Printer-friendly Version

What Is An Audit

AUDIT TUTORIAL—WHAT IS AN AUDIT? WHY EVEN BOTHER WITH ONE?

TYPICAL AUDIT OBJECTIVES (WHAT YOU’RE TRYING TO ACHIEVE)

S_afeguarding of Organizational Assets
C_ompliance with Regulation, Policy & Other Requirements
A_ccomplishment of Organizational Goals & Objectives
R_eliability of Information (Reporting)
E_conomy & Efficiency of Operations

TYPES OF AUDITS (NOT ALL AUDITS ARE CREATED EQUAL)

Financial
Major Focus—Accuracy of Financial Reporting
Key Measure—Materiality of Errors and Misstatements
Opinions—Based on Professional Standards and Judgment
Note: Certified Public Accountants (CPAs) licensed
to express opinions related to Financial Reporting
Primary Stakeholders—Decision-Makers (legislators)
Funding Sources (taxpayers)
Performance
Major Focus—Achievement of Goals & Objectives
Key Measure—Project Management
Primary Stakeholders—Decision-Makers (legislators)
Funding Sources (taxpayers)
Users (beneficiaries of public services)
Regulatory
Major Focus—Statutory/Regulatory Adherence
Key Measure—Compliance
Primary Stakeholders—Decision-Makers (legislators)
Regulators (other agencies)
Internal
Major Focus—Organizational Needs
Key Measure—Adequacy of Internal Controls
Primary Stakeholders—Organizational (management & employees)
Fraud/Special
Major Focus—Investigative in nature; focused on specific allegations
of financial fraud, waste and abuse associated with specific
individuals and/or specific transactions
Key Measure—Fiduciary Duty
Primary Stakeholders—Prosecuting Authority (DA, AG, Justice Dept)
Decision-Makers (legislators)

Fiduciary duty is characterized as being “the highest standard of care imposed at either equity or law,” requiring the fiduciary to be “extremely loyal to the person to whom they owe the duty (the principal),” and requiring those entrusted in this manner “not put their personal interests before the duty, and not profit from their position as a fiduciary, unless the principal consents.”

Source: Wikipedia Encyclopedia (http://en.wikipedia.org) Note: The principal, with respect to public resources, is ultimately the taxpayer/citizen.

WHO DOES WHAT?

Financial
Typically done by Independent Public Accountants (IPAs) that are
Certified Public Accountants (CPAs), or by CPAs on staff within
the Office of the State Auditor

Performance
Typically done by staff employed by the Legislative Finance
Committee (LFC) of the New Mexico State Legislature
Note: The Office the State Auditor does not normally assist the
LFC in this regard or otherwise engage in performance auditing

Regulatory
Typically done by outside auditors associated with a regulatory body

Internal
Typically done by the Internal Audit or Inspector General function
established within or otherwise associated with the organization
being audited

Fraud/Special
Typically done by IPAs that are Certified Fraud Examiners, or by
CFEs on staff within the Office of the State Auditor

HOW TO READ A TYPICAL FINANCIAL AUDIT REPORT

Background —Normally provides perspective on organizational mission, key processes or initiatives, funding levels, how the audit came about, major concerns triggering the audit etc.

Executive Summary —Normally provides a high level summary of significant audit findings, observations or conclusions.

Scope of Work —Normally identifies the areas being evaluated, the time period under review, and may specify activities or transaction types looked at or not looked at.

Methodology —Normally describes how the audit was conducted in terms of sampling methodologies or transactions selected for evaluation

Findings —Describes significant shortcomings identified during the audit. A finding is typically organized in the following manner:

  • Condition (the specific situation/shortcoming)
  • Criteria (policy, duty or good business practice being violated)
  • Effect (risk or adverse impact associated with this condition)
  • Cause (the likely reason this condition exists)
  • Recommendation (how the condition might be remedied/fixed)

Management Response —When included, normally constitutes a managerial perspective on corrective actions considered necessary to resolve the finding

Note: Due to the nature of Fraud and Special Audits and the primary stakeholders associated with such audits, a Management Response will typically not be associated with the related audit report.