A U D I T / T A X / A D V I S O R Y / L I N E O F B U S I N E S S

DOI Annual Business ConferenceDOI Annual Business ConferenceAudit Approach to Audit Approach to OMB Circular No. A-123 OMB Circular No. A-123

2

Agenda

• Auditors’ objective

• Consolidated level procedures

• Bureau level procedures

• Assurance statement procedures

3

Auditors’ Objective

• Test for compliance with Federal Managers’ Financial Integrity Act (FMFIA) of 1982 – OMB Circular No. A-123, Appendix A provides guidance for

the internal control over financial reporting of FFMIA

• Utilize managements’ documentation to assist in understanding financial reporting processes

• Consider internal control test results

4

Consolidated Level Procedures

• Gain an understanding of managements’ process

• Verify establishment of senior assessment team, its authority, and members

• Verify appropriateness of significant financial reports selected

• Assess reasonableness of materiality assessments for each significant financial report

• Verify significant accounts, major transaction cycles, and the relevant financial report assertions are identified and included

– For each significant financial report

5

Bureau Level Procedures

• Inspect a sample of bureaus’ control documentation to verify that it includes controls at the:– Entity level

– Control environment, risk assessment, monitoring, control activity, and information and communication processes

– Process, transaction, and application level

6

Bureau Level Procedures

• Inspect a sample of the bureau control documentation for consistency with CFO Council’s Implementation Guide – Controls to mitigate the risk of financial statement errors

– Data characteristics: source; receipt; processing; and transmission

– Supervisor review; process and calculations performed in preparation of financial reporting; and process outputs

– Use of computer application controls and controls over spreadsheets used in the preparation of financial reporting

– Identification of errors: types of errors found; reporting errors; and resolving errors

– Ability of personnel to override the process or controls

7

Bureau Level Procedures

• Inspect a sample of the internal control testing documentation to verify that it includes– Management’s assessment of the design of key controls

– Nature, timing, and extent of testing of key controls

– Assessment of operating effectiveness of key controls tested

– Response and conclusions for deficiencies identified

8

Assurance Statement Procedures - Bureaus

• Read bureau assurance statement for conformance with Department guidance– Based on Department materiality

• Compare managements’ and auditors’ testing results to bureau assurance statement to verify that: – Managements’ results support the assurance statement

– Management identified all material weaknesses

9

Assurance Statement Procedures - Consolidated

• Inspect the assurance statement to verify that it includes:– Results of the bureau level assurance statements

– Any material weaknesses that are identified

– Statement of management’s responsibility for establishing and maintaining adequate internal controls

– Statement identifying OMB Circular A-123 as the framework used by management to conduct the assessment

– An assessment of the effectiveness of the agency’s internal control