Statement of Thomas A. Carter Assistant Inspector General for Audit Services Office of Inspector General U.S. Department of Education Before the Subcommittee on Government Efficiency, Financial Management, and Intergovernmental Relations Committee on Government Reform United States House of Representatives June 26, 2002 ________________________________________________________________ Mr. Chairman and Members of the Subcommittee: I appreciateI appreciate the opportunity to be here today to discuss how the Offices of Inspector General (OIG) meet their responsibilities to assure the quality of, for Single Audits performed under the Single Audit Act Amendments of 1996. OIG RESPONSIBILITIES FOR SINGLE AUDITS A key responsibility of the Offices of Inspector General is to assure the quality of Single Audits, and other audits performed by non-Federal auditors. This responsibility is specifically mandated in the Inspector General Act of 1978 (IG Act). The IG Act mandates that all Federal Inspectors General “take appropriate steps to assure that any work performed by non-Federal Auditors complies with the standards [for audits] established by the Comptroller General.” Section 4(b)(1)(c), Inspector General Act of 1978, as amended. Over 34,000 Single Audits are filed with the Single Audit Clearinghouse each year by state and local agencies and non-profit organizations receiving Federal funds. Single Audits report on accounting of Federal funds, applicable internal controls, and compliance with Federal laws and regulations by these entities, and they are critical tools for oversight of entities receiving more than $300,000 in funds from the Federal Government fundsGovernment. Under the regulations implementing the Single Audit, Federal award recipients expending $25 million or more annually are assigned a cognizant agency for Audit. The cognizant agency providesagency provides technical assistance to the award recipients and theirand their auditors in implementingin theimplementing the Single Audit Act. The Office of Management and Budget (OMB) recently made new cognizant agency assignments, resulting in morein more than 1,000 such assignmentssuch assignments. The Department of Education (ED) hasassigned 303 303 assignments, which is theis the most for any Federal agency. The Offices of Inspector General devote varying resources to the cognizant agency functions based on the needs of their agency. The resources range varing level from 1 full-time equivalent staff to 14_ .. ED OIG has devoted about ten percent of its resources to Single Audits, as well as other Non-Federal Audits of ED program participants. Specifically, we have a Non-Federal audit team of seven professionalsseven professionals. In addition, staff at our regional officesregional offices performs quality control reviews of Non-Federal Audits. There are four basic efforts to assure audit quality. involve fourThese efforts are: (1) Desk Reviews, (2) Quality Control Review (QCR), (3) Audit Guidance, and (4) Training and Technical Assistance to Auditors and Program Officials. Some OIGs use all four, while others use fewer. Desk Reviews All Single Audits undergo an initial desk review to determine if the reporting package is complete OMB Circular A-133, Paragraph 320(c) states that the Reporting Package shall include: (1) Financial statements and schedule of expenditures of Federal Awards; (2) Summary schedule of prior audit findings; (3) Required auditors reports; and (4) Corrective Action Plan. when submitted to the Federal Audit Clearinghouse in Jeffersonville, Indiana, operated by the Bureau of the Census, Department of Commerce. Some OIGs or another office within the agency perform a second desk review when the report arrives at the agency. For example, in ED, two different offices review ED’s Single Audits. The Office of Federal Student Aid (FSA) receives and reviews all Single Audits for entities receiving FSA funds before initiating audit resolution. ED’s Office of the Chief Financial Officer reviews all other Single Audits containing audit findings requiring corrective action and coordinates with program officials to accomplish audit resolution. The President’s Council on Integrity and Efficiency (PCIE) has issued a desk review guide and checklist, entitled Uniform Guide for Initial Review of A-133 Audit Reports for use by OIGs. Quality Control Reviews The objectives of a QCR of a Single Audit are to: (1) ensure that the audit was conducted in accordance with applicable standards and meets the Single Audit requirements; (2) identify any follow-up audit work needed; and (3) identify issues that may require management attention. QCRs are performed using the Uniform Quality Control Review Guide, published by the PCIE in 1999. Audit Guidance The third effort ofeffort of major significancemajor significance for OIGsfor OIGs is preparing audit guidance for the auditors. The annual OMB Circular A-133 Compliance Supplement contains specific audit guidance relating to over 150 individual Federal programs. It identifies the important compliance requirements that the Federal government expects to be considered as part of an audit. The Compliance Supplement provides a source of information for auditors to understand Federal program objectives, procedures, and compliance requirements, as well as audit objectives and suggested audit procedures for determining compliance with these requirements. The revision of the Compliance Supplement usually is a collaborative effort between program officials, legal counsel, the Chief Financial Officer’s staff and OIG. The degree of OIG involvement in the revision process varies among agencies. In ED OIG, we play a major role, providing a Compliance Supplement Policy Official, who coordinates and works with other ED officials on revisions, performing a final review, and submitting the completed input to OMB. Training and Technical Assistance The other effort of significant emphasis of OIGs is to provide training and technical assistance to auditors and program officials on Single Audits. We do not have specific information on what other OIGs have done in this area, but ED OIG activities may illustrate the form and extent it can take. We conduct training and participate in national conferences. Some of our past and planned efforts in this area include the following: We conducted a series of two-day training sessions at 11 locations for auditors performing Single Audits (or other required audits) of colleges, universities, and postsecondary institutions. We provided comprehensive Single Audit Overview training to ED Program Officials, including ED Regional Offices. We conducted specific training for ED program officials and attorneys involved in drafting revisions to the OMB Circular A-133 Compliance Supplement. We have given speeches on Single Audit topics at national meetings of state and local officials, including the National Title I Conference and Vocational Rehabilitation Financial Management Conference. In July 2002 ,2002, the Directorthe Director of our Non-Federal Audit Team will participate as a panelistsas a panelist in an all day continuing professional education program for certified public accountants (CPAs) that will be broadcasted on closed circuit television at 50at 50 sites in 20 states. we provideWe also provide technical assistance to auditors, and ED, state, and local program officials upon request by telephone, as, as well as on our Non-Federal Audit Website. INTERACTIONS WITH PCIE While OIGs generally fulfill their responsibilities concerning Single Audits and other non-Federal audits independently, there, there is a long history of coordination and collaboration between members of the PCIE and OMB on Single Audits. In the early 1980s, when, when Single Audits were established by executive direction (under the former OMB Circular A-102), PCIE members coordinated with each other regarding Single Audit matters. Early PCIE collaborative efforts includedefforts included the publication of Cognizant Agency for Audit Guidelines (commonly known as the “Orange Book”) and regular meetings of PCIE member representatives who led their offices’ Single Audit oversight activities. In 1999, the PCIE issued the checklists for quality reviews of Single Audits that we and other PCIE members use today. Some noteworthy interactions that ED OIG has had with PCIE members includedmembers included: We actively participated onparticipated on a ccommitteeommittee that drafted a revision of theof the “Orange Book.” When approved and issued by the PCIE, the revision will describe the procedures and approaches agreed upon by the PCIE on implementing the Cognizant Audit Agency responsibilities of the Single Audit Act Amendments of 1996. We have worked closely with other PCIE members in performing QCRs of state government entitiesandentities and in participating as members of multi-agency teams, performing QCRs of audits of state government entities. We participated articipatedwith other PCIE members’ representatives and OMBand OMB, in ain a Single Audit Roundtable, convened early this year by the American Institute of Certified Public Accountants (AICPA). ED OIG recently initiated steps to revive a committee of PCIE members thatmembers’ representatives that would provide a regular forum forforum for continuing dialogue on Single Audit matters of mutual interest and government-wide concern. An initial meeting was held on June 6, 2002, with a follow up meeting to be held later this summer. We are very optimistic that these meetings will result in a proposal for approval from the full PCIE to formally establish this committee and have it report to the PCIE’s Audit Committee. AUDIT QUALITY Single Audits and other non-Federal audits are important tools that the Departments and agencies can rely upon to ensure that entities receiving Federal funds properly account for and use those funds and have adequate systems of internal controls. How good is the quality of these audits? A partial answer was provided in Spring 2001 when the PCIE Audit Committee conducted a survey of Single Audit QCRs performed by OIGs. The survey results were 459 QCRs conducted, of which 344 (75%) were judged to be acceptable; 92 (20%) were technically deficient; and 23 (5%) were substandard. When work is judged to be technically deficient, the problems are of such a nature that they must be fixed, prior to the audit being acceptable. In such cases, we require the auditor to take corrective action for the audit being reviewed. Substandard work involves problems of such severity, that the audit as a whole is unacceptable. In those instances, the entire audit, or substantial portions, must be redone. The kinds of issues that render an audit to be technically deficient include instances such as: Not obtaining required written representations or assertions from management; Not including or including an incomplete Schedule of Findings and Questioned Costs; and Not performing some required tests. If problems such as these are pervasive, especially when a significant number of required tests are not performed, the audit is judged to be substandard. We require corrective action for reports that are technically deficient and substandard. For audits that are substandard, we generally refer auditors who are CPAs to state licensing officials and, if they are members, to the AICPA for disciplinary action. We cannot say if the results of the PCIE’S survey answer the question about Single Audit quality because the results may not be representative of the quality of Single Audits as a whole. Specifically, the selections of QCRs by us and other OIGs are based on judgmental factors rather than on aon a statistical sample. To draw a statistically projectable sample of sufficient size and scope, that would affordwould afford a meaningful assessment of Single Audit quality across-the-board, would require the OIGthe OIG community to collaborate, develop and execute a sample of Single Audits for which all OIGs have oversight responsibilities. We have taken the first step towards achieving a projectable sample. At the June 6, 2002, meeting of PCIEof PCIE members themembers’ representatives, they agreed to convene a work group later tolater this summer to explore the practicality of conducting a statistical sample of QCRs of all Single Audits. The plan is to attempt to develop an approach for performing QCRs to be performed by participating OIG PCIE members. If developed, it will be presented to the PCIE for approval. I believe the resultsthe results would provide statistically reliable answers to questions concerning Single Audit quality. In summary, the Offices of Inspector General have a key role in assuring the quality of Single Audits and other audits performed by non-Federal auditors. The OIGs accomplish this by performing desk reviews, conducting quality control reviews, preparing audit guidance, and providing training and technical assistance to auditors and program officials on Single Audits. There is also a long history of coordination and collaboration between members of the PCIE on Single Audits, as is evident by the June 6, 2002, meeting which provided a forum for discussing Single Audit matters of mutual interest and government-wide concern. Ultimately though, we do not have a valid measure of the quality of the Single Audits and we cannot properly measure how effective our efforts are. Therefore, it is important that the activity now underway to develop a statistically valid sample is successful. Mr. Chairman and Members of the Subcommittee, I, I will be happy to answer any questions you mayyou may have. 7
Statement of the Assistant Inspector General for Audit Services on how the Offices of Inspector General (OIG) meet their responsibilities to assure the quality of Single Audits performed under the Single Audit Act Amendments of 1996, before the Subcommittee on Government Efficiency, Financial Management, and Intergovernmental Relations, Committee on Government Reform, United States House of Representatives, June 26, 2002 MS Word
Published by the Department of Education, Office of Inspector General on 2002-06-26.
Below is a raw (and likely hideous) rendition of the original report.