Government Auditing Standards: Amendment No. 3--Independence	 
(01-JAN-02, GAO-02-388G).					 
                                                                 
GAO presented a guide on revised government auditing standards to
audit officials and others interested in government auditing	 
standards. The standards require auditors to (1) not perform	 
management functions or make management decisions and (2) not	 
audit their own work or provide nonaudit services in situations  
in which the amounts or services involved are			 
significant/material to the subject matter of the audit.	 
-------------------------Indexing Terms------------------------- 
REPORTNUM:   GAO-02-388G					        
    ACCNO:   A02924						        
  TITLE:     Government Auditing Standards: Amendment No.	      
3--Independence 						 
     DATE:   01/01/2002 
  SUBJECT:   Accounting procedures				 
	     Auditing procedures				 
	     Auditing standards 				 
	     Financial statement audits 			 
	     Information systems				 
	     Internal controls					 
	     Reporting requirements				 
	     Yellow Book					 

******************************************************************
** This file contains an ASCII representation of the text of a  **
** GAO Product.                                                 **
**                                                              **
** No attempt has been made to display graphic images, although **
** figure captions are reproduced.  Tables are included, but    **
** may not resemble those in the printed version.               **
**                                                              **
** Please see the PDF (Portable Document Format) file, when     **
** available, for a complete electronic file of the printed     **
** document's contents.                                         **
**                                                              **
******************************************************************
GAO-02-388G
     
                  United States General Accounting Office

GAO

By the Comptroller General of the United States

January 2002

Government Auditing Standards

Amendment No. 3

Independence

GAO-02-388G United States General Accounting Office Washington, D.C. 20548

This third amendment to Government Auditing Standards (1994 revision),
Amendment No. 3, Independence, substantially changes the previous standard
to better serve the public interest and to maintain a high degree of
integrity, objectivity, and independence for audits of government entities.
While this new amendment deals with a range of auditor independence issues,
the most significant change relates to the rules associated with nonaudit,
or consulting services.

Auditors have the capability of performing a range of services for their
clients. However, in some circumstances it is not appropriate for them to
perform both audit and certain nonaudit services for the same client. In
these circumstances, the auditor and/or their client will have to make a
choice as to which of these services they will provide. The standard
includes a principle-based approach to addressing this issue supplemented
with certain safeguards. The standard for nonaudit services is based on two
overarching principles:

* Auditors should not perform management functions or make management
decisions; and

* Auditors should not audit their own work or provide nonaudit services in
situations where the amounts or services involved are significant/material
to the subject matter of the audit.

For nonaudit services that do not violate the above principles, certain
supplemental safeguards would have to be met. For example, (1) personnel who
perform nonaudit services would be precluded from performing any related
audit work, (2) the auditor's work could not be reduced beyond the level
that would be appropriate if the nonaudit work was performed by another
unrelated party, and (3) certain documentation and quality assurance
requirements must be met. The standard

includes an express prohibition regarding auditors providing certain
bookkeeping/recordkeeping services, and limits payroll processing and
certain other services, all of which are presently permitted under the
ethics rules of the American Institute of Certified Public Accountants
(AICPA). At the same time, the standard recognizes that auditors can provide
routine advice and answer technical questions without violating the two
principles or having to comply with the supplemental safeguards. The
standard also provides examples of how certain services would be treated
under the new rules. We plan to issue further guidance in the form of
questions and answers to assist in implementing the standard.

This standard also acknowledges the ways that government audit organizations
can be free from organizational impairments to independence. First, the
amendment expands the presumptive criteria by specifying additional ways for
an organization to be free from organizational impairments to independence.
If the audit organization meets any of the presumptive criteria listed in
the standard, it can be considered organizationally independent to audit
externally. Second, the standard recognizes that other organizational
structures can provide sufficient safeguards to prevent the audited entity
from interfering with the audit organization's ability to perform the work
and report the results impartially. If the audit organization meets all the
statutory protections listed in the amendment, it can be considered
organizationally independent to report externally.

The revised standard also recognizes that internal auditors play a vital
role in government auditing and can be free from organizational impairments
to independence. However, since internal auditors are responsible to
management while external auditors are responsible to third parties outside
the audited entity, a fundamental difference exists between internal and

external auditors. The amendment acknowledges this difference by retaining
the sections on internal audit in the 1994 revision of Government Auditing
Standards but refocusing the discussion to organizational impairment
considerations when reporting internally to management.

Because of the breadth of changes in the amendment, they are applicable to
all audits for periods beginning on or after October 1, 2002. However, early
implementation is encouraged.

We have included as appendix I a version of the standard which shows the
deletion of language appearing in the 1994 Yellow Book with a strikeout and
presents the new or amended language with bold and italics. Appendix II
contains a list of members of the Comptroller General's Advisory Council on
Government Auditing Standardsand GAO staff working with the Council.

An electronic version of this standard can be accessed through the U.S.
General Accounting Office's (GAO) Internet Home Page (www.gao.gov) from the
GAO Policy and Guidance Materials or the Special Publications sections of
the GAO site, or directly at www.gao.gov/govaud/ybk01.htm. This site also
contains a new electronic version of Government Auditing Standards, which
codifies the new standard by reflecting changes made resulting from the
issuance of these amendments. Printed copies of this standard can be
obtained from the U.S. Government Printing Office.

This amendment have gone through an extensive deliberative process including
extensive public comments and input from the Comptroller General's Advisory
Council on Government Auditing Standards. The Council includes 20 experts in
financial and performance auditing and reporting drawn from all

levels of government, academia, private enterprise, and public accounting,
who advise the Comptroller General on Government Auditing Standards. The
views of all parties that formally commented on the exposure draft of the
standard were thoroughly considered by the Comptroller General in finalizing
the standard. I thank those who commented and suggested improvements to the
standard. I especially commend the Advisory Council on Government Auditing
Standards and the project team for their efforts.

If you have questions regarding this amendment, please contact Jeffrey C.
Steinhoff, Managing Director, Financial Management and Assurance , (202)
512-2600 or Marcia B. Buchanan, Assistant Director, Financial Management and
Assurance, (202) 512-9321.

David M. Walker Comptroller General of the United States

Amendment No. 3

INDEPENDENCE 3.11 The second general standard is:

In all matters relating to the audit work, the audit organization and the
individual auditor, whether government or public, should be free both in
fact and appearance from personal, external, and organizational impairments
to independence.

3.12 Auditors and audit organizations have a responsibility to maintain
independence, so that opinions, conclusions, judgments, and recommendations
will be impartial and will be viewed as impartial by knowledgeable third
parties. An auditor should avoid situations that could lead reasonable third
parties with knowledge of the relevant facts and circumstances to conclude
that the auditor is not able to maintain independence and, thus, is not
capable of exercising objective and impartial judgment on all issues
associated with conducting and reporting on the work.

3.13 Auditors need to consider three general classes of impairments to
independence-personal, external, and organizational.1 If one or more of
these impairments affects an auditor's capability to perform the work and
report results impartially, that auditor should either decline to perform
the work, or in those situations in which the government auditor because of
a legislative requirement or for other reasons cannot decline to perform the
work, the impairment(s) should be reported in the scope section of the audit
report.

1Nongovernment auditors should also follow the AICPA code of professional
conduct and the code of professional conduct of the state board with
jurisdiction over the practice of the public accountant and the audit
organization.

                              Amendment No. 3

3.14 In using the work of a specialist,2 auditors need to consider the
specialist as a member of the audit team and, accordingly, assess the
specialist's capability to perform the work and report results impartially.
In conducting this assessment, auditors should provide the specialist with
the GAGAS independence requirements and obtain representations from the
specialist regarding their independence from the activity or program under
audit. If the specialist has an impairment to independence, the auditor
should not use the work of that specialist.

Personal Impairments

3.15 The audit organization should have an internal quality control system
to help determine if auditors have any personal impairments to independence
that could affect their impartiality or the appearance of impartiality. The
audit organization needs to be alert for personal impairments to
independence of its staff members. Personal impairments of staff members
result from relationships and beliefs that might cause an auditor to limit
the extent of the inquiry, limit disclosure, or weaken or slant audit
findings in any way. Auditors are responsible for notifying the appropriate
officials within their audit organizations if they have any personal
impairments to independence. Examples of personal impairments of individual
auditors include, but are not limited to, the following:

a. immediate family or close family member3 who is a director or officer of
the audited entity, or as an

2Specialists to whom this section applies include, but are not limited to,
actuaries, appraisers, attorneys, engineers, environmental consultants,
medical professionals, statisticians, and geologists. This section also
applies to external consultants and firms performing work for the audit
organization.

3Immediate family member is a spouse, spouse equivalent, or dependent
(whether or not related). A close family member is a parent, sibling, or
nondependent child.

Amendment No. 3

employee of the audited entity, is in a position to exert direct and
significant influence over the entity or the program under audit,

b. financial interest that is direct, or is significant/material though
indirect, in the audited entity or program,

c. responsibility for managing an entity or decision-making that could
affect operations of the entity or program being audited, for example as a
director, officer, or other senior position of the entity, activity, or
program being audited, or as a member of management in any decision-making,
supervisory, or ongoing monitoring function for the entity, activity, or
program under audit,4 5

d. concurrent or subsequent performance of an audit by the same individual
who maintained the official accounting records when such services involved
preparing source documents or originating data, in electronic or other form;
posting transactions (whether coded by management or not coded);
authorizing, executing, or consummating transactions (for example, approving
invoices, payrolls, claims, or other payments of the entity or program being
audited), maintaining an entity's bank account or otherwise having custody
of the

4If the auditor has performed nonaudit services for a client that affect
information that is the subject of the audit and management is unable or
unwilling to take responsibility for this information, the risk that the
auditor may be perceived to have a personal impairment to independence is
increased. See paragraphs 3.18 through 3.26 for additional guidance on
impairments to independence associated with the scope of services that may
be provided by audit organizations to entities they audit.

5The auditor needs to be free from this personal impairment for the period
covered by the activity under audit, including any financial statements
being audited, and for the period in which the audit is being performed and
reported.

Amendment No. 3

audited entity's funds; or otherwise exercising authority on behalf of the
entity, or having authority to do so, 6

e. preconceived ideas toward individuals, groups, organizations, or
objectives of a particular program that could bias the audit,

f. biases, including those induced by political or social convictions, that
result from employment in, or loyalty to, a particular group, organization,
or level of government, and

g. seeking employment with an audited organization during the conduct of the
audit.

3.16 Audit organizations and auditors may encounter many different
circumstances or combination of circumstances that could create a personal
impairment. Therefore, it is impossible to identify every situation that
could result in a personal impairment. Accordingly, audit organizations
should include as part of its internal quality control system requirements
to identify personal impairments and determine compliance with GAGAS
independence requirements. At a minimum, audit organizations should:

a. establish policies and procedures that will enable the identification of
personal impairments to independence, including whether performing nonaudit
services affects the subject matter of audits and applying safeguards to
appropriately reduce that risk, (See paragraphs 3.20 through 3.26.)

b. communicate the audit organization's policies and procedures to all
auditors in the organization and ensure understanding of requirements
through training or other

6See footnote 5. Page 4

Amendment No. 3

means such as auditors acknowledging their understanding periodically,

c. establish internal policies and procedures to monitor compliance with the
audit organization's policies and procedures,

d. establish a disciplinary mechanism to promote compliance with the audit
organization's policies and procedures, and

e. stress the importance of independence and the expectation that auditors
will always act in the public interest.

3.17 When the audit organization identifies a personal impairment to
independence, the impairment needs to be resolved in a timely manner. In
situations where the personal impairment is applicable only to an individual
auditor on a particular assignment, the audit organization may be able to
mitigate the personal impairment by requiring the auditor to eliminate the
personal impairment. For example, the auditor could sell a financial
interest that created the personal impairment, or the audit organization
could remove that auditor from any work on that audit assignment.7 If the
personal impairment cannot be mitigated through these means, the audit
organization needs to withdraw from the audit. In situations in which
government auditors cannot withdraw from the audit, they should follow the
requirements in paragraph 3.13.

3.18 Audit organizations that provide other professional services (nonaudit
services) should

7Auditors participating in the audit assignment, including those who perform
review of the report, and all others within the audit organization who can
directly influence the outcome of the audit, need to be free from personal
impairments.

Amendment No. 3

consider whether providing these services creates a personal impairment
either in fact or appearance that adversely affects their independence for
conducting audits.

3.19 Nonaudit services generally differ from financial audits, attestation
engagements, and performance audits described in chapter 2 in that auditors
may (1) perform tasks requested by management that directly support the
entity's operations, such as developing or implementing accounting systems;
determining account balances;8 developing internal control systems;
establishing capitalization criteria; processing payroll; posting of
transactions; evaluating assets; designing or implementing information
technology or other system; or performing actuarial studies, or (2) provide
information or data to a requesting party without providing verification,
analysis, or evaluation of the information or data, and therefore the work
does not usually provide a basis for conclusions, recommendations, or
opinions on the information or data. These other services may or may not
result in a report. In the case of nongovernment auditors that perform
audits of government entities under GAGAS, the term nonaudit services is
synonymous with consulting services.

3.20 Audit organizations have the capability of performing a range of
services for their clients. However, in certain circumstances, it is not
appropriate for the audit organization to perform both audit and selected
nonaudit services for the same client. In these circumstances, the auditor
and/or the audited entity will have to make a choice as to which of these
services the

8The determination of account balances is used by management to prepare
financial statements, such as determining for management the accounts
receivable or accounts payable balance or the value of inventory.

Amendment No. 3

audit organization will provide. GAGAS recognize that nonaudit services are
provided by audit organizations and that care needs to be taken to avoid
situations that can impair auditor independence, either in fact or
appearance, to provide financial audits, attestations engagements, or
performance audits in accordance with GAGAS.

3.21 Before an audit organization agrees to perform nonaudit services, it
should carefully consider the requirements of paragraph 3.12 that auditors
should avoid situations that could lead reasonable third parties with
knowledge of the relevant facts and circumstances to conclude that the
auditor is not able to maintain independence in conducting audits. In
conducting the assessment, there are two overarching principles: (1) audit
organizations should not provide nonaudit services that involve performing
management functions or making management decisions and (2) audit
organizations should not audit their own work or provide nonaudit services
in situations where the nonaudit services are significant/material to the
subject matter of audits. If the audit organization makes the determination
that the nonaudit service does not violate these principles, it should
comply with all the safeguards stated in paragraph 3.25.

3.22 Audit organizations should not perform management functions or make
management decisions. Performing management functions or making management
decisions creates a situation that impairs the audit organization's
independence, both in fact and in appearance, to perform audits of that
subject matter and may affect the audit organization's independence to
conduct audits of related subject matter. For example, auditors should not
serve as members of an entity's management committee or board of directors,
make policy decisions that affect future direction and operation of an
entity's programs, supervise entity employees, develop programmatic policy,
authorize an

Amendment No. 3

entity's transactions, or maintain custody of an entity's assets.9

3.23 Auditors may participate on committees or task forces in a purely
advisory capacity to advise entity management on issues related to the
knowledge and skills of the auditors without impairing their independence.
However, auditors should not make management decisions or perform management
functions. For an example, auditors can provide routine advice to the
audited entity and management to assist them in activities such as
establishing internal controls or implementing audit recommendations, can
answer technical questions, and/or provide training. The decision to follow
the auditor's advice remains with management of the audited entity. These
types of interactions are normal between the auditor and the management of
the audited entity given the auditor's technical expertise and the knowledge
the auditor gains of the audited entity's operations. An auditor may also
provide tools and methodologies, such as best practice guides, benchmarking
studies, and internal control assessment methodologies that can be used by
management. By their very nature, these are routine activities that would
not require the audit organization to apply the safeguards described in
paragraph 3.25.

3.24 Audit organizations should not audit their own work or provide nonaudit
services if the services are significant/material to the subject matter of
audits. In considering whether the nonaudit service can have a significant
or material affect on the subject matter of audits, audit organizations
should consider (1) ongoing audits, (2) planned audits, (3) requirements and
commitments for providing audits, which includes laws,

9Entity assets are intended to include all of the entity's property
including bank accounts, investment accounts, inventories, equipment or
other assets owned, leased, or otherwise in the entity's possession.

Amendment No. 3

regulations, rules, contracts and other agreements, and (4) policies placing
responsibilities on the audit organization for providing audit services.
Government auditors generally have broad audit responsibilities that may
extend to a level of government or a particular entity within a level of
government. Given their broad area of audit responsibility, government
auditors need to be especially careful in providing nonaudit services to the
entity so that their independence is not impaired to fulfill their full
range of audit responsibilities. Nongovernment audit organizations may
provide audit and nonaudit services under contractual commitments to an
entity (commonly referred to as consulting) and need to consider whether
nonaudit services they have provided or are committed to provide have a
significant or material affect on the subject matter of audits.

3.25 Audit organizations may perform nonaudit services that do not violate
the principles stated in paragraph 3.21 only if the audit organization and
the audited entity complies with the following safeguards. These safeguards
would not apply in connection with the type of routine activities described
in paragraph 3.23. The intent in paragraph 3.25 is not for the audit
organization to apply these safeguards to each and every interaction it has
with management.

a. The audit organization should document its consideration of the nonaudit
services as discussed in paragraph 3.21, including documentation for its
rationale that providing the nonaudit services does not violate the two
overarching principles.

b. Before performing nonaudit services, the audit organization should
establish and document an understanding with the audited entity regarding
the objectives, scope of work, and product or deliverables of the nonaudit
service. The audit organization should also establish and document an
understanding with

Amendment No. 3

management that management is responsible for the substantive outcomes of
the work and, therefore, has a responsibility to be in a position in fact
and appearance to make an informed judgment on the results of the nonaudit
service and that the audited entity complies with the following:

1. Designates a management-level individual to be responsible and
accountable for overseeing the nonaudit service.

2. Establishes and monitors the performance of the nonaudit service to
ensure that it meets management's objectives.

3. Makes any decisions that involve management functions related to the
nonaudit service and accepts full responsibility for such decisions.

4. Evaluates the adequacy of the services performed and any findings that
result.

c. The audit organization should preclude personnel who provided the
nonaudit services from planning, conducting, or reviewing audit work related
to the nonaudit service under the overarching principle that auditors cannot
audit their own work.10

d. The audit organization is precluded from reducing the scope and extent of
the audit work beyond the level that would be appropriate if the nonaudit
work was performed by another unrelated party.

10Personnel who provided the nonaudit service are permitted to convey the
knowledge gained of the audited entity and its operations to the audit
assignment team.

                              Amendment No. 3

e. The audit organization's quality control systems for compliance with
independence requirements should include policies and procedures to assure
consideration of the effect on the ongoing, planned, and future audits when
deciding whether to provide nonaudit services and a requirement to have the
understanding with management of the audited entity documented. The
understanding should be communicated to management in writing and can be
included in the engagement letter. In addition, the documentation should
specifically identify management's compliance with the elements discussed in
paragraph 3.25b, including evidence of the management-level individual
responsible for overseeing the nonaudit service's qualifications to conduct
the required oversight, and that the tasks required of management were
performed.

f. By their nature, certain nonaudit services impair the audit
organization's ability to meet either or both of the overarching principles
in paragraph 3.21 for certain types of audit work. In these cases, the audit
organization should communicate to management of the audited entity that the
audit organization would not be able to perform subsequent audit work
related to the subject matter of the nonaudit service. It should be clear to
management upfront that the audit organization would be in violation of the
independence standard and that another audit organization that met the
independence standard would have to be engaged to perform the audit. For
example, if the audit organization has been responsible for designing,
developing, and/or installing the entity's accounting system or is operating
the system and then performed a financial statement audit of the entity, the
audit organizations would clearly be in violation of the two overarching
principles of the GAGAS independence standard. Likewise, if the audit
organization developed an entity's performance measurement system, the audit
organization would not be deemed independent if it was asked to conduct a
performance audit to evaluate

Amendment No. 3

whether the system was adequate. In both of these examples, the audit
organization could decide to perform the nonaudit service but would then not
be permitted under GAGAS to perform the subsequent audit because it would be
in violation of one or both of the two overarching principles. It becomes a
matter of choice for the audit organization and the audited entity. But the
audit organization cannot both provide the service and perform the audit if
either of the two overarching principles is violated.

g. For individual audits selected in the peer review, all related nonaudit
services should be identified to the audit organization's peer reviewer and
the audit documentation required by paragraphs 3.25a through e are made
available for inclusion in the audit organization's peer review.

3.26 Audit organizations and auditors may encounter many different
circumstances or combinations of circumstances; therefore, it is impossible
to define every situation that could result in an impairment, as discussed
in paragraph 3.20. The following are examples of nonaudit services performed
by an audit organization that typically would not create an impairment to
the audit organization's independence as long as the auditor avoids
situations that would conflict with the two overarching principles listed in
paragraph 3.21 and the audit organization complies with the safeguards in
paragraph 3.25.

a. Providing basic accounting assistance limited to services such as
preparing draft financial statements that are based on management's chart of
accounts and trial balance and any adjusting, correcting, and closing
entries that have been approved by management; preparing draft notes to the
financial statements based on information determined and approved by
management; preparing a trial balance based on

Amendment No. 3

management's chart of accounts; maintaining depreciation schedules for which
management has determined the method of depreciation, rate of depreciation,
and salvage value of the asset. The audit organization, however, cannot
maintain or prepare the audited entity's basic accounting records or
maintain or take responsibility for basic financial or other records that
the audit organization will audit.11 As part of this prohibition, auditors
should not post transactions (whether coded or not coded) to the entity's
financial records or to other records that subsequently provide data to the
entity's financial records.

b. Providing payroll services limited to services such as computing pay
amounts for the entity's employees based on entity maintained and approved
time records, salaries or pay rates, and deductions from pay; generating
unsigned payroll checks; transmitting client approved payroll to a financial
institution provided management has approved the transmission and limited
the financial institution to make payments only to previously approved
individuals. In cases, where the audit organization was processing the
entity's entire payroll and payroll was a material amount to the subject
matter of the audit, this would be a violation of one of the overarching
principles in paragraph 3.21 and the auditor would not be deemed independent
under GAGAS.

c. Providing appraisal or valuation services limited to services such as
reviewing the work of the entity or a specialist employed by the entity
where the entity or specialist provides the primary support for the balances

11Proposing adjusting and correcting entries that are identified during the
audit are a routine byproduct of audit services that are always permissible
so long as management makes the decision on accepting these entries.

Amendment No. 3

recorded in financial statements or other information that will be audited;
valuing an entity's pension, other post-employment benefit, or similar
liabilities provided management has determined and taken responsibility for
all significant assumptions and data.

d. Preparing an entity's indirect cost proposal12 or cost allocation plan
provided management has taken responsibility for all significant assumptions
and data.

e. Providing advisory services on information technology limited to services
such as advising on system design, system installation, and system security
if management in addition to the safeguards in paragraph 3.25 acknowledges
responsibility for the design, installation, and internal control over the
entity's system and does not rely on the auditor's work as the primary basis
for determining (1) whether to implement a new system, (2) the adequacy of
the new system design, (3) the adequacy of major design changes to an
existing system, and (4) the adequacy of the system to comply with
regulatory or other requirements. However, the audit organization should not
operate or supervise the operation of the entity's information technology
system.

f. Providing human resource services to assist management in its evaluation
of potential candidates that are limited to activities such as serving on an
evaluation panel to review applications or interviewing candidates to
provide input to management in arriving at a listing of best qualified
applicants to be provided to management. The auditor should not recommend a
single individual for a specific position nor should the

12The Office of Management and Budget prohibits an auditor who prepared the
entity's indirect cost proposal from conducting the required audit when
indirect costs recovered by the entity during the prior year exceeded $1
million.

                              Amendment No. 3

auditor conduct an executive search or a recruiting program for the audited
entity.

g. Preparing routine tax filings in accordance with federal tax laws and
rules and regulations of the Internal Revenue Service and state and local
tax authorities and any applicable laws.

h. Gathering and reporting unverified external or third-party data to aid
legislative and administrative decision-making.

i. Advising an entity regarding its performance of internal control
self-assessments.

j. Assisting a legislative body by developing questions for use at a
hearing.

External Impairments

3.27 Factors external to the audit organization may restrict the work or
interfere with an auditor's ability to form independent and objective
opinions and conclusions. External impairments to independence occur when an
auditor is deterred from acting objectively and exercising professional
skepticism by pressures, actual or perceived, from management and employees
of the audited entity or oversight organizations. For example, under the
following conditions, an auditor may not have complete freedom to make an
independent and objective judgment and an audit may be adversely affected:

a. external interference or influence that could improperly or imprudently
limit or modify the scope of an audit or threaten to do so, including
pressure to reduce inappropriately the extent of work performed in order to
reduce costs or fees,

                              Amendment No. 3

b. external interference with the selection or application of audit
procedures or in the selection of transactions to be examined,

c. unreasonable restrictions on the time allowed to complete an audit or
issue the report,

d. interference external to the audit organization in the assignment,
appointment, and promotion of audit personnel,

e. restrictions on funds or other resources provided to the audit
organization that adversely affect the audit organization's ability to carry
out its responsibilities,

f. authority to overrule or to inappropriately influence the auditor's
judgment as to the appropriate content of the report,

g. threat of replacement over a disagreement with the contents of an audit
report, the auditor's conclusions or the application of an accounting
principle or other criteria, and

h. influences that jeopardize the auditor's continued employment for reasons
other than incompetence, misconduct, or the need for audit services.

3.28 An audit organization's internal quality control system for compliance
with GAGAS independence requirements, as stated in paragraph 3.16, should
include internal policies and procedures for reporting and resolving
external impairments.

Organizational 3.29 In addition to the preceding paragraphs which

Impairments address personal and external impairments, government audit
organization's capability to perform the work and report the results
impartially can be affected by their

                              Amendment No. 3

place within government and the structure of the government entity which the
audit organization is assigned to audit. Whether performing work to report
externally to third parties outside the audited entity or internally to top
management within the audited entity, auditor organization need to be free
from organizational impairments to independence.

Organizational Impairment Considerations When Reporting Externally to Third
Parties

3.30 Government auditors can be presumed to be free from organizational
impairments to independence when reporting externally to third parties if
their audit organization is organizationally independent from the audited
entity. Government audit organizations can meet the requirement for
organizational independence in a number of ways.

3.30.1 First, a government audit organization may be presumed to be free
from organizational impairments to independence from the audited entity to
report externally, if the audit organization is

a. assigned to a level of government other than the one to which the audited
entity is assigned (federal, state, or local), for example, a federal
auditor auditing a state government program, or

b. assigned to a different branch of government within the same level of
government as the audited entity; for example, a legislative auditor
auditing an executive branch program.

3.30.2 Second, a government audit organization may also be presumed to be
free from organizational impairments for external reporting if the audit
organization's head meets any of the following criteria:

a. is directly elected by voters of the jurisdiction being audited,

Amendment No. 3

b. is elected or appointed by a legislative body subject to removal by a
legislative body, and reports the results of audits to and is accountable to
a legislative body,

c. is appointed by someone other than a legislative body, so long as the
appointment is confirmed by a legislative body and removal from the position
is subject to oversight or approval by a legislative body,13 and reports the
results of audits to and is accountable to a legislative body, or

d. is appointed by, accountable to, reports to, and can only be removed by a
statutorily created governing body, the majority of whose members are
independently elected or appointed and come from outside the organization
being audited.

3.30.3 In addition to the presumptive criteria in paragraphs 3.30.1 and
3.30.2, GAGAS recognize that there may be other organizational structures
under which a government audit organization could be considered to be free
from organizational impairments, and thereby be considered organizationally
independent to report externally. These other structures should provide
sufficient safeguards to prevent the audited entity from interfering with
the audit organization's ability to perform the work and report the results
impartially. For an audit organization to be considered free from
organizational impairments to report externally under a structure different
from the ones

13Legislative bodies may exercise their confirmation powers through a
variety of means as long as they are involved in the approval of the
individual to head the audit office. This involvement can be demonstrated by
approving the individual after the appointment or by initially selecting or
nominating an individual or individuals for appointment by the appropriate
authority.

Amendment No. 3

listed in paragraphs 3.30.1 and 3.30.2, the audit organization should have
all of the following safeguards:

a. statutory protections that prevent the abolishment of the audit
organization by the audited entity,

b. statutory protections that require that if the head of the audit
organization is removed from office, the head of the agency should report
this fact and the reasons for the removal to the legislative body,

c. statutory protections that prevent the audited entity from interfering
with the initiation, scope, timing, and completion of any audit,

d. statutory protections that prevent the audited entity from interfering
with the reporting on any audit, including the findings, conclusions, and
recommendations, or the manner, means, or timing of the audit organization's
reports,

e. statutory protections that require the audit organization to report to a
legislative body or other independent governing body on a recurring basis,

f. statutory protections that give the audit organization sole authority
over the selection, retention, advancement, and dismissal of its staff, and

g. statutory access to records and documents that relate to the agency,
program, or function being audited.14

3.30.4 If the head of the audit organization concludes that the organization
meets all the safeguards listed in

14Statutory authority to issue a subpoena to obtain the needed records is
one way to meet the requirement for access to records.

                              Amendment No. 3

paragraph 3.30.3, the audit organization should be considered free from
organizational impairments to independence when reporting the results of its
audits externally to third parties. The audit organization should document
the statutory provisions in place that allow it to meet these safeguards.
Those provisions should be reviewed during the external quality assurance
review to ensure that all the necessary safeguards have been met.

Organizational Impairment Considerations When Reporting Internally to
Management

3.30.5 Certain federal, state, or local government audit organizations or
audit organizations within other government entities, such as public
colleges, universities, and hospitals, employ auditors to work for
management of the audited entities. These auditors may be subject to
administrative direction from persons involved in the government management
process. Such audit organizations are internal audit organizations. A
government internal audit organization can be presumed to be free from
organizational impairments to independence when reporting internally to
management if the head of the audit organization meets all of the following
criteria:

a. is accountable to the head or deputy head of the government entity,

b. is required to report the results of the audit organization's work to the
head or deputy head of the government entity, and

c. is located organizationally outside the staff or line management function
of the unit under audit.

3.30.6 If the conditions of paragraph 3.30.5 are met, the audit organization
should be considered free of organizational impairments to independence to
audit internally and report objectively to the entity's

Amendment No. 3

management. Further distribution of reports outside the organization should
only be made in accordance with applicable law, rule, regulation, or policy.
In these situations, the fact that the auditors are auditing in their
employing organizations should be clearly reflected in the auditors'
reports.

3.30.7 Auditors need to be sufficiently removed from political pressures to
ensure that they can conduct their audits objectively and can report their
findings, opinions, and conclusions objectively without fear of political
repercussions. Whenever feasible, auditors within internal audit
organizations should be under a personnel system in which compensation,
training, job tenure, and advancement are based on merit.

3.30.8 The audit organization's independence is enhanced when it also
reports regularly to the entity's independent audit committee and/or the
appropriate government oversight body.

3.30.9 When internal audit organizations that are free of organizational
impairments to independence, under the criteria in paragraph 3.30.5, perform
audits external to the government entities to which they are directly
assigned, such as auditing contractors or outside party agreements, and no
personal or external impairments exist, they may be considered independent
of the audited entities and free to report objectively to the heads or
deputy heads of the government entities to which they are assigned and to
parties outside the organizations in accordance with applicable law, rule,
regulation, or policy.

3.30.10 The audit organization should document the conditions in place that
allow it to be considered free of organizational impairments to independence
to report internally. Those conditions should be reviewed during

Amendment No. 3

the peer review to ensure that all the necessary safeguards have been met.

                              Amendment No. 3

Appendix I

INDEPENDENCE 3.11 The second general standard is:

In all matters relating to the audit work, the audit organization and the
individual auditor, whether government or public, should be free from
personal and external impairments to appearance from personal, external, and organizational impairments to
independence. should be 
3.12 This standard places Auditors and audit organizations have a
responsibility on each auditor independence, so that opinions, conclusions, judgments, and recommendations
will be impartial and will be viewed as impartial by knowledgeable third
parties. 3.13 situations that might lead others to question their situations deserve consideration that auditors are, in fact, knowledgeable situations that could lead reasonable third parties with knowledge of the
relevant facts and circumstances to conclude that the auditor is not able to
maintain independence and, thus, is not capable of exercising objective and
impartial judgment on all issues associated with conducting and reporting on
the work.

3.13 Government aAuditors, including hired experts and specialists, need to consider three general classes of
impairments to independence-personal, external, and organizational. 1 If one
or more of these impairments affects an auditor's

                                  Page 24

Appendix I

capability to perform do the work and report results impartially, that auditor should either decline to perform the work, or in
those situations in which the government where that auditor because of a
legislative requirement or for other reasons cannot decline to perform the
work audit, the impairment(s) should be reported in the scope section of the
audit report. Also, when auditors are employees of the entity, that fact should be reflected in a audit report. 3.15 ability to do their work and report their findings their ability is adversely affected, they the audit. 
3.14 In using the work of a specialist,2 auditors need to consider the
specialist as a member of the audit team and, accordingly, assess the
specialist's capability to perform the work and report results impartially.
In conducting this assessment, auditors should provide the specialist with
the GAGAS independence requirements and obtain representations from the
specialist regarding their independence from the activity or program under
audit. If the specialist has an impairment to independence, the auditor
should not use the work of that specialist.

1Nongovernment auditors Public accountants should also follow the American
Institute of Certified Public Accountants (AICPA) code of professional
conduct and the code of professional conduct of the state board with
jurisdiction over the practice of the public accountant and the audit
organization, and the guidance on personal and external in these standards.

2Specialists to whom this section applies include, but are not limited to,
actuaries, appraisers, attorneys, engineers, environmental consultants,
medical professionals, statisticians, and geologists. This section also
applies to external consultants and firms performing work for the audit
organization.

Appendix I

Personal Impairments

3.15 There are circumstances under which auditors impartial, or may not be perceived as organization is responsible for place should have an internal quality control system to help determine if
auditors have any personal impairments to independence that could affect
their impartiality or the appearance of impartiality. Managers and
impairments to independence of their its staff members. Personal impairments
of staff members result from relationships and beliefs that might cause an
auditor to limit the extent of the inquiry, limit disclosure, or weaken or
slant audit findings in any way. Auditors are responsible for notifying the
appropriate officials within their audit organizations if they have any
personal impairments to independence. Examples of Ppersonal impairments of
individual auditors may include, but are not limited to, the following:

a. official, professional, personal, or financial might cause an auditor to limit the disclosure, or to weaken 
a. immediate family or close family member3 who is a director or officer of
the audited entity, or as an employee of the audited entity, is in a
position to exert direct and significant influence over the entity or the
program under audit,

3Immediate family member is a spouse, spouse equivalent, or dependent
(whether or not related). A close family member is a parent, sibling, or
nondependent child.

Appendix I

b. financial interest that is direct, or is substantial significant/material
though indirect, in the audited entity or program,

c. previous responsibility for managing an entity or decision-making that
wcould affect operations of the entity or program being audited, for example
as a director, officer, or other senior position of the entity, activity, or
program being audited, or as a member of management in any decision-making,
supervisory, or ongoing monitoring function for the entity, activity, or
program under audit, 45

d. concurrent or subsequent performance of an audit by the same individual
who, for example, had maintained the official accounting records when such
services involved preparing source documents or originating data, in
electronic or other form; posting transactions (whether coded by management
or not coded); authorizing, executing, or consummating transactions (for
example, previously approveding invoices, payrolls, claims, or other
payments of the entity or program being audited), maintaining an entity's
bank account or otherwise having custody of the audited entity's funds; or
otherwise exercising authority on behalf of the entity, or having authority
to do so, 6

4If the auditor has performed nonaudit services for a client that affect
information that is the subject of the audit and management is unable or
unwilling to take responsibility for this information, the risk that the
auditor may be perceived to have a personal impairment to independence is
increased. See paragraphs 3.18 through 3.26 for additional guidance on
impairments to independence associated with the scope of services that may
be provided by audit organizations to entities they audit.

5The auditor needs to be free from this personal impairment for the period
covered by the activity under audit, including any financial statements
being audited, and for the period in which the audit is being performed and
reported.

Appendix I

e. preconceived ideas toward individuals, groups, organizations, or
objectives of a particular program that could bias the audit,

f. biases, including those induced by political or social convictions, that
result from employment in, or loyalty to, a particular group, organization,
or level of government, and

g. seeking employment with an audited organization during the conduct of the
audit.

3.16 Audit organizations and auditors may encounter many different
circumstances or combination of circumstances that could create a personal
impairment. Therefore, it is impossible to identify every situation that
could result in a personal impairment. Accordingly, audit organizations
should include as part of its internal quality control system requirements
to identify personal impairments and determine compliance with GAGAS
independence requirements. At a minimum, audit organizations should:

a. establish policies and procedures that will enable the identification of
personal impairments to independence, including whether performing nonaudit
services affects the subject matter of audits and applying safeguards to
appropriately reduce that risk, (See paragraphs 3.20 through 3.26.)

b. communicate the audit organization's policies and procedures to all
auditors in the organization and ensure understanding of

6See footnote 5. Page 28

Appendix I

requirements through training or other means such as auditors acknowledging
their understanding periodically,

c. establish internal policies and procedures to monitor compliance with the
audit organization's policies and procedures,

d. establish a disciplinary mechanism to promote compliance with the audit
organization's policies and procedures, and

e. stress the importance of independence and the expectation that auditors
will always act in the public interest.

3.17 When the audit organization identifies a personal impairment to
independence, the impairment needs to be resolved in a timely manner. In
situations where the personal impairment is applicable only to an individual
auditor on a particular assignment, the audit organization may be able to
mitigate the personal impairment by requiring the auditor to eliminate the
personal impairment. For example, the auditor could sell a financial
interest that created the personal impairment, or the audit organization
could remove that auditor from any work on that audit assignment.7 If the
personal impairment cannot be mitigated through these means, the audit
organization needs to withdraw from the audit. In situations in which
government auditors cannot withdraw from the

7Auditors participating in the audit assignment, including those who perform
review of the report, and all others within the audit organization who can
directly influence the outcome of the audit, need to be free from personal
impairments.

Appendix I

audit, they should follow the requirements in paragraph 3.13.

3.18 Audit organizations that provide other professional services (nonaudit
services) should consider whether providing these services creates a
personal impairment either in fact or appearance that adversely affects
their independence for conducting audits.

3.19 Nonaudit services generally differ from financial audits, attestation
engagements, and performance audits described in chapter 2 in that auditors
may (1) perform tasks requested by management that directly support the
entity's operations, such as developing or implementing accounting systems;
determining account balances;8 developing internal control systems;
establishing capitalization criteria; processing payroll; posting of
transactions; evaluating assets; designing or implementing information
technology or other system; or performing actuarial studies, or (2) provide
information or data to a requesting party without providing verification,
analysis, or evaluation of the information or data, and therefore the work
does not usually provide a basis for conclusions, recommendations, or
opinions on the information or data. These other services may or may not
result in a report. In the case of nongovernment auditors that perform
audits of government entities under GAGAS, the term nonaudit services is
synonymous with consulting services.

8The determination of account balances is used by management to prepare
financial statements, such as determining for management the accounts
receivable or accounts payable balance or the value of inventory.

Appendix I

3.20 Audit organizations have the capability of performing a range of
services for their clients. However, in certain circumstances, it is not
appropriate for the audit organization to perform both audit and selected
nonaudit services for the same client. In these circumstances, the auditor
and/or the audited entity will have to make a choice as to which of these
services the audit organization will provide. GAGAS recognize that nonaudit
services are provided by audit organizations and that care needs to be taken
to avoid situations that can impair auditor independence, either in fact or
appearance, to provide financial audits, attestations engagements, or
performance audits in accordance with GAGAS.

3.21 Before an audit organization agrees to perform nonaudit services, it
should carefully consider the requirements of paragraph 3.12 that auditors
should avoid situations that could lead reasonable third parties with
knowledge of the relevant facts and circumstances to conclude that the
auditor is not able to maintain independence in conducting audits. In
conducting the assessment, there are two overarching principles: (1) audit
organizations should not provide nonaudit services that involve performing
management functions or making management decisions and (2) audit
organizations should not audit their own work or provide nonaudit services
in situations where the nonaudit services are significant/material to the
subject matter of audits. If the audit organization makes the determination
that the nonaudit service does not violate these principles, it should
comply with all the safeguards stated in paragraph 3.25.

3.22 Audit organizations should not perform management functions or make
management

Appendix I

decisions. Performing management functions or making management decisions
creates a situation that impairs the audit organization's independence, both
in fact and in appearance, to perform audits of that subject matter and may
affect the audit organization's independence to conduct audits of related
subject matter. For example, auditors should not serve as members of an
entity's management committee or board of directors, make policy decisions
that affect future direction and operation of an entity's programs,
supervise entity employees, develop programmatic policy, authorize an
entity's transactions, or maintain custody of an entity's assets.9

3.23 Auditors may participate on committees or task forces in a purely
advisory capacity to advise entity management on issues related to the
knowledge and skills of the auditors without impairing their independence.
However, auditors should not make management decisions or perform management
functions. For an example, auditors can provide routine advice to the
audited entity and management to assist them in activities such as
establishing internal controls or implementing audit recommendations, can
answer technical questions, and/or provide training. The decision to follow
the auditor's advice remains with management of the audited entity. These
types of interactions are normal between the auditor and the management of
the audited entity given the auditor's technical expertise and the knowledge
the auditor gains of

9Entity assets are intended to include all of the entity's property
including bank accounts, investment accounts, inventories, equipment or
other assets owned, leased, or otherwise in the entity's possession.

Appendix I

the audited entity's operations. An auditor may also provide tools and
methodologies, such as best practice guides, benchmarking studies, and
internal control assessment methodologies that can be used by management. By
their very nature, these are routine activities that would not require the
audit organization to apply the safeguards described in paragraph 3.25.

3.24 Audit organizations should not audit their own work or provide nonaudit
services if the services are significant/material to the subject matter of
audits. In considering whether the nonaudit service can have a significant
or material affect on the subject matter of audits, audit organizations
should consider (1) ongoing audits, (2) planned audits, (3) requirements and
commitments for providing audits, which includes laws, regulations, rules,
contracts and other agreements, and (4) policies placing responsibilities on
the audit organization for providing audit services. Government auditors
generally have broad audit responsibilities that may extend to a level of
government or a particular entity within a level of government. Given their
broad area of audit responsibility, government auditors need to be
especially careful in providing nonaudit services to the entity so that
their independence is not impaired to fulfill their full range of audit
responsibilities. Nongovernment audit organizations may provide audit and
nonaudit services under contractual commitments to an entity (commonly
referred to as consulting) and need to consider whether nonaudit services
they have provided or are committed to provide have a significant or
material affect on the subject matter of audits.

3.25 Audit organizations may perform nonaudit services that do not violate
the principles stated

Appendix I

in paragraph 3.21 only if the audit organization and the audited entity
complies with the following safeguards. These safeguards would not apply in
connection with the type of routine activities described in paragraph 3.23.
The intent in paragraph 3.25 is not for the audit organization to apply
these safeguards to each and every interaction it has with management.

a. The audit organization should document its consideration of the nonaudit
services as discussed in paragraph 3.21, including documentation for its
rationale that providing the nonaudit services does not violate the two
overarching principles.

b. Before performing nonaudit services, the audit organization should
establish and document an understanding with the audited entity regarding
the objectives, scope of work, and product or deliverables of the nonaudit
service. The audit organization should also establish and document an
understanding with management that management is responsible for the
substantive outcomes of the work and, therefore, has a responsibility to be
in a position in fact and appearance to make an informed judgment on the
results of the nonaudit service and that the audited entity complies with
the following:

1. Designates a management-level individual to be responsible and
accountable for overseeing the nonaudit service.

2. Establishes and monitors the performance of the nonaudit service to
ensure that it meets management's objectives.

Appendix I

3. Makes any decisions that involve management functions related to the
nonaudit service and accepts full responsibility for such decisions.

4. Evaluates the adequacy of the services performed and any findings that
result.

c. The audit organization should preclude personnel who provided the
nonaudit services from planning, conducting, or reviewing audit work related
to the nonaudit service under the overarching principle that auditors cannot
audit their own work.10

d. The audit organization is precluded from reducing the scope and extent of
the audit work beyond the level that would be appropriate if the nonaudit
work was performed by another unrelated party.

e. The audit organization's quality control systems for compliance with
independence requirements should include policies and procedures to assure
consideration of the effect on the ongoing, planned, and future audits when
deciding whether to provide nonaudit services and a requirement to have the
understanding with management of the audited entity documented. The
understanding should be communicated to management in writing and can be
included in the engagement letter. In addition, the documentation should
specifically identify management's compliance with the elements discussed in
paragraph 3.25b, including evidence of the management-level individual
responsible

10Personnel who provided the nonaudit service are permitted to convey the
knowledge gained of the audited entity and its operations to the audit
assignment team.

Appendix I

for overseeing the nonaudit service's qualifications to conduct the required
oversight, and that the tasks required of management were performed.

f. By their nature, certain nonaudit services impair the audit
organization's ability to meet either or both of the overarching principles
in paragraph 3.21 for certain types of audit work. In these cases, the audit
organization should communicate to management of the audited entity that the
audit organization would not be able to perform subsequent audit work
related to the subject matter of the nonaudit service. It should be clear to
management upfront that the audit organization would be in violation of the
independence standard and that another audit organization that met the
independence standard would have to be engaged to perform the audit. For
example, if the audit organization has been responsible for designing,
developing, and/or installing the entity's accounting system or is operating
the system and then performed a financial statement audit of the entity, the
audit organizations would clearly be in violation of the two overarching
principles of the GAGAS independence standard. Likewise, if the audit
organization developed an entity's performance measurement system, the audit
organization would not be deemed independent if it was asked to conduct a
performance audit to evaluate whether the system was adequate. In both of
these examples, the audit organization could decide to perform the nonaudit
service but would then not be permitted under GAGAS to perform the
subsequent audit because it would be in violation of one or both of the two
overarching principles. It becomes a matter of choice for the audit
organization and the audited entity. But the audit organization cannot both
provide the

Appendix I

service and perform the audit if either of the two overarching principles is
violated.

g. For individual audits selected in the peer review, all related nonaudit
services should be identified to the audit organization's peer reviewer and
the audit documentation required by paragraphs 3.25a through e are made
available for inclusion in the audit organization's peer review.

3.26 Audit organizations and auditors may encounter many different
circumstances or combinations of circumstances; therefore, it is impossible
to define every situation that could result in an impairment, as discussed
in paragraph 3.20. The following are examples of nonaudit services performed
by an audit organization that typically would not create an impairment to
the audit organization's independence as long as the auditor avoids
situations that would conflict with the two overarching principles listed in
paragraph 3.21 and the audit organization complies with the safeguards in
paragraph 3.25.

a. Providing basic accounting assistance limited to services such as
preparing draft financial statements that are based on management's chart of
accounts and trial balance and any adjusting, correcting, and closing
entries that have been approved by management; preparing draft notes to the
financial statements based on information determined and approved by
management; preparing a trial balance based on management's chart of
accounts; maintaining depreciation schedules for which management has
determined the method of depreciation, rate of depreciation, and salvage
value of the asset. The audit

Appendix I

organization, however, cannot maintain or prepare the audited entity's basic
accounting records or maintain or take responsibility for basic financial or
other records that the audit organization will audit. 11 As part of this
prohibition, auditors should not post transactions (whether coded or not
coded) to the entity's financial records or to other records that
subsequently provide data to the entity's financial records.

b. Providing payroll services limited to services such as computing pay
amounts for the entity's employees based on entity maintained and approved
time records, salaries or pay rates, and deductions from pay; generating
unsigned payroll checks; transmitting client approved payroll to a financial
institution provided management has approved the transmission and limited
the financial institution to make payments only to previously approved
individuals. In cases, where the audit organization was processing the
entity's entire payroll and payroll was a material amount to the subject
matter of the audit, this would be a violation of one of the overarching
principles in paragraph 3.21 and the auditor would not be deemed independent
under GAGAS.

c. Providing appraisal or valuation services limited to services such as
reviewing the work of the entity or a specialist employed by the entity
where the entity or specialist provides the primary support for the balances
recorded in

11roposing adjusting and correcting entries that are identified during the
audit are a routine byproduct of audit services that are always permissible
so long as management makes the decision on accepting these entries.

Appendix I

financial statements or other information that will be audited; valuing an
entity's pension, other post-employment benefit, or similar liabilities
provided management has determined and taken responsibility for all
significant assumptions and data.

d. Preparing an entity's indirect cost proposal12 or cost allocation plan
provided management has taken responsibility for all significant assumptions
and data.

e. Providing advisory services on information technology limited to services
such as advising on system design, system installation, and system security
if management in addition to the safeguards in paragraph 3.25 acknowledges
responsibility for the design, installation, and internal control over the
entity's system and does not rely on the auditor's work as the primary basis
for determining (1) whether to implement a new system, (2) the adequacy of
the new system design, (3) the adequacy of major design changes to an
existing system, and (4) the adequacy of the system to comply with
regulatory or other requirements. However, the audit organization should not
operate or supervise the operation of the entity's information technology
system.

f. Providing human resource services to assist management in its evaluation
of potential candidates that are limited to activities such as serving on an
evaluation panel to review applications or interviewing candidates to

12he Office of Management and Budget prohibits an auditor who prepared the
entity's indirect cost proposal from conducting the required audit when
indirect costs recovered by the entity during the prior year exceeded $1
million.

Appendix I

provide input to management in arriving at a listing of best qualified
applicants to be provided to management. The auditor should not recommend a
single individual for a specific position nor should the auditor conduct an
executive search or a recruiting program for the audited entity.

g. Preparing routine tax filings in accordance with federal tax laws and
rules and regulations of the Internal Revenue Service and state and local
tax authorities and any applicable laws.

h. Gathering and reporting unverified external or third-party data to aid
legislative and administrative decision-making.

i. Advising an entity regarding its performance of internal control
self-assessments.

j. Assisting a legislative body by developing questions for use at a
hearing.

External 3.27 Factors external to the audit organization may

Impairments restrict the work or interfere with an auditor's ability to form
independent and objective opinions and conclusions. External impairments to
independence occur when an auditor is deterred from acting objectively and
exercising professional skepticism by pressures, actual or perceived, from
management and employees of the audited entity or oversight organizations.
For example, under the following conditions, an auditor may not have
complete freedom to make an independent and objective judgment and an audit
may be adversely affected:

Appendix I

a. external interference or influence that could improperly or imprudently
limits or modifyies the scope of an audit or threaten to do so, including
pressure to reduce inappropriately the extent of work performed in order to
reduce costs or fees,

b. external interference with the selection or application of audit
procedures or in the selection of transactions to be examined,

c. unreasonable restrictions on the time allowed to complete an audit or
issue the report,

d. interference external to the audit organization in the assignment,
appointment, and promotion of audit personnel,

e. restrictions on funds or other resources provided to the audit
organization that adversely affect the audit organization's ability to carry
out its responsibilities,

f. authority to overrule or to inappropriately influence the auditor's
judgment as to the appropriate content of the report,

g. threat of replacement over a disagreement with the contents of an audit
report, the auditor's conclusions or the application of an accounting
principle or other criteria, and

h. influences that jeopardize the auditor's continued employment for reasons
other than incompetencey, misconduct, or the need for audit services.

3.28 An audit organization's internal quality control system for compliance
with GAGAS independence requirements, as stated in paragraph 3.16, should
include internal policies

Appendix I

and procedures for reporting and resolving external impairments.

Organizational Impairments

3.29 In addition to the preceding paragraphs which address personal and
external impairments, Ggovernment auditors' organization's capability to
perform the work and report the results impartially independence can be
affected by their place within government and the structure of the
government entity to which they are the audit organization is assigned to
audit and also by other parties outside the audited entity or internally to top management within
the audited entity, auditor organization need to be free from organizational
impairments to independence.

Organizational Impairment Considerations When Reporting Externally to Third
Parties

3.30 Government auditors can be presumed to be independent of the audited
entity, assuming no personal entity isfree from organizational impairments to independence when reporting
externally to third parties if their audit organization is organizationally
independent from the audited entity. Government audit organizations can meet
the requirement for organizational independence in a number of ways.

3.30.1 First, a government audit organization may be presumed to be free
from organizational impairments to independence from the audited entity to
report externally, if the audit organization is

Appendix I

a. assigned to a level of government other than the one to which they are
the audited entity is assigned (federal, state, or local), for example, a
federal auditor auditing a state government program, or

b. assigned to a different branch of government within the same level of
government to which they as the audited entity (legislative, executive, or
judicial); for example, a legislative auditor auditing an executive branch
program.

3.30.2 Second, a gGovernment auditors organization may also be presumed to
be free from organizational impairments for external reporting independent,
assuming no personal or organization's head is meets any of the following criteria:

a. is directly elected by the citizens voters of their jurisdiction being
audited,

b. is elected or appointed by a legislative body of the government to which they are assigned subject to removal by a legislative
body, and reports the results of audits to and are is accountable to the a
legislative body,

c. is appointed by the chief executive someone otherthan a legislative body,
so long as the appointment is but confirmed by, a legislative body and
removal from the position is subject to oversight or approval by a
legislative body, 13 and reports the results of

13Legislative bodies may exercise their confirmation powers through a
variety of means as long as they are involved in the approval of the
individual to head the audit office. This involvement can be demonstrated by
approving the individual after the appointment or by initially selecting or
nominating an individual or individuals for appointment by the appropriate
authority.

Appendix I

audits to, and are is accountable to a legis lative body of of government to which they are assigned, or 
d. is appointed by, accountable to, reports to, and can only be removed by a
statutorily created governing body, the majority of whose members are
independently elected or appointed and come from outside the organization
being audited.

3.30.3 In addition to the presumptive criteria in paragraphs 3.30.1 and
3.30.2, GAGAS recognize that there may be other organizational structures
under which a government audit organization could be considered to be free
from organizational impairments, and thereby be considered organizationally
independent to report externally. These other structures should provide
sufficient safeguards to prevent the audited entity from interfering with
the audit organization's ability to perform the work and report the results
impartially. For an audit organization to be considered free from
organizational impairments to report externally under a structure different
from the ones listed in paragraphs 3.30.1 and 3.30.2, the audit organization
should have all of the following safeguards:

a. statutory protections that prevent the abolishment of the audit
organization by the audited entity,

b. statutory protections that require that if the head of the audit
organization is removed from office, the head of the agency should report
this fact and the reasons for the removal to the legislative body,

Appendix I

c. statutory protections that prevent the audited entity from interfering
with the initiation, scope, timing, and completion of any audit,

d. statutory protections that prevent the audited entity from interfering
with the reporting on any audit, including the findings, conclusions, and
recommendations, or the manner, means, or timing of the audit organization's
reports,

e. statutory protections that require the audit organization to report to a
legislative body or other independent governing body on a recurring basis,

f. statutory protections that give the audit organization sole authority
over the selection, retention, advancement, and dismissal of its staff, and

g. statutory access to records and documents that relate to the agency,
program, or function being audited. 14

3.30.4 If the head of the audit organization concludes that the organization
meets all the safeguards listed in paragraph 3.30.3, the audit organization
should be considered free from organizational impairments to independence
when reporting the results of its audits externally to third parties. The
audit organization should document the statutory provisions in place that
allow it to meet these safeguards. Those provisions should be reviewed
during the external

14Statutory authority to issue a subpoena to obtain the needed records is
one way to meet the requirement for access to records.

Appendix I

quality assurance  review to ensure  that all the  necessary safeguards have
been met.

Organizational Impairment Considerations When Reporting Internally to
Management

3.30.5 Certain federal, state, or local government audit organizations or
audit organizations within other government entities, such as public
colleges, universities, and hospitals, employ auditors to work for
management of the audited entities. These auditors may be subject to
administrative direction from persons involved in the government management
process. Such audit organizations are internal audit organizations. To help
achieve organizational government internal audit organization can be presumed to be free from
organizational impairments to independence when reporting internally to
management if the head of the audit organization meets all of the following
criteria:

a. be is accountable to the head or deputy head of the government entity,

b. is required to report the results of their audits the audit
organization's work to the head or deputy head of the government entity, and

c. be is located organizationally outside the staff or line management
function of the unit under audit.

3.30.6 If the above conditions of paragraph 3.30.5 are met, and no personal
or external impairments exist, the audit staff organization should be
considered free of organizationally impairments to independentce to audit
internally and free to report objectively to top the entity's management.
Further distribution of reports outside the organization should only be made
in accordance with applicable law, rule, regulation, or policy. In these
situations, the fact

Appendix I

that the auditors are auditing in their employing organizations should be
clearly reflected in the auditors' reports.

3.30.7 Auditors need should also to be sufficiently removed from political
pressures to ensure that they can conduct their audits objectively and can
report their findings, opinions, and conclusions objectively without fear of
political repercussions. Whenever feasible, auditors within internal audit
organizations should be under a personnel system in which compensation,
training, job tenure, and advancement are based on merit.

3.30.8 The audit organization's independence is enhanced when it also
reports regularly to the entity's independent audit committee and/or the
appropriate government oversight body.

3.30.9 When organizationally independent internal audit organizations that are free of organizational impairments to
independence, under the criteria in paragraph 3.30.5, conduct perform audits
external to the government entities to which they are directly assigned,
such as auditing contractors or outside party agreements, and no personal or
external impairments exist, they may be considered independent of the
audited entities and free to report objectively to the heads or deputy heads
of the government entities to which they are assigned and to parties outside
the organizations in accordance with applicable law, rule, regulation, or
policy.

3.30.10 The audit organization should document the conditions in place that
allow it to be considered free of organizational impairments to independence
to report internally. Those conditions should be reviewed during the peer

Appendix I

review to ensure that all the necessary safeguards have been met.

                                 Appendix I

Appendix II

Advisory Council on Government Auditing Standards

Advisory Council Members

Mr. Jack R. Miller, Chair
MPG Peat Marwick LLP
(member 1997-1998; chair 2001-2003)

Mr. Richard C. Tracy, Former Chair
Office of City Auditor
Portland, Oregon
(member 1997-1998; chair 1999-2000)

The Honorable James B. Thomas, Former Chair
Office of Chief Inspector General
State of Florida
(chair 1997-1998)

Mr. Ernest A. Almonte
Office of the Auditor General
State of Rhode Island
(member 2001-2003)

Mr. Robert H. Attmore
Office of the Comptroller
New York State
(member 1997-1999)

The Honorable Thomas R. Bloom
Defense Finance and Accounting Service
(member 1997-2000)

The Honorable June Gibbs Brown
U.S. Department of Health and Human Services
(member 1997-1999)

The Honorable Ralph Campbell, Jr.
Office of the State Auditor
State of North Carolina
(member 2000-2003)

                                  Page 50

Appendix II Advisory Council on Government Auditing Standards

Mr. Donald H. Chapin
Consultant
(member 1997-1998)

Ms. Patricia A. Dalton
U.S. Department of Labor
(member 1997-1999)

The Honorable Bert T. Edwards
U.S. Department of Interior
(member 2000-2002)

The Honorable Gaston L. Gianni, Jr.
Federal Deposit Insurance Corporation
(member 1999-2001)

Ms. Barbara J. Hinton
Office of the Legislative Post Auditor
State of Kansas
(member 1999-2001)

Mr. David G. Hitchcock
Standards & Poor's
(member 1999-2001)

Dr. Jesse W. Hughes
Consultant
(member 2000-2002)

Dr. Rhoda C. Icerman
Florida State University
(member 2001-2003)

Mr. Norwood J. Jackson, Jr.
U.S. Office of Management and Budget
(member 1997-2000)

Mr. Auston G. Johnson
Office of the State Auditor

Appendix II Advisory Council on Government Auditing Standards

State of Utah
(member 2000-2002)

The Honorable Margaret B. Kelly
Office of the State Auditor
State of Missouri
(member 1997-1998)

Dr. Daniel G. Kyle
Office of the Legislative Auditor
State of Louisiana
(member 1997-1998)

Mr. Philip A. Leone
Joint Legislative Audit and Review Commission
Commonwealth of Virginia
(member 1997-2000)

Mr. George A. Lewis
Broussard, Poche, Lewis & Breaux
(member 1997-2000)

Ms. Nora J.E. Masters
Deliotte & Touche LLP
(member 1997-1999)

Mr. Sam M. McCall
Office of the City Auditor
Tallahassee, Florida
(member 1997-1998; 2000-2002)

Mr. Stephen L. Morgan
Office of the City Auditor
Austin, Texas
(member 2001-2003)

The Honorable Everett L. Mosley
U.S. Agency for International Development
(member 2001-2003)

Appendix II Advisory Council on Government Auditing Standards

Mr. Bruce A. Myers
Office of the Legislative Auditor
State of Maryland
(member 1999-2001)

Dr. Kathryn E. Newcomer
George Washington University
(member 1999-2001)

Ms. Roberta Reese
Office of the Controller
State of Nevada
(member 1997-1999)

Mr. George A. Scott
Deloitte & Touche LLP
(member 1999-2001)

The Honorable Kurt R. Sjoberg
Office of the State Auditor
State of California
(member 1997-2000)

Mr. Barry R. Snyder
Federal Reserve Board
(member 2001-2003)

Dr. Paul M. Thompson
AMBAC Indemnity Corporation
(member 1997-1998)

Mr. Cornelius E. Tierney
George Washington University
(member 1997-1999)

Ms. Leslie E. Ward
Office of the City Auditor
Kansas City, Missouri

Appendix II Advisory Council on Government Auditing Standards

(member 1999-2001)

The Honorable Jacquelyn L. Williams-Bridgers
U.S. Department of State
(member 2000-2002)

Dr. Earl R. Wilson
University of Missouri-Columbia
(member 1999-2001)

GAO Project Team
Jeffrey C. Steinhoff, Managing Director
Marcia B. Buchanan, Assistant Director
Cheryl E. Clark, Assistant Director
Michael C. Hrapsky, Project Manager
Robert W. Gramling, Consultant

         Presorted Standard Postage & Fees Paid GAO Permit No. GI00

United States
General Accounting Office
Washington, D.C. 20548-0001

Official Business
Penalty for Private Use $300

Address Correction Requested
*** End of document. ***