-
sharing employers.
9 H. Auditing Considerations for Cost-

Sharing Employers
statement elements of the employer's financial statements affected by defined benefit OPEB
plans, including net OPEB liability, deferred outflows of resources, deferred inflows of resources,
and OPEB expense. The substantive procedures included in this section for cost-sharing
employers assume that the cost-sharing plans provide employers with the recommended
information and related audit reports.
Census Data
Census data were discussed earlier in this chapter. The employer auditor's consideration of the
relevant financial statement assertions that depend on census data begins with understanding
the processes and internal control used by the employer and the plan to support the
completeness and accuracy of the significant elements of census data that are provided to the
actuary. In a cost-sharing plan, individual employer census data affect the collective OPEB
amounts reported by the plan. Certain census data elements, such as contributions, directly affect
the individual employer's proportionate share if used as the basis for allocation.
Net OPEB Liability, Deferred Outflows of Resources, Deferred Inflows
of Resources, and OPEB Expense
Relevant Assertions
Relevant assertions relating to net OPEB liability, deferred outflows of resources, deferred inflows
of resources, and OPEB expense for cost-sharing employers include the following:
C. Actuarial assumptions used in computing the total OPEB liability are in accordance with
D. The employer's proportionate share of the collective OPEB amounts (including net OPEB
liability, deferred outflows of resources, deferred inflows of resources, and OPEB expense)
have been properly determined and recorded in the financial statements in the proper period.
E. The employer's deferred outflows of resources and deferred inflows of resources for
contributions made after the measurement date, changes in proportion, and differences
between the employer's actual contributions and its proportionate share of all employer
contributions have been properly determined and recorded in the financial statements in
accordance with GAAP in the proper period and are properly disclosed.
Substantive Audit Procedures for Cost-Sharing Employers
The following are examples of substantive procedures for auditing net OPEB liability, deferred
outflows of resources, deferred inflows of resources, and OPEB expense for cost-sharing
employers:
A. Obtain the actuarial valuation report used to measure the collective total OPEB liability for
the plan as of the measurement date.
C. Read the actuarial certification for potential exclusions from the scope of the actuary's work or
D. Determine whether the actuarial valuation was performed as of a date no more than 30
E. Evaluate whether the methods and assumptions used in determining the total OPEB liability
are in accordance with GAAP and Actuarial Standards of Practice and are the same as those
used by the plan.
F. Obtain the audited schedule of employer allocations and compare and recalculate amounts
specific to the employer to the employer's records.
G. Obtain the audited schedule of OPEB amounts and recalculate the allocated OPEB amounts
for the employer by multiplying the collective OPEB amounts for the plan by the employer's
proportionate share (allocation percentage).
H. Evaluate whether the plan auditor's report on the schedule of employer allocations and the
schedule of OPEB amounts is adequate and appropriate for the employer auditor's purposes.
I. Evaluate whether the plan auditor has the necessary competence and objectivity for the
J. Obtain the audited plan financial statements and: (1) agree or reconcile net OPEB liability
reported in the schedule of OPEB amounts (in G above) to the net OPEB liability disclosed in
the notes to the plan financial statements, and (2) agree the fiduciary net position component
of the net OPEB liability disclosed in the notes to the plan financial statements to that
reported in the plan statement of fiduciary net position.
K. Obtain a detailed schedule of employer-specific deferred outflows of resources and deferred

inflows of resources by type (including contributions made after the measurement date,
changes in proportion, and differences between the employer's actual contributions and its
proportionate share of total employer contributions) and by period and perform the following:
1. Test contributions made after the measurement date and before the employer's year-end
2. Agree recognition (amortization) schedules and recognition (amortization) periods for
prior-period deferral amounts to prior-year audit documentation and audited financial
statements.
3. Recalculate the current-year gross incremental deferrals for changes in proportion and
differences between the employer's actual contributions and its proportionate share of
total employer contributions.
4. Recalculate the recognition (amortization) amount for the current-period incremental
deferrals for changes in proportion and differences between the employer's actual
contributions and its proportionate share of total employer contributions by, for example,
dividing the current respective gross incremental deferrals by the current-year
amortization period for the plan.
L. Recalculate the mathematical accuracy of the total deferred outflows of resources and
(amortization) for the measurement period based on the components tested in items (G) and
(K).
M. Recalculate OPEB expense based on the employer's specific OPEB expense in the schedule of
pension amounts from item (G) plus the recognition (amortization) amount of employer-
specific deferred outflows of resources and deferred inflows of resources from item (K).
Substantive procedures over census data (for both the employer auditor and the plan auditor) are
ordinarily based on a concept that focuses on testing incremental changes to the census data file
during: (a) the year immediately preceding the actuarial valuation date when actuarial valuations
are performed annually, or (b) the two-year period immediately preceding the actuarial valuation
when the actuarial valuation is performed biennially. The following are examples of substantive
procedures for testing the completeness and accuracy of the census data reported to the plan (for
active members) assuming certain census data elements present a potential risk of material
misstatement to the employer:
B. Obtain the population of employer (payroll) transmission reports submitted to the plan during
the period from the prior valuation to the current valuation and: (1) evaluate whether the
population of employer (payroll) transmission reports received is complete based on an
understanding of the employer's payroll registers and cycles, and (2) select a sample of
employer (payroll) transmission reports to verify the mathematical accuracy of reports and
whether the correct contribution rates were used.
valuation from the employer and: (1) select a sample to determine that eligible new
(payroll) transmission reports, and (2) for each employee selected, verify accuracy of the
significant elements of census data reported to the plan upon enrollment to the payroll and
personnel records.
transmission reports) and select a sample to determine that they were appropriate based on
the relevant plan criteria and underlying payroll and personnel records.
(payroll) transmission report to the payroll register (or vice versa), and agree the underlying
9 I. Employer Accounting, Financial

Reporting, and Auditing Considerations
When the Plan Is Not Administered through
a Qualifying Trust
This section of the chapter addresses specific accounting, financial reporting, and auditing
considerations for governments whose employees are provided with defined benefit OPEB
through OPEB plans that are not administered through a qualifying trust. In this situation, there is
no plan reporting, and any assets accumulated by the employer to pay plan benefits are reported
as assets of the employer. In addition, since there are no plan assets or fiduciary net position, the
employer reports total OPEB liability instead of net OPEB liability.
Governments (employers) that provide defined benefit OPEB through a plan that is not
administered through a qualifying trust recognize total OPEB liability, OPEB expense, and certain
deferred outflows of resources and deferred inflows of resources (OPEB amounts) in their financial
statements. Each individual employer is considered to be participating in its own OPEB plan,
similar to a single-employer plan that is not administered through a qualifying trust. When a
multiple-employer plan is not administered through a qualifying trust (e.g., the plan assets are
not restricted solely to paying OPEB for plan members), a government that holds assets
accumulated for OPEB purposes in a fiduciary capacity (for other entities that are not included in
the reporting entity) reports the assets in an agency fund.
Note
GASB Statement No. 84, Fiduciary Activities, establishes criteria for identifying and
reporting fiduciary activities. The criteria focus on: (a) whether a government controls the
assets of the fiduciary activity, and (b) the beneficiaries with whom a fiduciary relationship
exists. Governments with activities meeting the criteria will present a statement of
fiduciary net position and a statement of changes in fiduciary net position. GASB
Statement No. 84 describes four fiduciary funds: pension (and other employee benefit)
trust funds, investment trust funds, private-purpose trust funds, and custodial funds.
Custodial funds will report fiduciary activities that are not held in a qualifying trust.
Agency funds will no longer be reported upon application of GASB Statement No. 84,
which is effective for fiscal years beginning after December 15, 2018.
Total OPEB Liability
The total OPEB liability is measured as the portion of the actuarial present value of projected
benefit payments that is attributed to past periods of employee service. However, if an employer
has fewer than 100 participants (active and inactive) provided with benefits through the OPEB
plan as of the beginning of the measurement period, the total OPEB liability may be measured
using the alternative measurement method. The total OPEB liability is measured as of a date
(measurement date) no earlier than the end of the employer's prior fiscal year, consistently
applied from period to period.
OPEB Expense, Deferred Outflows of Resources, and Deferred Inflows of Resources
The OPEB expense, deferred outflows of resources, and deferred inflows of resources related to
OPEB that are required to be recognized by an employer primarily result from changes in the total
OPEB liability. Most of those changes during the measurement period are included in OPEB
expense. For example, changes in the total OPEB liability during the measurement period
resulting from current-period service cost, interest on the total OPEB liability, and changes of
benefit terms are recognized as OPEB expense in the current reporting period. The portion of
differences between: (a) expected and actual experience in the measurement of the total OPEB
liability, and (b) changes of assumptions or other inputs is reported as deferred outflows of
resources or deferred inflows of resources. Amounts paid by the employer for OPEB as the
benefits come due are not recognized in OPEB expense. Amounts paid by nonemployer
contributing entities that are not in a special funding situation for OPEB as the benefits come due
are recognized as revenue.
Allocation of OPEB Amounts between Primary Government and Discretely Presented
Component Units
When reporting OPEB in stand-alone financial statements of primary governments and
component units that provide OPEB through the same defined benefit OPEB plan, governments
(employers) follow guidance similar to that for cost-sharing employers. OPEB liability, deferred
outflows of resources, deferred inflows of resources, and OPEB expense are recognized for the
government's (primary government or component unit) proportionate share of the respective
collective amounts for the plan as a whole.
for employers participating in cost-sharing plans is considered appropriate for that purpose.
modified accrual basis of accounting, a total OPEB liability (or, if an employer has a special
funding situation, a proportionate share of the collective total OPEB liability) is recognized to the
extent the liability is normally expected to be liquidated with expendable available financial
resources. OPEB expenditures are recognized equal to the total of: (a) amounts paid by the
employer for OPEB as the benefits come due, and (b) the change between the beginning and
ending balances of amounts normally expected to be liquidated with expendable available
financial resources.
Among the required disclosures in the financial statements of employers are a plan description,
including the fact that there are no assets accumulated in a qualifying trust; changes in total
OPEB liability, including beginning balances of the components of total OPEB liability, effects
during the reporting period of items that change the components of total OPEB liability, and
ending balances of the components of total OPEB liability; significant assumptions used to
measure the total OPEB liability, including inflation, healthcare cost trend rates, salary changes,
ad hoc postemployment benefit changes, sharing of benefit-related costs with inactive plan
members, discount rate, and mortality; measurement date of the total OPEB liability and the date
of the actuarial valuation or alternative measurement method calculation on which the total
OPEB liability is based; the amount of OPEB expense recognized by the employer in the reporting
period; and the employer's balances of deferred outflows of resources and deferred inflows of
resources related to OPEB by type. Employers also present certain 10-year schedules of RSI and
related notes, including information on changes in the employer's total OPEB liability and key
ratios.

An employer that has a special funding situation for defined benefit OPEB recognizes an OPEB
liability and deferred outflows of resources and deferred inflows of resources related to OPEB with
adjustments for the involvement of nonemployer contributing entities. The employer recognizes
its proportionate share of the collective, as well as additional OPEB expense and revenue related
to the expense recognized by the nonemployer contributing entities. The employer also discloses
in the notes to the financial statements information about the amount of support provided by
nonemployer contributing entities and presents similar information about the involvement of
those entities in 10-year schedules of RSI.
Auditing Considerations for Employers
This section discusses considerations, including the relevant assertions, when auditing the OPEB
information included in the employer's financial statements when the plan is not administered
through a qualifying trust. It focuses on specific considerations for testing certain financial
statement elements of the employer's financial statements affected by defined benefit OPEB
plans, including total OPEB liability, deferred outflows of resources, deferred inflows of resources,
and OPEB expense.
Census Data
The substantive procedures over census data at the employer are ordinarily based on a concept
that focuses on testing incremental changes to the census data file since the prior actuarial
valuation, assuming: (a) the prior year's financial statements were audited, (b) no modifications
were made to the auditor's report in the prior year related to census data, and (c) the auditor has
concluded that there is no significant risk of material misstatement due to incomplete or
inaccurate census data from prior years.
Total OPEB Liability, Deferred Outflows of Resources, Deferred Inflows of Resources, and
OPEB Expense
Auditor considerations specific to total OPEB liability, deferred outflows of resources, deferred
inflows of resources, and OPEB expense include obtaining an understanding of the actuary's
objectives, scope of work, methods and assumptions, and consistency of application.
Relevant Assertions
The relevant assertions related to total OPEB liability, deferred outflows of resources, deferred
inflows of resources, and OPEB expense include the following:
A. Member census data used in calculating the actuarially computed total OPEB liability is
B. Actuarial assumptions used in computing the total OPEB liability are in accordance with
C. The employer OPEB amounts (including total OPEB liability, deferred outflows of resources,
deferred inflows of resources, and OPEB expense) have been properly calculated and reported
in the financial statements in the proper period and are properly disclosed.
Substantive Audit Procedures for Total OPEB Liability

The following are examples of substantive procedures for auditing the total OPEB liability
(excluding census data):
A. Obtain the actuarial valuation report used to measure the total OPEB liability.
B. Evaluate the professional qualifications of the actuary.
or employer(s) that may create threats to the actuary's objectivity.
qualifications on the actuary's certification relating to actuarial assumptions or census data.
provisions of the plan.
are in accordance with GAAP and Actuarial Standards of Practice.
the valuation date and the measurement date were properly included.
J. Evaluate whether the projected benefit payments were properly discounted using an
appropriate 20-year AA municipal bond yield or index rate as of the measurement date.

The following are examples of substantive procedures when auditing census data used in the
measure of total OPEB liability:
A. Review the actuarial certification in the actuarial valuation report to determine whether any
exceptions were identified related to the census data, and test resolution as necessary.
B. Obtain the census data file sent to the actuary from the employer.
C. Confirm with the actuary whether any information was missing or changes were made to the
census data file provided by employer management.
(e.g., corrections to address, missing data) on the total OPEB liability.
E. Obtain and test a reconciliation of aggregate census data to the actuarial valuation report
(e.g., the number of members reported in the census data file to amounts shown in the
actuarial valuation report).
G. Compare the number of plan members for the current year to the prior year, as well as the
number of plan members to the number of employees.
H. Obtain a list of new employees hired during the period from the prior valuation to the current
valuation from the employer and perform the following procedures:
1. Select a sample to determine whether eligible new employees were appropriately
enrolled in the plan and properly included in the census data file.
2. For each employee selected, verify the accuracy of significant elements of census data
from enrollment that are in the census data file to the human resources (personnel)
records (such as name, Social Security number, and date of birth).
I. Identify the payroll registers and payroll cycles for all reporting units of the government.
J. Select a sample of active members and perform the following procedures:

1. Evaluate whether the employee is eligible to participate in the plan based on the
eligibility criteria included in the plan document (state statutes).
2. Compare the static census data (e.g., name, date of birth, and date of hire) in the current
census data file to the prior census data file.
3. For significant elements of census data that change based on current-year events and
activity (e.g., service credits and marital status), verify the incremental changes to the
personnel records and recalculate the census data in the current census data file based
on the prior census data file and the incremental changes for the period.
K. Select a sample of inactive members entitled to but not yet receiving benefits and compare
the census data information from the current census data file to the prior census data file (or
vice versa).
L. Select a sample of inactive members currently receiving benefits and perform the following
procedures:
1. Compare the static census data information from the current census data file to the prior
census data file.
2. Verify or recalculate the significant elements of census data that change based on criteria
in the plan document.
Substantive Audit Procedures for Deferred Outflows of Resources and Deferred Inflows of
Resources
and deferred inflows of resources. Obtain a detailed schedule of deferred outflows of resources
and deferred inflows of resources by type and period for the employer and perform the following:
if applicable.
valuation report used to measure the net OPEB liability.
C. Recalculate the recognition (amortization) amount for the current-period incremental
period.
D. Verify benefit payments made and administrative cost incurred after the measurement date
and before the employer's fiscal year-end and compare to the amount reported as deferred
outflows of resources.
E. Recalculate the mathematical accuracy of the total deferred outflows of resources and
(amortization) for the measurement period based on the components tested in the
procedures described in (A) through (D) above.
Substantive Audit Procedures for OPEB Expense

The following are examples of substantive procedures for auditing OPEB expense:
A. Obtain a detailed schedule of OPEB expense for the measurement period.
B. Compare total service cost to the actuarial valuation used to measure the total OPEB liability.
C. Recalculate interest on the total OPEB liability by multiplying beginning total OPEB liability,
adjusted for service cost and actual benefit payments, by the discount rate.
D. Verify changes in benefit terms to the actuarial valuation report and procedures performed
related to the total OPEB liability, described above.
E. Verify employer administrative costs related to OPEB, including the total of nonemployer
contributing entities' expenses for costs incurred related to the administration of OPEB, if
applicable.
F. Reconcile amounts of deferred outflows of resources and deferred inflows of resources
recognized as OPEB expense based on procedures described above for those amounts.
G. Recalculate the mathematical accuracy of total OPEB expense based on the individual
components.
9 J. Chapter Summary
This chapter addressed accounting and auditing considerations for defined benefit OPEB plans
that are administered through a trust or equivalent arrangement. It addressed accounting and
auditing considerations for employers participating in single-employer, agent multiple-employer,
and cost-sharing multiple-employer defined benefit OPEB plans that are administered through a
trust or equivalent arrangement. It also addressed accounting and auditing considerations for
governments whose employees are provided with OPEB through OPEB plans that are not
administered through a trust or equivalent arrangement.
Study Question 38
Which of the following is not a type of OPEB plan administered through a qualifying trust?
A Single-employer plan
B Cost-sharing plan
C Agent plan
D Insured plan
Study Question 39
Which of the following is statements is true regarding an OPEB plan's statement of changes in
fiduciary net position?
The additions section aggregates contributions from
A employers and those from nonemployer contributing
entities into a single amount.
B The additions section displays the total contributions from
active and inactive plan members not receiving benefits.
C The deductions section displays separate amounts for

investment income and investment expense.
D The deductions section reports the net increase (decrease)

in net position.
Study Question 40
How is the net OPEB liability defined in single-employer and cost-sharing plans that are
administered through a qualifying trust?
A Total OPEB liability for the plan less the fiduciary net
position for the plan
B Actuarial present value of projected benefit payments

attributed to past employee service
C Projected future benefit payments
D Discounted projected future benefits to present value
Study Question 41
Which of the following statements is true regarding allocation of OPEB amounts to funds or
departments?
A The allocation of OPEB amounts is illegal in most

governmental OPEB plans.
The allocation of OPEB amounts must be carried out in
B accordance with standards established by the Financial
Accounting Standards Board.
GAAP does not establish specific requirements for
C allocation of OPEB amounts to individual funds or
departments.
D GAAP prohibits the allocation of OPEB amounts to

individual funds or departments.
Study Question 42
Which of the following statements is false regarding special funding situations for single and
agent employers participating defined benefit OPEB plans administered through a qualifying
trust?
The legislative body of the governmental employer is
A required by the special funding situation to appropriate
funds to the plan.
The employer recognizes a liability related to OPEB with
B adjustments for the involvement of nonemployer
contributing entities.
C The employer recognizes its proportionate share of the

collective OPEB expense.
D A nonemployer contributing entity is legally responsible for

making contributions directly to the OPEB plan.
Study Question 43
Which of the following statements is true regarding OPEB expense, deferred outflows of
resources, and deferred inflows of resources related to OPEB in a plan that is not administered
through a qualifying trust?
A Amounts paid by the employer for OPEB as the benefits

come due are recognized in OPEB expense.
B Most of the changes in the total OPEB liability are included

in OPEB expense.
Amounts paid by nonemployer contributing entities that are
C not in a special funding situation for OPEB as the benefits
come due are recognized in OPEB expense.
Most of the changes in the net OPEB liability are reported
D as deferred outflows of resources or deferred inflows of
resources.
Chapter 10. General and Concluding Audit Procedures

This chapter discusses general and concluding audit procedures related to the following:
commitments and contingencies; litigation, claims, and assessments; management
representation letter; subsequent events; related parties; going concern; accounting estimates
and fair value; analytical procedures; review of audit documentation and summarization and
evaluation of audit evidence; drafting financial statements and the auditor's report;
communicating internal control related matters; communicating with those charged with
governance; communicating fraud and violations of laws and regulations; and subsequent
discovery of matters after the report release date.
identify various general and concluding audit procedures.
10 A. Overview
In addition to the audit procedures for specific financial statement elements discussed in previous
chapters of this course, other procedures are necessary that are more general in nature. After
completing audit procedures for specific financial statement components and completing the
general procedures, the auditor should form an opinion on the entity's financial statements. In
addition, if the auditor discovers matters subsequent to the date of the auditor's report, certain
other procedures should be performed.
10 B. Commitments and Contingencies
Introduction
Commitments and contingencies are uncompleted transactions or uncertainties that should be
disclosed, and sometimes their amounts accrued, because of their effect on current financial
position or future operating results. The auditor's primary objectives are determining whether all
significant commitments and contingencies have been identified, assessing their financial effect,
and evaluating presentation and disclosure.
Initial Audit Procedures

Audit procedures are initially directed at determining the existence of commitments and
contingencies so that valuation and disclosure can be considered. They may be difficult to find
because they may not be recorded. The auditor may be aware of commitments or contingencies
from the knowledge of the entity's activities and operating characteristics. Some commitments or
contingencies may be discovered as a result of audit procedures applied to specific financial
statement components.
Note
For example, commitments to purchase materials or supplies may be identified in
applying audit procedures to inventory. Lease commitments may be identified during
the audit of rent and other lease payments.
Other Audit Procedures

Other audit procedures that are often used to search for commitments and contingencies include
the following: inquiring of responsible officials about the possibility of unrecorded commitments
or contingencies; reading minutes of the governing body; reading contracts, debt agreements,
leases, and similar documents; reviewing current and past year's reports from grantor agencies;
reviewing legal expenses and invoices and correspondence from lawyers; reviewing
communications from regulatory agencies such as the Environmental Protection Agency or
similar federal or state agencies; reviewing transactions subsequent to the date of the statement
of net position; and sending a letter of inquiry to the entity's legal counsel.
Financing Transactions or Arrangements

Some commitments and contingencies arise from financing transactions or arrangements with
financial institutions, such as open letters of credit. After identifying such matters and gaining an
understanding of them, the auditor can consider confirming the details with the appropriate party
at the financial institution responsible for the entity's account.
10 C. Litigation, Claims, and Assessments
Introduction
Litigation, claims, and assessments are often the cause of significant contingencies. The auditor's
search for those contingencies is accomplished by a related set of inquiries and communications
involving responsible officials and the entity's legal counsel.

Inquiry of the Entity's Legal Counsel
The auditor should seek direct communication with the entity's external legal counsel through a
letter of inquiry prepared by management and sent by the auditor, which requests the entity's
legal counsel to communicate directly with the auditor. Such communication is also required from
in-house legal counsel when the entity's in-house legal counsel has responsibility for the entity's
litigation, claims, and assessments.
Risk of Material Misstatement
The requirement to send a lawyer's letter is a risk-based decision. The auditor is required to seek
direct communication with the entity's legal counsel unless the procedures performed to identify
litigation, claims, and assessments do not indicate any actual or potential litigation, claims, or
assessments that may give rise to a risk of material misstatement.
External and Internal Legal Counsel
Some entities engage outside legal counsel for all litigation, claims, and assessments, whereas
others use in-house legal counsel. The auditor is required to communicate with in-house legal
counsel when that counsel has responsibility for the entity's litigation, claims, and assessments. In
this situation, in-house legal counsel may be in the best position to know and describe the status
of litigation, claims, and assessments or to corroborate the information provided by management.
When the Auditor Does Not Communicate with Legal Counsel
If the auditor does not seek direct communication with the entity's legal counsel, s/he should
document the basis for that decision.
Pending or Threatened Litigation

The letter asks the lawyer to provide or corroborate directly with the auditor the following about
pending or threatened litigation: the nature of the litigation; the progress of the case to date; how
the entity is responding or intends to respond to the litigation (for example, to contest the case or
seek an out-of-court settlement); an evaluation of the likelihood of an unfavorable outcome and
an estimate, if one can be made, of the amount or range of potential loss; and a statement that
the list of matters is complete or an identification of the omission of any pending or threatened
litigation, claims, or assessments.
Materiality Limit in the Lawyer's Letter

The auditor includes a specified materiality limit in the lawyer's letter, so the lawyer knows what
items are to be considered material, individually or in the aggregate, for purposes of the response.
The materiality amount generally is some fraction of the performance materiality for each
component unit. For a cross-opinion-unit testing, the smallest performance materiality amount
for the opinion units is used. If a letter is sent to a lawyer who only handles matters for a particular
opinion unit, a different amount for that opinion unit may be used. If the entity retains only one
attorney, a materiality amount for the opinion units that could potentially be affected by litigation,
claims, or assessments should be used. The specific amount used is a matter of auditor judgment
based on knowledge of the client and other factors.
Unasserted Claims and Assessments
Lawyers will not furnish an auditor with information on unasserted claims and assessments
because of concern about the attorney-client privilege, nor will they confirm the completeness of
information furnished by management. The auditor obtains assurance indirectly by the following
process: the lawyer is asked to confirm that, whenever s/he is aware of an unasserted claim
requiring disclosure according to GAAP, the lawyer will advise the client; management is asked to
provide a written representation that it has informed the auditor of any claims the lawyer has
advised are required to be disclosed; and the auditor informs the lawyer of management's
representation on unasserted claims (typically that there are no unasserted claims).
Entity Has Not Consulted a Lawyer

If the entity has not consulted an external or in-house legal counsel about litigation, claims, or
assessments, and the auditor's other procedures do not identify the existence of material claims
or assessments, no additional procedures are required. If the auditor believes that actual or
potential material litigation, claims, or assessments possibly exist, but the entity has not engaged
external legal counsel relating to such matters, the auditor may discuss with the entity the need
to consult legal counsel to determine the effect on the entity's financial statements appropriately.
Note
If the auditor believes this matter may be significant, refusal by management to
consult legal counsel may result in a scope limitation sufficient to preclude an
unmodified opinion.
Evaluating the Lawyer's Response
The auditor should make sure the lawyer's response contains all items of information requested
and should evaluate wording of the lawyer's assessment of the probability of an unfavorable
outcome. The auditor should decide whether the response is clear regarding a probable or remote
outcome, since the need to accrue the contingency depends on this determination.
Date of the Lawyer's Response

The letter from the entity's lawyer should be dated to cover a period that closely corresponds to
the auditor's report date, generally within two weeks of the report date. If the response does not
specify an effective date, the auditor can assume that the date of the response is the effective
date.
10 D. Subsequent Events Review

Introduction
Events or transactions that affect the financial statements and that occur subsequent to the date
of the financial statements, but before the statements are issued, are called subsequent events.

Types of Subsequent Events
Subsequent events consist of two types: recognized events and nonrecognized events.
Recognized Events
Recognized events provide additional evidence about conditions that existed at the date of the
financial statements and affect estimates inherent in the process of preparing the financial
statements. All information that becomes available prior to the issuance of the financial
statements should be used in evaluating the conditions on which estimates are based, and the
financial statements should be adjusted for any changes in estimates resulting from the use of
such evidence.
Nonrecognized Events
Nonrecognized events provide evidence about conditions that did not exist at the date of the
financial statements but arose subsequent to that date. These events should not result in
adjustment of the financial statements, but some events may be of such a nature that their
disclosure is essential to a user's understanding of the financial statements.
Adjustment or Disclosure
Subsequent events affecting the realization of assets or the settlement of estimated liabilities
ordinarily require adjustment because they typically represent the culmination of events that
existed over a long period of time. Changes in the quoted market price of securities typically
reflect new conditions and should not result in adjustment but should be disclosed. Other
examples of nonrecognized events that should be disclosed but not adjusted for include creation
of a new component unit, the loss of a government facility as a result of a natural catastrophe,
and the issuance of bonds.
The reporting of subsequent events should be evaluated in relation to the individual

opinion unit affected by the event.
Audit Procedures
The auditor should perform subsequent events review procedures that cover the period from the
date of the financial statements to the date of the auditor's report or as close to that date as
practicable. As a result, these procedures should be performed through the date the auditor has
obtained sufficient appropriate evidence to support an opinion on the financial statements. In
addition, it is ordinarily expected that the date of the auditor's report will be close to the report
release date.
Specific Financial Statement Elements
Some subsequent events may be discovered as a result of audit procedures applied to specific
financial statement elements. These procedures usually involve cutoff tests and assessment of
valuation. For example, the inspection of subsequent collections of receivables may disclose a
material subsequent event.
Lawyer's Response and Management Representation Letter
The lawyer's response and the management representation letter may also provide evidence of or
representations about the existence of significant subsequent events, such as the settlement of a
lawsuit.
Audit Documentation
The auditor applies any additional audit procedures necessary to follow up on material
subsequent events disclosed as a result of audit procedures. If material subsequent events are
discovered, the audit documentation should include the information needed to support
adjustments to the financial statements or disclosures about subsequent events.
10 E. Related Parties
Introduction
Identifying a related-party relationship and its appropriate treatment in the financial statements
depends on the entity's application of its financial reporting framework. In some cases, the entity
may have no legal jurisdiction over the related party even when the application of the financial
reporting framework indicates that the entity's financial statements should include those of the
related party. As a result, the auditor should apply the concepts and guidance from the applicable
financial reporting framework to formulate inquiries that will assist in making appropriate
assessments about the existence and nature of related-party relationships.
Audit Procedures
Audit procedures for related parties are applied at all stages of the audit. At the start of the
engagement, the auditor identifies obvious or known related parties and transactions (or updates
information obtained in previous audits) to consider as other procedures are applied during the
audit. Sources of information about related parties include inquiry of predecessor auditors and
entity officials and review of organization charts, prior audit documentation, minutes, contracts,
and agreements. Many governments require officials and employees to file disclosures of related-
party relationships and transactions, and the auditor could obtain information from those
disclosures. The auditor should also consider obtaining representations from senior administrative
officials and the governing body about whether they or any other related parties engaged in any
transactions with the entity during the period. At the end of the audit, the auditor considers
whether the results of procedures applied during the audit indicate the existence of related-party
transactions that should be disclosed. The auditor's objective at the later stage is to understand
the business purpose of the transactions and to consider whether transactions are occurring that
are not being recognized in the accounting records.
Material Transactions
The auditor should understand the business purpose of material related-party transactions.
Proper authorization of such transactions, such as by management or those charged with
governance, is more important than for similar transactions with unrelated parties. If the auditor
has identified a risk of material misstatement related to the nature, purpose, or recording of
material related-party transactions, other procedures may be necessary to understand the
transaction or obtain evidence about it. These procedures could include consultation with persons
knowledgeable about a particular specialized type of transaction. The auditor may consider
obtaining representations from management and those charged with governance about whether
they or any other related parties engaged in any transactions with the entity during the period.
Fraud Risk Factors
The following risk factors may involve transactions with related parties:
A. Significant related-party transactions not in the ordinary course of business or with related
entities that are unaudited or are audited by another firm
B. Significant, unusual, or highly complex transactions—especially those close to period-end—
that pose difficult questions about “substance over form”
C. An overly complex organizational structure involving unusual legal entities or managerial
lines of authority
D. Contractual arrangements that do not appear to have a clear business purpose
10 F. Going Concern
Introduction
The auditor should evaluate whether there is substantial doubt about the entity's ability to
continue as a going concern for a reasonable period of time, which is defined as “the period of
time required by the applicable financial reporting framework or, if no such requirement exists,
within one year after the date that the financial statements are issued.” The period of time
required by the GASB is 12 months beyond the date of the financial statements. It also requires
the financial statement preparer to consider currently known information that may raise
substantial doubt shortly thereafter, such as within an additional three months. As a result, some
auditors extend their audit procedures to the additional period beyond the financial statement
date because such information is required to be included in the financial statements.
An entity is unable to continue as a going concern when it is unable to continue to

meet its obligations as they become due without substantial disposition of assets
outside the ordinary course of operations, restructuring of debt, submission to the
oversight of a separate fiscal assistance authority or financial review board, or similar
actions.
Conditions and Events

Conditions and events that may indicate substantial doubt about an entity's ability to continue as
a going concern are:
Negative Trends
Negative trends include recurring periods in which expenses and expenditures significantly exceed
revenues, recurring unsubsidized operating losses or negative operating cash flows for business-
type activities, consistent working capital deficiencies, and adverse key financial ratios.
Other Indicators of Possible Financial Difficulties
Other indicators of possible financial difficulties include defaults on debt, debt and tax limits near
the legal limits, denial of usual trade credit from suppliers, debt restructuring (other than
refundings), violation of statutory capital or reserve requirements, and the need to seek new
financing or to dispose of substantial assets.
Internal Matters
Internal matters include work stoppages or other labor difficulties, substantial dependence on the
success of a specific project or program, uneconomic long-term commitments (such as
burdensome labor contracts), and the need to revise operations significantly.
External Matters
External matters include legal proceedings, legislation, or similar matters that might jeopardize
intergovernmental revenues and the fiscal sustainability of key governmental programs; loss of a
critical license or patent for a business-type activity; loss of a principal customer, taxpayer, or
supplier; and an uninsured or underinsured catastrophe (such as drought, earthquake, or flood).
Audit Procedures
The auditor's evaluation is performed on the entity as a whole, not for individual opinion units or
funds. The auditor has two sets of responsibilities related to an entity's ability to continue as a
going concern. The first is to evaluate whether conditions or events identified during the audit,
when considered in the aggregate, indicate there could be substantial doubt about the entity's
ability to continue as a going concern for a reasonable period. The second is, if the auditor
concludes there is substantial doubt about the entity's ability to continue as a going concern, s/he
should gather evidence and consider the effect on the financial statements, the adequacy of
disclosures, and the audit report.
Assessing the Results of Audit Procedures
GAAS does not mandate any specific procedures solely directed to a search for conditions or
events that may affect the entity's ability to continue as a going concern. It does require specific
assessment of whether procedures applied by the auditor identified such conditions and events.
The following are examples of procedures that may provide evidence about such conditions and
events:
A. Applying analytical procedures
B. Reviewing subsequent events
C. Reviewing compliance with the terms of debt and loan agreements, with particular attention
to debt maturing in the near term
D. Reading the minutes of meetings of the governing body and other important committees
E. Inquiring of an entity's legal counsel about litigation, claims, and assessments
F. Confirming with related and third parties the details of arrangements to provide or maintain
financial support
Note
Although the auditor may document the evaluation of going concern status as part of
concluding the audit, s/he should modify planned audit procedures as soon as going
concern problems are identified.
Considering Management's Plans

If, after considering the identified conditions and events in the aggregate, the auditor believes
there is substantial doubt about the entity's ability to continue as a going concern for a reasonable
period of time, s/he should obtain information about management's plans that are intended to
mitigate the effect of such conditions and events and assess the likelihood that the plans can be
effectively implemented. Management's plans may relate to liquidation of certain assets,
additional borrowing or restructuring of debt, reducing or delaying expenditures, and obtaining
other sources of revenue. In a governmental engagement, considerations related to
management's plans include restrictions on disposal of assets, limitations on borrowing capacity
and availability of unused lines of credit, the possibility of restructuring debt agreements,
separability of operations resulting in negative cash flows, ability to reduce overhead and
administrative expenditures, and willingness of another level of government to provide financial
support.
Procedures When There Is Substantial Doubt
After considering management's plans, the auditor should decide whether substantial doubt
remains. If the auditor concludes that there is still substantial doubt about the entity's ability to
continue as a going concern, the auditor should perform the following procedures:
A. Consider the possible effects on the financial statements and the adequacy of disclosures
B. Obtain written representations from management
C. Modify the audit report by adding an emphasis-of-matter paragraph following an unmodified
opinion paragraph and using the heading “Going Concern” or other appropriate heading
D. Communicate the following to those charged with governance: the nature of the events or
conditions identified, the possible effect on the financial statements and the adequacy of
related disclosures in the financial statements, and the effects on the auditor's report
Audit Documentation
When conditions or events cause the auditor to believe there is substantial doubt about the
entity's ability to continue as a going concern for a reasonable period of time, the auditor should
document the following:
A. Conditions or events causing the auditor to believe there is a substantial doubt about the
entity's ability to continue as a going concern
B. The elements of management's plans most significant to overcoming the adverse effects of
the conditions or events
C. The auditing procedures performed and evidence obtained to evaluate those significant
elements
D. The auditor's conclusion about whether substantial doubt remains or is alleviated and the
possible effects on the financial statements and related disclosures
E. The possible effects on the auditor's report, including the auditor's conclusion about whether
an emphasis-of-matter paragraph is necessary and whether to modify the auditor's opinion
for inadequate disclosures
10 G. Accounting Estimates and Fair Value

Introduction
The auditor should follow a risk-based approach when auditing accounting estimates, including
fair value measurements. The auditor also should understand the requirements of GAAP to
provide a basis for evaluating management's recognition and measurement of accounting
estimates, including related disclosure requirements.
Risk Assessment Procedures and Related Activities

The auditor obtains an understanding of how management identifies and makes accounting
estimates through performing risk assessment procedures as part of obtaining an understanding
of the entity and its environment, including internal control, as discussed earlier in this course. The
auditor's understanding should include how management identifies transactions, events, and
conditions that require accounting estimates. It should also include how management makes
estimates and the underlying data used, including the methods, assumptions, relevant controls,
specialists required, changes from prior periods in method or assumptions, and whether and how
estimation uncertainty has been assessed.
Outcome of Prior-Period Estimates
The auditor also is required to review the outcome of accounting estimates that were included in
the prior period. Generally, the outcome of an accounting estimate will differ from the amount
that was recognized in the prior period. By identifying and understanding the reasons for such
differences, the auditor may obtain information about the effectiveness of management's prior-
period estimation process, audit evidence that is pertinent to re-estimation of prior-period
estimates in the current period, or evidence of matters requiring disclosure in the financial
statements (such as estimation uncertainty). In addition, the auditor is required to perform a
retrospective review of management's judgments or assumptions related to significant accounting
estimates included in prior-period financial statements to determine if there is an indication of
management bias and a risk of material misstatement due to fraud.
Both reviews can be coordinated with reviewing prior-period estimates.
Estimation Uncertainty
Through performing risk assessment procedures and related activities on accounting estimates,
the auditor should identify and assess risks associated with the development of accounting
estimates. In doing so, the auditor is required to evaluate the degree of estimation uncertainty
associated with those estimates. The auditor is also required to determine if those estimates with
high estimation uncertainty represent significant risks. For identified significant risks, the auditor
is required to understand the entity's controls, including control activities. Accounting estimates
with a higher degree of estimation uncertainty may also be susceptible to management bias.
Accounting estimates with a high estimation uncertainty may have one of the following
characteristics:
A. They are highly dependent on judgment.
B. They are not calculated using recognized measurement techniques.
C. Similar estimates in the prior period had substantial differences from the actual outcome.
D. For fair value accounting estimates, a highly specialized, entity-developed model is used for
which there are no observable inputs.
Responding to the Assessed Risks of Material Misstatement
The auditor's further audit procedures for identified accounting estimates should be responsive to
the assessed risks of material misstatement that relate to those estimates. The auditor is required
to determine whether GAAP has been properly applied and whether the methods used are
appropriate and have been applied consistently. If there has been a change from the prior period
in estimates or the methods, the auditor determines if such changes are appropriate in the
circumstances.
Required Audit Procedures
In responding to assessed risks for accounting estimates, the auditor is required to do one or more
of the following:
A. Test the operating effectiveness of the controls over how management made the estimate,
along with appropriate substantive procedures
B. Determine if subsequent events up to the date of the auditor's report provide audit evidence
about the estimate
C. Test how management made the estimate and the underlying data, including the evaluation
of the appropriateness of the method, reasonableness of the assumptions, and reliability of
the underlying data
D. Develop a point estimate or range to evaluate management's point estimate
The Auditor's Approach
The approach selected by the auditor will normally depend on the nature of the estimate, the
effectiveness of the procedure in providing sufficient appropriate audit evidence, and the assessed
risk of material misstatement, including whether the risk is considered to be a significant risk.
When the accounting estimate is a fair value measurement, an appropriate response

often is testing how management made the estimate and underlying data.
The auditor's development of a point estimate or range to evaluate management's point
estimate may be an appropriate response when, for example, the estimate is not derived
from the routine processing of data by the accounting system; prior audit results for
similar estimates indicate that management's current estimation process is unlikely to be
effective; controls over the development of the estimate are not well-designed or properly
implemented; subsequent events contradict management's point estimate; or alternative
sources of relevant data are available to the auditor that can be used to develop a point
estimate or range. Typically, a range that has been narrowed to be equal to or less than
performance materiality is adequate for evaluating the reasonableness of management's
point estimate.
Significant Risks
When the auditor determines that there is a significant risk associated with an accounting
estimate, certain procedures should be performed in addition to other substantive procedures to
respond to the risks of material misstatement. The focus is on how management has assessed the
effect of estimation uncertainty on the accounting estimate and how that uncertainty affects the
appropriateness of the amount reported in the financial statements and the adequacy of
disclosures.
Required Audit Procedures for Estimation Uncertainty
The auditor is required to evaluate the following: how management considered alternative
assumptions and why they were rejected or how estimation uncertainty was addressed in making
the accounting estimate; whether the significant assumptions used by management are
reasonable; and (when relevant to the reasonableness of the significant assumptions used by
management or the application of GAAP) management's intent and ability to carry out a specific
course of action.
Required Audit Procedures for Recognition and Disclosure
The auditor also is required to obtain sufficient appropriate evidence about whether
management's decision to recognize or not recognize the estimate, as well as the measurement
basis, is in accordance with GAAP. Even if amounts are not recognized, there may be a need for
disclosure of the circumstances. In some cases, there may also be a need for the auditor to add a
paragraph to the auditor's report to emphasize the matter.
Evaluating the Reasonableness of Estimates and Determining
Misstatements
The auditor evaluates the reasonableness of management's estimates to determine if an audit
difference exists. If the audit evidence supports a point estimate, a misstatement represents the
difference between the auditor's point estimate and the amount recorded by management. If the
auditor has developed a range and management's estimate falls outside that range, the
misstatement is at least the difference between management's point estimate and the nearest
point of the auditor's range.
For example, if the auditor's range is $1,500 to $1,700 for the allowance for
uncollectible accounts, but the entity has estimated $1,200 for the allowance, then
there is at least a $300 misstatement that should be included with other audit
differences.
Disclosures
The auditor should obtain sufficient appropriate audit evidence about whether the disclosures in
the financial statements relating to accounting estimates are in accordance with GAAP. When an
accounting estimate has significant risks, the auditor is required to evaluate the disclosures
pertaining to estimation uncertainty in the financial statements. In some cases, even though the
entity's disclosures may comply with GAAP, the auditor may determine that they are inadequate in
light of the facts and circumstances. The auditor's emphasis on evaluating the adequacy of
disclosures increases as the range of possible outcomes for management's accounting estimate
increases in relation to materiality.
Indicators of Possible Management Bias

The auditor is required to review management's judgments and decisions when making
accounting estimates to determine if there are any indicators of possible management bias.
Indications of management bias may affect the auditor's conclusions regarding risk assessment
and whether there are implications for the rest of the audit.
Examples of Indicators
The following are examples of indicators of possible management bias regarding accounting
estimates:
A. Changes in an estimate or the underlying method when management has made a subjective
assessment that there has been a change in circumstances
B. The use by the entity of its own assumptions for fair value accounting estimates that are
inconsistent with observable market assumptions
C. The selection or construction of significant assumptions that result in a favorable point
estimate for management's purposes
Risk of Misstatement Due to Fraud
The auditor evaluates whether underlying circumstances represent a risk of material
misstatement due to fraud. The auditor evaluates whether the judgments and decisions made by
management when making the estimate indicate possible bias, even if they are individually
reasonable. If so, the auditor must reevaluate accounting estimates as a whole. The auditor may
also consider whether differences between estimates best supported by the audit evidence, and
estimates included in the financial statements that are individually reasonable, indicate (in the
aggregate) a possible bias on the part of management.
A. If management always chooses estimated amounts for the valuation of assets that are at the
low end of the range the auditor considers reasonable, the combined effect could result in a
material misstatement of the change in net position. In this situation, the auditor considers
whether other recorded estimates reflect a similar bias and perform additional procedures to
address those estimates.
B. If management's estimates were at one end of the auditor's reasonable range in the prior year
and at the other end in the current year, it could indicate the possibility that management is
using accounting estimates to manage financial results. If the auditor believes this is the case,
s/he should consider communicating the matter to those charged with governance.
Audit Documentation
The auditor should include the following matters related to accounting estimates in the audit
documentation: for accounting estimates with significant risks, the basis of conclusions about the
reasonableness of the estimate and related disclosures; and indicators of management bias.
10 H. Written Representations
Introduction
The auditor is required to obtain written representations from management personnel who have
appropriate responsibilities for the financial statements and knowledge of the related matters.
Specific Representations
The auditor asks management to provide a written representation that it has fulfilled its
responsibility as set out in the terms of the audit engagement. In an audit of a governmental
entity, the auditor should also obtain the representations set forth below.
Instances of Noncompliance
Management should provide a written representation that it has disclosed all instances of
identified or suspected noncompliance with the provisions of laws, regulations, contracts, and
grant agreements whose effect should be considered by management when preparing the
financial statements (such as tax or debt limits and debt covenants).
This representation relates to the GASB disclosure requirements relating to material

violations of finance-related legal and contractual provisions.
Instances of Abuse
Management should provide a written representation that it has disclosed all instances of
identified or suspected abuse that could be quantitatively or qualitatively material to the financial
statements.
Internal Control and Fraud
Management should provide a written representation that it is responsible for the design,
implementation, and maintenance of internal controls to prevent and detect fraud; management
has disclosed to the auditor the results of its assessment of the risk that the financial statements
may be materially misstated as a result of fraud; management has disclosed its knowledge of
fraud or suspected fraud affecting the entity involving management, employees who have
significant roles in internal control, and others where the fraud could have a material effect on the
financial statements; and management has disclosed its knowledge of any allegations of fraud or
suspected fraud affecting the entity's financial statements.
Uncorrected Misstatements
Management should provide a written representation that it believes the effects of the
uncorrected financial statement misstatements are immaterial, individually and in the aggregate,
to the financial statements as a whole for each opinion unit.
Required Supplementary Information (RSI)
Management should provide a written representation that it acknowledges its responsibility for
the RSI; that the RSI is measured and presented in accordance with prescribed guidelines; that
the methods of measurement or presentation have not changed from those used in the prior
period or, if the methods of measurement or presentation have changed, the reasons for such
changes; and about any significant assumptions or interpretations underlying the measurement
or presentation of RSI.
Supplementary Information (SI)
Management should provide a written representation that it acknowledges its responsibility for
the presentation of the SI in accordance with the applicable criteria; that it believes the SI,
including its form and content, is fairly presented in accordance with applicable criteria; that the
methods of measurement or presentation have not changed from those used in the prior period
or, if the methods of measurement or presentation have changed, the reasons for such changes;
about any significant assumptions or interpretations underlying the measurement of the SI; and
when SI is not presented with the audited financial statements, that management will make the
audited financial statements readily available to the intended users of the SI and the auditor's
report thereon.
When Representations Are Not Provided or Cannot Be Relied upon
An inability to obtain appropriate representations prevents the auditor from expressing an
unmodified opinion. A disclaimer of opinion or withdrawal from the engagement is required when
the required written representations are either not provided by management or the auditor cannot
rely on them because the auditor concludes that sufficient doubt exists about management's
integrity.
Management's Responsibility
Although a management representation letter is usually prepared by the auditor, it is a
communication from the audited entity to the auditor and is signed by entity management. The
representation letter acknowledges management's primary responsibility for the financial
statements, even if the auditor drafts them and the related notes. In addition, the representations
provide other audit evidence and support the validity of the results of audit procedures performed.
Reliance on Management Representations

The auditor cannot accept management's representations as the only audit evidence for the
matters included in the representation letter. If the auditor cannot verify a representation using
another form of evidence, s/he should evaluate whether the representation is feasible considering
such factors as whether the entity has carried out its stated intentions in the past; the entity's
ability to pursue a specific course of action; and whether any conflicting information has been
learned during the course of the audit that seems inconsistent with management's judgment or
intent.
Concerns about Management
If the auditor becomes concerned about management's competence, integrity, ethical values, or
diligence, s/he should determine the effect that those concerns may have on the reliability of
management's oral or written representations and audit evidence in general. Significant concerns
may cause the auditor to conclude that the risk of management misrepresentation is such that an
audit cannot be conducted.
Even when those charged with governance implement appropriate corrective measures,
those measures may not be enough to enable the auditor to issue an unqualified opinion.
Audit Evidence That Contradicts a Representation

If other audit evidence contradicts a representation made by management, the auditor should
attempt to resolve the matter by performing audit procedures. In the case of such identified
contradictions, the auditor may consider whether the risk assessment remains appropriate and, if
not, may revise the risk assessment and perform appropriate procedures to respond to the
assessed risks.
Unreliable Representations
When the auditor concludes that written representations are unreliable, s/he should take
appropriate actions, including determining any effect on the auditor's report. The auditor should
disclaim an opinion on the financial statements or withdraw from the engagement if s/he
determines that sufficient doubt exists about management's integrity and the reliability of the
written representations. The possible effects on the financial statements of an inability to rely on
the written representations are pervasive and not limited to specific elements, accounts, or items
in the financial statements.
Materiality
The auditor is permitted to limit representations to matters that are either individually or
collectively material to the financial statements. However, that limitation is acceptable only for
representations that directly relate to amounts included in the financial statements and only if the
auditor and management reach an agreement about what is material for this purpose.
As a result, it would not be acceptable to limit representations about the completeness of

available financial records, management's responsibility for fair presentation, or
management's acknowledgement of its responsibility for the design, implementation, and
maintenance of internal control to prevent and detect fraud.
Discussion of Materiality in the Representation Letter

The auditor is permitted to include an explicit discussion of materiality in the representation letter,
in either qualitative or quantitative terms or both. Many auditors use both because it is
inappropriate to rely solely on quantitative considerations when determining materiality.
When Materiality Considerations Do Not Apply
Materiality considerations do not apply to representations that have no direct relationship to
amounts in the financial statements and notes or to representations regarding information
concerning fraud. Examples of representations that have no direct relationship to financial
statement amounts and notes include management's acknowledgment of its responsibility for the
following:
A. The fair presentation of the financial statements in conformity with accounting principles
generally accepted in the United States of America
B. The availability of all financial records and related data and communications from regulatory
agencies concerning noncompliance with or deficiencies in financial reporting practices
C. The completeness and availability of all minutes of meetings of governing bodies
D. Information on fraud involving management, employees who have significant roles in internal
control, or others where fraud could have a material effect on the financial statements
Audit Adjustments
Management is required to acknowledge in the representation letter that it has considered
whether the effects of uncorrected misstatements are immaterial, both individually and in the
aggregate, to the financial statements. A summary of the uncorrected misstatements should be
included in or attached to the letter. When either no misstatements are noted or all noted
misstatements are corrected, many auditors include no representation about uncorrected
misstatements in the management representation letter.
Misstatements Identified by Both Auditor and Management
Uncorrected misstatements communicated in the representation letter include both those
identified by the auditor and those brought to the auditor's attention by management. It is not
uncommon for management to inform the auditor about adjustments of which it is aware but
were not recorded. In this situation, the adjustments should be included in the summary attached
to the representation letter. The summary of uncorrected misstatements also may include the
current-year effect of unadjusted audit differences from prior years. Some auditors set an amount
below which detected misstatements need not be accumulated on the summary. Those
misstatements (often referred to as trivial misstatements or differences passed at the workpaper
level) need not be included in the summary.
Opinion Units
A summary of uncorrected misstatements should be prepared for each opinion unit. The
adjustments included in each summary may be aggregated. If the auditor chooses to aggregate
the misstatements, they normally would be aggregated by financial statement caption and
should be presented in sufficient detail to give management an understanding of their nature,
amount, and effect.
Who Should Sign the Letter
The management representation letter generally should be signed by the chief executive officer
and the chief financial officer. Even when current management was not present during all periods
referred to in the auditor's report, current management's responsibilities for the financial
statements as a whole are not diminished and the requirement for the auditor to request from
them written representations that cover the whole of the relevant periods still applies.
Scope Limitations
Although management's refusal to furnish written representations constitutes a limitation on the
scope of the audit, based on the nature of the representations not obtained or the circumstances
of the refusal, the auditor may conclude that a qualified opinion, rather than a disclaimer or
withdrawal, is appropriate.
Note
Many auditors believe that situations resulting in a qualified opinion will be limited to
those in which only one or a few representations are refused.
Even if a written representation is obtained regarding a matter, the scope of the audit is limited if
the auditor is prevented from performing other procedures s/he considers necessary relating to
that matter. In such a situation, the auditor should issue a qualified opinion or disclaimer of
opinion.
10 I. Accumulated Results of Audit

Procedures
Introduction
The auditor's assessment of the risks of material misstatement at the relevant assertion level
made during planning is based on available audit evidence and may change as additional
evidence is obtained. For example, the auditor may identify misstatements that are larger or more
frequent than had been anticipated. The auditor is required to revise the risk assessment and
modify further planned audit procedures if new information is obtained or if the initial assessed
risks of material misstatement at the assertion level change during the audit.
Reevaluating the Risks of Material Misstatement
The auditor also is required to reevaluate, before the conclusion of the audit, whether the
assessment of risks of material misstatement at the relevant assertion level remains appropriate.
The audit evidence may either confirm the auditor's risk assessments or result in the auditor
performing additional audit procedures.
Error or Fraud
An auditor cannot assume that an identified error or instance of fraud is an isolated occurrence.
The auditor needs to consider how the misstatement affects the assessed risks of material
misstatement. In doing so, the auditor should consider all appropriate audit evidence, even if it
appears to contradict relevant assertions in the financial statements.
Level of Assurance
At the end of the audit, the auditor should conclude whether sufficient appropriate audit evidence
was obtained to reduce to an appropriately low level the risk of material misstatement in the
financial statements and to support the opinions on the financial statements. The auditor must
evaluate whether the audit was performed at a level that provides her/him with a high level of
assurance that the financial statements of each opinion unit, as a whole, are free of material
misstatement.
Sufficiency and Appropriateness of Audit Evidence
The sufficiency and appropriateness of audit evidence are a matter of the auditor's professional
judgment. The auditor's judgment is influenced by factors such as the following:
A. The significance of the potential misstatement in the relevant assertion and the likelihood of it
having a material effect on the financial statements, both individually and when aggregated
with other misstatements
B. The effectiveness of management's responses and controls to address the risks
C. The experience gained during previous audits with respect to similar potential misstatements
D. The results of audit procedures, including whether specific instances of fraud or error were
identified
E. The reliability and sources of available information
F. The persuasiveness of the audit evidence
G. The understanding of the entity and its environment, including its internal control
Note
If the auditor has not obtained sufficient appropriate audit evidence about a relevant
assertion, s/he should try to obtain additional evidence. If the auditor cannot obtain
sufficient appropriate audit evidence, s/he should either express a qualified opinion or
disclaim an opinion.
Evaluating the Potential Existence of Fraud

At or near the completion of the audit, the auditor is required to determine whether the
accumulated results of audit procedures affect the assessment made earlier in the audit about
the risks of material misstatement due to fraud or indicate a previously unidentified risk of
material misstatement due to fraud. In addition, the auditor is required to perform analytical
procedures relating to revenue through the end of the reporting period. Based on the evaluation,
the auditor determines whether additional or different audit procedures are necessary. The
auditor also performs a qualitative evaluation of misstatements identified and determines
whether they may indicate possible fraud.
Evaluating Significant Unusual Transactions

The auditor is required to evaluate the business rationale for significant unusual transactions to
address the risk of management override of controls. The auditor does this by considering
whether the business rationale (or lack thereof) suggests that transactions may have been
entered into to perpetrate fraudulent financial reporting or conceal misappropriation of assets.
Considering the Application of Significant Accounting Principles for
Bias
The auditor should evaluate whether the application of significant accounting principles indicates
a bias on the part of management. In particular, the auditor should consider the accounting
related to subjective measurements and complex transactions. Intentional misapplication of
accounting principles relating to amounts, classification, manner of presentation, or disclosure is
one way in which fraudulent financial reporting can be accomplished.
Audit Documentation
In addition to significant findings, the auditor is required to document the conclusions reached
about such findings or issues and her/his significant professional judgments made in reaching
those conclusions. Judging the significance of a finding or issue generally requires an objective
analysis of the facts and circumstances.
10 J. Analytical Procedures
Introduction
The auditor is required to use analytical procedures in the final review stage of the audit. The
purpose of analytical procedures at this stage is to assist the auditor in assessing the validity of
conclusions reached, including the opinions on the financial statements.
Overall Review
The overall review ordinarily includes consideration of the adequacy of evidence gathered in
response to unusual or unexpected balances identified in planning the audit or during the course
of the audit, as well as unusual or unexpected balances or relationships not previously identified.
If the auditor does not have a sufficient understanding of the cause of unusual or
unexpected relationships, s/he may need to revise the risk of material misstatement
and apply additional audit procedures.
Adequacy of Procedures Performed
Preliminary analytical procedures are risk assessment procedures performed to obtain an

understanding of the entity and its environment for the purpose of assessing the risks of material
misstatement and determining whether further audit procedures should be performed in
response to the risk assessment. Final review analytical procedures are used to consider the
adequacy of the procedures performed. Although the objectives of applying the analytical
procedures may differ, the procedures actually applied may be similar or identical. At the planning
stage, analytical procedures are applied to unaudited amounts. In the final review stage, the
procedures are applied to amounts after audit adjustment. Thus, in the final review, a simple
comparison to prior-period amounts at the financial statement level is normally effective.
10 K. Review of Audit Documentation

Introduction
The engagement partner is required to take responsibility for review of the work performed in
accordance with the firm's review policies and procedures. Based on the review of audit
documentation and discussion with the engagement team, on or before the date of the auditor's
report, the engagement partner should be satisfied that sufficient appropriate audit evidence has
been gathered to support the conclusions reached and the auditor's reports to be issued. Auditors
are required to document who performed the work and when the work was completed. Likewise,
the audit documentation should indicate who reviewed the work and the date of the review.
Detailed Review
The objectives of the detailed review of audit work are to assure that there is adherence to
professional standards and firm policies and procedures; integration of results and conclusions
from work on individual financial statement components; and proper summarization of the results
of audit tests, including significant audit findings or issues, for the attention of the supervisory
reviewer and potential reporting to the client.
Supervisory Review
The audit documentation should include evidence of supervisory review. Generally, the
supervisory review focuses more on the summary and evaluation schedules and documentation of
significant findings or issues, while less time and attention are given to supporting schedules. It is
often conducted after the financial statements and audit report have been drafted and is the final
check on whether the audit work supports the overall conclusions on the financial statements.
Note
The Yellow Book requires auditors to document evidence of supervisory review of the
work performed before the report release date.
Engagement Quality Control Review

Many firms require a review of the audited financial statements, auditor's report, and other
communications and reports by someone who has no other responsibility for the audit.
Depending on the firm, an engagement quality control review (EQCR) may also include additional
procedures, such as looking at checklists or memoranda that document the review of the audit
senior and audit partner; reviewing lawyer's letters and the management representation letter;
reading documentation related to the significant judgments made by the engagement team and
the conclusions they reached; and discussing significant findings and issues with the engagement
partner. If performed, the EQCR should be completed before the audit report is released.
10 L. Summarization and Evaluation of

Audit Evidence
Introduction
Near the end of the audit, the auditor is required to evaluate whether the accumulated results of
the auditing procedures performed provide a high level of assurance that the financial statements
as a whole are free of material misstatement. That evaluation includes consideration of whether
identified misstatements are indicative of possible fraud. The individual and combined effects of
all uncorrected misstatements should be considered. To evaluate the combined effect of various
uncorrected misstatements, it is necessary to summarize them in one place in the audit
documentation.
Nature of Misstatements
A misstatement can result from error or fraud and may occur in the following circumstances: an
inaccuracy occurs in gathering or processing data for inclusion in the financial statements; a
financial statement element, account, or item is omitted; financial statement disclosures are not
in accordance with GAAP; financial statement disclosures required by GAAP are omitted; an
incorrect accounting estimate is made; or management makes unreasonable or inappropriate
judgments concerning an accounting estimate or the selection or application of accounting
policies.

Types of Misstatements
The following terminology can be used to distinguish between the types of misstatements to help
the auditor evaluate the effect of misstatements accumulated during the audit and to
communicate misstatements to management and those charged with governance.
Factual Misstatement
A factual misstatement is a misstatement about which there is no doubt.
Judgmental Misstatement
A judgmental misstatement is one that arises from judgments made by management related to
accounting estimates that the auditor believes to be unreasonable. This type of misstatement
may also arise due to the selection or application of accounting principles by management that
the auditor considers to be inappropriate.
Projected Misstatement
A projected misstatement is the result of the auditor's best estimate of misstatement extrapolated
to an entire population arising from the use of sampling procedures.
Communication and Correction of Misstatements

The auditor is required to communicate to management on a timely basis all misstatements
accumulated during the audit, other than clearly trivial ones. The communication should
distinguish between factual, judgmental, and projected misstatements.
The Auditor's Responsibility
The auditor is required to do the following related to the communication and correction of
misstatements:
A. The auditor must ask the appropriate level of management to correct accumulated
misstatements, except those that are clearly trivial.
B. After the detection of a misstatement, the auditor may request management to examine
account balances, transaction classes, or disclosures and make appropriate corrections. In
addition, when the auditor detects a judgmental misstatement involving an estimate, s/he
may request management to review the assumptions and methods it used in developing the
estimate.
Note
In these situations, and following the correction of detected misstatements, the auditor
should perform additional procedures to determine whether misstatements still
remain.
When Management Does Not Correct Misstatements

If management decides not to correct some or all of the misstatements, the auditor should obtain
an understanding of management's reasons for not doing so and take that into account when
considering qualitative factors. The auditor also should consider the implications for the audit
report. Because uncorrected misstatements are significant audit findings, the auditor should
communicate them to those charged with governance.
Evaluating Uncorrected Misstatements
The auditor should consider both the individual and aggregate effects of all uncorrected
misstatements to evaluate whether the financial statements of each opinion unit are fairly stated.
In making that evaluation, the auditor considers both quantitative and qualitative factors, as well
as the effect of prior-period uncorrected misstatements. The auditor considers not only the
materiality of individual misstatements but also their combined effect on important financial
statement totals or subtotals, such as total expenditures.
Clearly Trivial Misstatements
Misstatements that are clearly trivial are inconsequential in amount, whether considered
individually or in the aggregate and whether judged by any criteria of size, nature, or
circumstance. When determining whether the amount of a misstatement is clearly trivial, the
auditor should not net proposed adjustments at the workpaper level. For example, assume the
auditor has determined that only misstatements greater than $500 will be accumulated. If the
auditor has a misstatement that overstates expenditures by $15,500 and a misstatement that
understates expenditures by $15,500, both misstatements should be included in the summary of
misstatements.
Misstatements in Accounting Estimates
The auditor is required to review judgments and decisions made by management when making
accounting estimates to determine if there are indicators of possible management bias. If the
auditor finds a bias, s/he considers whether other recorded estimates reflect a similar bias and
performs additional procedures to address those estimates taken as a whole. The auditor also is
required to review accounting estimates for biases that could result in material misstatement due
to fraud. If such a possible bias is identified, the auditor reevaluates the accounting estimates
taken as a whole.
Qualitative Considerations
The circumstances related to some misstatements may cause the auditor to evaluate them as
material, individually or when considered together with other misstatements, even if they are
lower than materiality for the financial statements of an opinion unit as a whole. The following are
examples of qualitative factors the auditor may consider:
A. The potential effect of the misstatement on trends, such as revenue or expenditure trends
B. The effect on segment information of the misstatement
C. The effect of the misstatement on quantitative materiality calculated without specific large
accounts such as capital assets and long-term debt
D. Misstatements arising from estimates, allocations, or uncertainties
E. The potential effect of the misstatement on compliance with legal and contractual provisions,
such as misstatements that could impact compliance with debt covenants or expenditures
that are improperly charged to grants and may be reclaimed by a grantor
F. Costs that were improperly charged to avoid a budgetary overexpenditure
G. A misstatement that increases management's compensation

H. A misstatement arising from an improperly calculated valuation or an improperly applied
valuation methodology, such as a derivative transaction that is classified as an effective hedge
when it is not
I. The significance of the financial statement element impacted by the misstatement
J. The effects of misclassifications, such as those between restricted and unrestricted net
position
K. The likelihood that a quantitatively immaterial misstatement may have a material effect in
future periods because of its potential cumulative effect
L. The sensitivity of the circumstances, such as the implications of misstatements involving
fraud, noncompliance with laws and regulations, or conflicts of interest
M. The motivation of management with regard to the misstatement, such as a misstatement
caused by management's continued unwillingness to correct weaknesses in the financial
reporting process
N. The significance of the misstatement or disclosure relative to politically sensitive matters or
known user needs
Risk of Possible Undetected Misstatement
Even if the auditor concludes that the effects of uncorrected misstatements do not cause the
financial statements to be materially misstated, s/he recognizes that there is a risk that the
financial statements may be materially misstated due to further undetected misstatement. If
combined uncorrected misstatements are close to the amount an auditor considers material to
the financial statements of an opinion unit as a whole, the risk of further misstatement may be
considered unacceptable. In this situation, the auditor should perform additional procedures or
determine that the entity appropriately adjusts the financial statements.
Evaluating the Existence of Fraud
An identified instance of fraud is unlikely to be an isolated occurrence. If the auditor believes or
suspects that a misstatement, regardless of its materiality, is a result of fraud, and management
(particularly senior management) is involved, s/he should reevaluate the assessment of the risks
of material misstatement due to fraud and its resulting effect on the nature, timing, and extent of
audit procedures to respond to the assessed risks. The auditor also should consider whether it
indicates possible collusion involving employees, management, or third parties when
reconsidering the evidence previously obtained. In some cases, the risk of material misstatement
due to fraud is so significant that the auditor should consider withdrawing from the engagement
and communicating the reasons for her/his withdrawal to those charged with governance.
Evaluating Noncompliance and Abuse

The Yellow Book requires auditors to design their audits to provide reasonable assurance of
detecting noncompliance with the provisions of laws, regulations, contracts, and grant
agreements that could have a material effect on the financial statements. It also establishes
specific requirements related to abuse. If auditors become aware of abuse that could be material,
they should determine the potential effect on the financial statements by performing additional
procedures, such as extending sample sizes by selectively choosing items to test. The auditor's
evaluation of whether a situation or transaction that constitutes abuse is material should be
based on both quantitative and qualitative factors. Among the factors the auditor may consider in
evaluating the materiality of abuse are whether the abuse is the result of a significant deficiency
or material weakness in internal control and whether it involves collusion or concealment.
Audit Documentation
The auditor should document the following: the amount below which misstatements will be
regarded as clearly trivial; all misstatements accumulated during the audit and whether they have
been corrected by management; and the auditor's conclusion as to whether uncorrected
misstatements, individually or in the aggregate, cause the financial statements to be materially
misstated, and the basis for that conclusion.
10 M. Drafting Financial Statements and

the Auditor's Report
Introduction
Entity management should understand that the auditor's involvement in drafting the financial
statements does not change the fact that management is responsible for those financial
statements. Management must acknowledge its responsibility in the representation letter. For the
auditor to remain independent, management must agree to accept this responsibility, and the
auditor must be satisfied that management has the ability to do so. The auditor's understanding
with the entity regarding the drafting of the financial statements should be documented.
Management also should understand that the auditor's involvement in drafting the financial
statements may represent a significant deficiency or material weakness in internal control that
should be communicated in writing to management and those charged with governance.
Yellow Book Requirements

The Yellow Book considers drafting the financial statements to be a nonaudit service that should
be evaluated under the Yellow Book's conceptual framework for independence. The same
principles apply to assistance with preparing information accompanying the financial statements,
including RSI.
Major Funds
When concluding the audit, the auditor should review the determination of major funds after all
adjustments and reclassifications have been made to the financial statements to determine
whether all required major funds are separately displayed in the financial statements and the
auditor adequately addressed them during the audit.
Drafting the Auditor's Report
Scope Limitation or Other Reportable Matter
The auditor's report is drafted after considering any scope limitations, GAAP departures, or other
matters that should be reported. After the financial statements and auditor's report have been
drafted, the auditor typically discusses them with entity officials. The emphasis in this discussion is
on complex or unusual accounting principles or other matters in the financial statements,
including any unresolved issues of presentation or disclosure.
This discussion is necessary so that the entity can take responsibility for the financial
statements, which generally allows the auditor to remain independent of the entity.
Modifications
Any modifications of the auditor's report also are emphasized. The auditor discusses any
problems identified during the audit, such as deficiencies in internal control, violations of budget
or grant agreements, and errors or fraud. Suggestions for improvement are often discussed.
10 N. Communicating Internal Control

Related Matters
Introduction
The auditor should communicate significant deficiencies and material weaknesses in internal
control in writing to management and those charged with governance. The auditor is not required
to perform procedures to identify deficiencies in internal control but should determine whether, on
the basis of the audit work performed, one or more deficiencies have been identified.
Identifying Control Deficiencies

The auditor may become aware of control deficiencies while, for example, obtaining an
understanding of the entity's internal control, performing risk assessment procedures, or
performing tests of the operating effectiveness of controls. The auditor does not draw an
immediate conclusion about the operating effectiveness of a control (and the existence of an
identified deficiency) when a deviation is detected. Instead, the auditor determines whether the
entity has another strong control, or a combination of effectively operating controls, that achieve
the same control objective as the weak or ineffectively operating control that gave rise to the
deviation. If so, the auditor may conclude that there is no identified deficiency.
Cause and Potential Effect of the Deviation
The auditor should understand the cause of the deviation and its potential effect on the financial
statements by making specific inquiries of management. Ordinarily, the auditor discusses the
facts and circumstances related to the potential deficiency with the appropriate level of
management. In most cases, that includes management personnel who are familiar with the
internal control area affected and who have the authority to take remedial actions.
When Not to Discuss Deficiencies with Management
In some circumstances, it is not appropriate for the auditor to discuss the findings directly with
management. Certain findings may cause the auditor to believe that there is evidence of fraud or
intentional noncompliance with laws and regulations by management or that management is
unable to oversee the preparation of adequate financial statements (which may raise doubts
about management's competence). In these circumstances, it generally would not be appropriate
for the auditor to communicate such deficiencies directly to management.
Evaluating Identified Deficiencies
The auditor should evaluate internal control deficiencies individually and in combination with
other deficiencies affecting the significant account balance or disclosure, relevant assertion, or
component of internal control. Multiple control deficiencies that affect the same financial
statement account balance or disclosure, relevant assertion, or component of internal control
increase the likelihood of misstatement. In combination, they may constitute a significant
deficiency or material weakness, even if they are individually insignificant.
Indicators of a Material Weakness
The following are indicators of a material weakness:
A. Identification of fraud, regardless of materiality, on the part of senior management
B. Restatement of previously issued financial statements to reflect the correction of a material
misstatement due to error or fraud
C. Identification by the auditor of a material misstatement in circumstances indicating that the
misstatement would not have been detected by the entity's internal control
D. Ineffective oversight of the entity's financial reporting and internal control by those charged
with governance
Factors Affecting the Magnitude of Potential Misstatement
In evaluating the magnitude of a potential misstatement, the auditor is considering whether an
identified deficiency could result in a misstatement that is material to the financial statements.
Factors that affect the magnitude of a misstatement that might result from a deficiency or
deficiencies in internal control include but are not limited to the financial statement amounts or
transaction totals exposed to the deficiency and the volume of activity in the account or
transaction class exposed to the deficiency.
The auditor's judgment about the magnitude of a potential misstatement only affects
whether the auditor is required to communicate the identified deficiency to management
and those charged with governance. When in doubt, many auditors choose to
communicate the control deficiency.
Communicating Internal Control Deficiencies

In a GAAS-only audit, the auditor should communicate significant deficiencies and material
weaknesses in writing to those charged with governance. The auditor also should communicate in
writing to management the significant deficiencies and material weaknesses s/he has
communicated or intends to communicate to those charged with governance, unless it would be
inappropriate to communicate directly to management in the circumstances. The auditor also
should communicate in writing or orally other deficiencies in internal control that have not been
communicated to management by other parties and that, in the auditor's professional judgment,
are of sufficient importance to merit management's attention; if communicated orally, the auditor
should document the communication.
The requirements for communicating internal control deficiencies in a Yellow Book

audit are essentially the same as those in a GAAS-only audit, but the method of their
communication differs. In a Yellow Book audit, the auditor is required to issue a publicly
available written report on internal control and compliance over financial reporting
that accompanies the auditor's opinion or disclaimer of opinion on the financial
statements. The auditor's report on the financial statements in a Yellow Book audit
should include a reference to the separate report on internal control and compliance.
Deficiencies Remediated during the Audit
Even if management has remediated significant deficiencies and material weaknesses before
year-end, the auditor is required to include them in the written communication. This
communication is necessary because of the need to inform users about the possibility that a
misstatement may have occurred while the deficiency existed.
Deficiencies Previously Communicated but Not Remediated
Management and those charged with governance may be aware of significant deficiencies and
material weaknesses that the auditor has identified, but they may have chosen not to remedy
them because of cost or other considerations. Regardless, the auditor's requirements to
communicate these deficiencies apply. In addition, if the auditor communicated a significant
deficiency or material weakness in a previous audit and remedial action has not yet been taken,
the auditor should repeat the communication in the current year. The auditor may ask
management or those charged with governance why the deficiency has not been remedied. A
failure to act, in the absence of a rational explanation, may in itself represent a significant
deficiency or material weakness.
Contents of the Communication
The auditor's written communication should include the following:
A. The definition of a material weakness and, when relevant, the definition of a significant
deficiency
B. A description of each significant deficiency and material weakness identified and an
explanation of their potential effects
C. Sufficient information to allow those charged with governance and management to
understand the context of the communication, including an explanation that the purpose of
the audit was for the auditor to express an opinion on the financial statements; the audit
included consideration of internal control over financial reporting in order to design audit
procedures that are appropriate in the circumstances but not for the purpose of expressing an
opinion on the effectiveness of internal control; the auditor is not expressing an opinion on the
effectiveness of internal control; the auditor's consideration of internal control was not
designed to identify all deficiencies in internal control that might be material weaknesses or
significant deficiencies and, therefore, material weaknesses or significant deficiencies may
exist that were not identified
D. A paragraph restricting the use of the communication to management, those charged with
governance, others within the entity, and any governmental authority to which the auditor is
required to report
Note
In a Yellow Book report on internal control over financial reporting, the paragraph
should state that the communication is not suitable for any other purpose. The report
is not restricted because it is an integral part of the auditor's reporting on the financial
statements and is a publicly available document.
Potential Effects of Control Deficiencies

When explaining the potential effects of the significant deficiencies and material weaknesses, the
auditor is not required to quantify those effects. The potential effects may be described in terms of
the control objectives that might not be achieved; the types of errors the control was designed to
prevent or detect and correct; or the risk of misstatement that the control was designed to
address.
Timing of the Communication
The auditor should make the required communications no later than 60 days following the report
release date. The communication is best made by the report release date because early
communication of identified deficiencies may be an important factor in enabling those charged
with governance to discharge their oversight responsibilities.
When No Significant Deficiencies or Material Weaknesses Were Identified
The auditor is not permitted to issue a written communication stating that no significant
deficiencies were identified. The auditor may issue a written communication stating that no
material weaknesses were identified.
10 O. Communicating Fraud and Violations

of Laws and Regulations
Introduction
When the auditor encounters information indicating potential noncompliance with laws and
regulations or the possibility of fraud, the auditor should consider how and why it might have
occurred and investigate further.
The Auditor's Procedures
Overview
If the auditor's investigation indicates there may have been fraud or a violation of laws or
regulations, s/he should do the following:
A. Obtain an understanding of the matter and sufficient other information to evaluate the
possible effects on the financial statements and auditor's report (such as the need for
adjustments and additional disclosures).
B. Consider the implications for other aspects of the audit (such as risk assessment and reliance
on management's representations).
C. Discuss the matter and the need for any further investigation with an appropriate level of
management.
D. If appropriate, consult with the entity's legal counsel or suggest that the entity consult with
legal counsel on any questions of law and on the course of action the entity should take.
E. Document a description of the identified or suspected fraud or violation of laws and
regulations and the results of any conversations with management, those charged with
governance, and others, if applicable.
Disclosure
GAAS recognizes the auditor's duty to disclose such matters to a funding agency or other
specified agency in a Yellow Book audit. In addition, state laws may require communication of
certain fraud or violations of laws or regulations. Some states provide criminal penalties for those
who fail to report a felony to the proper authorities. Others require auditors to maintain
confidentiality.
With Whom to Communicate
The auditor is required to ensure that the audit committee or others charged with governance are
adequately informed about any violations of laws or regulations, unless clearly inconsequential,
that come to the auditor's attention. If the auditor determines there is evidence that fraud may
exist, even if the matter is inconsequential, s/he is required to report it to the appropriate level of
management. If the fraud or potential fraud involves senior management or causes the financial
statements to be materially misstated, it should be reported directly to those charged with
governance. Auditors may consider it appropriate to communicate with those charged with
governance about misappropriations committed by lower-level employees that do not result in a
material misstatement. Auditors also normally reach an understanding with those charged with
governance regarding communication about any misappropriations committed by lower-level
employees.
Parties outside the Entity
As noted previously, the auditor sometimes has a duty to disclose fraud or violations of laws or
regulations to parties outside the governmental entity. In addition, the auditor should disclose
such matters when responding to a subpoena or responding to a successor auditor's inquiries. It is
a good idea to consult with legal counsel before disclosing fraud to outside parties.
Management and Others
If any of the identified fraud risks have internal control implications, the auditor should determine
whether they represent deficiencies that should be reported to management and others. The
absence of or deficiencies in processes and controls designed to mitigate or otherwise prevent,
deter, and detect fraud may also be matters that require communication.
Yellow Book Requirements
The Yellow Book standards establish certain other requirements for communicating with those
charged with governance or other responsible officials. The Yellow Book requires auditors to
communicate fraud and noncompliance with provisions of laws or regulations that have a
material effect on the financial statements or other financial data significant to the audit
objectives and any other instances that warrant the attention of those charged with governance;
noncompliance with provisions of contracts or grant agreements that has a material effect on the
determination of financial statement amounts or other financial data significant to the audit
objectives; and/or abuse that is either quantitatively or qualitatively material.
Those Charged with Governance
The Yellow Book requires the auditor to provide written communication about findings of
noncompliance or abuse that are less than material but warrant the attention of those charged
with governance. In some circumstances, the auditor is required to report to those charged with
governance when management fails to respond appropriately to the auditor's findings of known
or likely fraud, illegal acts, noncompliance, or abuse. Those circumstances are as follows:
A. Management fails to report findings of fraud, noncompliance, or abuse to external parties
when required to do so by laws or regulations.
B. Management fails to respond in a timely and appropriate manner when findings of fraud,
noncompliance, or abuse are likely to have a material effect on the financial statements and
involve funds received from another government agency.
External Parties
If, after the auditor's communication with those charged with governance, the entity's response is
still inadequate, the auditor should communicate directly with external parties, as described
below.
A. The auditor should report relevant information directly to external parties if s/he has
communicated to those charged with governance that management has not met legal or
regulatory requirements to report fraud, noncompliance, or abuse to specific external parties;
and the entity does not report the findings as soon as practicable after this communication.
B. The auditor should report relevant information directly to the funding agency if s/he has
communicated to those charged with governance that management failed to take timely,
appropriate actions to respond to findings of fraud, noncompliance, or abuse that involves
funding from another government agency and is likely to be material to the financial
statements; and the entity does not take appropriate steps as soon as practicable after this
communication.
In both of these situations, the auditor should obtain sufficient appropriate audit
evidence (such as confirmation with external parties) to corroborate management's
assertion that it has reported such findings in accordance with laws, regulations, and
funding agreements. If unable to do so, the auditor should report the findings. These
reporting requirements are in addition to any other legal requirements to report such
findings directly to outside parties and are applicable even if the auditor has resigned
or been dismissed from the audit.
Potential Effect on the Audit
The auditor may be required by laws, regulations, or policies to report indications of fraud, illegal
acts, noncompliance, or abuse to authorities before performing additional audit procedures. The
auditor should evaluate the impact on her/his audit if investigations or legal proceedings have
been initiated or are in progress. It may be necessary to withdraw from the engagement or defer
work in order to avoid interfering with investigations.
10 P. Subsequent Discovery of Matters after
the Date of the Report
Introduction
Subsequent to the date of the auditor's report, the auditor may become aware of facts that existed
on that date that might have caused her/him to believe information provided by the entity was
incorrect, incomplete, or otherwise unsatisfactory had s/he been aware of them. Subsequent to
the date of the auditor's report, the auditor may conclude that certain necessary audit procedures
were omitted but there is no indication that the financial statements are materially misstated.
Facts Existing at the Date of the Report
When facts are discovered after the report is issued, the auditor is generally required to perform
certain procedures, as described below.
Investigation
If the information that the auditor becomes aware of is of such a nature and from such a source
that s/he would have investigated it had it come to her/his attention during the engagement, the
auditor should investigate it as soon after it comes to her/his attention as is practical.
Disclosure
If, after investigation, the auditor determines that her/his report or the financial would have been
affected if the information had been known at the date of her/his report and s/he believes there
are persons currently relying on or likely to rely on the financial statements who would attach
importance to the information, the auditor should advise the entity to make appropriate disclosure
of the newly discovered facts and their impact on the financial statements to persons who are
relying on the financial statements and the related auditor's report.
Method of Disclosure
The method of disclosure by the governmental unit may, depending on the circumstances, take
one of the following forms: issuance of revised financial statements and auditor's report;
disclosure of the revision in subsequent financial statements instead of reissuing the earlier
statements; or notification to the users of the financial statements that they should not be relied
upon and that revised statements will be issued upon completion of an investigation.
Preventing Future Reliance on the Report
If the entity refuses to make the requested disclosures, the auditor should notify appropriate
parties and take appropriate steps to prevent future reliance on her/his report.
Omitted Procedures
When the auditor determines that certain necessary audit procedures were omitted, s/he should
assess the importance of the omitted procedures on her/his ability to support the opinion
expressed on the financial statements. Review of the audit documentation, discussions with
others assigned to the engagement, and reevaluation of the overall audit scope may be helpful in
making the assessment. The results of subsequent audits also may be considered.
Applying Omitted Procedures or Alternative Procedures
If the auditor concludes that s/he is unable to support the auditor's opinion on the previously
issued financial statements, and there are persons currently relying on or likely to rely on the
report, the auditor should promptly apply the omitted procedures or alternative procedures that
would support the opinion.
Inability to Apply Omitted Procedures or Alternative Procedures
If the auditor is unable to apply the omitted or alternative procedures, s/he may decide to consult
with legal counsel to determine an appropriate course of action.
Audit Documentation
When documenting the necessary revisions to the original audit documentation, the auditor
should document when the change was made and reviewed; who made and reviewed the change;
the reasons for the change; and the procedures performed, audit evidence obtained, and
conclusions reached, and their effect on the auditor's report.
The auditor cannot delete or discard any audit documentation after the documentation
completion date and through the retention date.
10 Q. Chapter Summary
This chapter discussed general and concluding audit procedures related to the following:
commitments and contingencies; litigation, claims, and assessments; management
representation letter; subsequent events; related parties; going concern; accounting estimates
and fair value; analytical procedures; review of audit documentation and summarization and
evaluation of audit evidence; drafting financial statements and the auditor's report;
communicating internal control related matters; communicating with those charged with
governance; communicating fraud and violations of laws and regulations; and subsequent
discovery of matters after the report release date.
Study Question 44
What period of time should be covered by the auditor's review of subsequent events?
A The period from the date of the financial statements to the

date of the auditor's report
B The period from the date of the financial statements to the

release date of the auditor's report
C Thirty days from the date of the auditor's report
D Sixty days from the date of the financial statements
Study Question 45
In evaluating an accounting estimate, which of the following statements is typically true regarding
the auditor's development of a point estimate or range to evaluate management's point estimate?
A A range must be less than performance materiality to be
adequate for evaluating the reasonableness of
management's point estimate.
A range that has been narrowed to be equal to or less than
B performance materiality is adequate for evaluating the
reasonableness of management's point estimate.
An auditor's point estimate must be within five percentage
C points of management's point estimate to provide sufficient
appropriate audit evidence.
An auditor's point estimate is never an appropriate audit
D response for evaluating the reasonableness of
management's point estimate.
Study Question 46
Why is the auditor required to evaluate the potential existence of fraud at or near the completion
of the audit?
To determine whether the accumulated results of audit
procedures affect the assessment made earlier in the audit
A about the risk of material misstatement due to fraud or
indicate a previously unidentified risk of material
misstatement due to fraud
To determine whether the accumulated results of audit
procedures provide absolute evidence that the entity's
B financial statements are free from material misstatement
due to fraudulent financial reporting or misappropriation of
assets
C To assess the risk of fraud and design audit procedures to

address that risk at the relevant assertion level
To design appropriate management representations to
D alleviate the auditor's responsibility for responding to the
assessed risk of fraud
Study Question 47
Which of the following is not a type of misstatement that can be used by the auditor to evaluate
the effect of misstatements accumulated during the audit and to communicate misstatements to
management and those charged with governance?
A Factual
B Judgmental
C Projected
D Hypothetical
Chapter 11. Auditor's Reports
This chapter describes standard GAAS reports on the basic financial statements, including the
dating of reports, and reports on the financial statements of an individual fund or a component
unit, as well as modifications to the standard report. It discusses reports on financial statements
prepared in accordance with a special purpose framework. This chapter describes the auditor's
responsibility for reports on information accompanying the basic financial statements, including
RSI, SI, and other information. It discusses the additional requirements for reports in an audit
conducted in accordance with the Yellow Book standards, including the reports on the financial
statements and the report on internal control and compliance and other matters. Finally, it
provides an overview of an auditor's association with municipal debt issuances.
recognize the importance and relevance of standard GAAS and GAGAS reports on the basic
11 A. Dating of Auditors' Reports

Introduction
The auditor's report should be dated no earlier than the date on which the auditor has obtained
sufficient appropriate evidence to support the opinion on the financial statements. This date
usually is a date later than the completion of fieldwork because it encompasses review of the
audit documentation, preparation of financial statements and disclosures (if applicable), and
obtaining management's assertion that it has taken responsibility for the financial statements. As
a result, the auditor needs to coordinate the audit report date and management representation
letter date.
Management's Representation Letter

Management's representation letter should be dated as of the date of the auditor's report on the
financial statements. This requirement does not mean that the auditor must physically have
management's representation letter on the date of the auditor's report. However, on or before the
date of the auditor's report, management must have reviewed the final representation letter and
confirmed to the auditor that it will sign the letter without exception. The auditor must have the
signed management's representation letter before releasing the auditor's report, since
management's refusal to furnish written representations constitutes a limitation on the scope of
the audit, which often is sufficient to preclude an unmodified opinion.
Subsequent Events
If a subsequent event that is disclosed in the financial statements occurs after the original date of
the auditor's report but before the statements are issued, the auditor can choose between two
methods for dating the report: the report may be dated as of the later date or may be dual-dated.
Note
The same two options are available when the auditor becomes aware of a matter after
the date of the auditor's report but before the report release date that requires revision
of the financial statements and management revises them.
Report Dated as of the Later Date

If the report is dated as of the later date, the auditor's responsibility for subsequent events is
extended to the date of the report. In this situation, audit procedures directed toward determining
subsequent events should be extended to the date of the report.
Dual-Dated Report
If the report is dual-dated, the auditor's responsibility is limited to the specific event, and the
auditor may determine that it is appropriate to obtain additional management representations
relating to the subsequent event.
11 B. Standard Report on the Financial

Statements in a GAAS Audit
Introduction
This section discusses the standard report on a governmental entity's basic financial statements
and other common reports issued in a GAAS-only audit. This chapter discusses the standard
report in a Yellow Book audit in a later section.
The Auditor's Objectives and Requirements
The auditor's objectives are to form an opinion on the financial statements based on an evaluation
of the audit evidence obtained, including evidence obtained about comparative financial
statements or comparative financial information; and to express clearly that opinion on the
financial statements through a written report that also describes the basis for that opinion.
General Requirements
To achieve those objectives for a standard report, the auditor should do the following:
A. Form an opinion on whether the financial statements are presented fairly, in all material
respects, in accordance with GAAP, by concluding whether reasonable assurance has been
obtained about whether the financial statements as a whole are free of material
misstatement.
B. Express an unmodified opinion when the auditor concludes that the financial statements are
presented fairly, in all material respects, in accordance with GAAP.
C. Express a modified opinion if the auditor concludes that the financial statements as a whole
are materially misstated or if the auditor is unable to obtain sufficient appropriate evidence to
conclude that the financial statements are free of material misstatement.
D. Discuss with management if the financial statements do not achieve fair presentation, and
determine whether it is necessary to modify the auditor's opinion.
Report Requirements
The auditor's report on the financial statements is required to be in writing. A written report may
be in hard copy format or in an electronic medium. The standard auditor's report generally
consists of the following:
A. An introductory paragraph that identifies the entity whose financial statements have been
audited, states that the financial statements have been audited, identifies the title of each
financial statement, and specifies the date or period covered by each financial statement
B. A section with the heading “Management's Responsibility for the Financial Statements” that
describes management's responsibility for the preparation and fair presentation of the
financial statements, including an explanation that management is responsible for the
preparation and fair presentation of the financial statements in accordance with GAAP, which
includes the design, implementation, and maintenance of internal control relevant to the
preparation and fair presentation of financial statements that are free from material
misstatement, whether due to error or fraud
C. A section with the heading “Auditor's Responsibility” that states that the auditor's
responsibility is to express an opinion on the financial statements based on the audit; states
that the audit was conducted in accordance with auditing standards generally accepted in the
United States of America (and Government Auditing Standards in a Yellow Book audit) and
that those standards require the auditor to plan and perform the audit to obtain reasonable
assurance about whether the financial statements are free from material misstatement; and
describes the audit by stating the following:
1. An audit involves performing procedures to obtain audit evidence about the amounts and
disclosures in the financial statements.
2. The procedures selected depend on the auditor's judgment, including the assessment of
the risks of material misstatements. In assessing those risks, the auditor considers
internal control relevant to the entity's preparation and fair presentation of the financial
statements in order to design audit procedures that are appropriate in the circumstances
but not for the purpose of expressing an opinion on the effectiveness of the entity's
internal control and, accordingly, no such opinion is expressed.
3. An audit also includes evaluating the appropriateness of the accounting policies used and
the reasonableness of significant accounting estimates made by management, as well as
the overall presentation of the financial statements.
D. A statement about whether the auditor believes that the audit evidence is sufficient and
appropriate to provide a basis for the auditor's opinion
E. A section with the heading “Opinion” that states the auditor's opinion about whether the
financial statements present fairly, in all material respects, the financial position, results of
operations, and cash flows in accordance with U.S. GAAP
F. The manual or printed signature of the auditor's firm and the city and state in which the
auditor practices
Materiality
The basic materiality determination for planning, performing, evaluating, and reporting on the
audit of a government's basic financial statements is based on opinion units. The opinion unit is
the level at which the auditor opines on the financial statements. The auditor may be engaged to
audit at a more detailed level than the opinion unit level used for the basic financial statements,
such as at the individual fund level. The auditor's report when auditing at a more detailed level is
discussed later in this chapter.
In an audit of group financial statements, materiality may also be determined for

components other than opinion units. In a governmental audit, a component may be a
separate legal entity reported as a component unit or part of the entity, such as a
business activity, department, or program.

Report Modifications
Report modifications should be evaluated at the opinion unit financial statement level and at the
entity's financial statement level as a whole. Report modifications for one opinion unit generally
do not affect the other opinion units. Certain situations may occur that would result in the auditor
expressing an adverse opinion or a disclaimer of opinion on the entity's financial statements as a
whole.
Adverse Opinion
The auditor will express an adverse opinion on the financial statements as a whole when the
entity omits required government-wide or fund financial statements, as well as when the auditor
expresses adverse opinions on both the governmental and business-type activities opinion units
(or on governmental activities if it is the only one presented). In addition, general infrastructure
assets are presumed to be material to the governmental activities of a general purpose
government. Unless demonstrated otherwise, the omission of the presentation of infrastructure
assets would generally result in an adverse opinion on the governmental activities. The auditor
should also evaluate whether the omission should result in an adverse opinion on the financial
statements as a whole.
Disclaimer of Opinion
The auditor will express a disclaimer of opinion on the financial statements as a whole if
disclaimers are issued on both the governmental and business-type activities opinion units (or on
governmental activities if it is the only one presented).
Budgetary Reporting
The entity is required to present budgetary comparison schedules as RSI for the general fund and
each major special revenue fund with a legally adopted budget. The entity may instead elect to
report such information as a basic financial statement. Presenting the budgetary comparison
information as a basic financial statement increases the level of assurance the auditor provides on
the information and the resulting amount of audit work that must be performed. In addition,
budgetary comparison information can be presented for other funds or when a legal budget has
not been adopted; that information must be presented and reported on as SI, as discussed later in
this chapter.
Change in Major Funds

Major governmental funds and enterprise funds are separate opinion units if they meet the
quantitative criteria in GASB Statement No. 34 as major or the entity voluntarily decides to report
them as major because they are particularly important to financial statement users. As a result,
funds that are reported as major may vary each year. Such changes are not considered a change
in accounting principle that would require an emphasis-of-matter paragraph in the auditor's
report.
Components of GAAP Financial Reports
GAAP financial reports issued by general and special purpose governments must include a
minimum of management's discussion and analysis (MD&A), basic financial statements, notes to
the financial statements, and other RSI. The AICPA has taken the position that, when developing
an opinion on separately issued GAAP-based financial statements for an individual fund,
department, program, or agency, the auditor should consider whether all of the components are
included. The exclusion of MD&A and other RSI does not affect the auditor's conclusion on the fair
presentation of the basic financial statements. When GAAP designates information as RSI, the
information is considered to be an essential part of financial reporting for placing the basic
financial statements in an appropriate operational, economic, or historic context. In this situation,
the auditor would include an other-matter paragraph in the report to refer to the RSI.
Audits at a More Detailed Level Than Basic Financial Statements

An audit can be performed at a more detailed level, such as the fund level, than the opinion unit
level in the basic financial statements. This more detailed audit would supplement rather than
replace the audit of opinion unit financial statements. In some situations, the financial statements
that are subject to the more detailed audit scope are not presented in the basic financial
statements. For example, the auditor may be engaged to audit each fund in an entity's combining
and individual nonmajor fund financial statements that is presented as SI.
Reporting on Prior-Period Information
Because of the volume and complexity of governmental financial statements, most entities only
present a complete set of financial statements for the current year. If prior-year statements are
presented, the auditor should report on them. When prior-period information is presented, it is
usually limited to prior-period total columns. The auditor is not required to, and usually does not,
report on the comparative information in this situation.
11 C. Modifications to the Standard Report

Introduction
The auditor's objectives relating to report modifications involve three situations: an inability to
express an unmodified opinion, the need to include an emphasis-of-matter or other-matter
paragraph in the auditor's report, and financial statements that are not comparable between
periods.
Inability to Express an Unmodified Opinion

The auditor must express clearly an appropriately modified opinion on the financial statements of
an opinion unit when s/he concludes, based on the audit evidence obtained, that the financial
statements are materially misstated or s/he is unable to obtain sufficient appropriate audit
evidence to conclude that the financial statements are free from material misstatement.
The Need to Include an Emphasis-Of-Matter or Other-Matter
Paragraph
Having formed an opinion on the financial statements, the auditor may judge it necessary to draw
users' attention to a certain matter through an additional communication in the report. The
auditor includes an emphasis-of-matter paragraph to draw users' attention to a matter that—
although appropriately presented or disclosed in the financial statements—is of such importance
that it is fundamental to a user's understanding of the financial statements. The auditor includes
an other-matter paragraph for any other matter that is relevant to a user's understanding of the
audit, the auditor's responsibilities, or the auditor's report.
Financial Statements Are Not Comparable between Periods

The auditor evaluates the consistency of the financial statements for the periods presented and
communicates in the report when the comparability of financial statements between periods has
been materially affected by a change in accounting principle or by adjustments to correct a
material misstatement in previously issued financial statements.
Types of Modifications
The three types of modifications to the standard auditor's report are a qualified opinion, an
adverse opinion, and a disclaimer of opinion.
Qualified Opinion
In a qualified opinion, the auditor states that, except for the effects of the matters to which the
qualification relates, the financial statements are fairly presented in accordance with GAAP. A
qualified opinion is appropriate in the following two circumstances:
A. The auditor was able to obtain sufficient appropriate audit evidence and concludes that
misstatements (individually or in the aggregate) are material, but that the misstatements are
not pervasive to the financial statements.
B. The auditor was not able to obtain sufficient appropriate audit evidence and believes that the
possible effects of undetected misstatements may be material to the financial statements,
but that the misstatements are not pervasive to the financial statements.
Note
Pervasive effects on the financial statements are those that, in the auditor's
professional judgment, are not confined to specific elements, accounts, or items of the
financial statements; if so confined, they represent or could represent a substantial
proportion of the financial statements; or with regard to disclosures, are fundamental
to a user's understanding of the financial statements.
Adverse Opinion
In an adverse opinion, the auditor states that the financial statements are not fairly presented in
accordance with GAAP. The auditor expresses an adverse opinion when s/he was able to obtain
sufficient appropriate audit evidence and concludes that the possible effects of undetected
misstatements (individually or in the aggregate) are both material and pervasive.
Disclaimer of Opinion
In a disclaimer of opinion, the auditor does not express an opinion on the financial statements.
The auditor expresses a disclaimer of opinion when s/he was not able to obtain sufficient
appropriate audit evidence and believes that the possible effects of undetected misstatements are
both material and pervasive.

GAAP Departures
Numerous types of GAAP departures may be found in the audit of a governmental entity. They
include failure to record a liability for pensions that should be recorded, incorrect capitalization or
depreciation of property and equipment, improper methods of accruing revenues or expenditures,
failure to report fund financial statements as major, and omission or incorrect presentation of a
required disclosure.
Reporting the Departure
The audit report should be modified by including a paragraph with a heading “Basis for Qualified
Opinion” or “Basis for Adverse Opinion” immediately before the opinion paragraph, describing the
matter giving rise to the modification. The paragraph should describe and quantify the financial
effects of the misstatement unless impracticable, in which case the paragraph should state that it
is not practicable to quantify the effects. The opinion paragraph should be modified for the effects
of the GAAP departure using the term “except for,” or, for an adverse opinion, should state that
the financial statements “do not present fairly” the financial position, changes in net position, and
cash flows.
Opinion Units
Because the auditor opines on each opinion unit, s/he may have two opinion paragraphs—one to
opine on the opinion unit(s) with the departure and one to opine on the remaining opinion units.
Depending on the materiality and pervasiveness of the departure, the auditor may either qualify
an opinion or express an adverse opinion on an opinion unit. However, recall that certain GAAP
departures can be so significant that the auditor may express an adverse opinion on the entity's
financial statements as a whole.
Scope Limitations
The auditor's inability to obtain sufficient appropriate audit evidence, also referred to as a
limitation on the scope of the audit, may arise from the following: circumstances beyond the
control of the entity, circumstances relating to the nature or timing of the auditor's work, or
limitations imposed by management. The inability to perform a specific procedure is not a scope
limitation if sufficient appropriate evidence can be obtained by performing alternative procedures.
Types of Scope Limitations
Audit evidence may not be sufficient when an entity's accounting systems (including processes
and records) do not provide the necessary information to report capital assets, report interfund
activity and balances in the fund financial statements, or eliminate internal activity and balances
in the government-wide financial statements. In such situations, the auditor should also consider
whether the financial presentations represent a departure from GAAP. Another type of scope
limitation can be the inability to obtain sufficient audit evidence about relevant controls at a
service organization.
Effect on the Auditor's Report
If the auditor cannot obtain sufficient appropriate evidence, s/he should express a qualified
opinion if the possible effects of undetected misstatements could be material but not pervasive. If
the possible effects could be pervasive, the auditor should disclaim an opinion. If the scope
limitation is imposed by management and is material or pervasive, the auditor should request
that management remove the limitation. If management refuses, the auditor should do the
following:
A. Communicate the matter to those charged with governance
B. If sufficient appropriate evidence cannot be obtained by performing alternative procedures
and the auditor concludes the possible effects of an undetected misstatement could be both
material and pervasive, either disclaim an opinion or, when practicable, withdraw from the
audit
Scope Limitation Arising from Alternative Investments
Alternative investments are those for which readily determinable fair values generally do not exist.
Examples are investments in private equity funds, hedge funds, and venture capital funds.
Auditing management's estimate of the fair value of an alternative investment includes assessing
both the extent of the supporting audit evidence and the uncertainties inherent in such an
estimate. The more complex and illiquid the alternative investment, the greater the uncertainty
that may be associated with the valuation estimate. It also may be difficult to obtain a
confirmation of the government's interest in an alternative investment at the level of detail
required to obtain sufficient audit evidence of the existence and valuation of the investments. The
auditor may find it necessary to qualify or disclaim an opinion due to a scope limitation if s/he is
unable to obtain sufficient audit evidence to support the existence, valuation, and disclosure of
alternative investments.
Financial Statements Containing an Unaudited Organization
At times, unaudited financial statements of an organization, function, or activity are included in
the basic financial statements of a primary government or component unit because the unaudited
entity meets the criteria for inclusion in the reporting entity. In this situation, the auditor should
qualify the opinion or disclaim an opinion because of a scope limitation, depending on the
materiality of the unaudited entity to the financial statements.
Qualified Opinion Because of a Scope Limitation
When the auditor qualifies her/his opinion because of a scope limitation, s/he should include a
paragraph with the heading “Basis for Qualified Opinion” immediately before the opinion
paragraph that describes the reasons for the auditor's inability to obtain sufficient appropriate
evidence. The opinion paragraph should state that, except for the possible effects of the matters
described in the basis for modification paragraph, the financial statements are presented fairly.
The opinion paragraph should be headed “Qualified Opinion.”
Disclaimer of Opinion Because of a Scope Limitation
If the possible effects on the financial statements of the scope limitation could be pervasive, the
auditor should disclaim an opinion. The effect on the auditor's report is as follows:
A. The introductory paragraph should be modified to state that the auditor was engaged to
audit the financial statements.
B. The paragraph on the auditor's responsibility should be modified to state only that the
auditor's responsibility is to express an opinion on the financial statements but, because of
the matters described in the basis for disclaimer of opinion paragraph, the auditor was not
able to obtain sufficient appropriate audit evidence to provide a basis for an audit opinion.
C. A paragraph with the heading “Basis for Disclaimer of Opinion” should be included
immediately before the conclusion paragraph that describes the reasons for the inability to
obtain sufficient appropriate evidence.
D. The conclusion paragraph should use a heading that includes “Disclaimer of Opinion.”
E. The conclusion paragraph should state that, because of the significance of the matters
described in the basis for disclaimer of opinion paragraph, the auditor has been unable to
obtain sufficient appropriate evidence to provide the basis for an audit opinion and,
accordingly, does not express an opinion on the financial statements.
Note
In situations where it is appropriate to disclaim an opinion on one or more opinion
units, the auditor should use professional judgment to evaluate the facts and
circumstances applicable to the opinion unit(s) to determine whether the financial
statement presentations are of a magnitude to warrant a disclaimer of opinion on the
entity's financial statements as a whole.
Uncertainties
Report modifications can come about because of uncertainty about an entity's ability to continue
as a going concern and other uncertainties.
Going Concern Uncertainty
The typical way to report on a going concern uncertainty is to add an emphasis-of-matter
paragraph following a standard unmodified opinion. The auditor may, but is not required to,
disclaim an opinion because of a going concern uncertainty.
Other Uncertainties
Other uncertainties involving governmental entities may involve grants received from another
level of government. If the entity has not complied with the provisions of laws, regulations,
contracts, or grant agreements, the entity may need to record a liability or disclose a contingent
liability for possible refunds of grant amounts previously received and expended. The materiality
assessment for determining the need for a report modification is in relation to the opinion unit in
which the grant is recorded.
The presence of such uncertainties, even if they are material, does not generally affect the
auditor's report as long as the required disclosures are made. If the auditor determines
that the financial statements contain a GAAP departure either because disclosure of an
uncertainty is inadequate, the accounting principles used are inappropriate, or the
accounting estimates are unreasonable, it may be necessary to express a qualified or an
adverse opinion.
The auditor should assess the sufficiency of the support for management's estimate of
the outcome of an uncertainty based on the audit evidence that exists or should be
available. If, after considering the existing conditions and available evidence, the auditor
concludes that sufficient appropriate audit evidence supports management's assertions
about the matter involving an uncertainty and its presentation and disclosure in the
financial statements, an unmodified opinion ordinarily is appropriate.
Emphasis-Of-Matter Paragraph
The auditor is not required to include an emphasis-of-matter paragraph for uncertainties, other
than going concern uncertainties, unless a matter that is appropriately presented or disclosed in
the financial statements is of such importance that the auditor judges it fundamental to a user's
understanding of the financial statements. Some auditors highlight uncertainties relating to
matters such as significant estimates or litigation.
Change in Accounting Principle
When the entity has changed to a newly adopted accounting principle that is in accordance with
GAAP and the change has a material effect on the financial statements, the auditor should
include an emphasis-of-matter paragraph in the report. The emphasis-of-matter paragraph
should be included immediately after the opinion paragraph and should describe the change(s) in
accounting principle and provide a reference to the entity's disclosure. The paragraph should be
included in the report until the new accounting principle is applied in all periods presented.
However, if the change is accounted for by retrospective application to all periods presented, the
paragraph is needed only in the period of change.
Note
A change in the method of applying an accounting principle also is considered a
change in accounting principle.
Other Changes Affecting Consistency

The auditor should modify the report whenever the comparability of the financial statements
between periods has been materially affected by changes. In addition to the adoption of a new
accounting principle, the auditor should evaluate the materiality of the effect on comparability of
the following types of changes: voluntary adoption of a change from one generally accepted
accounting principle to another that is also generally accepted; a change in accounting estimate
that is inseparable from the effect of a related change in accounting principle; a change in the
reporting entity that results in financial statements that are, in effect, those of a different
reporting entity but that is not the result of a transaction or event; a correction of a material
misstatement in previously issued financial statements, such as changing from an accounting
principle that is not generally accepted to one that is generally accepted; and a change in
financial statement classification that represents a correction of a previous misstatement or a
change in accounting principle.
11 D. Reports on Special Purpose

Frameworks
Introduction
Special purpose frameworks are often used as an alternative to GAAP requirements. They include
the cash, tax, regulatory, contractual, and other bases of accounting. An other basis of accounting
is a basis that uses a definite set of logical, reasonable criteria that is applied to all material items
in the financial statements.
The Auditor's Requirements

For financial statements prepared in accordance with a special purpose framework, the auditor
considers opinion units in the same manner as they would be considered in an audit of GAAP-
basis financial statements. In other words, the auditor reports on governmental activities,
business-type activities, aggregate discretely presented component units, each major
governmental and enterprise fund, and aggregate remaining fund information.
General Requirements
The auditor's general requirements are as follows:
A. Express an opinion or a disclaimer of opinion on the financial statements.
B. Evaluate the following:
1. Whether the financial statements are suitably titled, include a summary of significant
accounting policies, and adequately describe how the special purpose framework differs
from GAAP;
2. Whether the financial statements include informative disclosures similar to those required
by GAAP when the financial statements contain items that are the same as or similar to
GAAP financial statements; and
3. Whether additional disclosures beyond those specifically required by the framework
related to matters that are not specifically identified on the face of the financial
statements or other disclosures are necessary for the financial statements to achieve fair
presentation.
Reporting Requirements
Significant changes to the reporting requirements of financial statements prepared in accordance
with special purpose frameworks are:
A. For financial statements prepared in accordance with a contractual basis of accounting, the
auditor should obtain an understanding of any significant interpretations of the contract that
management made in preparing those financial statements and evaluate whether the
financial statements adequately describe such interpretations.
B. For financial statements prepared in accordance with a regulatory or contractual basis of
accounting, the auditor's report should describe the purpose for which the financial
statements are prepared or refer to a note to the financial statements that contains that
information.
C. The auditor's report should include an emphasis-of-matter paragraph under an appropriate
heading that, among other things, states that the special purpose framework is a basis of
accounting other than GAAP.
D. When management has a choice of financial reporting frameworks, the explanation of
management's responsibility for the financial statements in the auditor's report should make
reference to management's responsibility for determining that the applicable financial
reporting framework is acceptable in the circumstances.
E. Except for regulatory basis financial statements intended for general use, the auditor's report
should include an emphasis-of-matter paragraph that indicates that the financial statements
are prepared in accordance with the applicable special purpose framework; refers to a note to
the financial statements that describes that framework; and states that the special purpose
framework is a basis of accounting other than GAAP.
F. When reporting on regulatory basis financial statements that are intended for general use,
the auditor should express an opinion or disclaim an opinion about whether the financial
statements are presented fairly, in all material respects, in accordance with GAAP. The report
includes a separate paragraph expressing an opinion about whether the financial statements
are prepared in accordance with the special purpose framework.
G. When reporting on regulatory basis financial statements that are intended solely for internal
use and regulatory filing, the auditor's report should include an other-matter paragraph
under an appropriate heading that states that the report is intended solely for use within the
entity and by the identified regulatory agency or agencies.
Note
The other-matter paragraph is included in addition to the emphasis-of-matter
paragraph noted in item (E) above.
H. The auditor's report should include specific elements if the auditor is required by law or
regulation to use a specific layout, form, or wording of the auditor's report.
11 E. Reporting on Information
Accompanying the Basic Financial
Statements
Introduction
The auditor's responsibilities for other information accompanying the basic financial statements
depend on the type of information and whether the auditor is engaged to report on it.
Other Information in Documents Containing Audited Financial

Statements
The audited financial statements may be accompanied by information that is voluntarily
presented by the entity. Such information can include, for example, financial summaries or
highlights, employment data, and financial ratios. This section describes the auditor's
responsibilities when s/he is not engaged to issue an opinion on whether the information is fairly
presented, in all material respects, in relation to the financial statements as a whole.
Consistency of Information with Audited Financial Statements
The auditor should read the other information in documents containing the financial statements
and consider the manner in which it is presented to determine whether it is materially inconsistent
with the audited financial statements. If the other information is materially inconsistent with the
audited financial statements, the auditor should determine whether the financial statements or
other information should be revised.
A. If the financial statements should be revised and management refuses to make the revision,
the auditor should modify the opinion on the financial statements.
B. If the other information needs to be revised and management refuses to make the revision,
the auditor should communicate the matter to those charged with governance and either
revise the auditor's report to include an other-matter paragraph describing the material
inconsistency, withhold the auditor's report, or withdraw from the engagement, if possible.
The other-matter paragraph would draw attention to the inconsistency. Neither the
introductory, scope, nor opinion paragraph of the audit report on the financial
statements would mention the inconsistency; and the other-matter paragraph would
neither express nor disclaim an opinion on the inconsistent information.
Information Obtained after the Report Release Date

If revision of the audited financial statements is necessary because of inconsistent information
and the auditor's report on the financial statements has already been released, the auditor should
request that management make the revision. If management agrees to make the revision, the
auditor should perform necessary procedures such as reviewing management's steps for alerting
those relying on the financial statements of the need for revision. If management refuses to make
the revision, the auditor should notify those charged with governance and take any additional
appropriate action, such as consulting the auditor's legal counsel.
Material Misstatement of Fact
If the auditor becomes aware of information in the document that s/he believes is a material
misstatement of fact but not a material inconsistency, s/he should discuss the matter with
management. If, after discussion, the auditor still believes that a material misstatement remains,
s/he should request that management consult with a qualified third party, such as legal counsel.
The auditor should consider the advice received by management and, if s/he concludes that there
is a material misstatement of fact that management refuses to correct, the auditor should notify
those charged with governance and consider other actions that may be appropriate, such as
obtaining advice from the auditor's legal counsel, withholding the auditor's report, or withdrawing
from the engagement.
Reporting Considerations
The auditor is not required to refer to the other information in the auditor's report on the financial
statements but may add an other-matter paragraph to disclaim an opinion on the other
information or to describe a material inconsistency.
Other Information on an Entity's Website
Some entities make their audited financial statements and auditor's report available on their
websites. Information contained on an entity's website is not considered to be “other information”
as discussed previously in this section. Thus, the auditor is not required to read this information or
consider the consistency of the information.
Supplementary Information in Relation to Financial Statements as a
Whole
Supplementary information (SI) is information other than RSI that is presented outside the basic
financial statements and is not considered necessary for the financial statements to be fairly
presented. It includes combining and nonmajor fund financial statements. This section describes
the auditor's responsibilities when s/he is engaged to issue an opinion on whether the information
is fairly presented, in all material respects, in relation to the financial statements as a whole.
Reporting on Supplementary Information
The auditor reports on SI in either an other-matter paragraph following the opinion paragraph in
the auditor's report on the financial statements or in a separate report on the supplementary
information. In an audit of a governmental unit, the opinion on the SI is in relation to the entire
entity, not to opinion units.
A. If the auditor issued a qualified opinion on the financial statements as a whole and the
qualification has an effect on the SI, the other-matter paragraph (or separate report) should
include a statement that, in the auditor's opinion, except for the effects on the SI, such
information is fairly stated, in all material respects, in relation to the financial statements as a
whole.
B. If the auditor disclaimed an opinion on the financial statements or issued an adverse opinion,
the auditor is precluded from issuing an opinion on the SI.
Materially Misstated Supplementary Information
If the auditor concludes that the SI is materially misstated in relation to the financial statements
as a whole, s/he should discuss the matter with management and propose that the SI be revised.
If management refuses to revise the SI, the auditor should either modify the opinion on the SI and
describe the misstatement in the auditor's report or, if a separate report is being issued on the SI,
withhold the auditor's report on the SI.
Required Supplementary Information
RSI is information that a designated accounting setter, such as the GASB, requires to accompany
the basic financial statements because it is considered to be an essential part of financial
reporting for placing the basic financial statements in an appropriate operational, economic, or
historical context. Examples of RSI include the MD&A and certain pension and OPEB actuarial
information.
The Auditor's Requirements
RSI need not be audited since it is outside the audited financial statements. However, special
audit procedures and reporting obligations are required. The auditor is required to apply the
following procedures to RSI required by GAAP:
A. Inquire of management about the methods of preparing the RSI, including whether it is
measured and presented within prescribed guidelines; whether methods of measurement or
presentation have been changed from those used in the prior period and the reason for any
such changes; and significant assumptions or interpretations underlying the measurement or
presentation.
B. Compare the RSI for consistency with management's responses to the inquiries, the basic
financial statements, and other knowledge obtained during the audit.
C. Obtain certain representations concerning the RSI in the management representation letter.
D. Inform those charged with governance if unable to complete the above procedures because of
significant difficulties encountered in dealing with management.
Reporting Considerations
The auditor's report should include an other-matter paragraph that refers to the RSI and includes
language to explain the following circumstances, as applicable:
A. The RSI is omitted.
B. The RSI is included and the auditor has applied the required procedures.
C. Required procedures could not be completed.
D. The RSI contains a material measurement or presentation departure from GASB guidelines.
E. Some of the RSI is missing and some conforms to prescribed guidelines.
F. The auditor has unresolved doubts about whether the RSI conforms to prescribed guidelines.
11 F. Standard Report on Financial

Statements in a Yellow Book Audit
Introduction
Audits conducted in accordance with the Yellow Book standards include reporting on the basic
financial statements in accordance with GAAS in addition to reporting in accordance with
Government Auditing Standards.
Reference to Government Auditing Standards

When auditors comply with all applicable Yellow Book requirements for financial audits, they
should include a statement in the auditor's report that they performed the audit in accordance
with Government Auditing Standards (or GAGAS, the acronym for generally accepted government
auditing standards). The two types of statements of compliance with GAGAS are an unmodified
GAGAS compliance statement and a modified GAGAS compliance statement.
Unmodified GAGAS Compliance Statement
An unmodified GAGAS compliance statement states that the audit was performed in accordance
with Government Auditing Standards, which include GAAS by reference. This statement should be
used when all unconditional and applicable presumptively mandatory Yellow Book requirements
have been followed. It should also be used when all unconditional requirements have been
followed, and the justification for any departures from applicable presumptively mandatory
requirements has been documented, and the objectives of those requirements have been
achieved through other means.
Modified GAGAS Compliance Statement
A modified GAGAS compliance statement states either that the auditor performed the audit in
accordance with Government Auditing Standards except for specific applicable requirements that
were not followed; or because of the significance of the departure(s) from the requirements, the
auditor was unable to and did not perform the audit in accordance with Government Auditing
Standards.
Note
This statement would be used, for example, in the situation of a scope limitation such
as a restriction on access to records, government officials, or other individuals.
When a Yellow Book Requirement Is Not Followed

If a Yellow Book requirement is not followed, the auditor should document the reason and the
effect on the audit and on the auditor's conclusions. If the auditor's statement about compliance
with Government Auditing Standards is modified, as described above, the auditor's report should
disclose the applicable requirements that were not followed, the reasons for not following the
requirements, and how not following the requirements affected, or could have affected, the audit
and the assurance provided. The impact of noncompliance with Yellow Book requirements in
relation to GAAS should also be considered. For example, a scope limitation would require the
auditor to consider both the GAAS and Yellow Book reporting requirements.
Separate Financial Statements for Other Purposes
If an entity issues separate financial statements for purposes other than complying with
Government Auditing Standards, such as for the purpose of issuing bonds, the auditor's report is
not required to specifically cite GAGAS. The separate report on the financial statements would
only need to conform to the requirements of GAAS.
Findings of Fraud, Noncompliance, and Abuse
The auditor's report on internal control over financial reporting and compliance should include
the following: instances of fraud and noncompliance with provisions of laws and regulations that
have a material effect on the audit and any other instances that warrant the attention of those
charged with governance; noncompliance with provisions of contracts or grant agreements that
has a material effect on the audit; and abuse that is either quantitatively or qualitatively material.
Noncompliance with provisions of contracts or grants that has an effect that is less than material
but warrants the attention of those charged with governance should be communicated in writing
to entity officials. Communication of fraud or noncompliance with provisions of laws, regulations,
contracts, or grant agreements, or abuse that does not warrant the attention of those charged
with governance is a matter of the auditor's professional judgment.
Effect on the Basic Financial Statements
In addition to their effect on the report on internal control and compliance, the effects of the
auditor's findings should be considered when reporting on the basic financial statements.
Generally, such findings are not material to the basic financial statements. However, they may be
material to entities that rely on federal programs as their principal source of support.
Effect on the Auditor's Report
When performing tests of compliance, the auditor makes yes-or-no judgments about whether a
particular transaction or event complied with applicable requirements. When the judgment
cannot be made because the auditor is unable to complete audit procedures considered
necessary for making a decision, a scope limitation exists. When resolution of a noncompliance
finding cannot be determined (and a scope limitation has not occurred), an uncertainty exists.
Confidential or Sensitive Information
In a Yellow Book audit, certain pertinent information may be omitted from the auditor's report
because it is prohibited from public disclosure or because it is confidential or sensitive. The auditor
should disclose that fact in the report and the reason or circumstances that make the omission
necessary. Certain information may be prohibited from general disclosure by federal, state, or
local laws or regulations. In such circumstances, the auditor may issue a separate, classified, or
limited use report containing such information and distribute the report only to persons
authorized by law or regulation to receive it. Circumstances associated with public safety, privacy,
or security concerns could also justify the exclusion of certain information in the report. In these
circumstances, the auditor may issue a limited use report containing the information and
distribute that report only to those parties responsible for acting on the auditor's
recommendations. In some circumstances, it may be appropriate to issue both a publicly available
report that excludes the sensitive information and a limited use report.
For example, detailed information related to computer security may be excluded

because of the potential damage that could be caused by the misuse of this
information.
Part of Reporting Entity Does Not Have a Yellow Book Audit

If a material portion of the reporting entity, such as a component unit or a fund, is not required to
have a Yellow Book audit, the scope paragraph of the auditor's report is revised to identify that
segment of the reporting entity and state that it was not audited in accordance with Government
Auditing Standards.
11 G. Report on Internal Control and

Compliance and Other Matters
Introduction
When providing an opinion or disclaiming an opinion on financial statements, the Yellow Book
requires auditors to also report on internal control over financial reporting and compliance with
the provisions of laws, regulations, contracts, or grant agreements that affect the financial
statements. Most auditors combine the reporting on internal control and on compliance and other
matters (such as abuse) into a single report.
Reporting on Internal Control
If a separate report on internal control and compliance is issued, which is usually the case, the
auditor should include a reference to the separate auditor's report on the financial statements.
Internal Control Deficiencies
The Yellow Book requires the report on internal control to disclose significant deficiencies and
material weaknesses in internal control over financial reporting based on the audit of the financial
statements. The Yellow Book incorporates by reference the internal control terminology and
definitions of GAAS; therefore, the internal control deficiencies that are required to be reported
under the Yellow Book are the same as those that are required to be communicated under GAAS.
What to Report
The GAAS requirements regarding the communication of significant deficiencies and material
weaknesses identified during an audit form the basis for reporting significant deficiencies and
material weaknesses in a Yellow Book audit. The Yellow Book report on internal control over
financial reporting and compliance should include significant deficiencies and material
weaknesses in internal control. In reporting findings, the auditor should include the elements of
condition, criteria, cause, and effect, as well as recommendations for preventing future
occurrences, if practicable.
Reporting on Compliance
As part of a financial audit, the Yellow Book requires that transactions be tested for compliance
with requirements that may have a material effect on the financial statements. The Yellow Book
also requires the auditor to report on such compliance testing and to disclose material instances
of noncompliance.
What to Report
The Yellow Book requires the auditor's report on internal control and compliance to include
relevant information about the following:
A. Instances of fraud and noncompliance with provisions of laws or regulations that have a
material effect on the financial statements or other financial data significant to the audit
objectives and any other instances that warrant the attention of those charged with
governance
B. Noncompliance with provisions of contracts or grant agreements that has a material effect on
the financial statements or other financial data significant to the audit objectives
C. Abuse that is either quantitatively or qualitatively material
Reporting Threshold
The threshold for reporting fraud and noncompliance with laws or regulations is different from
that for reporting noncompliance with contracts or grant agreements. Noncompliance with
provisions of contracts or grant agreements or abuse that has an effect on the financial
statements or other financial data significant to the audit objectives that is less than material but
warrants the attention of those charged with governance is not required to be included in the
report. Rather, it should be communicated in writing to audited entity officials; the
communication may be in the form of a management letter. Whether and how to communicate
fraud, noncompliance, or abuse that does not warrant the attention of those charged with
governance is a matter of professional judgment.
Purpose Alert Paragraph
In a Yellow Book financial audit, the auditor's report on internal control and compliance should
contain a “purpose alert” as an other-matter paragraph. The paragraph should describe the
purpose of the auditor's written communication and state that the communication is not suitable
for any other purpose.
To accomplish this requirement, the auditor can label the paragraph “Purpose of this
Report” and include an alert such as the following: “The purpose of this report is solely to
describe the scope of our testing of internal control and compliance and the results of
that testing, and not to provide an opinion on the effectiveness of the entity's internal
control or on compliance. This report is an integral part of an audit performed in
accordance with Government Auditing Standards in considering the entity's internal
control and compliance. Accordingly, this communication is not suitable for any other
purpose.”
Reporting Views of Responsible Officials

When deficiencies in internal control, fraud, noncompliance, or abuse are reported, the auditor
should obtain and report the views of responsible entity officials concerning the auditor's reported
findings, conclusions, and recommendations. The entity's planned corrective actions should also
be reported.
Format of the Entity's Comments
If possible, the auditor should get the entity's response in writing. If so, a copy of the response or a
summary should be included in the auditor's report. If the comments are provided orally, the
auditor should prepare a summary for review by entity officials to verify that the comments are
accurately stated. This summary should be included in the auditor's report.
Evaluation of the Entity's Comments
If the entity's responses are inconsistent or in conflict with the auditor's findings, conclusions, or
recommendations, or when planned corrective actions do not adequately address the auditor's
recommendations, the reasons for any disagreement with the comments should be explained in
the auditor's report.
When the Entity Does Not Provide Comments
The auditor's report may be issued without the views of responsible officials if the entity refuses to
provide comments or is unable to provide them on a timely basis. In this situation, the auditor's
report should indicate that the audited entity did not provide comments.
Group Audits
If the group auditor's report on the financial statements refers to component auditors, many
group auditors also acknowledge the involvement of the component auditors in the report on
internal control and compliance and other matters.
Part of Reporting Entity Does Not Have a Yellow Book Audit

If a material portion of the reporting entity, such as a component unit or a fund, is not required to
undergo a Yellow Book audit, the scope paragraph of the auditor's report on internal control and
compliance and other matters would be revised to disclose that fact and identify that segment of
the reporting entity.
11 H. Auditors' Association with Municipal

Debt Issuances
Introduction
Before issuing debt securities, such as general obligation or revenue bonds, a governmental unit
generally prepares an official statement communicating the details of the debt securities that will
be issued and providing background information on the entity's financial situation, including
audited financial statements. In addition to the issuer's financial advisors and bond counsel, the
auditor is often asked to be involved in preparing the official statement.
Securities and Exchange Commission

Debt issuances by governmental units are exempt from the reporting and registration
requirements of the Securities Act of 1933 and the Securities Exchange Act of 1934. They are not
exempt from the federal antifraud provisions of those acts that relate to the adequacy of
disclosures. Through Rule 15c2-12, as amended, the Securities and Exchange Commission
imposes these requirements on the underwriters of governmental securities. As a result,
underwriters sometimes want the auditor to be involved with the official statement, providing
comfort to the underwriter on the financial information included in the official statement.
Yellow Book Reports
When the auditor is involved with a governmental unit's official statement, s/he should consider
which auditor's report the entity presents in the official statement. As a general rule, the official
statement uses an auditor's report on the financial statements that does not refer to the Yellow
Book audit or to the separate reports on internal control and compliance.
Note
In other words, the official statement uses a GAAS-only report because only the
financial statements (not the reports on internal control and compliance) are
presented. Any reference to Government Auditing Standards and the Yellow Book
reports on internal control and compliance would be confusing in the absence of those
reports in the official statement.
Association with the Official Statement

The auditor is not required to participate in the preparation of the official statement or to perform
any procedures related to it. The auditor is often asked to be involved in ways such as the
following: reviewing a draft of the document; assisting in the preparation of financial information
included in the document; providing a revised auditor's report in the document; issuing a report
on an agreed-upon procedures engagement related to the debt offering; issuing a comfort letter
on information in the document; and providing a consent letter or signed authorization form for
the use of the auditor's report in the document.
The Auditor's Responsibility
The auditor is required to read the other information included in the official statement and
consider whether it or its presentation is materially inconsistent with related information and its
presentation in the audited financial statements or contains an apparent material misstatement
of fact. If so, the auditor should determine whether the financial statements or the other
information is incorrect and take appropriate action. The auditor is not required to corroborate the
additional information included in the official statement.
Attestation Engagements
A governmental unit may engage an auditor to provide information needed for the official
statement. For example, some revenue bond ordinances require a certification that pledged
revenues exceed certain coverage requirements. In this situation, the entity may engage an
auditor to perform agreed-upon procedures in connection with such certifications. The agreed-
upon procedures engagement is generally performed under the AICPA's attestation standards. If
it is conducted in accordance with Yellow Book standards, the auditor should follow the additional
requirements for attestation engagements in the Yellow Book.
This chapter described standard GAAS reports on the basic financial statements, including the
dating of reports, and reports on the financial statements of an individual fund or a component
unit, as well as modifications to the standard report. It discussed reports on financial statements
prepared in accordance with a special purpose framework. This chapter described the auditor's
responsibility for reports on information accompanying the basic financial statements, including
RSI, SI, and other information. It discussed the additional requirements for reports in an audit
conducted in accordance with the Yellow Book standards, including the reports on the financial
statements and the report on internal control and compliance and other matters. Finally, it
provided an overview of the auditor's association with municipal debt issuances.
Study Question 48
When should the auditor's report on the financial statements be dated?
A The date selected by entity management
B The date of the entity's fiscal year-end
C A date no earlier than the date on which the auditor has
obtained sufficient appropriate evidence to support an
opinion on the financial statements
D A date no less than 30 days after obtaining management's

representation letter.
Study Question 49
Under which of the following circumstances might the auditor express a disclaimer of opinion on
the entity's financial statements as a whole?
A When the entity omits required government-wide or fund

B When disclaimers are issued on both the governmental and

business-type activities opinion units
C When the entity omits the presentation of general

infrastructure assets
D When adverse opinions are issued on both the

governmental and business-type activities opinion units
Study Question 50
Why may unaudited financial statements of an organization, function, or activity be included in
the basic financial statements of a primary government?
A The primary government wishes to highlight the unaudited

entity as a major fund.
B The primary government wants to assume responsibility for

the unaudited entity.
C The unaudited entity cannot afford an audit of its financial

statements.
D The unaudited entity meets the criteria for inclusion in the

reporting entity.
Study Question 51
What is the effect on the audit when financial statements are prepared in accordance with a
special purpose framework?
A The auditor considers opinion units in the same manner as
they would be considered in an audit of GAAP-basis
The concept of opinion units does not apply since the
B auditor issues one opinion on the entity's financial
statements as a whole.
C The auditor is precluded from performing the audit because

of the known departures from GAAP.
D The auditor must prepare GAAP-basis financial statements

for the entity.
Study Question 52
Which of the following is not required to be included in the auditor's Yellow Book report on
internal control and compliance?
Instances of fraud and noncompliance with provisions of
A laws or regulations that have a material effect on the
Instances of fraud and noncompliance with provisions of
B laws or regulations that warrant the attention of those
charged with governance
Noncompliance with provisions of contracts or grant
C agreements that has a material effect on the financial
statements
Noncompliance with provisions of contracts or grant
D agreements that warrant the attention of those charged
with governance
Glossary for "Audits of State and Local

Governments"
Accountability
The concept of accountability for use of public resources and government authority is key to our
nation's governing processes. Management and officials entrusted with public resources are
responsible for carrying out public functions and providing services to the public legally,
effectively, efficiently, economically, ethically, and equitably within the context of the statutory
boundaries of the specific government program. These concepts are important to management
and officials of government and to auditors because they determine which programs and services
are provided and how auditors establish their objectives and criteria by which potential audit
findings are evaluated.
Audit Objective
The audit objective is the goal of the audit procedures used to obtain evidence about the dollar
amounts and disclosures presented in the financial statements. The primary, overriding audit
objective is to express an opinion on the fairness, in all material respects, with which the financial
statements present the financial position, results of operations, and cash flows in conformity with
generally accepted accounting principles (GAAP) or another acceptable financial accounting
framework.
Audit Procedure
An audit procedure is specific and specialized steps or actions auditors take to meet audit
objectives. Audit procedures are performed to achieve the following:
Obtain an understanding of the entity and its environment, including internal controls, to
assess the risk of material misstatements at the financial statement level and the assertion
level. These audit procedures are referred to as risk assessment procedures.
Test the operating effectiveness of internal controls over financial reporting when necessary,
or when the auditor has determined to do so. These audit procedures are referred to as tests
of controls.
Detect material misstatements at the relevant assertion level. These audit procedures are
referred to as substantive tests.
Auditor Judgment
Auditor judgment is the auditor's capacity to perceive, discern, or make reasonable decisions.
Auditors are required to employ judgment when evaluating financial statements for the purpose
of issuing an opinion.
Basic Financial Statements (BFS)

Basic financial statements (BFS) are external financial reporting intended to meet the common
informational needs of various users who must rely on the information communicated by
management. The BFS provide a summary overview of the financial data of a governmental
reporting entity.
The basic financial statements are as follows (as applicable):
Government-wide statements:
1. Statement of Net Position
2. Statement of Activities:
a. Fiduciary funds not reported at this level
b. Discretely presented component units reported only at this level
Fund statements:
Governmental:
1. Balance Sheet
2. Statement of Revenues, Expenditures, and Changes in Fund Balances
3. Budgetary Comparison Statement—General Fund and major Special Revenue Funds
(with original and final adopted budgets), if not presented as required supplementary
information (RSI)
Proprietary:
1. Statement of Net Position
2. Statement of Revenues, Expenses, and Changes in Fund Net Position
3. Statement of Cash Flows (direct method required)
Fiduciary:
1. Statement of Fiduciary Net Position
2. Statement of Changes in Fiduciary Net Position
Notes to the financial statements
Control Risk
Control risk is the risk that a material misstatement that could occur in an assertion about a class
of transactions, account balance, or disclosure and that could be material, either individually or
when aggregated with other misstatements, will not be prevented or detected and corrected on a
timely basis by the entity's internal control. It is an element of audit risk (AU-C §200).
Control risk is considered along with the inherent risk associated with any assertion and the
effectiveness of the design and operation of the entity's internal control components.
GAGAS
Generally accepted government auditing standards (GAGAS) are those audit standards set forth
in the Government Auditing Standards issued by the Comptroller General of the United States.
GAGAS is also known as the “Yellow Book” because the hard copy has a bright yellow cover. These
are auditing standards that must be followed when required by law, regulation, contract, grant
agreement, or policy. GAGAS pertain to auditors' professional qualifications and the quality of
their work, the performance of field work, and the characteristics of meaningful reporting. These
standards are recommended for use in audits of state and local government organizations,
programs, activities, and functions even when not required.
The GAGAS financial audit standards incorporate AICPA generally accepted auditing standards
(GAAS) by reference. GAGAS also describes ethical principles and establishes independence and
other general standards and additional field work and reporting standards beyond those provided
by the AICPA.
Generally Accepted Accounting Principles

(GAAP)
Generally accepted accounting principles (GAAP) are uniform minimum standards of and
guidelines to financial accounting and reporting. GAAP for state and local governmental entities
is established by the Governmental Accounting Standards Board (GASB).
Generally Accepted Auditing Standards

(GAAS)
Generally accepted auditing standards are developed and issued in the form of Statements on
Auditing Standards (SASs) and are codified into AU-Cs. The Auditing Standards Board has
developed principles underlying an audit to provide a framework that is helpful in understanding
and explaining an audit. The principles are organized to provide a structure for the codification of
SASs. This structure addresses the purpose of an audit (purpose), personal responsibilities of the
auditor (responsibilities), auditor actions in performing the audit (performance), and reporting
(reporting).
Internal Control
Internal control is a process effected by those charged with governance, management, and other
personnel that is designed to provide reasonable assurance about the achievement of the entity's
objectives with regard to the reliability of financial reporting, effectiveness and efficiency of
operations, and compliance with applicable laws and regulations. Internal control over
safeguarding of assets against unauthorized acquisition, use, or disposition may include controls
relating to financial reporting and operations objectives. This definition recognizes the definition
and description of internal control contained in Internal Control—Integrated Framework of the
Treadway Commission.
Major Funds
The focus of governmental and proprietary fund financial statements is on major funds. (Major
fund reporting requirements do not apply to internal service funds.) Fund statements should
present the financial information of each major fund in a separate column. The reporting
government's main operating fund (the general fund or its equivalent) should always be reported
as a major fund. Other individual governmental and enterprise funds should be reported in
separate columns as major funds based on the following criteria:
Total assets, liabilities, revenues, or expenditures/expenses (excluding revenues and
expenditures/expenses reported as extraordinary items) of that individual governmental or
enterprise fund are at least 10 percent of the corresponding element total (assets, liabilities,
and so forth) for all funds of that category or type (that is, total governmental or total
enterprise funds), and
The same element that met the 10 percent criterion above is at least 5 percent of the
corresponding element for all governmental and enterprise funds combined.
In addition to funds that meet the major fund criteria, any other governmental or enterprise fund
that the government's officials believe is particularly important to financial statement users (for
example, because of public interest or consistency) may be reported as a major fund.
Materiality
Accounting standards usually define materiality as the amount of misstatements, including
omissions, that might individually or in the aggregate be reasonably expected to influence the
economic decisions of users made on the basis of the financial statements. The concept of
materiality is applied by the auditor both in planning and performing the audit; evaluating the
effect of identified misstatements on the audit and the effect of uncorrected misstatements, if any,
on the financial statements; and in forming the opinion in the auditor's report.
Notes to Financial Statements

Notes to the financial statements should communicate information essential for fair presentation
of the basic financial statements that is not displayed on the face of the financial statements. As
such, the notes form an integral part of the basic financial statements. Notes should focus on the
primary government—specifically, its governmental activities, business-type activities, major
funds, and nonmajor funds in the aggregate. Information about the government's discretely
presented component units may also be required.
Opinion Unit
The opinion unit is the level at which the auditor expresses an opinion on a governmental unit's
financial statements. The opinion units are as follows:
Governmental activities column in the government-wide financial statements
Business-type activities column in the government-wide financial statements
Aggregate discretely presented component units in the government-wide financial
statements
Each major governmental fund in the fund financial statements
Each major enterprise fund in the fund financial statements
Aggregate remaining fund information
In some circumstances, the auditor may choose to combine the two aggregate opinion units
(aggregate discretely presented component units and aggregate remaining fund information) into
a single opinion unit referred to as the aggregate discretely presented component unit and
remaining fund information opinion unit. Audit materiality is based on the opinion units.
Therefore, auditors should make separate materiality determinations for purposes of planning,
performing, evaluating the results of, and reporting on the audit of a government's basic financial
statements for each opinion unit.
Performance Materiality
Performance materiality is defined as:
Quote
The amount or amounts set by the auditor at less than materiality for the financial
statements as a whole to reduce to an appropriately low level the probability that the
aggregate of uncorrected or undetected misstatements exceeds materiality for the
financial statements as a whole. If applicable, performance materiality also refers to
the amount or amounts set by the auditor at less than the materiality level or levels for
a particular class of transactions, account balances, or disclosures.
Statements on Auditing Standards (SAS)

GAAS are developed and issued in the form of Statements on Auditing Standards (SASs) and are
codified into AU-Cs. GAAS are written in the context of an audit of financial statements by an
auditor. They are to be adapted as necessary in the circumstances when applied to audits of other
historical financial information and are incorporated by reference in the financial audit standards
of Government Auditing Standards.
Substantive procedures are tests of transaction details and account balances and analytical
procedures performed to detect material misstatements in the account balances, transaction
classes, and disclosure components of the financial statements. These tests are used to test
financial statement assertions (AU-C §330).
Uncertainties involved in substantive testing constitute detection risk. Detection risk (DR) is
composed of two other risks—analytical procedure risk (AP) and test-of-detail risk (TD).
DR = AP × TD
Written Representations
AU-C Section 580 states that the auditor should request written representations from
management and includes a list of matters for which specific representations should be made.
Those representations generally include:
Management acknowledgment of primary responsibility for the financial statements and
disclosures.
The completeness of minutes of directors and committee meetings provided to the auditor.
All financial records and related data have been made available to the auditor.
No fraud involving management or employees is known.
The AICPA State and Local Government Audit and Accounting Guide identifies additional written
representations the auditor should obtain in a governmental audit. Among those are the
following:
Management has disclosed all instances of identified or suspected noncompliance with laws,
regulations, and provisions of contracts and grant agreements whose effects should be
considered by management when preparing the financial statements.
Management believes the effects of uncorrected financial statement misstatements are
immaterial to the financial statements as a whole for each opinion unit.
Obtaining written representations is one of the required audit procedures. Refusal of
management to provide written representations is considered a scope limitation and requires
modification of the auditor's opinion.
Final Exam
Welcome to Audits of State and Local Governments. Below is the full list of final exam questions
associated with this course. When you launch the final exam for this course, it will contain a
randomized subset of the questions below, totaling 85 questions. During the actual final exam,
the questions will not appear in the same order as they do below. Note: Each attempt at the final
exam will result in a new randomized subset of the questions below. You must earn a score of at
least 70.00% in order to pass the exam and receive CPE credit for this course.
After you have answered all the questions, select the "Submit Answers" button to receive your
score.
Exam Question 1
When should the auditor determine the acceptability of a client's applicable financial reporting
framework?
A When performing substantive tests of details
B When reviewing the prior year's audit documentation
C In conjunction with accepting the engagement
D In conjunction with understanding the entity and its

environment
Exam Question 2
Under what circumstances is a user auditor permitted to make reference to the work of a service
auditor?
A To split responsibility between the user auditor and service

auditor
B To explain a modification of the user auditor's opinion
C To question the standards under which the service auditor's

report was issued
D To further support management's representations
Exam Question 3
In the context of group financial statements, what is the basis for the auditor's determination of
whether to accept the engagement?
Whether the auditor believes s/he will be able to obtain
A sufficient appropriate audit evidence over the group
B Whether the auditor will be able to sufficiently participate in
the group audit in order to be the principal auditor
Whether the auditor believes a sufficient number of
C component auditors will be involved in the audit in order to
form an opinion on the group financial statements
D Whether to assume responsibility for the work of the
component auditors
Exam Question 4
Which of the following is not an auditor's responsibility in regard to the auditor's use of the
auditor's in-house specialist?
A Evaluate the specialist's competence, capabilities, and

objectivity
B Obtain an understanding of the specialist's field of expertise
C Evaluate the adequacy of the specialist's work
D Re-perform a sample of the specialist's work
Exam Question 5
Which of the following is not a purpose of the Yellow Book's conceptual framework for
independence?
A Identify threats to independence
B Evaluate the significance of the threats identified, both

individually and in the aggregate
C Apply safeguards as necessary to eliminate the threats or
reduce them to an acceptable level
D Obtain additional management representations to diminish
the magnitude of unacceptable risks
Exam Question 6
Which of the following statements is true regarding an auditor's independence with respect to an
audited entity?
A The auditor may authorize the entity's transactions, with

management's approval, without impairing independence.
B The auditor may perform procedures that form part of the
entity's internal control without impairing independence.
In some circumstances, the auditor may perform separate
C evaluations of internal control without impairing
independence.
D In some circumstances, the auditor may approve vendor
invoices for payment without impairing independence.
Exam Question 7
Which of the following is not essential information related to debt that must be disclosed in notes
to the financial statements?
A Terms specified in debt agreements related to significant

events of default with finance-related consequences
B The total amount of debt retired by debt service payments
of the primary government and each of its component units
C Assets pledged as collateral for the debt
D Unused lines of credit
Exam Question 8
Which of the following statements is true regarding interest cost incurred before the end of a
construction period?
A The cost must be included in the historical cost of a capital

asset reported in an enterprise fund
The cost must be recognized as an expenditure in an
B enterprise fund on a basis consistent with governmental
fund accounting principles
C The cost must be recognized as an expense in an enterprise
fund in the period in which the cost is incurred
D The cost is amortized on a systematic and rational basis
over a period not to exceed 5 years
Exam Question 9
When should a majority equity interest be reported as an investment?
A When the interest is held by another governmental unit
B When the interest is held by a component unit
C When a government's holding of the equity interest is

measured at historical cost
D When a government's holding of the equity interest meets
the definition of an investment
Exam Question 10
How is a government required to report a majority equity interest in a component unit?
A An asset using the equity method
B An asset using the fair value method
C A liability
D A deferred outflow of resources
Exam Question 11
Which of the following is not a party to a conduit debt obligation?
A An issuer
B A third-party obligor
C The federal government
D A debt holder
Exam Question 12
Why does an auditor combine observation and inspection with inquiry procedures when obtaining
an understanding of an entity's internal control?
Combining the procedures provides audit evidence about
A relevant assertions related to account balances, transaction
classes, or disclosures.
B Combining the procedures enables the auditor to reduce
the extent of analytical procedures to be performed.
C The AICPA Codification requires auditors to perform the
procedures concurrently in every GAAS audit.
D Inquiry alone is not sufficient to evaluate the design and
implementation of internal control.
Exam Question 13
Why are the responses of members of senior management concerning the likelihood of fraud
perpetrated by themselves less meaningful to the auditor than management's responses
concerning perpetration of fraud by lower levels within the entity?
A Employees at lower levels are often aware of management

fraud.
B Management is often in the best position to perpetrate
fraud.
C Management typically has no understanding of the work
activities of employees at lower levels.
D Employees at lower levels seldom perpetrate fraud.
Exam Question 14
Which of the following statements regarding the auditor's performance of preliminary analytical
procedures related to revenue is true ?
A The procedures should explain the details of large

miscellaneous or one-time revenues.
B The procedures should explain the details of a significant
variance between originally budgeted and actual revenues.
The procedures should identify unusual or unexpected
C relationships that may indicate fraudulent financial
reporting.
D The procedures should identify unusual or unexpected
relationships that may indicate misappropriation of assets.
Exam Question 15
Why is it important for the audit team discussion about the possibility of fraud to include the need
for the auditor to maintain professional skepticism throughout the audit?
A The auditor needs to rely on the honesty and integrity of

entity management.
B A material misstatement due to fraud can exist in all audits.
C No entities are subject to material misappropriation of
assets.
D No entities are subject to fraudulent financial reporting.
Exam Question 16
What is the fundamental reason that the auditor needs to obtain an understanding of the entity
and its environment, including its internal control?
A To provide a basis for designing and implementing

responses to the assessed risks
B To eliminate tests of controls and rely on a substantive audit
approach
C To eliminate substantive testing and rely on an approach
consisting solely of tests of controls
D To reduce the nature, timing, and extent of further audit
procedures
Exam Question 17
How does an auditor obtain audit evidence that a control has actually been implemented?
A Performing tests of controls
B Performing substantive procedures
C Performing risk assessment procedures
D Performing inquiry only
Exam Question 18
What is the impact on the risk of material misstatement when entity management demonstrates
a poor attitude about the need for a strong accounting and financial reporting function?
There is a reduced likelihood that the entity will have strong
A risk assessment, information and communication,
monitoring activities, and control activities components of
internal control.
B There is a reduced likelihood that the auditor will be able to
rely on substantive tests to reduce the risk to an acceptable
level.
The auditor must perform additional risk assessment
C procedures on the control environment to reduce the
pervasiveness of this risk to an acceptable level.
The auditor must default to the maximum level of control
D risk for the entity and abandon additional risk assessment
procedures.
Exam Question 19
Which of the following is a fraud risk that is always present?
A Management override of controls
B Misappropriation of material amounts of assets
C Corruption
D Expenditure or expense recognition
Exam Question 20
How does the auditor use financial statement assertions?
A To design analytical procedures during audit planning to

detect material misstatements
B To consider the different types of potential misstatements
that may occur
C To assess only the risk of material misstatement due to
fraud
D To design tests of controls whose purpose is to detect
material misstatements
Exam Question 21
Which of the following is not a factor in the auditor's determination of relevant financial statement
assertions?
A The volume of transactions or data related to the assertion
B The source of likely potential misstatement
C The nature of the assertion
D The effectiveness of internal controls
Exam Question 22
Why does the auditor assess the risk of material misstatement at the relevant assertion level?
A To compare the risk at the assertion level to the risk at the

financial statement level
B To separately quantify misstatements due to error and
misstatements due to fraud
C To develop an appropriate response to such risks
D To understand the entity and its environment
Exam Question 23
How does detection risk differ from inherent and control risks?
Inherent and control risks are irrelevant to the risk of
A material misstatement, whereas detection risk is focused on
the risk of material misstatement.
B Inherent and control risks shield the auditor from the risk of
material misstatement, but detection risk does not.
Detection risk can only be reduced to an acceptably low
C level when inherent and control risks are acceptably low to
begin with.
D Detection risk is the auditor's risk, whereas inherent and
control risks are the entity's risks.
Exam Question 24
On which of the following considerations is the auditor's determination of significant risks
primarily based?
A Audit risk
B Detection risk
C Inherent risk
D Control risk
Exam Question 25
Which of the following statements is true regarding the auditor's assessment of control risk?
A Risk assessment procedures generally are not sufficient to

support a control risk assessment below moderate.
A control risk assessment of less than high need not be
B supported by tests of the operating effectiveness of
controls.
C Most auditors use a percentage scale to assess control risk.
D The auditor may always rely on procedures performed when

evaluating internal control design and implementation.
Exam Question 26
Why is the auditor required to understand and evaluate controls relevant to the assessed risks of
material misstatement due to fraud?
A These risks arise exclusively from a poor control

environment.
B These risks are addressed in the GASB financial reporting
requirements.
C These risks are considered to be significant risks.
D These risks are usually the result of related-party

transactions.
Exam Question 27
Why is the auditor required to examine journal entries and other adjustments in every audit?
A To evaluate the inherent risk in the financial reporting
process
B To determine the competence of employees in the financial
reporting process
C To bolster the auditor's assessment of the risk of
misappropriation of assets
D To search for evidence of possible material misstatement
due to fraud
Exam Question 28
Under what circumstances do analytical procedures tend to be more useful as the primary
substantive procedure?
A When internal controls are determined to be ineffective in

preventing material misstatement
B When the auditor does not have time to perform tests of
details
C When the risk of material misstatement has been assessed
as being primarily from error
D When the risk of material misstatement has been assessed
as being primarily from fraud
Exam Question 29
How can an auditor use analytical procedures to evaluate the reasonableness of an entity's
accounting estimate?
A By developing an expectation of what the estimate should

be and comparing the expectation to the reported amount
By inquiring of management and accounting personnel
B about whether the estimate is reasonable in the
circumstances
C By scanning the results of subsequent events testing in the
prior audit
D By consulting with the predecessor auditor on prior-period
test results
Exam Question 30
Which of the following best describes the auditor's responsibility for an identified difference noted
as a result of performing a substantive analytical procedure?
A The auditor is not required to explain any amount of the

difference.
B The auditor is not required to explain the entire amount of
the difference.
C The auditor is required to quantify a precise dollar amount
of the difference.
D The auditor does not propose an audit adjustment unless
management agrees to the precise dollar amount.
Exam Question 31
Which of the following statements regarding the application of audit sampling in a substantive
test of details is true ?
Performance materiality is materiality at the test or
A procedure level for a specific account balance or transaction
class.
B Audit sampling must be applied on a statistical basis.
Tolerable misstatement is materiality at the test or
C procedure level for a specific account balance or transaction
class.
D Audit sampling is the selection and evaluation of 100
percent of a population.
Exam Question 32
Under which of the following circumstances may tolerable misstatement need to be less than
performance materiality?
A When management agrees to make all adjustments

proposed by the auditor
B When the results of tests of controls are inconclusive
C When the risk of material misstatement decreases
D When only a portion of an account or audit area is being

tested using audit sampling
Exam Question 33
In the context of a substantive test of details, which of the following statements regarding
individually significant items is true ?
A The cutoff amount for determining individually significant

dollar items should exceed tolerable misstatement.
Individually significant items include both those that are
B individually significant dollar items and those that are
unusual.
C Individually significant dollar items may be considered low
risk in most circumstances.
D Individually significant items exclude related-party
transactions.
Exam Question 34
Which of the following statements regarding the population subject to audit sampling is false?
A Sampling results can be projected only to the population

from which the sample is drawn.
When using information provided by the audited entity, the
B auditor can assume the completeness of the population
from which the sample is drawn.
The population is usually the account balance or
C transaction class, excluding items selected for testing
because of individual significance.
D The use of the wrong population for a sampling application
can lead to invalid conclusions.
Exam Question 35
Which of the following is not a method for selecting sampling units that are expected to be
representative of the population?
A Block selection
B Simple random selection
C Systematic selection
D Haphazard selection
Exam Question 36
Under which of the following circumstances should the auditor select a replacement item in an
audit sample?
A When a source document selected for testing indicates

noncompliance.
B When a source document selected for testing contains an
error.
C When a source document selected for testing cannot be
located.
D When a source document selected for testing has been
legitimately voided.
Exam Question 37
The auditor's expectation of operating effectiveness of controls typically means which of the
following?
A The auditor's planned control risk assessment is less than

high.
B The auditor's planned risk assessment is low.
C The auditor need not perform tests of controls.
D The auditor need not perform substantive tests.
Exam Question 38
Which of the following is the main reason auditors find it necessary to test controls over cash
receipts and disbursements in governmental audits?
A Because property tax assessments are often inaccurate
B Because taxpayers typically pay less than they owe
C Because governmental employees are generally dishonest

D Because of the risk of theft of cash
Exam Question 39
When is it appropriate for an auditor to use only inquiry and observation to test a control?
A Never
B When the auditor has determined that management may

have overridden the control
C When the auditor does not want to take the time to test
transactions
D When the control does not produce documentary evidence
of performance
Exam Question 40
Which of the following statements regarding the use of a walkthrough as a test of controls is true?
A A walkthrough by itself can provide a valid basis for

assessing control risk at less than high.
B A walkthrough by itself generally does not provide a
sufficient basis for assessing control risk as low.
C A walkthrough cannot be used to gain an understanding of
control and, therefore, cannot be used as a test of controls.
D A walkthrough by itself generally provides no evidence of
the operating effectiveness of a control.
Exam Question 41
Under what circumstances may it be appropriate for the auditor to increase the extent of testing a
particular control?
A When the auditor's first test of the control indicates that the
control is not operating effectively
B When the auditor needs more persuasive audit evidence for
a greater degree of reliance on the effectiveness of a control
C When management and others within the entity insist that
the control operates effectively
D When those charged with governance agree to provide
additional written representations about the control
Exam Question 42
Which of the following statements regarding deviations from prescribed procedures is false?
A A deviation does not necessarily mean that control risk is

high.
B The auditor can assume that an instance of error or fraud is
an isolated instance.
The auditor should understand the cause of any deviation
C and its implication by making specific inquiries or
performing other tests related to individual controls.
D Deviations may be caused by significant fluctuations in the
volume of transactions.
Exam Question 43
Why are tests of controls using audit sampling usually tests of transactions?
A Transaction testing is not applicable to substantive testing

of details.
B Transaction testing is easier than account balance testing.
C The sampling unit is individual monetary units within

individual transactions of a particular type.
D The sampling unit is individual transactions of a particular
type.
Exam Question 44
Why does the auditor establish a tolerable rate of deviation in a test of controls using audit
sampling?
A The tolerable rate of deviation increases as the level of

control risk to be used approaches zero.
B The tolerable rate of deviation is determined in accordance
with both GAAS and Yellow Book standards.
C The auditor has to specify the rate of deviation that would
correspond to the level of control risk to be used.
D The auditor has to specify the rate of deviation that would
correspond to the assessed risk of material misstatement.
Exam Question 45
Which of the following statements regarding sampling plans for tests of controls is false?
A Auditors cannot use tables to determine sample size during

planning.
B There are no nonstatistical sampling plans for tests of
controls similar to those for substantive procedures.
C Documents that have been improperly voided may
represent control deficiencies.
D The same methods of selecting samples for substantive
procedures are appropriate for tests of controls.
Exam Question 46
Which of the following is not a risk associated with electronic bank confirmations?
A The request must be submitted via a designated third-party

provider.
B The response may not be from an authentic source.
C The respondent may not be knowledgeable about the

information.
D The integrity of the transmission may be compromised.
Exam Question 47
Under what circumstances might an auditor confirm the details of a cash disbursement with the
payee?
A The bank statements cannot be located and the auditor

wants to verify the accuracy of each recorded disbursement.
B The auditor chooses not to rely on the entity's internally
generated information about the disbursement.
Neither the canceled check nor a sufficiently detailed bank
C statement is available and the auditor wants independent
evidence.
D The auditor chooses not to rely on the entity's control
procedures related to cash disbursements.
Exam Question 48
Why might an audit of investments include a review of state and local laws and regulations and
the entity's written investment policy?
A To determine whether policies for valuing investments are in

conformity with GAAP and are appropriately applied
B To determine whether the entity has considered the need to
record impairment losses on investments
C To determine whether the allocation of internal investment
pool balances and transactions is reasonable and accurate
To determine whether the requirements of laws and
D regulations are appropriately considered in the entity's
written investment policy
Exam Question 49
Why may the auditor need special skills or knowledge to audit derivative instruments?
A Audit procedures relating to fair value are difficult to

perform.
B Risk assessment procedures are impossible to perform.
C The risk of material misstatement may be high due to

complex accounting requirements.
D The risk of material misstatement may be high due to
control risk.
Exam Question 50
What are the typical audit procedures for receivables at the account balance level?
A Primarily analytical procedures and a few tests of details
B Primarily tests of details and a few analytical procedures
C Primarily tests of controls and a few tests of details

D Primarily tests of controls and a few analytical procedures
Exam Question 51
Which of the following statements regarding expenditure or expense activities of a governmental
unit is true?
A Budgetary constraints seldom limit spending for particular

funds, functions, departments, or object classes.
State and local laws and regulations, debt agreements, and
B grant agreements often require competitive bidding for
large purchases.
C Grants and entitlements never require that funds be spent
for particular purposes or during a particular period.
D Governments are always permitted to allocate indirect costs
to a grant.
Exam Question 52
What are the primary substantive procedures for liabilities?
A Observation and inspection and tests of controls
B Observation and inspection and analytical procedures
C Analytical procedures and tests of details
D Analytical procedures and tests of controls
Exam Question 53
When may analytical procedures provide sufficient appropriate audit evidence for relevant
assertions related to expenditures or expenses?
When the auditor has determined that expenditures or
A expenses are not material to an opinion unit's financial
statements
When the auditor's tests of controls over expenditures or
B expenses using audit sampling indicate that tests of details
are not necessary
C When the auditor's tests of details cannot be designed to
obtain sufficient appropriate audit evidence related to
expenditures or expenses
When the auditor has obtained, completely or in part,
D sufficient appropriate audit evidence for relevant assertions
related to accounts payable and other liabilities
Exam Question 54
Which of the following is not a category of resource outflows reported in the government-wide
statement of activities?
A Extraordinary items
B Expenses
C Special items
D Other financing uses
Exam Question 55
What is the typical audit approach for the audit areas of operating assets, debt, and equity?
A Analytical procedures supplemented by transaction testing
B Transaction testing supplemented by analytical procedures
C Analytical procedures supplemented by tests of controls
D Transaction testing supplemented by tests of controls
Exam Question 56
When would tests of details typically not be necessary for capital assets and expenditures?
A When the risk of material misstatement is low
B When capital assets are material

C When the auditor can rely on inquiries of management and
others
D When capital assets exclude infrastructure assets
Exam Question 57
Why do reconciliations of the fund financial statements to the government-wide financial
statements not relate to opinion units in the fund financial statements?
A The opinion units may change from year to year.
B The reconciliations apply only to specific account balances.
C The reconciliations relate only to note disclosures.
D The reconciliations explain the differences between financial

statements.
Exam Question 58
Which of the following statements regarding audit procedures for grant and similar programs is
true?
A All programs may be tested exclusively by inquiry,

observation, and inspection.
B All programs are immaterial to the financial statements.
C Audit sampling generally is applicable to testing individual

grant transactions.
D Audit sampling is never appropriate for testing individual
grant transactions.
Exam Question 59
Provided that all eligibility requirements are met, when should a school district recognize revenue
for cash and commodities received from the U.S. Department of Agriculture student nutrition
programs?
A When the cash and commodities are requested from the

federal government
B When the cash and commodities are received
C After the cash and commodities are used
D At the end of every month of the school year
Exam Question 60
When should an airport recognize revenue from passenger facility charges?
A When the airport uses the fees for capital development

projects
B When the airline remits the fees to the airport
C When the passenger boards the aircraft
D When the passenger makes the airline reservation
Exam Question 61
Why may an entity create a financing authority to finance its own capital assets?
A To shield the borrowing from its own debt limits or other

debt restrictions
B To ensure that the authority is reported as a discretely
presented component unit
C To avoid the appearance of a related-party transaction
D To be able to issue general obligation bonds rather than

revenue bonds
Exam Question 62
In an enterprise fund, how does a transportation system generally report the grants and
appropriations received from other governments?
A Nonoperating revenue or capital contributions

B Operating revenue or capital contributions
C Operating revenue only
D Nonoperating revenue only
Exam Question 63
Which of the following is not a type of compliance requirement that affects the operations of an
external investment pool?
A Allowable investments
B Investment income allocation
C Distributions to pool participants
D Number of pool participants
Exam Question 64
Which of the following is a reason for auditors to understand the requirements of research grants
and contracts awarded to public colleges and universities?
A To calculate the return on investment
B To calculate the ratio of those amounts to appropriations

from a state or local government
C To evaluate how management obtained those amounts
D To evaluate how management has classified those amounts

in the financial statements
Exam Question 65
Why should the auditor evaluate material incurred-but-not-reported (IBNR) amounts payable to
providers participating in the Medicaid program?
A To consider whether the IBNR payables and related
expenditures or expenses are consistent with Medicaid
accounting and reporting requirements
To consider whether the IBNR payables and related
B expenditures or expenses are properly estimated and
recorded at year-end
C To consider whether the IBNR payables are supported by
legitimate claims from properly enrolled providers
D To consider whether the entity is attempting to bill the
federal government for services not performed by providers
Exam Question 66
Which of the following is not a condition of a qualifying trust?
A Pension plan assets are legally protected from the creditors

of employers.
B Defined benefit pension plan assets have no legal
protection from the creditors of plan members.
C Contributions from employers to the pension plan and
D Pension plan assets are dedicated to providing pensions to
plan members.
Exam Question 67
The financial statements of a defined benefit pension plan include which of the following?
A Balance sheet, statement of operations, and statement of

cash flows
B Statement of financial position and statement of operations
C Statement of cash flows and statement of financial position
D Statement of fiduciary net position and statement of

changes in fiduciary net position
Exam Question 68
Which of the following is not a required note disclosure for all defined benefit pension plans?
A Allocated insurance contracts

B Reserves and deferred retirement option balances
C A 10-year schedule of actuarial liabilities
D Plan description, pension plan investments, and receivables
Exam Question 69
How often should an actuarial valuation of the total pension liability be performed for single-
employer and cost-sharing defined benefit pension plans for financial reporting purposes?
A At least biennially
B At least annually
C No more than once every three years
D Never
Exam Question 70
When are contributions receivable recognized by a defined benefit pension plan?
A In the period the receivable is expected to be collected
B In the period the receivable arises
C At the end of the actuarial valuation of the total pension

liability
D When the employer acknowledges that it owes the plan
Exam Question 71
How is the net pension liability recognized by single and agent employers in financial statements
prepared using the current financial resources measurement focus and the modified accrual basis
of accounting?
A To the extent the liability is normally expected to be

liquidated with expendable available resources
B It is not recognized by single and agent employers in
C Equal to pension expense of the measurement period
D To the extent that resources are expected to be

appropriated in future periods
Exam Question 72
What is the general focus of substantive procedures for census data at a single or agent
employer?
A Internal controls over actuary methods

Whether actuarial assumptions used in computing the total
B pension liability are in accordance with Actuarial Standards
of Practice
C Testing incremental changes to the census data file since
the prior actuarial valuation
D Evaluating the professional qualifications of the actuary
Exam Question 73
How is a cost-sharing employer's net share of the collective net pension liability measured?
A By determining actuarial required contributions and

comparing to actual contributions
B By determining the employer's proportion and multiplying
the collective net pension liability by that proportion
C Based on the estimated amount reported by the pension
plan
D Based on the prior-year pension expense
Exam Question 74
Which of the following statements is true regarding the allocation of the net pension liability for a
cost-sharing employer to individual funds or departments?
A Pronouncements of the Financial Accounting Standards
Board are required to be followed
B This situation does not occur in practice
C GAAP prohibits such allocations
D GAAP does not establish specific requirements for such

allocations
Exam Question 75
Which of the following is not included in OPEB?
A Medical benefits
B Prescription drug benefits
C Termination benefits
D Dental benefits
Exam Question 76
Which of the following statements is true regarding a PERS that administers more than one
defined benefit plan that is administered through a qualifying trust?
A The PERS is required to present combining financial

statements for all plans administered by the system.
The PERS combines all amounts for all plans and presents
B the aggregate amount on the statement of fiduciary net
position.
C The PERS does not report the defined benefit plans because
they are fiduciary funds and not part of the government.
The PERS does not report the defined benefit plans because
D the risks associated with current-period obligations are
transferred to members.
Exam Question 77
When are OPEB liabilities for benefits generally recognized in the statement of fiduciary net
position in financial statements prepared using the economic resources measurement focus and
accrual basis of accounting?
A When the associated employee becomes vested in the

system
B When the benefits are currently due and payable
C As the benefit expenses are paid
D As resources are set aside to pay the benefits
Exam Question 78
How is the total OPEB liability defined for single-employer and cost-sharing plans?
A The amount owed by the employers less the amount owed

by nonemployer contributing entities
B Equal to the fiduciary net position of the plan
C The actuarial present value of projected benefit payments

attributed to past and future employee service
D The actuarial present value of projected benefit payments
attributed to past employee service
Exam Question 79
What is the significance of the number of participants in a single-employer or an agent OPEB plan
as of the beginning of the OPEB plan's fiscal year?
A The net OPEB liability is combined with other liabilities if

the employer has fewer than 50 participants.
B The net OPEB liability equals the total OPEB liability if the
employer has fewer than 100 participants.
The total OPEB liability may be measured using the
C alternative measurement method if the employer has fewer
than 100 participants.
D The OPEB plan is not required to prepare financial
statements if the employer has fewer than 50 participants.
Exam Question 80
How is the net OPEB liability recognized in financial statements prepared using the current
financial resources measurement focus and modified accrual basis of accounting?
The portion of the actuarial present value of projected
A benefit payments attributed to past periods of service net of
the OPEB plan's fiduciary net position
B To the extent the liability is normally expected to be
liquidated with expendable available financial resources
As changes in the total OPEB liability resulting from
C current-period service cost less interest on the total OPEB
liability
D Net of projected earnings on the OPEB plan's investments
Exam Question 81
Which of the following is not a factor that affects substantive audit procedures for single
employers' fiduciary net position?
Whether the employer auditor is performing substantive
A procedures on certain elements or accounts of the plan
B Whether another auditor has been engaged to issue an
opinion on the financial statements of the plan
Whether the plan prepares a schedule of OPEB amounts
C and engages its auditor to obtain reasonable assurance and
report on the net OPEB liability
Whether the employer auditor has allocated sufficient audit
D resources to perform both tests of controls and substantive
procedures
Exam Question 82
How is a cost-sharing employer's OPEB expense measured?
A The employer's proportionate share of collective OPEB

expense
B The employer's contractual contribution to the plan
C The employer's actual contribution to the plan
D The employer's number of employees

Exam Question 83
What is the general basis for substantive procedures over census data for both the employer and
plan auditor?
A Testing internal controls over the accumulation and

reporting of the census data file
B Testing incremental changes to the census data file
C Testing the calculation of OPEB expense for the employer's

proportionate share
D Testing the completeness and accuracy of the actuarial
valuation
Exam Question 84
When a multiple-employer OPEB plan is not administered through a qualifying trust, how does
the government report assets it holds that were accumulated for OPEB purposes in a fiduciary
capacity?
A In the statement of fiduciary net position
B In a note disclosure
C In an agency fund
D In an OPEB plan fund
Exam Question 85
Why does an employer report total OPEB liability instead of net OPEB liability when the plan is
not administered by a qualifying trust?
A Net OPEB liability is measured after the due date of the

B The employer often is unable to obtain the necessary
information from the plan.
C The employee needs to show the entire obligation.
D No plan assets or fiduciary net position exist.
Exam Question 86
Why may it be difficult for an auditor to find an entity's commitments and contingencies?
A They may be fraudulent.
B They may be illegal.
C They may not be valued correctly.
D They may not be recorded.
Exam Question 87
When should the auditor communicate with those charged with governance about an entity's
ability to continue as a going concern?
When the auditor concludes, after considering
A management's plans, that additional management
representations are needed
When the auditor concludes, after considering
B management's plans, that there is still a substantial doubt
about the entity's ability to continue as a going concern
C When the auditor concludes that those charged with
governance should modify management's plans
When the auditor concludes that those charged with
D governance should take over for management and develop
an independent plan for mitigating the conditions and
events that led to the going-concern doubt
Exam Question 88
Which of the following statements regarding the auditor's inability to obtain appropriate
management representations is false?
A The auditor is prevented from expressing an unmodified

opinion.
B The auditor may be required to disclaim an opinion.
C The auditor may be required to withdraw from the audit.
D The auditor is prevented from issuing any type of report in

all circumstances.
Exam Question 89
What is the purpose of performing analytical procedures in the final review stage of the audit?
A To reduce the extent of tests of controls
B To reduce the extent of substantive tests of details
C To assist the auditor in assessing the risk of material

misstatement of an opinion unit
D To assist the auditor in assessing the validity of the
conclusions reached
Exam Question 90
Which of the following is not a section in the standard auditor's report on the financial
statements?
A Management's responsibility
B Emphasis-of-matter paragraph
C Auditor's responsibility
D Auditor's opinion
Exam Question 91
At what level does the auditor opine on the financial statements?
A Opinion unit
B Fund
C Agency
D Department
Exam Question 92
Which of the following is not a type of modification to the standard auditor's report?
A Disclaimer of opinion
B Qualified opinion
C Piecemeal opinion
D Adverse opinion
Exam Question 93
Under what circumstances should the auditor disclaim an opinion on the financial statements
because of a scope limitation?
A When the auditor relies on tests of subsequent events
B When the auditor is unable to perform a specific procedure
C When the effect on the financial statements could be

pervasive
D When the effect on the financial statements is attributable
to those charged with governance
Exam Question 94
Which of the following is not an auditor responsibility when the entity's financial statements are
prepared in accordance with a special purpose framework?
A Express an opinion or disclaimer of opinion on the financial

statements
B Evaluate whether the financial statements are suitably titled
C Evaluate whether the financial statements include a
summary of significant accounting policies
D Include a separate opinion for each financial statement
Exam Question 95
What does an unmodified GAGAS compliance statement mean in a report on a Yellow Book
financial statement audit?
A The audit was performed in accordance with Government

Auditing Standards, which include GAAS by reference.
The audit was performed in accordance with Government
B Auditing Standards but not necessarily in accordance with
GAAS.
The auditor performed and reported on the required
C compliance testing requirements of Financial Accounting
Standards.
The auditor performed and reported on the required
D internal control testing requirements of Government Audit
Quality Standards.

Audit of State and Local Governments

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Audit of State and Local Governments

Uploaded by

Copyright:

Available Formats

Print

Audits of State and Local Governments

Lucinda Upton, CPA, CGFM

Chapter 1. New Auditing and Accounting Requirements

1 A. Overview of the AICPA Codiﬁcation of

1 B. General Principles and Responsibilities

The auditor's two overall objectives are as follows:

The ASB believes it is appropriate to require that management's responsibilities be

Entity Not Required to Have an Audit

To view this interactivity please view chapter 1, page 12

To view this interactivity please view chapter 1, page 14

Communicating Internal Control Related Matters

Communicating Other Deﬁciencies to Management

Potential Effects of Signiﬁcant Deﬁciencies and Material Weaknesses

1 C. Risk Assessment and Response

Requirements That Did Not Change

Speciﬁc Considerations for Selected Items

An alternative procedure could be performed, for example, by calling the respondent

To view this interactivity please view chapter 1, page 26

The Entity's Ability to Continue as a Going Concern

1 E. Using the Work of Others

Audits of Group Financial Statements

Application of Risk Assessment Standards in a Group Audit

Involvement in Work of Component Auditor

1 F. Audit Conclusions and Reporting

To view this interactivity please view chapter 1, page 39

Consistency of Financial Statements

Special Purpose Frameworks

An example of an exception is a situation in which the auditor has expressed a

Summary Financial Statements

When the Auditor May Report

1 H. Special Considerations in the United

Standards outside the Scope of This Course

Alert That Restricts the Use of Auditor's Written Communication

1 I. Government Auditing Standards

When a Nonaudit Service May Not Impair Independence

If no safeguards are available to eliminate an unacceptable threat or reduce it to an

Performance of Nonaudit Services to an Audited Entity

Internal Audit Assistance

D. Financial Consulting or Advisory Services: Prohibited services for ﬁnancial consulting or

GASB Statement No. 88

to improve the consistency and comparability of reporting a government's majority equity

A The management participation threat is so signiﬁcant that

D The auditor should apply safeguards to eliminate the

A All the parties involved are within the same ﬁnancial

C The debt obligation is not cross-collateralized with other

D The third-party obligor is primarily obligated for the

A The issuer should recognize a capital asset if the title passes

Chapter 2. Risk Assessment and General Planning Procedures

2 A. Overview of Risk Assessment and

Types of Risk Assessment Procedures

Procedures Performed in Prior Periods

2 B. Inquiries of Management and Others

Yellow Book Requirements for Inquiry

Inquiries about Accounting Estimates

Knowledge of the Entity

Audit Areas That Need Special Emphasis

Documentation of preliminary analytical procedures should be sufﬁcient to provide support for

2 D. Observation and Inspection

Corroboration or Follow-up on the Results of Inquiries

2 E. Discussion among the Engagement

Focus of the Discussion

Control Systems and Potential Risks

Documentation of the Engagement Team Discussion