Following are some common deficiencies noted in audits conducted in accordance with Government Auditing Standards, found during recent peer reviews and AICPA Professional Ethics Division investigations of CPA firms. You should consider reviewing your firm's policies and procedures to see whether your governmental engagements also might have these kinds of issues.
· The audit documentation did not evidence the required communications between predecessor and successor auditors.
· The audit organization did not submit its peer review report to the required parties.
· The engagement team did not meet the Government Auditing Standards or state licensing board CPE requirements.
· The auditor used inadequate or outdated reference material related to the engagement performed.
· The audit documentation contained inadequate or incomplete documentation regarding engagement planning.
· The auditor did not use written audit programs or failed to tailor the audit programs for specialized industries or for specific transactions or balances (such as significant inventory and receivable balances).
· The audit documentation did not evidence the auditor's consideration of the existence of an internal audit function or the use of service organizations.
· The audit documentation did not evidence the auditor's reliance on the work of other auditors or of specialists.
· The audit documentation did not evidence the auditor’s consideration of the client’s internal control structure, the effect of the use of information technology on internal control, or the effect of internal control on substantive procedures.
· The auditor did not assess the level of materiality or control risk.
· The auditor did not perform or document risk assessments for each of the five components of internal control, or at the assertion level for major account balances or transaction classes.
· The auditor did not assess or document the risk of fraud, did not make appropriate inquiries, or did not adequately consider fraud risks in designing audit procedures.
· The auditor did not properly apply sampling techniques.
· The audit documentation did not include the information about samples and their selection as required by generally accepted auditing standards (GAAS) and Government Auditing Standards.
· The audit documentation was generally deficient or did not include adequate information to support certain conclusions, such as conclusions reached from test work on samples. In addition, for key audit areas, the auditor failed to perform adequate procedures or the audit documentation was substantially deficient. Deficiencies were specifically noted concerning procedures relating to the appropriate inclusion of component units, inventories, accounts receivable, loan covenants, the search for unrecorded liabilities and other audit cut-off procedures, subsequent events, compliance with legal and contractual provisions, and analytical procedures.
· The audit documentation did not indicate the disposition of prior audit findings and current, potential reportable conditions and other findings.
· Some audit documentation was dated after the auditor’s report date.
· The auditor failed to observe the client's incorrect application of generally accepted accounting principles (GAAP), especially (in audits of state and local governments) the improper application of provisions of Governmental Accounting Standards Board (GASB) Statements No. 33 and 34, as amended and interpreted; the improper accounting for a particular fund; or inadequate financial statement disclosure.
· The auditor did not request a legal representation letter when the client consulted an attorney.
· The auditor did not obtain a client management representation letter or did not include appropriate engagement-specific representations within the letter.
· The auditor's reports did not conform to reporting requirements. For example, the reports omitted required wording or did not appropriately address other information accompanying the basic financial statements.
· The auditor's report on the financial statements did not refer to the report required by Government Auditing Standards on internal control over financial reporting and on compliance (the Yellow Book report).
· The auditor did not prepare the Yellow Book report.
· The Yellow Book report did not include or make proper reference to identified reportable conditions or reportable noncompliance.
· The reports of other auditors relating to component units were referred to in the auditor's report on the financial statements, but not in the Yellow Book report.
· The restricted use paragraph in the Yellow Book report failed to conform to the provisions of Statement on Auditing Standards (SAS) No. 87, Restricting the Use of an Auditor's Report (AICPA, Professional Standards, vol. 1, AU sec. 532), or was not restricted to the proper users.