PART 7 - GUIDANCE FOR AUDITING PROGRAMS
NOT INCLUDED IN THIS COMPLIANCE SUPPLEMENT
Purpose - OMB Circular A-133 ('__.500(d)(3)) states that for those Federal programs not covered in the compliance supplement, the auditor should use the types of compliance requirements (see 14 types of compliance requirements described in Part 3) contained in the compliance supplement (this Supplement) as guidance for identifying the types of compliance requirements to test, and determine the requirements governing the Federal program by reviewing the provisions of contract and grant agreements and the laws and regulations referred in such contract and grant agreements.
The purpose of this Part is to provide the auditor with guidance on how to identify the applicable compliance requirements for programs not included in this Supplement for single audits and for program-specific audits when a program-specific audit guide is not available. This Supplement only includes the largest and/or riskiest Federal programs. However, there are more than 600 assistance programs currently funded by the Federal Government. Therefore, it is likely that the auditor will encounter programs that the auditor is required to test as major programs which are not included in this Supplement. For this reason, the following guidance is provided for the auditor to identify those compliance requirements that should be tested.
Organization of this Supplement - First, a review of how this Supplement is organized will be helpful, since the auditor must consider several parts of the Supplement in identifying compliance requirements to be tested. This Supplement is comprised of the following parts:
Part 1 - Background, Purpose, and Applicability
Part 2 - Matrix of Compliance Requirements
Part 3 - Compliance Requirements
Part 4 - Agency Program Requirements
Part 5 - Clusters of Programs
Part 6 - Internal Control
Part 7 - Guidance for Auditing Programs Not Included in This Compliance Supplement
In determining the compliance requirements to test for programs not included in this Supplement, the auditor shall to refer to Parts 3 and 5. Part 3 identifies and describes the 14 types of compliance requirements where noncompliance may have a direct and material effect on a Federal program and provides audit objectives and suggested audit procedures. The 14 types of compliance requirements are:
A. Activities Allowed or Unallowed
B. Allowable Costs/Cost Principles
C. Cash Management
D. Davis-Bacon Act
E. Eligibility
F. Equipment and Real Property Management
G. Matching, Level of Effort, Earmarking
H. Period of Availability of Federal Funds
I. Procurement and Suspension and Debarment
J. Program Income
K. Real Property Acquisition and Relocation Assistance
L. Reporting
M. Subrecipient Monitoring
N. Special Tests and Provisions
Part 5 enumerates those programs that are considered to be clusters of programs as defined by OMB Circular A-133 ('__.105). A cluster of programs means Federal programs with different Catalog of Federal Domestic Assistance (CFDA) numbers that are defined as a cluster of programs because they are closely related programs and share compliance requirements. Part 5 identifies research and development (R&D) and Student Financial Aid (SFA) as clusters, as well as certain other clusters. Also, Part 5 identifies other clusters of programs that are not yet included in this Supplement.
For programs not included in this Supplement, the auditor must determine the applicable compliance requirements. While a Federal program may have many compliance requirements, normally there are only a few key compliance requirements that could have a direct and material effect on the program. Since the single audit process is not intended to cover every compliance requirement, this Supplement and the auditor=s focus should be on the 14 types of compliance requirements enumerated in Part 3. The following are suggested procedures to assist the auditor in making this determination.
Although the focus of this Supplement is on compliance requirements that could have a direct and material effect on a major program, auditors also have responsibility under Generally Accepted Government Auditing Standards (GAGAS) for other requirements when specific information comes to the auditors' attention that provides evidence concerning the existence of possible noncompliance that could have a material indirect effect on a major program.
Steps for Identifying Compliance Requirements
Determining what compliance requirements to test involves several steps. The auditor should address the following questions:
1. What are the program objectives, program procedures, and compliance requirements for a specific program?
2. Which of the compliance requirements could have a direct and material effect on the program?
3. Which of the compliance requirements are susceptible to testing by the auditor?
4. Into which of the 14 types of compliance requirements does each compliance requirement fall?
5. For Special Tests and Provisions, what are the applicable audit objectives and audit procedures?
1. What are the program objectives, program procedures, and compliance requirements for a specific program?
The first step is to gain an understanding of how the program works (e.g., the program objectives and procedures) and determine what laws, regulations, and provisions of contract or grant agreements (compliance requirements) apply to the program. The auditor should consider the following steps:
a. Discuss the program with the non-Federal entity and, if necessary, the Federal agency or, in the case of a subrecipient, the pass-through entity.
b. Review the contract and grant agreements and referenced laws and regulations applicable to the program, including any amendments or closeout agreements. The documents or agreements may identify the name and telephone number of a Federal contact person or, if a subaward, the contact person for the pass-through entity whom the auditor may wish to contact for additional information.
Note: The auditor should be aware that a particular non-Federal entity or Federal award may be subject to provisions that are unique to that entity or award. For example, previous noncompliance by a non-Federal entity may result in additional requirements to which the non-Federal entity must adhere, in order to continue its participation in the Federal program. Such provisions would generally not be based on laws and regulations applicable to all awards under the Federal program. Reasonable procedures to identify such compliance requirements would be inquiry of non-Federal entity management and review of the contract and grant agreements pertaining to the program. Any such requirements identified which could have a direct and material effect on a major program should be included in the audit.
c. Review the Catalog of Federal Domestic Assistance (CFDA). The CFDA provides summary information about each program and includes the name and telephone number of a Federal contact person. A searchable copy of the CFDA is available through the Internet on the GSA Home Page (http://www.gsa.gov/fdac).
d. If there is a program-specific audit guide or other audit guidance issued by the Federal agency=s Office of Inspector General (OIG), the auditor may wish to consider this guidance in identifying the program objectives, program procedures, and compliance requirements. The availability of program audit guides can be determined by consulting the President's Council on Integrity & Efficiency (PCIE) publication, Revised Program Audit Guide Listing (available from the Government Printing Office) or by contacting the appropriate Regional OIG.
e. Consider other audit guidance, including previously issued guidance, pertaining to the program that has continuing relevance.
2. Which of the compliance requirements could have a direct and material effect on the program?
Generally Accepted Government Auditing Standards require that the auditor plan the audit to provide reasonable assurance that the financial statements are free of material misstatement resulting from violations of laws and regulations that have a direct and material effect on the determination of financial statement amounts. OMB Circular A-133 requires the auditor to perform procedures to determine whether the non-Federal entity has complied with laws, regulations, and the provisions of contract or grant agreements that could have a direct and material effect on each major program. Therefore, the auditor must determine which compliance requirements could have a direct and material effect on each major program.
In assessing materiality, the auditor should consider that materiality is based on qualitative as well as quantitative aspects. Also, the auditor should consider whether to set materiality at lower levels in audits of Federal programs than private sector audits of financial statements due to the visibility and sensitivity of such programs. Examples of characteristics indicative of compliance requirements that could have a direct and material effect on a major program include:
3. Which of the compliance requirements are susceptible to testing by the auditor?
The auditor is only expected to test compliance for those requirements which are susceptible to testing by the auditor (i.e., the requirements can be evaluated against objective criteria, and the auditor can reasonably be expected to have sufficient basis for recognizing noncompliance). Further, the auditor would not be expected to test for compliance with requirements that the Federal agency should have the ability to verify in the normal course of administering the program (e.g., if the requirement is that the non-Federal entity must file a report by a certain date, the Federal agency should know whether it received the report on time). Characteristics of compliance requirements that auditors are typically expected to test include those:
4. Into which of the 14 types of compliance requirements does each compliance requirement fall?
Note: In performing this step, the auditor may find it helpful to prepare a matrix similar to the matrix included in Part 2 for programs included in this Supplement.
The auditor shall use the 14 types of compliance requirements listed for identifying which requirements applicable to the program are subject to testing. Not all compliance requirements apply to all programs. Conversely, certain types almost always apply.
A. Activities Allowed or Unallowed almost always applies to Federal programs. The auditor should look at the program requirements and Federal award documents for what constitutes allowable or unallowable activities.
B. Allowable Costs/Cost Principles almost always applies since most Federal programs have charges for goods or services. However, if a program only involves benefits to eligible recipients, with no administrative costs, purchases of goods or services (including salaries and overhead), or allocated costs, then allowable costs may not apply.
C. Cash Management almost always applies to Federal programs. An exception would be a Federal award that operates on a cost reimbursement basis only with no cash being advanced.
D. Davis-Bacon Act only applies as required by the Act itself, the Department of Labor's (DOL) governmentwide implementation of the Davis-Bacon Act, or by Federal program legislation, for construction contracts in excess of $2000 financed by Federal funds. The auditor should review award documents to determine whether the Davis-Bacon Act applies.
E. Eligibility applies to most Federal programs which provide benefits to individuals, groups of individuals, or make subawards. For programs with eligibility requirements, the auditor should review the program laws, regulations, and provisions of contract or grant agreements to determine the specific eligibility requirements. Eligibility involves not only individuals but also possibly groups of individuals, geographical areas, or subrecipients. Additionally, the auditor should consider whether continuing, as well as initial, eligibility requirements apply. Furthermore, eligibility involves both who is eligible and the amount of benefits provided to the eligible.
F. Equipment and Real Property Management requirements applies to Federal programs which purchase equipment or real property.
G. Matching, Level of Effort, Earmarking is not universal, and, if applicable, would be specific to the Federal program and often the non-Federal entity. Therefore, the auditor will have to review the laws, regulations, contract or grant agreements applicable to the program to determine specific requirements for matching, level of effort, and/or earmarking.
H. Period of Availability of Federal Funds almost always applies to Federal programs. The contract or grant agreement applicable to the program often indicates the period during which the funds are available for obligation under the program. The auditor should also look for program requirements regarding carry-over of unused funds to future funding periods, and whether pre-award costs are allowable, to what extent, and under what circumstances.
I. Procurement and Suspension and Debarment applies any time the entity procures goods or services. Suspension and debarment applies to both procurements and subawards.
J. Program Income applies to any program that generates program income (primarily related to the disposition of the income). Program regulations or the contract or grant agreements applicable to the program may specify additional criteria.
K. Real Property Acquisition and Relocation Assistance only applies as required by the Uniform Relocation Assistance and Real Property Acquisition Policies Act of 1970 (URA) for payments to persons displaced from their homes, businesses, or farms by federally-assisted programs. While this requirement only applies to a few programs, when it does apply, it is generally a significant aspect of the program. For example, the U.S. Department of Transportation (DOT) funds many programs to construct highways in which real property acquisition and relocation assistance is a significant part of the program activities. The U.S. Department of Housing and Urban Development has the most transactions subject to the URA and the DOT has the most Federal dollars affected.
L. Reporting almost always applies to Federal programs. The standard financial reports are described in Part 3; however, the Federal agency or the pass-through entity may have developed its own forms for financial reporting. These forms may be in addition to or in lieu of the standard Federal financial reports and may include electronic submissions. The auditor should determine whether the standard reports are used, and if not, whether other forms are used to report the same or similar information. Information collections by Federal agencies must be approved by OMB in accordance with the Paperwork Reduction Act of 1995 (44 USC 3501-3520) and assigned an OMB control number. A Federal agency may not conduct or sponsor, and a person is not required to respond to, a collection of information unless the collection displays a valid control number
For performance reporting and special reporting, if there is a program in this Supplement funded by the same Federal agency that requires the same performance or special reporting required by the program for which the auditor is seeking to identify compliance requirements, and this Supplement requires testing of those data, then the auditor should use such guidance in identifying compliance requirements to test. Otherwise, the auditor is only required to test financial reporting.
M. Subrecipient Monitoring applies when Federal awards are passed through to a subrecipient. If the entity is not a pass-through entity, this requirement does not apply.
N. Special Tests and Provisions includes those compliance requirements that do not fit the description of the types of compliance requirements discussed above. These will generally be the most difficult type of compliance requirement to identify because, by definition, they are unique to each program. In addition to reviewing the program's contract and grant agreements and referenced laws and regulations, the auditor should also make inquires of the non-Federal entity to help identify and understand Special Tests and Provisions.
For each of the types of compliance requirements listed above, except for Special Tests and Provisions, the auditor shall consider the compliance requirements and related audit objectives in Part 3. In making a determination not to test a compliance requirement, the auditor must conclude that the requirement either does not apply to the particular non-Federal entity or that noncompliance with the requirement could not have a material effect on a major program (e.g., the auditor would not be expected to test Procurement if the non-Federal entity charges only small amounts of purchases to a major program). The suggested audit procedures in Part 3 are provided to assist auditors in planning and performing tests of non-Federal entity compliance with the requirements of Federal programs. Auditor judgment will be necessary to determine whether the suggested audit procedures are sufficient to achieve the stated audit objective and whether additional or alternative audit procedures are needed.
Also, because of the diversity of systems in place among non-Federal entities, Part 3 does not include suggested audit procedures to test internal control. The auditor must determine appropriate procedures to test internal control on a case by case basis considering factors such as the non-Federal entity's internal control, the compliance requirements, the audit objectives for compliance, the auditor's assessment of control risk, and the audit requirement to test internal control as prescribed in OMB Circular A-133.
5. For Special Tests and Provisions, what are the applicable audit objectives and audit procedures?
For each of the types of compliance requirements discussed above, Part 3 includes generic audit objectives and suggested audit procedures, except for Special Tests and Provisions. As noted above, Special Tests and Provisions are sufficiently unique to every program that generic audit objectives and suggested audit procedures are not practicable. Therefore, the auditor will have to develop audit objectives and audit procedures for each identified Special Test and Provision using the guidance described in Part 3 under Special Tests and Provisions.