Financial Audit Manual: Volume Two, Exposure Draft--October 2007 
(01-OCT-07, GAO-08-82G).					 
                                                                 
The U.S. Government Accountability Office (GAO) and the 	 
President's Council on Integrity and Efficiency (PCIE) maintain  
the GAO/PCIE Financial Audit Manual (FAM). The FAM provides	 
guidance for performing financial statement audits of federal	 
entities. The FAM is a key tool for enhancing accountability over
taxpayer-provided resources.					 
-------------------------Indexing Terms------------------------- 
REPORTNUM:   GAO-08-82G 					        
    ACCNO:   A77128						        
  TITLE:     Financial Audit Manual: Volume Two, Exposure	      
Draft--October 2007						 
     DATE:   10/01/2007 
  SUBJECT:   Auditing procedures				 
	     Auditing standards 				 
	     Auditors						 
	     Audits						 
	     Financial statement audits 			 
	     Federal agencies					 
	     Internal auditors					 
	     Internal audits					 

******************************************************************
** This file contains an ASCII representation of the text of a  **
** GAO Product.                                                 **
**                                                              **
** No attempt has been made to display graphic images, although **
** figure captions are reproduced.  Tables are included, but    **
** may not resemble those in the printed version.               **
**                                                              **
** Please see the PDF (Portable Document Format) file, when     **
** available, for a complete electronic file of the printed     **
** document's contents.                                         **
**                                                              **
******************************************************************
GAO-08-82G

   

     * [1]GAOHQ-1807469-v5-FAM_601.pdf

          * [2]601 - Introduction to Part II - Tools

     * [3]GAOHQ-1739135-v5-FAM_650.pdf

          * [4]650 - Using the Work of Others

               * [5]Types of Reporting
               * [6]Evaluating the Other Auditors' or Specialists'
                 Independence
               * [7]Evaluating Other Auditors' or Specialists' Qualifications
               * [8]Planning the Review and Testing of Other Auditors' or
                 Specia
               * [9]Review of Audit Documentation
               * [10]Discussions and/or Supplemental Tests for a High Level
                 of Re
               * [11]Subsequent Events Review and Dating of the Auditor's
                 Report
               * [12]Staffing the Review of the Other Auditors' or
                 Specialists' W
               * [13]Evaluating the Work of Other Auditors or Specialists
               * [14]Documenting the Review of Other Auditors' or
                 Specialists' Wo
               * [15]Using Internal Audit Staff to Provide Direct Assistance
                 to t
               * [16]Using Federal Entity Specialists
               * [17]Multiple Levels of Other Auditors
               * [18]Reports on Other Auditors' Work

     * [19]GAOHQ-1739327-v5-FAM_650_A.pdf

          * [20]650 A - Summary of Audit Procedures and Documentation for Re

     * [21]GAOHQ-1739338-v5-FAM_650_B.pdf

          * [22]650 B - Example Audit Procedures for Using the Work of Other

               * [23]1. EVALUATING INDEPENDENCE, OBJECTIVITY, AND
                 QUALIFICATIONS
               * [24]General

                    * [25]Independence and objectivity:
                    * [26]Qualifications:

               * [27]2. EVALUATING INDEPENDENCE, OBJECTIVITY, AND
                 QUALIFICATIONS

                    * [28]Independence And Objectivity:
                    * [29]Qualifications:

               * [30]3. MONITORING THE WORK (FOR ALL TYPES OF OTHER AUDITORS
                 AND

     * [31]GAOHQ-1739466-v5-FAM_650_C.pdf

          * [32]650 C - Example Reports when Using the Work of Others

               * [33]Example 1 - Transmittal Letters
               * [34]Example 2 - Report Concurring with Other Auditors'
                 Opinion (

                    * [35]Objectives, Scope, and Methodology

     * [36]GAOHQ-1809309-v5-FAM_660.pdf

          * [37]660 - Agreed-Upon Procedures

               * [38]Written Representations
               * [39]Documentation
               * [40]Reporting
               * [41]Other Report Issues

     * [42]GAOHQ-1809352-v5-FAM_660_A.pdf

          * [43]660 A - Example Agreed-Upon Procedures Engagement Letter

               * [44]Agreed-Upon Procedures for Tax Receipts and Refunds
                 (Enclosu

                    * [45]General
                    * [46]Sampling

     * [47]GAOHQ-1809372-v5-FAM_660_B.pdf

          * [48]660 B - Example Representation Letter from Responsible Entit

     * [49]GAOHQ-1809394-v5-FAM_660_C.pdf

          * [50]660 C - Agreed-Upon Procedures Completion Checklist

               * [51]SECOND PARTNER'S (OR EQUIVALENT) CONCURRENCE ON
                 AGREED-UPON
               * [52]TECHNICAL ACCOUNTING AND AUDITING EXPERT'S CONCURRENCE
                 ON AG

     * [53]GAOHQ-1809401-v5-FAM_660_D.pdf

          * [54]660 D - Example Agreed-Upon Procedures Report

               * [55]Procedures

                    * [56]Results

     * [57]GAOHQ-1797774-v5-FAM_701.pdf

          * [58]701 - Assessing Compliance of Agency Systems with the Federa

               * [59]FFMIA Requirements
               * [60]Audit Issues

     * [61]GAOHQ-1798018-v5-FAM_701_A.pdf

          * [62]701 A - Example Audit Procedures for Testing Compliance with

               * [63]III. Testing for Compliance with the Federal Account
               * [64]IV. Testing for Compliance with the SGL
               * [65]V. Summary

     * [66]GAOHQ-1798482-v5-FAM_701_B.pdf

          * [67]701 B - Summary Schedule of Instances of Noncompliance with

     * [68]GAOHQ-1813629-v5-FAM_802.pdf

          * [69]802 - General Compliance Checklist

               * [70]Instructions For General Compliance Checklist
               * [71]Other Laws
               * [72]Instructions For Compliance Supplements

                    * [73]Compliance Summary
                    * [74]Compliance Audit Program

     * [75]GAOHQ-1764101-v5-FAM_803_.pdf

          * [76]803 - Antideficiency Act

     * [77]GAOHQ-1773824-v5-FAM_808.pdf

          * [78]808 - Federal Credit Reform Act of 1990

     * [79]GAOHQ-1813732-v5-FAM_809.pdf

          * [80]809 - Provisions Governing Claims of the U.S. Government (31

     * [81]GAOHQ-1773897-v5-FAM_810.pdf

          * [82]810 - Prompt Payment Act

     * [83]GAOHQ-1773899-v5-FAM_812.pdf

          * [84]812 - Pay and Allowance System for Civilian Employees, as Pr

     * [85]GAOHQ-1813743-v5-FAM_813.pdf

          * [86]813 - Civil Service Retirement Act, 5 U.S.C. Chapter 83

     * [87]GAOHQ-1773903-v5-FAM_814.pdf

          * [88]814 - Federal Employees Health Benefits Act, 5 U.S.C. Chapte

     * [89]GAOHQ-1773905-v5-FAM_816.pdf

          * [90]816 - Federal Employees' Compensation Act (FECA), 5 U.S.C. C

     * [91]GAOHQ-1773915-v5-FAM_817.pdf

          * [92]817 - Federal Employees' Retirement System Act of 1986 (FERS

     * [93]GAOHQ-1964524-v5-FAM_902.pdf

          * [94]902 - Related Parties, Including Intragovernmental Activity
          * [95]Intragovernmental Activity and Balances

               * [96]Accounting and Reporting Guidance
               * [97]Continuing Issues from Prior Year Audits
               * [98]Intragovernmental Payment and Collection (IPAC) System
               * [99]Audit Procedures

          * [100]Other Related Parties
          * [101]Practice Aids

     * [102]GAOHQ-1964530-v5-FAM_902_A.pdf

          * [103]902 A - Example Account Risk Analysis for Intragovernmental
          * [104]Cycles

     * [105]GAOHQ-1969301-v5-FAM_902_B.pdf

          * [106]902 B - Example Specific Control Evaluation for Intragovernm

     * [107]GAOHQ-1964537-v5-FAM_902_C.pdf

          * [108]902 C - Example Audit Procedures for Intragovernmental and O

               * [109]Audit Procedures for Intragovernmental and Other
                 Related Par

                    * [110]I. Planning Phase
                    * [111]II. Internal Control Phase
                    * [112]III. Testing Phase

                         * [113]A. Intragovernmental accounts

                              * [114]Reconciliation/confirmation (existence,
                                completeness, valuat
                              * [115]Reconciliation adjustments and
                                differences (all intragovernm

                         * [116]B. Intragovernmental activity and balances

                              * [117]Cut off test (existence and
                                completeness)

                         * [118]C. Control and substantive tests of
                           details--other related pa
                         * [119]D. Substantive analytical procedures (FAM
                           475)
                         * [120]E. Elimination (existence, completeness, and
                           valuation)

                    * [121]IV. Reporting Phase

     * [122]GAOHQ-1964541-v5-FAM_903.pdf

          * [123]903 - Auditing Cost Information
          * [124]The Impact of SFFAS No. 4 and SFFAS No. 30
          * [125]Audit Procedures for Financial Statement Opinion
          * [126]Federal Financial Management Improvement Act of 1996 (FFMIA)
          * [127]Management's Discussion and Analysis (MD&A)

     * [128]GAOHQ-1967628-v5-FAM_921.pdf

          * [129]921- Auditing Fund Balance with Treasury (FBWT)

     * [130]GAOHQ-2010989-v5-FAM_921_A.pdf

          * [131]921 A - Treasury Processes and Reports Related to FBWT Recon

               * [132]A. Verification of Collections and EFT Disbursements

                    * [133]Reporting of FBWT accounts activity and balances

               * [134]B. Verification of Disbursement Data

                    * [135]1. Verification of Treasury Disbursement Office
                      entity disbu

                         * [136]Reporting of FBWT accounts activity and
                           balances

                    * [137]2. Verification of Non-Treasury Disbursing Office
                      (NTDO) en

                         * [138]Verification of interagency transactions:
                         * [139]Verification of checks paid
                         * [140]Verification of checks issued:
                         * [141]Reporting of FBWT accounts activity and
                           balances

     * [142]GAOHQ-2011015-v5-FAM_921_B.pdf

          * [143]921 B - Example Account Risk Analysis for Fund Balance with

     * [144]GAOHQ-2011025-v5-FAM_921_C.pdf

          * [145]921 C - Example Specific Control Evaluation for Fund Balance

     * [146]GAOHQ-1964543-v5-FAM_931.pdf

          * [147]931 - Auditing Heritage Assets and Stewardship Land

     * [148]GAOHQ-1964545-v5-FAM_941.pdf

          * [149]941 - Auditing the Statement of Social Insurance

     * [150]GAOHQ-1773918-v5-FAM_1001.pdf

          * [151]1001 - Management Representations

               * [152]Representations Relating to the Financial Statements

                    * [153]General
                    * [154]Cash
                    * [155]Financial instruments
                    * [156]Receivables
                    * [157]Inventories
                    * [158]Deferred charges and unearned revenues
                    * [159]Debt
                    * [160]Contingencies
                    * [161]Pension and postretirement benefits
                    * [162]Sales

               * [163]Representations Relating to Internal Control
               * [164]Representations Relating to Financial Management
                 Systems' Su
               * [165]Representations Relating to Compliance with Laws and
                 Regulat
               * [166]Effect of Change in Management on Representation Letter

     * [167]GAOHQ-1773955-v5-FAM_1001_A.pdf

          * [168]1001 A - Example Management Representation Letter

     * [169]GAOHQ-1773957-v5-FAM_1002.pdf

          * [170]1002 - Inquiries of Legal Counsel

               * [171]Accounting and Reporting Guidance
               * [172]Audit Procedures
               * [173]Timing of Legal Letter Request and Responses
               * [174]Determining a Materiality Level
               * [175]Legal Counsels from Whom Information Should be
                 Requested
               * [176]Evaluation of Responses
               * [177]Possible Limitations on the Scope of Legal Counsel's
                 Respons
               * [178]Lack of Sufficient Opinion on the Resolution of a Case
               * [179]Example Legal Letter Request
               * [180]Example Legal Counsel's Responses and Management's
                 Schedule
               * [181]Practice Aids

     * [182]GAOHQ-1825413-v5-FAM_1002_A.pdf

          * [183]1002 A - Example Audit Procedures for Inquiries of Legal Cou

               * [184]Example Audit Procedures

                    * [185]I. Testing Procedures

               * [186]Example Audit Procedures
               * [187]Example Audit Procedures

                    * [188]II. Reporting Procedures

     * [189]GAOHQ-1773962-v5-FAM_1002_B.pdf

          * [190]1002 B - Example Legal Letter Request

     * [191]GAOHQ-1773967-v5-FAM_1002_C.pdf

          * [192]1002 C - Example Legal Representation Letter

               * [193]Pending or Threatened Litigation
               * [194](Excluding unasserted claims and assessments, which are
                 disc

     * [195]1002 D - Example Management Summary Schedule
     * [196]GAOHQ-2023208-v5-FAM_1003.pdf

          * [197]1003 - Financial Statement Audit Completion Checklist

               * [198]Instructions

     * [199]GAOHQ-1821808-v5-FAM_1005.pdf

          * [200]1005 - Subsequent Events Review

               * [201]Audit Procedures
               * [202]Subsequent Events Review Program --Audit Procedures
               * [203]I. Read Interim Financial Statements
               * [204]II. Make Inquiries of Management as to:
               * [205]III. Read Minutes
               * [206]IV. Cover in Lawyers' Letters
               * [207]V. Cover in Management Representation Letter
               * [208]VI. Other

October 2007

TO AUDIT OFFICIALS, AGENCY CFOS, AND OTHERS INTERESTED IN FEDERAL
FINANCIAL AUDITING AND REPORTING

This letter transmits the exposure draft of Volume 2 of the Government
Accountability Office (GAO) and the President's Council on Integrity and
Efficiency (PCIE) Financial Audit Manual (FAM) for your review and
comment. The FAM presents a methodology for performing financial statement
audits of federal entities in accordance with professional standards, and
was originally issued in July 2001. We have updated the FAM for
significant changes affecting audits of financial statements in the
federal government since the last major changes to the FAM in July 2004.

To continue to meet the needs of the federal audit community and the
public it serves, GAO and the PCIE created a joint FAM Working Group. The
group comprises auditors from GAO and several offices of the inspectors
general experienced in conducting audits of federal entity financial
statements. Through a highly collaborative effort, the FAM Working Group
prepared the enclosed exposure draft for FAM Volume 2 which contains audit
tools. The exposure draft for FAM Volume 1 is being issued separately. A
new FAM Volume 3 containing checklists for Federal Accounting (FAM 2010)
and Federal Reporting and Disclosures (FAM 2020) was issued on August 24,
2007 (GAO-07-1173G) for use in the fiscal year 2007 audits of federal
financial statements.

Summary of Major Revisions to FAM Volume 2

The exposure draft includes changes based on (1) AICPA Statement of
Auditing Standards (SAS) Nos. 100 through 114, which include the audit
risk standards; (2) Government Auditing Standards (July 2007 edition); (3)
audit guidance in Office of Management and Budget (OMB) Bulletin No.
07-04, Audit Requirements for Federal Financial Statements (September 4,
2007); and (4) financial reporting guidance in OMB Circular No. A-136,
Financial Reporting Requirements (June 29, 2007). The exposure draft also
includes the effects of Federal Accounting Standards Advisory Board
(FASAB) accounting concepts and standards issued through May 31, 2007, on
financial audits, particularly with respect to accounting, reporting, and
disclosure requirements for social insurance, heritage assets and
stewardship land, and earmarked funds. Finally, throughout the updated FAM
Volume 2, revisions were made for new terminology, changes in the federal
audit environment, and effects of applicable laws and regulations. A table
of major changes to FAM Volume 2 is presented in an attachment to this
letter.

Instructions for Commenting on the Exposure Draft

The exposure draft of FAM Volume 2 is available only in electronic form on
GAO's Web page at [209]http://www.gao.gov/special.pubs/gaopcie/. We
request comments from federal audit officials, CFOs, financial managers,
the public accounting profession, and other interested parties. Please
associate your comments with specific references to section, paragraph,
and page number. Also, please provide the rationale for your comments and
proposed changes, along with suggested revised language. Please send your
comments electronically to [210][email protected] no later than January 31,
2008. This exposure period is expected to provide adequate time for review
and comment after auditors have completed fiscal year 2007 financial
statement audits for federal agencies and the consolidated U.S.
government. We anticipate that the final version of FAM Volume 2 will be
issued in the early spring of 2008 for use in conducting fiscal year 2008
federal financial statement audits.

Should you need additional information, please call GAO's Financial
Management and Assurance Assistant Directors Roger Stoltz, at (202)
512-9408; or Janet Krell, at (202) 512-4716; Director Steve Sebastian at
(202) 512-9521; or PCIE Working Group Leaders Alex Biggs, at (202)
693-5258; or Joel Grover, at (202) 927-5768.

Sincerely yours,

Jeffrey C. Steinhoff                    The Honorable John P. Higgins, Jr. 
Managing Director                           Chairman, Audit Committee      
Financial Management and Assurance     President's Council on Integrity    
U.S. Government Accountability Office  and Efficiency                      
Attachment and enclosures                                                  

Attachment

Table of Major Changes to FAM Volume 2

FAM section                          Major change                          
650         Some clarifications and new terminology were added for using   
               the work of others.                                            
802         The general compliance checklist in FAM 802.06 lists five      
               general laws for compliance consistent with OMB audit guidance 
               while four other laws commonly assessed by auditors are now    
               presented in FAM 802.07.                                       
803         FAM 803 was revised to add new audit procedures for checking   
               on Antideficiency Act violations.                              
903         FAM 903.02 expanded the discussion of full costing per SFFAS   
               No. 30.                                                        
921         New FAM 921.11-.12 discuss Treasury development and            
               implementation of a new Government Wide Accounting system that 
               will have a significant impact on auditing Fund Balance with   
               Treasury (FBWT). A new FAM 921.13 discusses Treasury plans to  
               discontinue use of certain suspense accounts. Because these    
               changes are to occur over several years, auditors should       
               reevaluate FBWT audit procedures, some examples of which are   
               now presented in FAM 921.17-.22. The FAM 921 D audit program   
               has been eliminated.                                           
931         This new section provides guidance on auditing heritage assets 
               and stewardship land as a result of SFFAS No. 29.              
941         This new section provides guidance on auditing the Statement   
               of Social Insurance as a result of SFFAS Nos. 17, 25, 26, and  
               28.                                                            
1001        FAM 1001 on management representation letters has been revised 
               to be consistent with changes in professional standards, and a 
               new FAM 1001.19 was added to discuss the effect of a change in 
               management on representation letters.                          
1001 A      The example management representation letter was changed to    
               group representations by category (financial statements,       
               internal control, fraud, etc.) and added representations for   
               Antideficency Act violations (FAM 1001 A.27), Statement of     
               Social Insurance (FAM 1001 A.28-.36), consistency of budget    
               information required by OMB audit guidance (FAM 1001 A.37),    
               and earmarked funds (FAM 1001 A.38).                           

                                   Attachment

FAM section                          Major change                          
1002        A table for analyzing contingent losses was added to FAM       
               1002.06 and a new FAM 1002.12 was added for legal claims where 
               no monetary damages are being sought. FAM 1002.16              
               expands the discussion and timing of interim and final legal   
               letters.                                                       
1003        The audit completion checklist was revised to be consistent    
               with the revised FAM and new professional standards.           

                               CONTENTS - PART II

                     [This page intentionally left blank.]

                           CONTENTS - PART II - TOOLS

  600 PLANNING AND GENERAL

601 Introduction to Part II - Tools

650 Using the Work of Others

650 A Summary of  Audit Procedures and Documentation  for Review of  Other
Auditors' Work

650 B Example Audit Procedures for Using the Work of Others

650 C Example Reports When Using the Work of Others

660 Agreed-Upon Procedures

660 A Example Agreed-Upon Procedures Engagement Letter

660 B Example Representation Letter from Responsible Entity on Agreed-Upon
Procedures Engagement

660 C Agreed-Upon Procedures Completion Checklist

660 D Example Agreed-Upon Procedures Report

  700 INTERNAL CONTROL (See also section 900)

701 Assessing  Compliance of  Agency Systems  with the  Federal  Financial
Management Improvement Act (FFMIA)

701 A Example Audit Procedures for Testing Compliance with FFMIA

701 B Summary Schedule of Instances of Noncompliance with FFMIA

  800 COMPLIANCE

802 General Compliance Checklist

803 Antideficiency Act

808 Federal Credit Reform Act of 1990

809 Provisions Governing Claims of the U.S. Government (31 U.S.C.
37113720E) (Including the Debt Collection Improvement Act of 1996) (DCIA)

810 Prompt Payment Act

813 Civil Service Retirement Act, 5 U.S.C. Chapter 83

814 Federal Employees Health Benefits Act, 5 U.S.C. Chapter 89

816 Federal Employees' Compensation Act, 5 U.S.C. Chapter 81

817 Federal  Employees' Retirement  System Act  of 1986  (FERS), 5  U.S.C.
Chapter 84

Contents -Part II - Tools

900 SUBSTANTIVE TESTING

902 Related Parties, Including Intragovernmental Activity and Balances 902
A Example Account Risk Analysis for Intragovernmental Activity and

Balances 902 B Example Specific Control Evaluation for Intragovernmental
Accounts 902 C Example Audit Procedures for Intragovernmental and Other
Related

Parties' Activity and Balances 903 Auditing Cost Information 921 Auditing
Fund Balance with Treasury (FBWT) 921 A Treasury Processes and Reports
Related to FBWT Reconciliation 921 B Example Account Risk Analysis for
Fund Balance with Treasury 921 C Example Specific Control Evaluation for
Fund Balance with Treasury 931 Auditing Heritage Assets and Stewardship
Land 941 Auditing the Statement of Social Insurance

  1000 REPORTING

1001 Management Representations 1001 A Example Management Representation
Letter 1002 Inquiries of Legal Counsel 1002 A Example Audit Procedures for
Inquiries of Legal Counsel 1002 B Example Legal Letter Request 1002 C
Example Legal Representation Letter 1002 D Example Management Summary
Schedule 1003 Financial Statement Audit Completion Checklist 1005
Subsequent Events Review

                                  SECTION 600

                              Planning and General

  650 - Using the Work of Others

.01 In many financial statement audits, the auditor uses the work and
reports of other auditors and specialists that may include CPA firms,
inspectors general ^[211]1 (IG), state auditors, and internal auditors.
Specialists include actuaries and information technology (IT) personnel.
The auditor may contract with a CPA firm to perform parts of an audit, or
to perform the entire audit. The auditor expressing the opinion on the
financial statements is usually "the principal auditor" as defined by AU
543.02, but this is a matter of professional judgment.

.02 FAM 650 provides guidance to auditors on designing and performing
oversight and other procedures when using the work of other auditors and
specialists. Various professional standards also provide guidance in this
area. These standards include AU 543, "Part of Audit Performed by Other
Independent Auditors;" AU 322, "The Auditor's Consideration of the
Internal Audit Function in an Audit of Financial Statements;" AU 336,
"Using the Work of a Specialist;" ^[212]2 and AU 315 "Communications
Between Predecessor and Successor Auditors." These standards have
different requirements depending on whether the auditor is using the work
of an independent auditor, an internal auditor, or a specialist.

.03 In the federal environment, the auditor may use the work of other
auditors and specialists in various situations. For example:

     o Audits of federal entity financial statements, either consolidated or
       individual bureaus, agencies, funds, or other components, by IGs or
       CPA firms in accordance with GAGAS (which includes U.S. GAAS) and OMB
       audit guidance.
     o CPA firms, IGs, or specialists engaged to do parts of an audit (for
       example, review IT systems controls, review actuarial calculations, or
       test specific accounts).
     o Reports on the processing of transactions by service organizations
       (i.e. SAS No. 70 reviews under AU 324).
     o Single audits or audits of federal funds provided to units of state
       and local governments performed by state auditors and CPA firms.
     o Work performed by internal auditors (or equivalent, such as a program
       review office or those performing A-123 internal control reviews).
     o Work performed by internal audit staff who provide direct assistance
       to the auditor.

When IG audits are used by GAO as principal auditor of the U.S. government
consolidated financial statements. For the GAO audit of the Bureau of
Public Debt (BPD), GAO is the other auditor and the Treasury IG is the
principal auditor when it includes BPD into the Treasury Department
consolidation. ^2 The AICPA also issued Practice Alert 2002-02, Use of
Specialists.

.04 AU 543.13 states that in some circumstances the auditor may find it
appropriate to participate in discussions regarding the accounts with
management personnel of the component whose financial statements are being
audited by other auditors and/or to make supplemental tests of such
accounts. The determination of the extent of additional procedures, if
any, to be applied rests with the auditor alone in the exercise of
professional judgment and in no way constitutes a reflection on the
adequacy of the other auditor's work.

An auditor transmitting the other auditor's opinion is not a principal
auditor; neither is the auditor expressing negative assurance on the other
auditor's work. However, if the auditor assumes responsibility for the
opinion on the financial statements on which the auditor reports without
making reference to the audit performed by the other auditor, the
professional judgment of the auditor must determine the extent of
procedures to be undertaken.

.05 FAM 650 provides guidance in making the judgments necessary for the
auditor to use the work of others, including

     o the type of reporting (FAM 650.09-.10),
     o the evaluation of the other auditors' or specialists' independence and
       objectivity (FAM 650.11-.24),
     o the evaluation of the other auditors' or specialists' qualifications
       (FAM 650.25-.35), and
     o the auditor's determination of the level of review (FAM 650.36-.41 and
       FAM 650 A).

.06 The auditor should coordinate with the other auditor whose work is to
be used. In turn, the other auditor should determine the needs of the
auditor who plans to use the work being performed so that the professional
judgments exercised by both auditors can satisfy the needs of both. This
is best done before major work is started. For example, auditors of a
consolidated entity (such as the U.S. government or an entire department
or federal entity) are likely to plan to use the work of other auditors of
subsidiary entities (such as individual departments, agencies, bureaus,
funds, or other components). This coordination can result in more economy,
efficiency, and effectiveness of government audits and avoid duplication
of effort.

In addition, both auditors should coordinate throughout the audit so that
the timing needs of the auditor and the other auditor are met. The auditor
should provide instructions on audit procedures to be performed,
materiality considerations, reporting format, and any other information
deemed appropriate. The other auditor should perform the requested
procedures in accordance with these instructions and report the findings
solely for use by the auditor (AU 9543.03). The other auditor should also
provide full and timely access to appropriate individuals and audit
documentation for review by the auditor on an ongoing basis during the
audit (GAGAS par. 4.23), although this work may not be completely
reviewed.

.07 In this coordination, the auditor should inform other auditors on how
their work and report will be used. AU 543.07 indicates that if the
auditor's report will name the other auditor, the principal auditor should
obtain permission to do so and should present the other auditor's report
together with its report. For CPA firms, this permission may be obtained
as part of the contracting process. As a professional courtesy, the
auditor generally should also provide other auditors with a draft of its
report to avoid surprises before final issuance.

.08 When there is a difference of opinion, the auditor should confer with
the other auditor in an attempt to reach an agreement as to the procedures
that would be necessary to satisfy both auditors' professional judgments.
If both auditors are unable to reach agreement, see FAM 650.54-.56. FAM
650 B contains example audit procedures for using the work of others,
which depend on the professional judgments made.

    Types of Reporting

.09 There are various types of reporting when using the work of other
auditors and specialists. The type of reporting depends on the degree of
responsibility the auditor accepts and the work the other auditors and
specialists will perform. Factors for the auditor to evaluate in deciding
which type of reporting to use include the degree of assurance to provide,
legal requirements, and cost-benefit considerations. The amount of
resources required varies by type of report and generally increases in the
order presented below.

The auditor generally should decide the type of reporting in planning the
engagement. The auditor generally should discuss type of reporting with
the other auditors or specialists early in the audit. The auditor
exercises professional judgment in making these decisions and should
document the basis for the decisions. AU 504.03 indicates that an auditor
is associated with financial statements when the auditor has consented to
the use of its name in a report, document, or written communication
containing the financial statements. The type of reporting will depend on
the auditor's association with the report:

a.
           No association with report. In this situation, the other auditors
           or specialists provide the report directly to the audited entity
           and/or to significant users. The auditor may use this method when
           procuring the audit but not acting as "the auditor." Examples are
           when there is no legal requirement for a separate audit report, or
           the user does not need a separate audit report, or a separate
           audit report would provide no additional information. When the
           auditor is required by law to perform the audit, the auditor
           should not use this option as the auditor is associated with the
           report.

b.
           Association with report. In this situation, there are two possible
           types of transmittal letters: one expressing no assurance and one
           expressing negative assurance on the other auditors' work. For
           either type, the auditor is associated with the financial
           statements as described in AU 504. The fourth standard of
           reporting was amended by SAS No. 113 to state "In all cases where
           an auditor's name is associated with financial statements, the
           auditor should clearly indicate the character of the auditor's
           work, if any, and the degree of responsibility the auditor is
           taking, in the auditor's report."

Because the auditor did not perform the audit, the auditor should disclaim
an opinion and should not express its concurrence with the other auditors'
opinion. The auditor may use this approach when the auditor did not
perform the audit but wants to issue a report or letter. The auditor may
also want to expand the letter to highlight certain findings or
information or to indicate that certain procedures were performed. See
example 1 of FAM 650 C for wording for both types of transmittal letters
which

     o Express no assurance. For this letter, the auditor issues a
       transmittal letter without reviewing the other auditors' audit
       documentation. In these situations, the transmittal should be clear as
       to the limitations of the work of the auditor who generally has the
       responsibility to monitor audit contracts, as applicable, to meet the
       requirements of the IG Act, CFO Act, or Accountability of Tax Dollars
       Act of 2002.
     o Express negative assurance. This letter indicates that the auditor
       reviewed the other auditors' or specialists' report and related audit
       documentation, inquired of their representatives, and found no
       instances where the other auditors did not comply, in all material
       respects, with U.S. GAAS or GAGAS.

c. The auditor issues a report that refers to other auditors' reports and
indicates a division of responsibilities. To use this approach, the
auditor has two decisions to make: (1) whether the auditor may serve as
the principal auditor (AU 543.01-.03) and (2) whether the auditor will
refer to the work of the other auditors (AU 543.01-.10). For [213]audits
of federal entities, auditors may be designated by law. ^3 The auditor
exercises professional judgment in making these decisions and should
document the basis for the decisions. One consideration in deciding
whether the auditor is the principal auditor is sufficient knowledge of
the entire entity, including portions audited by other auditors. Another
consideration is the materiality and importance of the consolidated
assets, liabilities, expenses, revenues, or net position the auditor has
not audited.

IGs are designated by the CFO Act to audit their agencies, but may use
contract authority to perform the audits. Likewise, GAO is mandated by 31
U.S.C. 331(e) to audit the U.S. government's consolidated financial
statements.

The auditor may issue a report that refers to other auditors when

(1) the other auditors have reported on financial statements for a
component entity that is part of the entity whose financial statements the
principal auditor is reporting on and (2) the principal auditor does not
wish to take responsibility for the other auditors' work. (See AU 543.09
for example wording. This approach may be used only for CPA firms or for
other auditors that are organizationally independent [see FAM 650.14] and
should not be used for internal auditors or specialists.)

However, a reader of the report could question the basis for the principal
auditor issuing the opinion because of the significant materiality and
importance of the portion of the financial statements audited by the other
auditors. In this case, the principal auditor should determine whether
there is a need to issue a report that does not mention the other
auditors' work, which may require additional work (see FAM 650.09 e).

d. The auditor issues a report that expresses concurrence with the other
auditors' report and conclusions. The auditor may use this approach when
other auditors have reported on financial statements and the principal
auditor needs or wants to provide more assurance than what is provided in
the transmittal letter. For example, a certain audit may be required by
law, in which the auditor, although allowed to hire other auditors to do
the work, is required to give its opinion. In the absence of such a
requirement, a report expressing concurrence is generally not
cost-effective because of the resources required.

Expressing concurrence means that the auditor would have reached the same
opinion or conclusion had it done the audit. Therefore, the auditor should
do the same level of work it would have done to take responsibility for
the other auditor's work. In this instance both the other auditor and the
auditor that expresses concurrence are principal auditors because both
have sufficient knowledge of the overall financial statements and the
important issues, and the concurring auditor, by reason of the level of
work done, has also audited the financial statements.

The auditor usually accomplishes this by reviewing the audit documentation
of the other auditor, having discussions with entity management, and/or
performing supplemental tests, (see example 2 in FAM 650 C for report
wording).

This approach may be used only for CPA firms or for other auditors who are
organizationally independent (see FAM 650.14). The auditor should not use
this report for specialists, since AU 336.15 prohibits reference to a
specialist's report unless the auditor issues a qualified or adverse
opinion or a disclaimer of opinion based on the specialist's work. The
auditor also should not use this approach for internal auditors. AU 322.19
states that the responsibility to report on the financial statements rests
with the auditor and cannot be shared with internal auditors. ^[214]4

e. The auditor issues a report that does not mention the other auditors'
or specialists' work. In this situation, the auditor issues the example
report in FAM 595 A and/or FAM 595 B (as if no other auditors or
specialists were involved). This means the auditor takes responsibility
for the other auditors' or specialists' work. (See FAM 650.09 c for a
discussion of principal auditor issues.) The auditor may use this approach
when the other auditors have done part of the audit. (This approach also
may be used when the other auditors have done substantially the entire
audit.) For example, a number of other auditors may have audited
individual components of an entity and the auditor may audit the
consolidation process. The auditor may use this approach if the auditor
has sufficient knowledge of the entire entity and does additional work
(see FAM 650.10).

The auditor generally should accomplish this by reviewing the audit
documentation, having discussions with entity management, and/or
performing supplemental tests. The auditor also should use this approach
when using the work of specialists and internal auditors because
professional standards do not permit referring to specialists' or internal
auditors' work (unless, for specialists, the auditor issues a qualified or
adverse opinion or a disclaimer of opinion based on the specialists'
work). GAO uses this approach in the audit of the consolidated financial
statements of the U.S. government.

.10 Table 650.1 presents an overview of the work the auditor generally
should perform for each type of report or letter. "Yes" means that the
auditor should perform some of that category of work. "No" means that the
auditor need not perform that category of work. The extent of work in each
category depends on the auditor's professional judgment. See FAM 650.36
for discussion on the level of review.

There may be situations where the auditor is asked to provide a separate
opinion in addition to presenting the other auditors' report, or serves as
the contracting officer's technical representative (COTR). In these
situations, the auditor should follow the wording in FAM 595 A and/or FAM
595 B, and should add the following in lieu of the introduction to the
first paragraph on FAM 595 A-5: "To help fulfill these responsibilities,
we contracted with the independent certified public accounting firm of
[insert firm name] to perform a financial statement audit in accordance
with U.S. generally accepted government auditing standards, OMB's
bulletin, Audit Requirements for Federal Financial Statements, and the
GAO/PCIE Financial Audit Manual. The report of [name of CPA firm] dated
[date] is attached. We evaluated the nature, extent, and timing of the
work, monitored progress throughout the audit, reviewed the audit
documentation of [name of CPA firm], met with partners and staff members
of [name of firm], evaluated the key judgments, met with officials of
[entity being audited], performed independent tests of the accounting
records [if applicable], and performed other procedures we deemed
appropriate in the circumstances. Our opinions expressed above are
consistent with the opinions of [name of CPA firm]. Thus, in this audit,
we (continue with numbered items)."

       Table 650.1: Overview of Work Performed for Each Type of Reporting

                                                                Hold          
       Type of       Evaluate the  Evaluate the      Level of   discussions   
      reporting         other      other auditors' review (FAM     and/or     
                      auditors'    qualifications  650.36-.42)     perform    
                     independence       (FAM                    supplemental  
                         and         650.25-.35)                 tests (FAM   
                     objectivity                                 650.43-.47)  
                         (FAM                                                 
                     650.11-.24)                                              
No association   Noa            No              None         No            
with report                                                                
(FAM 650.09 a)                                                             
Auditor          Yes            Yes             Low or none  No            
transmittal                                                                
letter expresses                                                           
no assurance                                                               
(FAM 650.09 b,                                                             
first bullet)                                                              
Auditor          Yes            Yes             Moderate or  No            
transmittal                                     low                        
letter expresses                                                           
negative                                                                   
assurance (FAM                                                             
650.09 b, second                                                           
bullet)                                                                    
                    Yes            Yes             Low or none  No            
Report refers to                                                           
the other                                                                  
auditors' report                                                           
and indicates a                                                            
division of                                                                
responsibilities                                                           
(FAM 650.09 c)                                                             
Report concurs   Yes            Yes             High,        Yes for       
                                                                internal      
with the other                                  moderate, or auditors'     
                                                                work          
auditors' report                                low          (should       
                                                                include       
or does not                                                  supplemental  
                                                                tests);       
mention the                                                  yes for       
                                                                auditors'     
other auditors'                                              work for high 
                                                                level         
work (FAM                                                    of review; no 
                                                                for           
650.09 d and e)                                              auditor's     
                                                                work for      
                                                                moderate or   
                                                                low           
                                                                level of      
                                                                review        

a

If the auditor contracts  with the other auditors  or serves as the  COTR,
the contracting process generally will require the auditor to evaluate the
other auditors'  independence,  objectivity,  and  qualifications  and  to
monitor performance under the contract.

    Evaluating the Other Auditors' or Specialists' Independence and Objectivity

.11 Unless the auditor has no association with the report, the auditor
should evaluate the other auditors' or specialists' independence and
objectivity. Where the auditor has previously used the work of the same
other auditor, the auditor generally should update the previous
evaluation. Under GAGAS, chapter 3, audit organizations and individual
auditors should be free both in fact and appearance from personal,
external, and organizational impairments to independence. The auditor
should first evaluate organizational independence. Different standards
apply to CPA firms, other organizationally independent auditors, internal
auditors, and specialists.

.12 For CPA firms and specialists, the auditor may use a contracting
process that is part of its organization or a procurement function within
the entity to be audited. The auditor should determine whether the firm
selected represented [in the statement of work (SOW) or request for
proposal (RFP)] that it (and the assigned engagement team)

     o is independent and objective with respect to the audited entity;
     o will remain independent throughout the audit;
     o will disclose any independence issues discovered; and
     o will immediately notify the COTR if it considers submitting a proposal
       on any contracts involving the audited entity to permit evaluation of
       whether their auditors' independence could be impaired.

Firms should be asked to describe in their proposals all work, including
nonaudit services, they have done for the audited entity in the last
several years. See GAGAS, chapter 3, and Government Auditing Standards:
Answers to Independence Questions (GAO-02-870G, July 2002).

The auditor generally should determine whether the SOW or RFP indicate
that "The government will determine whether a firm is independent for the
purpose of performing an audit of financial statements of the federal
entity." This avoids a potential argument where, for example, the firm
does substantial nonaudit work for the entity to be audited that the
auditor views as a conflict. The technical evaluation panel should
evaluate whether the nature and extent of nonaudit services or other
factors causes an independence or objectivity issue, either in fact or in
appearance. In this evaluation, the panel generally should determine
whether (1) the other auditors will need to audit their own work or (2)
whether the other auditors made management decisions or performed
management functions.

.13 The auditor generally should have a role in contracting for the CPA
firm or specialist. ^[215]5 When the auditor does not participate in
contracting for the CPA firm or specialist, the auditor generally should
obtain an overview of the contracting process, including

     o reading the SOW or RFP,
     o reviewing the proposal of the firm selected, and
     o understanding the evaluations of the panel selecting the firm.

The auditor should determine whether the firm provided a representation as
to independence and objectivity (usually in its proposal). If the firm has
not provided a representation as to independence and objectivity, the
auditor should obtain a representation from the firm. If the auditor is
not familiar with the firm, the auditor should inquire of professional
organizations, such as the AICPA or the Public Company Accounting
Oversight Board (PCAOB), as to the firm's professional reputation and
standing.

.14 For government auditors, the auditor should decide whether the other
auditor is organizationally independent to report externally or whether to
consider it as an internal audit organization. The auditor may refer to
the work of organizationally independent government auditors but should
not refer to the work of internal audit organizations in the audit report.
The auditor generally should perform more extensive review and supervision
when dealing with internal auditors. The auditor should obtain written
representations from appropriate officials ^[216]6 of the government audit
organization that to the best of their knowledge, the organization and the
individual auditors doing the work are independent of the entity being
audited. This means that the individual auditors are free of personal
impairments to independence and maintain an independent attitude and
appearance. It also means that the auditor is free from external
impairments and is organizationally independent (see GAGAS, chapter 3).

The representation letter may indicate the general criteria for
determining independence, such as "under the criteria in GAGAS." The
auditor should obtain representations for the period of the financial
statements to the date of the other auditors' report. Since the auditor
decides on the independence and objectivity of the other auditors to plan
its work, the auditor generally should obtain oral representations early
in the audit and written representations at the end of the audit.

.15 Government auditors may be presumed to be free from organizational
impairments to independence when reporting externally to third parties if
they are organizationally independent of the audited entity. Government
auditors may meet the requirement for organizational independence in a
number of ways. There is a presumption that a government auditor is

5

Under the CFO Act, if the IG is not doing the audit, it is required to
determine the independent external auditor (CPA firm) that will do the
work.

6

Obtaining a representation from an appropriate official of the audit
organization is similar to the procedure for CPA firms under AU 543.10b.

organizationally independent (GAGAS, chapter 3) if the auditor is assigned
to

a.
           a level of government other than the one to which the audited
           entity is assigned (federal, state, or local), for example, a
           federal auditor auditing a state government program, or

b.
           a different branch of government within the same level of
           government as the audited entity, for example, a legislative
           auditor auditing an executive branch program.

.16 There is also a presumption of organizational independence if the head
of the government audit organization (GAGAS, chapter 3) meets one of the
following criteria:

a.
           directly elected by voters of the jurisdiction being audited;

b.
           elected or appointed by a legislative body, subject to removal by
           a legislative body, and reports the results of audits to and is
           accountable to a legislative body;

c.
           appointed by someone other than a legislative body, so long as the
           appointment is confirmed by a legislative body and removal from
           the position is subject to oversight or approval by a legislative
           body, and reports the results of audits to and is accountable to a
           legislative body; or

d.
           appointed by, accountable to, reports to, and can only be removed
           by a statutorily created governing body, the majority of whose
           members are independently elected or appointed and come from
           outside the organization being audited.

.17 If the other auditor or its head meets one of the above criteria, the
auditor need not perform any procedures concerning organizational
independence other than to obtain a representation letter from an
appropriate official of the government audit organization as noted in FAM
650.14 (see FAM 650.23 for tests of personal independence). However, if
the auditor encounters evidence that the other auditor might not be
organizationally independent, the auditor should determine the need for
inquiries and other procedures, and then evaluate the results of these
procedures.

.18 In addition to the presumptive criteria, GAGAS recognizes that there
may be other organizational structures under which a government audit
organization could be free from organizational impairments. The auditor
should determine whether these other structures provide sufficient
safeguards to prevent the audited entity from interfering with the
government auditor's ability to perform the work and report the results
impartially. For the auditor to determine that the government audit
organization is free from organizational impairments to report externally
under a structure different from the ones listed above, the auditor
(GAGAS, chapter 3) should have all of the following safeguards:

a.
           statutory protections that prevent the audited entity from
           abolishing the government audit organization;

b.
           statutory protections that require that if the head of the
           government audit organization is removed from office, the head of
           the federal entity report this fact and the reasons for the
           removal to the legislative body;

c.
           statutory protections that prevent the audited entity from
           interfering with the initiation, scope, timing, and completion of
           any audit;

d.
           statutory protections that prevent the audited entity from
           interfering with the reporting on any audit, including the
           findings, conclusions, and recommendations, or the manner, means,
           or timing of the government audit organization's reports;

e.
           statutory protections that require the government audit
           organization to report to a legislative body or other independent
           governing body on a recurring basis;

f.
           statutory protections that give the government audit organization
           sole authority over the selection, retention, and dismissal of its
           staff; and

g.
           statutory access to records and documents related to the federal
           entity, program, or function being audited, and access to
           government officials or other individuals as needed to conduct the
           audit.

.19 If the auditor concludes that the government audit organization has
all the safeguards listed in FAM 650.18, the auditor may determine that
the governmental auditor is free from organizational impairments to
independence when reporting externally. The auditor should document the
statutory provisions in place that provide these safeguards.

.20 When using the work of other government auditors that meet these
requirements, the auditor should request a representation letter (see FAM
650.14) from an appropriate official of the audit organization. The
auditor should review this document and as necessary discuss it with
appropriate officials of the audit organization, the external quality
assurance reviewer, legal counsel for the audit organization, and the
auditor's legal counsel.

.21 If the auditor decides that the government audit organization is not
organizationally independent to report externally (either because it does
not meet the criteria in GAGAS or for another reason), the auditor should
determine whether the other auditor is organizationally independent to
report internally. Such auditors are internal auditors. The Institute of
Internal Auditors' (IIA), International Standards for the Professional
Practice of Internal Auditing defines internal auditing as "an
independent, objective assurance and consulting activity designed to add
value and improve an organization's operations. It helps an organization
accomplish its objectives by bringing a systematic, disciplined approach
to evaluate and improve the effectiveness of risk management, control, and
governance processes."

GAGAS contain guidance on organizational independence for government
internal auditors. For example, internal auditors should be outside the
staff or line management function of the unit under audit. They should
report their results and be accountable to the head or deputy of their
federal entity. IIA standards require internal auditors to be objective
for the activities they audit. These GAGAS and IIA standards of
independence for internal auditors differ from independence under the
AICPA Code of Professional Conduct or independence for external auditors
under GAGAS.

The auditor generally should determine whether the internal auditors whose
work is to be used are independent of the activities they audit. The
auditor also should determine the organizational status of the head of the
audit organization. For the audit organization to be considered free from
organizational impairments to report internally to management, the head of
the audit organization (GAGAS, chapter 3) should meet all criteria:

a.
           accountable to the head or deputy head of the government entity,
           or those charged with governance;

b.
           required to report the results of the audit organization's work to
           the head or deputy head of the government entity and those charged
           with governance;

c.
           located organizationally outside the staff or line management
           function of the unit under audit;

d.
           accessible to those charged with governance; and

e.
           sufficiently removed from political pressures to conduct audits
           and report findings, opinions, and conclusions objectively without
           fear of political reprisal.

.22 If the auditor concludes that the internal auditors are not
independent under GAGAS and IIA standards, the auditor should treat the
work as if the audited entity prepared it. If the auditor concludes that
the internal auditors are independent under GAGAS and IIA standards, the
auditor may use their work to the extent permitted by AU 322. In either
case, the auditor should not issue a report referring to or concurring
with the work of internal auditors.

.23 In addition to evaluating the other auditors' organizational
independence, the auditor should evaluate whether the audit team has any
personal impairments. For both internal auditors and organizationally
independent government audit organizations, the auditor generally should
ask how the other auditors monitor the personal independence of individual
staff members, especially those doing the work the auditor would like to
use.

.24 The auditor should document the work performed and the conclusions
reached as to independence and objectivity. The documentation should
indicate the auditor's conclusion as to whether the other auditors are
independent and objective and the basis for that conclusion. The auditor
should consult with the reviewer if there are questions about the other
auditors' independence or objectivity.

.25 After evaluating the other auditors' or specialists' independence and
objectivity, the auditor should evaluate their qualifications to perform
the specific tasks required. This involves evaluating the qualifications
of the firm or audit organization and evaluating the qualifications of the
specific audit team. Where the auditor has previously used the work of the
same other auditors, the auditor generally should update the previous
evaluation.

.26 For CPA firms and specialists, the auditor generally should evaluate
qualifications through the contracting process, usually by using a
technical evaluation panel to select a qualified firm. A firm submits
resumes for its audit team members, demonstrates why its team is qualified
to do the work, and submits its plan for doing the audit. Each CPA firm
should submit its latest peer review report, letter of comments, and
response to the peer review report. The firm should also agree to submit
updated peer review reports during the period of the contract. If the peer
review report was issued more than three years earlier, the evaluation
panel may obtain documentation relating to the internal quality control
policies and procedures of the selected firm, or read the firm's
inspection report and

[217]7

response.

A CPA firm may also be asked to submit its latest public inspection report
prepared by the PCAOB, but these reports pertain to audits of publicly
traded companies and related quality controls. However, to the extent they
raise issues about quality controls or methodology, they may be applicable
to audits of federal entities. ^[218]8

.27 Where the auditor did not participate in the contracting process, the
auditor should determine how the qualifications of a firm were evaluated.
For example, did the technical evaluation panel review:

     o Resumes of the team members?
     o The audit approach?
     o The peer review report and related letter of comments (if any)?
     o The firm's response to the peer review report?

The auditor should read these documents and reach a conclusion as to
qualifications.

.28 For auditors other than CPA firms, the auditor should ask whether the
audit organization had a peer review and the date of that review. IGs have
peer reviews performed every 3 years by other IGs. Most state auditors
also have peer reviews every 3 years. To comply with GAGAS, the audit
organization should have a peer review every 3 years. The IIA standards
indicate that "[e]xternal assessments, such as quality assurance reviews,

^7 Some CPA firms consider internal inspection reports as proprietary
documents not subject to auditor

review. This issue can be resolved by either allowing the auditor access
to inspection reports or providing

the auditor with a summary or representation about inspection results as a
condition of the contract. Further information on the PCAOB inspection
report process is available at www.pcaobus.org.

should be conducted at least once every five years by a qualified,
independent reviewer or review team from outside the organization."

While reviews under the IIA standard are not designed to report whether
the audit organization's quality control adheres to GAGAS, they do provide
evidence about whether the work adheres to a recognized set of
professional standards. The auditor should read the peer review report,
the letter of comments, and the audit organization's response. Where the
audit organization has received an unqualified peer review report recently
(usually less than 2 years ago), the auditor generally need not perform
further review of the audit organization's qualifications.

.29 Where the peer review report is not recent, the auditor generally
should review the results of the audit organization's internal inspection
program for any new quality control issues. The inspection generally
should include reviews of audit documentation, interviews of staff
members, and tests of functional areas. Where the inspection is recent
(usually within the past year) and the inspection report is unqualified,
the auditor generally need not perform further review of the audit
organization's qualifications.

.30 Where the peer review or inspection report is qualified or adverse,
the auditor should evaluate whether the quality control system has since
been strengthened to allow the auditor to use the other auditors' work.
The auditor may review the organization's action plan for improving
quality controls and inspection results in determining whether quality
controls have improved since the peer review. The auditor should evaluate
the effect of remaining weaknesses in determining the nature and extent of
procedures to be performed.

.31 Where the latest peer review was completed more than 3 years earlier
and there is no inspection program, the auditor should obtain an overview
of the important quality control policies and procedures of the other
auditor. The overview generally should cover the functional areas of

     o independence, integrity, and objectivity (FAM 650.11-.24);
     o personnel management (includes recruiting and hiring, advancement,
       professional development and training, and assigning personnel to
       assignments);
     o audit performance (includes supervision and consultation);
     o acceptance and continuance of assignments; and
     o monitoring programs.

.32 The auditor may obtain this information through interviews of the
other auditor's management and staff and through reading its quality
control summary document. The auditor also may read the other auditor's
manuals and other guidance for conducting audits.

.33 In addition to evaluating the other auditor's qualifications, the
auditor also should evaluate the overall qualifications of the team
assigned to do the work. The auditor may review resumes of key team
members to accomplish this. The auditor should review the specific
education, training, certifications, and experience of key team members.
In evaluating qualifications, the auditor should review the specific role
of staff members on the job. When the auditor has knowledge of
qualifications from prior experience for key team members, the auditor
should inquire about their experience in the time since the last audit.

.34 Where the auditor is not satisfied as to the qualifications of the
other auditor, the auditor generally should perform a more detailed review
of the documentation and/or perform supplemental tests of key line items
(see FAM 650.36).

The auditor should document the work performed and the conclusions reached
as to the other auditors' qualifications. The documentation should
indicate the auditor's conclusion as to whether the other auditors are
qualified to perform the tasks required and the basis for that conclusion.
The auditor should consult with the reviewer if there are questions about
the other auditors' qualifications.

.35 If the auditor has significant concerns about the other auditors'
independence, objectivity, or qualifications, the auditor should revise
its audit strategy. For example, the auditor may

     o contract with another firm;
     o ask the other auditors to substitute more highly qualified or
       objective staff members;
     o do the audit without using the other auditors' work, treating any work
       done by the other auditors as prepared by the audited entity;
     o divide the work so that the other auditors test the areas where they
       are qualified, and the auditor does the rest of the audit; or
     o issue a disclaimer of opinion.

    Planning the Review and Testing of Other Auditors' or Specialists' Work

.36 After evaluating the other auditors' or specialists' independence,
objectivity, and qualifications, the auditor should develop an audit
strategy and audit plan for reviewing and, if necessary, testing the work
done. In this strategy, the auditor generally should document the level of
review as high, moderate, or low. In some situations, the auditor should
perform significantly more work than the work shown for the high level to
include performing significant supplemental tests. In other situations,
the auditor may decide less review or no review is necessary. These
situations typically involve entities or line items that are very small in
relation to the financial statements taken as a whole. In these
situations, the auditor may decide to read the other auditors' report and
the financial statements and ask questions if anything seems unusual.

The auditor should reevaluate the audit strategy and plan as the work
progresses. If serving as the COTR, the auditor should determine whether
the terms and conditions of the contract are complied with. In addition,
the IG Act requires that the IG determine whether work performed by
nonfederal auditors complies with GAGAS. The level of review is a
professional judgment the auditor generally should make for each material
line item considering the following factors:

a.
           The type of report or letter the auditor will issue, as less
           review is needed for a transmittal letter than for reports in
           which the auditor takes responsibility for the other auditors'
           work (see FAM 650.10).

b.
           Whether the other auditors issue a disclaimer of opinion because
           of a scope limitation, as less work is needed to concur with a
           scope limitation than to concur with an unqualified opinion (see
           FAM 650.37).

c.
           Whether the auditor's report might contain a disclaimer because of
           a scope limitation, as less work is needed if the auditor's report
           will contain a scope limitation (see FAM 650.39).

d.
           The other auditors' independence, objectivity, and integrity (both
           for the audit organization and its audit team) are impaired, as
           the level of review increases as independence, objectivity, and
           integrity decreases.

e.
           The other auditors' qualifications (both for the audit
           organization and its audit team) to perform the work the auditor
           wishes to use, as the level of review increases as the other
           auditors' qualifications decrease.

f.
           The auditors' prior experience with the other auditors (both for
           its audit organization and its audit team), as the level of review
           tends to decrease as the auditor's confidence increases from
           working with the other auditors.

g.
           The materiality of the line item in relation to the financial
           statements the auditor is reporting on, taken as a whole, as the
           level of review increases as the line item becomes more material.

h.
           The risk of material misstatement, including the risk of material
           fraud for the line item and assertion in the financial statements
           the other auditors are auditing, as the level of review increases
           as the risk of material misstatement increases.

.37 If the other auditors' work has a scope limitation, this generally
affects the level of review, except for transmittal letters with no
assurance. If the other auditors disclaim an opinion on the financial
statements because of a scope limitation, the auditor should also issue a
disclaimer of opinion, unless the financial statements the other auditors
audited are not material to the financial statements the auditor is
auditing. The auditor generally need not perform extensive procedures to
be satisfied that this disclaimer is appropriate. Additionally, the
auditor generally need not hold discussions with entity management and/or
perform supplemental tests in this situation, and may limit the review of
documentation to summary documentation. Thus, the level of review is
usually low or no review (see FAM 650.10). However, the auditor may do
additional work to learn about the entity, to help the other auditor plan
future audits, or to help entity management correct the causes of the
scope limitation.

.38 If the other auditors' work had a scope limitation that results in a
qualified opinion, the auditor generally should perform a moderate or high
level of review to determine whether the other auditors should have
disclaimed an opinion and that the only issues are those relating to the
qualification.

.39 A scope limitation on the auditor's work that results in a disclaimer
also may affect the level of review. Since the auditor has already decided
that not enough work can be done on the overall financial statements, no
amount of review of the other auditors' work is likely to change that
conclusion. Thus, as in FAM 650.37, discussions with entity management
and/or supplemental tests are not required, the review of the other
auditors' documentation may be limited to summary documentation; and the
level of review is usually low or no review (see FAM 650.10). However, the
auditor may do additional work to learn about the entity, to help the
other auditor plan future audits, or to help entity management correct the
causes of the scope limitation.

.40 If there is a scope limitation on the auditor's work that results in a
qualified opinion, the auditor should perform a similar amount of work as
for an unqualified opinion.

.41 FAM 650 A illustrates the audit work that the auditor generally should
perform for each level of review on each significant line item, as well as
what to retain in audit documentation.

    Review of Audit Documentation

.42 The extent of the auditor's review of the other auditors' or
specialists' documentation depends on the level of review and is a
professional judgment based on the factors in FAM 650.36.

     o For a low level of review, the auditor may limit the review of
       documentation to key summary planning and completion documentation.
     o For a moderate level of review, the auditor generally should review
       more of the other auditors' or specialists' documentation, especially
       those evidencing important decisions. For financial statement audits,
       this includes the audit strategy and audit procedures (or equivalent
       documents); the ARA (or equivalent documentation) for significant
       accounts; the SCE (or equivalent documentation) for significant
       applications; the documentation for accounts, estimates, and judgments
       with high risk of material misstatment; the analytical procedures; the
       audit completion checklist at FAM 1003 (or equivalent documentation);
       the audit summary memorandum; and the summary of uncorrected
       misstatements (see FAM 595 C).
     o For a high level of review, the auditor generally should review all of
       the items for the moderate level of review plus the important detailed
       documentation.

    Discussions and/or Supplemental Tests for a High Level of Review

.43 AU 543.13 states that "In some circumstances the principal auditor may
consider it appropriate to participate in discussions regarding the
accounts with management personnel of the component whose financial
statements are being audited by other auditors and/or to make supplemental
tests of such accounts." The auditor may interpret "in some circumstances"
to mean when the level of review is high. Thus, where the level of review
is high, the auditor generally should (1) review audit documentation, and

(2) hold discussions with audited entity management and/or perform tests
of original documents.

The objective of these additional procedures is for the auditor to obtain
additional evidence about whether key items are properly handled and
supported by sufficient appropriate evidence. For example, the auditor
generally should discuss key items with entity management, especially
estimates and judgments. This discussion generally should be with the
other auditors present. The auditor generally should attend the entrance
and exit conferences and other key meetings held by other auditors or
specialists. For key items that have high risk of material misstatement,
discussions with entity management may not provide sufficient evidence,
and the auditor should perform supplemental tests.

.44 The auditor may perform supplemental tests on a selection of the other
auditors' work, additional tests of the accounting records, or both. To
perform supplemental tests, the auditor should obtain access to the
entity's personnel and its books and records. The auditor may coordinate
access to the entity's personnel and records through the other auditor.
The auditor and the other auditor also may jointly perform parts of a
test, where the sample is planned jointly and the results are evaluated
jointly. Although supplemental tests are usually performed only when the
level of review is high, the auditor may perform supplemental tests in
other situations to learn about the entity, to help the other auditor plan
future audits, or to help entity management correct problems.

.45 Where the other auditor is an internal auditor, the auditor should
perform supplemental tests. The extent of this testing depends on
circumstances and should be sufficient for the auditor to make an
evaluation of the overall quality and effectiveness of the internal
control work done by the internal auditor (see AU 322.26).

.46 The auditor generally should limit discussions with entity management
and/or supplemental tests to line items that have a high risk of material
misstatement. This is especially true in areas involving estimates and
judgments or in areas on which users place extensive reliance. The
auditor's supplemental tests generally should include some items tested by
the other auditor, particularly any that appear to be exceptions, in order
to determine whether they were appropriately evaluated in formulating an
opinion. The auditor generally should plan to perform supplemental tests
while the other auditors are at the entity and have access to records, as
this can minimize the inconvenience for everyone.

.47 It is not necessary to perform supplemental tests of the work of
specialists. As indicated in AU 336.12, the auditor should understand the
methods and assumptions used by the specialists, test the data provided to
the specialists (extent of testing is based on risk and materiality), and
evaluate whether the specialists' findings support the financial statement
assertions. If the auditor believes the findings are unreasonable, the
auditor should apply additional procedures and/or determine the need to
obtain another specialist.

    Subsequent Events Review and Dating of the Auditor's Report

.48 The auditor should date the report when the auditor has obtained
sufficient appropriate audit evidence to support the opinion on the
financial statements (SAS No. 103.23 and SAS No. 113.07). If the other
auditors' or specialists' report is dated earlier and the auditor's report
does not mention the other auditors' report or concurs with the other
auditors' report as in example 2 of FAM 650 C, the auditor should update
the subsequent events review to the date of the auditor's report.

The auditor may ask the other auditors to update the subsequent events
review to the required date, or the auditor may update the subsequent
events review. However, since this requires additional work, the auditor
should attempt to complete audit work when the other auditors complete
their work. The auditor should evaluate this issue and coordinate with the
other auditor when planning the audit. The auditor need not update the
subsequent events review when the auditor issues a transmittal letter, as
in example 1 of FAM 650 C.

    Staffing the Review of the Other Auditors' or Specialists' Work

.49 When staffing the review, the auditor should determine the extent to
which the other auditors or specialists have reviewed their work. The
other auditor should have performed at least one level of review for all
audit work, with more material or sensitive areas having multiple reviews.
In some cases, before the audit is complete, the other auditor may not
have completed all levels of review, particularly at its top level, and
may be reluctant for the auditor to access the audit documentation before
these reviews are done.

The auditor's staff reviewing the work generally should have enough
experience in financial statement auditing to understand the professional
judgments that need to be made and to interact with the higher levels of
the other auditor. An assistant director or a senior manager who has
significant experience in performing and reviewing financial statement
audit work should perform most of the review. Less qualified staff members
may perform supplemental tests when supervised by more qualified auditors.

The assistant director, audit manager, or auditor-in-charge should review
the documentation of any supplemental tests performed by less experienced
staff members. Except for key areas or issues, the audit director may
designate another qualified auditor to perform the primary review of audit
documentation prepared by the assistant director.

.50 When the other auditors' work involves the review of IT controls, an
IT specialist should participate in the auditor's review. This team should
determine if IT controls were adequate, audit work was properly
documented, and related audit objectives were achieved.

    Evaluating the Work of Other Auditors or Specialists

.51 After the auditor has completed the review of the other auditors' or
specialists' work, and, if necessary, any supplemental testing, the
auditor should determine whether the work is sufficient and acceptable for
the auditors' use. The auditor should document this evaluation.

.52 Sometimes, other auditors use methodologies or audit approaches that
are different from those the auditor would have used. Auditing requires a
great deal of professional judgment and there often are alternative ways
to achieve audit objectives. Many CPA firms have developed, at
considerable expense, proprietary audit methodologies to use on a wide
range of public and private sector clients. Many of these audit
methodologies utilize electronic technology where the entire audit
documentation exists on a CD ROM. Thus, the auditor should understand the
other auditors' audit methodology and basis for the nature, extent, and
timing of audit procedures. This may require obtaining permission to use
proprietary software to review the audit work performed. Additionally,
where the CPA software is retained, the auditor should develop a process
to maintain the operability of the software to access the audit
documentation in the future.

The auditor should evaluate whether sufficient appropriate evidence
^[219]9 has been obtained to meet the audit objectives, particularly for
line items with a high risk of material misstatement. If the auditor has
concerns about whether the other auditors' work provides sufficient
appropriate evidence, the auditor generally should discuss the matter with
the audit director and the reviewer before formally discussing the issue
with the other auditors.

.53 The auditor should determine the significance of the test results to
the audit of the financial statements the auditor is reporting on. As an
example, the other auditors may have selected a nonstatistical sample
and/or the sample size may be smaller than the sample size the auditor
would have selected. The auditor may decide that this provides sufficient
evidence in an area that is less material or has low or moderate risk of
material

In accordance with AICPA SAS No. 106, Audit Evidence, sufficiency is the
measure of the quantity of evidence. Appropriateness is the measure of the
quality of audit evidence, that is, its relevance and reliability in
providing support for, or detecting misstatements in, the classes of
transactions, account balances, and disclosures and related assertions.
SAS No. 106 supersedes SAS No. 31, Evidential Matter, and will be included
in the AICPA Professional Standards at AU 326. SAS No. 106 is effective
for audits of financial statements for periods beginning on or after
December 25, 2006.

misstatement. However, if the risk of material misstatement is high, the
auditor may conclude that sufficient appropriate evidence has not been
obtained and that additional work is needed.

In this case, after consulting with the audit director and the reviewer,
the auditor generally should either ask the other auditors to perform
additional tests or perform the additional tests. If this additional
testing is not done, the auditor should determine the effect on the
auditor's report of the scope limitation. Since reaching this conclusion
after the work is performed is inefficient, especially when the level of
review is high, the auditor generally should coordinate or concur with
major planning decisions of the other auditor before audit work is
started.

.54 Sometimes, the auditor may disagree with the conclusions or judgments
of the other auditors. In this case, the auditor should evaluate the other
auditors' work as well as any other evidence or testing necessary to
determine the appropriate conclusion.

.55 The auditor should discuss any issues of disagreement with the other
auditors to attempt to resolve the disagreement. The auditor should
attempt to resolve professional disagreements early to reduce confusion
that may arise from differing auditor views. Once identified, the auditor
should discuss the issues with the other auditors to resolve them in a
timely manner and before the completion of the audit.

.56 If the auditor does not reach agreement with the other auditors, the
auditor should determine how to report. For very material disagreements,
the auditor may decide not to transmit the other auditors' report, instead
issuing a disclaimer of opinion due to a scope limitation or doing
additional work, if necessary, to issue an appropriate opinion. For less
material disagreements, the auditor may transmit the other auditors'
report, issue the transmittal letter or report, and describe the
disagreement and the basis for the auditor's conclusions.

    Documenting the Review of Other Auditors' or Specialists' Work

.57 Regardless of the type of reporting or the level of review, the
auditor's documentation generally should contain the items listed in FAM
650 A under "documentation," either electronically or in hard copy.

.58 In addition, where the auditor performs supplemental tests of the
accounting records, the auditor's documentation should contain a
description of the work (this may be a list of the documents the auditor
examined or tick marks on a copy of the other auditors' documentation if
that is the basis for the selection) and the auditor's conclusion. It is
not necessary to retain copies of the documents examined.

.59 There is a difference between the auditor's responsibilities to review
the documentation of other auditors and what the auditor may copy and
retain from that documentation. The auditor uses professional judgment in
deciding which of the other auditors' or specialists' documents to copy
and retain. However, many audits utilize electronic technology to retain
documentation for the entire audit on a CD-ROM. The auditor may cite this
documentation as part of the review to include any supplemental testing
performed on the other auditors' work. The auditor may print out any
documents as necessary.

.60 The auditor may retain other documentation if it might be useful in
understanding the entity, training staff members, planning future audits,
reviewing the documentation, or writing the report. Documentation in this
category includes the entity profile (or equivalent), audit strategy,
audit procedures, ARA and SCE forms (or equivalent), trial balance or lead
schedules, management representation letter, and attorney representation
letter. Auditors often find it helpful to keep copies of documents (either
electronically or in hard copy) in case questions are raised in review but
not to include those copies in the audit documentation unless they are
needed to document the work performed.

The auditor should retain documents in accordance with the contract or
other legal requirements, but not less than 5 years from the report
release date (SAS No. 103.32). Audit procedures may indicate which
documents to retain. The auditor may not discard documents after 60 days
from the report release date (SAS No. 103.27-.30). In documenting the
review, auditors may indicate the document number or index number used by
the other auditor in order to locate the document at a later date.

Ownership and confidentiality of audit documentation is determined by
contract and legal requirements (see SAS No. 103.31).

    Using Internal Audit Staff to Provide Direct Assistance to the Auditor

.61 Sometimes, the auditor or the audited entity requests that internal
auditors provide direct assistance to the auditor. Before this is done,
the auditor should be satisfied with the independence, objectivity, and
qualifications of the staff assigned to do the work requested. AU 322.27
indicates that in these situations, "The auditor should inform the
internal auditors of their responsibilities, the objectives of the
procedures they are to perform, and matters that may affect the nature,
timing, and extent of procedures, such as possible accounting and auditing
issues."

The auditor should direct, review, test, and evaluate the work done by
internal auditors to the extent appropriate based on the auditor's
evaluation of risk, materiality, objectivity, and qualifications.

    Using Federal Entity Specialists

.62 Many federal entities have actuaries, security specialists,
statistical specialists, and other specialists whose work the auditor
would like to use. However, unless these specialists are part of an entity
that is organizationally independent or are under contract to such an
entity, the auditor should evaluate their work as the work of an employee
of the entity under audit. The auditor should use the specialists of other
auditors or contract for outside specialists to develop and implement
appropriate tests.

    Multiple Levels of Other Auditors

.63 Sometimes there are several levels of other auditors. For example, an
IG may hire a CPA firm to perform an audit of a federal entity's financial
statements. The IG may issue a report concurring with the firm's report or
a letter transmitting the firm's report. GAO auditors may then use the
work of the IG as part of the consolidated audit of the U.S. government.

.64 When there are multiple levels of other auditors, each audit
organization should follow the guidance in FAM 650. IG auditors should
evaluate the independence (see FAM 650.11-.24) and qualifications of the
CPA firm (see FAM 650.25-.35); should review the audit documentation (see
FAM 650.42); and may need to have discussions with entity management
and/or perform supplemental tests of key accounts depending on the level
of review deemed appropriate (see FAM 650.43-.47).

GAO auditors should evaluate the qualifications of the IG organization (by
reading the peer review report, the letter of comments, and the audit
organization's response as described in FAM 650.25) and the qualifications
of the IG team doing the monitoring of the CPA firm. GAO auditors should
also review the IG auditor's documentation of its review of the CPA firm
work and may perform supplemental tests as deemed necessary. If GAO
auditors find that the IG auditor has completed and documented adequate
work, including discussions with entity management and/or supplemental
tests, further discussions and/or supplemental tests would be quite
limited, perhaps a walk-through of work done in areas with high-risk of
material misstatement. Often, GAO auditors will attend fewer meetings than
the IG auditor attends and would concentrate the review on the IG
auditor's documentation. GAO auditors may then issue a report on the
financial statements.

.65 Because of the potential for inefficiency, there generally should be
close coordination between the various auditors. The IG and GAO may
perform the review jointly. Sometimes, a memorandum of understanding may
be useful in documenting responsibilities. A chart that describes the
review to be done by each organization may be useful. The following is a
useful format for this chart (with more detail added as necessary under
each phase of the audit).

                                               Procedures                     
Phase of the audit     Other auditor        IG review        GAO review    
Planning                                                                   
Internal control                                                           
Testing                                                                    
Reporting                                                                  

    Reports on Other Auditors' Work

.66 The auditor may be asked to issue a report evaluating work done by
other auditors in a situation where the auditor is not using the work of
the other auditors. For example, the auditor may be asked to evaluate an
audit done by a CPA firm. While AU 543, 322, and 336 are not directed
toward these situations, the guidance in FAM 650 is helpful in planning
and reporting on these assignments.

650 A - Summary of Audit Procedures and Documentation for Review of  Other
Auditors' Work

650 A - Summary of Audit Procedures and Documentation for Review of  Other
Auditors' Work

  650 B - Example Audit Procedures for Using the Work of Others

These example procedures are appropriate when using the work of other
auditors or the work of specialists to perform a full or partial audit of
financial statements and are applicable to GAO financial statement audits.
Auditors may use these procedures or a monitoring tool for financial
audits developed by the Federal Audit Executive Council, a subcommittee of
the President's Council on Integrity and Efficiency that can be found at
[220]www.ignet.gov/pande/faec/fsan0906.xls.

As stated in FAM 650.08, these procedures depend upon the professional
judgments that the auditor makes. The auditor should tailor the procedures
to the circumstances and the planned level of review (high, moderate, or
low) as discussed in FAM 650.36. The auditor should modify or add
procedures as necessary, and delete them if not applicable. When other
auditors or specialists have done only part of an audit, the auditor may
delete many of the procedures below. The auditor may also delete
procedures for the low level of review or when the auditor plans to issue
only a transmittal letter as discussed in FAM 650.09 b.

The audit procedures are presented in three sections: (1) evaluating
independence, objectivity, and qualifications for CPA firms and
specialists; (2) evaluating independence, objectivity, and qualifications
for government audit organizations; and (3) monitoring the work (for all
types of other auditors and for specialists). The auditor should use the
applicable one of the first two sections and the third section. The
auditor generally should use a separate form for each other auditor or
specialist.

Entity:________________________________________________________________

Job code:_____________________________________________________________

Period of audit:________________________________________________________

                           Step                          Done by/date W/P ref 
1. EVALUATING INDEPENDENCE, OBJECTIVITY, AND                               
QUALIFICATIONS FOR CPA FIRMS AND SPECIALISTS General                       
1. Read the statement of work or request for proposal                      
to determine whether this contracting document                             
provides sufficient background on the audited entity                       
and indicates the objectives of the work, what the                         
contractor should include in its proposal, how                             
proposals will be evaluated, and how the report will                       
be used.                                                                   
Independence and objectivity: 2. Determine whether                         
proposal of selected firm includes a representation                        
as to the firm's independence and objectivity.                             
3. If proposal does not include a representation as                        
to independence and objectivity, obtain written                            
representation from firm.                                                  
Qualifications: 4. Read proposal of selected firm. In                      
reviewing proposal, evaluate the overall                                   
qualifications of the team performing the work.                            
Review resumes and determine for key team members                          
their educational level, professional certifications,                      
and professional experience, including whether key                         
team members have current knowledge and experience in                      
the type of work done.                                                     
5. Review the selected firm's peer review report,                          
letter of comments, and response letter. If the peer                       
review report was issued more than three years                             
earlier, obtain documentation relating to the firm's                       
internal quality control policies and procedures or                        
review the firm's inspection program.                                      
6. Communicate orally or in writing with the other                         
auditors to be satisfied that they understand the                          
requirements, the timetable, and the report or letter                      
the auditor expects to issue.                                              

                           Step                          Done by/date W/P ref 
2. EVALUATING INDEPENDENCE, OBJECTIVITY, AND                               
QUALIFICATIONS FOR GOVERNMENT AUDITORS Independence                        
And Objectivity: 1. For all government audit                               
organizations, obtain written representation from an                       
appropriate official that the organization and its                         
individual auditors are independent of the entity                          
being audited.                                                             
2. Determine whether the government audit                                  
organization meets ONE of the criteria in FAM 650.15,                      
or the head meets ONE of the criteria in FAM 650.16.                       
If the organization (or its head) meets one of these                       
criteria, no further work is needed unless the                             
auditor finds contrary evidence as to independence                         
and objectivity in other parts of the audit. Indicate                      
the criteria met and document the evaluation of any                        
other evidence obtained. (Go to step 6.)                                   
3. If the government audit organization (or its head)                      
does not meet any of the criteria in step 2,                               
determine whether it meets ALL of the criteria in FAM                      
650.18.                                                                    
4. Review the government audit organization's                              
documentation of how it meets the requirements of                          
step 3. Discuss with an appropriate official of the                        
organization and consider discussions with peer                            
control reviewer, legal counsel for the organization,                      
and auditor's legal counsel. (Go to step 6.)                               
5. If the government audit organization does not meet                      
the criteria for organizational independence to                            
report externally, determine whether the organization                      
is an independent internal audit organization under                        
GAGAS and IIA standards. Determine whether the                             
internal auditors are objective for the activities                         
they audit. For the audit organization to be                               
considered free from organizational impairments,                           
determine if the head of the audit organization meets                      
all of the criteria indicated in FAM 650.21.                               

                           Step                          Done by/date W/P ref 
6. For government auditors, obtain an understanding                        
of the organization's policies to enhance the                              
objectivity of individual auditors as discussed in                         
FAM 650.23, including  o policies to prohibit                              
auditors from auditing areas where relatives are                           
employed,  o policies to prohibit auditors from                            
auditing areas where they were recently assigned or                        
are scheduled to be assigned after they complete                           
their tour of duty in auditing, and  o policies to                         
require representations as to objectivity and lack of                      
conflicts of interest from each auditor.                                   
7. Prepare a memorandum documenting work performed                         
and conclusions reached as to government audit                             
organization's independence and objectivity.                               
Qualifications: 8. Read the latest peer review                             
report, letter of comments, and the audit                                  
organization's response as discussed in FAM 650.28.                        
Note the date of the report and whether it is                              
unqualified. If the report is recent (usually within                       
the past year) and unqualified, go to step 12.                             
9. If the peer review is not recent, review the                            
latest inspection report, if any, and the                                  
organization's response as discussed in FAM 650.29.                        
Note the date of the report and whether it is                              
unqualified. If the inspection is recent (usually in                       
the past year) and unqualified, go to step 12.                             
10. If the organization has not had a recent peer                          
review or inspection as discussed in FAM 650.31,                           
obtain an overview of the important policies and                           
procedures in the functional areas through interviews                      
of management and staff and through reading the                            
summary quality control document, if any. Consult                          
with the reviewer on the potential effect of using                         
work with no recent peer review or inspection before                       
performing this step.                                                      
11. If the peer review or inspection report was                            
qualified or adverse, determine whether the quality                        
control system has since been strengthened as                              
discussed in FAM 650.30. Review the organization's                         
action plan for strengthening its quality control                          
system. Evaluate the effect of remaining weaknesses                        
in determining the level of review.                                        

                              Step                             Done   W/P ref 
                                                              by/date         
12. Inquire how the government audit organization                          
determined staffing of the audit. Evaluate the overall                     
qualifications of the team performing the work as                          
discussed in FAM 650.33. Review resumes for key team                       
members and consider:                                                      
o educational level, professional certifications, and                      
professional experience;                                                   
     o continuing professional education, especially training                 
and current knowledge in the type of work done;                            
o supervision and review of work;                                          
o whether the audit team has adequate sources for                          
    consultation and use of specialists, especially for audit                 
          sampling, audit methodology, and review of computer                 
controls; and                                                              
o quality of documentation, reports, and                                   
recommendations.                                                           
13. As discussed in FAM 650.35, if the auditor has                         
significant                                                                
concerns about the government audit organization or its                    
team's objectivity or qualifications, the auditor, in                      
developing the audit plan, may either                                      
     o ask the other auditors to substitute more objective or                 
highly qualified staff members;                                            
o do the work, treating any work done by the other                         
          auditors as prepared by the audited entity;                         
o divide the work so that the other auditors test the                      
      areas where they are qualified and the auditor does the                 
rest of the audit; or                                                      
o issue a disclaimer of opinion.                                           

                           Step                          Done by/date W/P ref 
3. MONITORING THE WORK (FOR ALL TYPES OF OTHER                             
AUDITORS AND SPECIALISTS) 1. As discussed in FAM                           
650.36, develop a strategy and a plan for reviewing                        
the other auditors' or specialists' work and, if                           
necessary, performing supplemental tests of the                            
accounting records. Determine the level of review for                      
each line item.                                                            
2. Monitor the planning of the audit (FOR ALL LEVELS                       
OF REVIEW)  o Review the entity profile.  o Review                         
the audit strategy or equivalent document and audit                        
plan. (FOR MODERATE AND HIGH LEVEL OF REVIEW)  o                           
Attend entrance meeting and key planning meetings.  o                      
Review the determination of planning materiality and                       
design materiality.  o Have an IT specialist                               
participate with the auditor in reviewing the                              
information resource management background                                 
information and the documentation for review of                            
general and application controls.  o Document line                         
items and applications to be reviewed.  o For each                         
such line item, review the Account Risk Analyses, the                      
Specific Control Analyses, the cycle flowcharts, the                       
cycle memoranda, the determination of tolerable                            
misstatement, and the audit plan or equivalent                             
documents.                                                                 
3. Monitor the execution of the audit for reports                          
following example 2 of FAM 650 C or FAM 595 A and/or                       
FAM 595 B WHERE LEVEL OF REVIEW IS HIGH.  o Attend                         
key meetings, especially those discussing highrisk                         
areas, significant estimates and judgments, fraud                          
brainstorming, and the other auditors' conclusions.                        
o Discuss key items with audited entity management,                        
especially significant estimates and judgments.  o                         
Perform supplemental tests of the accounting records:                      
-- Generally for high risk and material line items,                        
especially in areas involving estimates and judgments                      
or ones which users rely on extensively. -- Generally                      
while the other auditors are at the audited entity                         
location and have access to the records.                                   

                           Step                          Done by/date W/P ref 
         -- Examine some of the same documents the other                      
     auditors examined or make own selection or both. --                      
Compare results of other auditors' work to results of                      
supplemental tests. -- Document scope of supplemental                      
                        testing and conclusions reached.                      
4. Monitor the completion of the audit (items with *                       
are usually not necessary for LOW level of review) :                       
o *Review the overall analytical procedures.  o                            
*Review the key documentation for the line item and                        
for completing the audit; consider evaluations of                          
sample results. (For example, were projections                             
appropriate? Was appropriate action taken based on                         
sample results?)  o *Determine whether the subsequent                      
events review was updated to the date of the                               
auditor's report.  o Review the audit summary                              
memorandum, conclusions about line items, and the                          
summary of uncorrected misstatements.  o *Review the                       
audit completion checklist (or equivalent document).                       
o Review the management representation letter and the                      
legal representation letter.  o *Attend key exit                           
conference(s).  o Read the other auditors' report,                         
the financial statements, the notes, the other                             
accompanying information, and management's response.                       
5. Prepare a summary memorandum.                                           
6. Write the auditor's report or transmittal letter.                       

                     [This page intentionally left blank.]

  660 - Agreed-Upon Procedures

.01 In an engagement to apply agreed-upon procedures, a client engages an
auditor to perform specific procedures on a subject matter and report on
the results to assist users in evaluating a subject matter or an
assertion. Agreed-upon procedures should be performed in accordance with
GAGAS which incorporates the financial audit and attestation standards
established by the AICPA. The auditor should read appropriate sections of
the AICPA Standards for Attestation Engagements (SSAE), specifically AT
101, Attest Engagements, and AT 201, Agreed-Upon Procedures Engagements,
and thoroughly understand them before performing agreedupon procedures.

.02 An agreed-upon procedures engagement may be applied to a variety of
subject matters. The engagement will vary depending on the needs of the
user. The engagement may assist entity management by providing information
for making decisions and give report users information on important areas.
Examples of agreed-upon procedures are:

     o compare the Retirement, Health Benefits, and Life Insurance
       Withholdings/Contributions and Supplemental Semiannual Head Count
       Report Submitted to the Office of Personnel Management with the
       entity's payroll records and general ledger; (refer to OMB audit
       guidance for additional information);
     o compare entity reconciliations of intragovernmental activity and
       balances with supporting documentation and compare amounts with the
       financial statements and with reports to the Department of the
       Treasury (Treasury); (refer to OMB audit guidance for additional
       information);
     o trace tax collections from the master file to deposit confirmations,
       determine whether they were recorded in the appropriate period, and in
       the correct tax class;
     o trace amounts on the entity's financial statements to an "account
       grouping worksheet," foot the worksheet, read the CFO's explanation
       for any differences, and compare the explanation with supporting
       documentation; and
     o examine official receipt documents to determine whether they were
       included in the weekly deposit; compare deposit amounts to amounts
       reported on the statement of funding.

.03 In agreed-upon procedures engagements, all parties involved, which
include the report users, the entity responsible for the subject matter
(which may or may not be the same as the user), and the auditor, should
clearly understand the procedures to be applied. Since users may have
different needs, the nature, extent, and timing of agreed-upon procedures
also may differ. Therefore, the users, and not the auditor, assume the
responsibility for the sufficiency of the design and extent of the
procedures

since they best understand their own needs, although the auditor may
assist the user in designing the procedures.
.04 The auditor should establish and document an understanding with the    
       users regarding the nature, extent, and timing of agreed-upon          
       procedures                                                             
       to be performed. The auditor may document this understanding using an  
       engagement letter to the users, an example of which is provided in FAM 
       660 A.                                                                 
.05 The subject matter should be capable of evaluation against criteria    
       that are                                                               
       suitable and available to users. Suitable criteria should have         
       objectivity,                                                           
       measurability, completeness, and relevance. The procedures should be   
       subject to reasonably consistent measurement and the criteria should   
       be                                                                     
       agreed upon. The auditor should not perform overly subjective          
       procedures                                                             
       or use terms with uncertain meaning unless they are defined within the 
       agreed-upon procedures.                                                
.06 The auditor need not perform additional procedures beyond the agreed   
       upon procedures. If matters come to the auditor's attention by other   
       means                                                                  
       that significantly contradict the subject matter (or assertion), the   
       auditor                                                                
       should include these matters in the report. For example, if during the 
       course of applying agreed-upon procedures regarding an entity's        
       operation,                                                             
       the auditor becomes aware of a material weakness related to the        
       assertion                                                              
       by means other than the agreed-upon procedures, the auditor should     
       include this matter in the report. This may be done by mentioning the  
       material weakness with a footnote reference to another report where it 
       is                                                                     
       described in detail.                                                   
.07 Where circumstances impose restrictions on the performance of the      
       agreed-upon procedures, the auditor should attempt to obtain agreement 
       from the users of the report to modify the agreed-upon procedures.     
       When                                                                   
       agreement cannot be obtained (for example, when the agreed-upon        
       procedures are published by a regulatory entity that will not modify   
       the                                                                    
       procedures), the auditor should describe restrictions in the report or 
       withdraw from the engagement.                                          

    Written Representations

.08 The auditor should determine if a representation letter is necessary.
The auditor may determine that a representation letter is necessary, for
example, if (1) the responsible entity is so large there is a risk as to
whether one person knows whether pertinent information has been made
available to the auditor, (2) the subject matter depends on estimates,
judgments, or future events (such as whether the subject matter is less
objective and fact-based and more subjective), or (3) the user of the
report believes written representations should be obtained. Although
generally not required (unless specifically required by another
attestation standard, such as in a compliance engagement) a representation
letter may nonetheless be a useful means of documenting the responsible
entity's representations. FAM 660 B provides an example representation
letter for an agreed-upon procedures engagement.

.09 The responsible entity's refusal to furnish written representations
determined by the auditor to be necessary constitutes a scope limitation.
In such circumstances, the auditor should do one of the following:

     o disclose in the report the inability to obtain representations from
       the responsible entity,
     o withdraw from the engagement, or
     o change the engagement to another form of engagement (such as to a
       performance audit).

    Documentation

.10 In accordance with GAGAS, the auditor should prepare and maintain
documentation in connection with an agreed-upon procedures engagement that
is appropriate for the engagement. The documentation should contain
sufficient information to enable an experienced auditor having no previous
connection with the engagement to ascertain from the documentation the
nature, extent, timing, and results of procedures performed and the
evidence that supports the auditors' agreed-upon procedures report,
including its sources and the auditors' conclusions.

.11 Although the quantity, type, and content of documentation varies with
the circumstances, it should be sufficient to demonstrate that the work
was adequately planned and supervised and the evidential matter that
provides a reasonable basis for the report as discussed in GAGAS chapter
6.

.12 The auditor generally should prepare a summary memorandum that recaps
the work performed and refers to the detailed documentation. This
memorandum generally should include the auditor's conclusion on whether
the work was performed in accordance with GAGAS, including the attestation
standards, and the GAO/PCIE FAM and whether the report is appropriate. FAM
660 C provides an agreed-upon procedures completion checklist.

    Reporting

.13 An auditor should report on the agreed-upon procedures in the form of
results. The auditor should not provide any opinion or negative assurance
about whether the subject matter or the assertion is fairly stated based
on the criteria. The report should include information such as the
identification of the entities that agreed to the procedures and took
responsibility for the sufficiency of the design and extent of the
procedures for their purposes, as shown in the example report in FAM 660
D.

.14 The auditor should report all results arising from application of the
agreedupon procedures. The concept of materiality does not apply to
results to be reported in an agreed-upon procedures engagement unless the
users of the report agree to the definition of materiality. This could be
included in the engagement letter at FAM 660 A. Any agreed-upon
materiality limits should be described in the report.

.15 The auditor should include a statement indicating that the report is
intended for the specified users who have agreed upon the procedures
performed and taken responsibility for the sufficiency of the design and
extent of the procedures for their needs. However, since governmental
reports are generally a matter of public record, the distribution of the
report is not limited.

.16 The auditor may have performed agreed-upon procedures on an element,
account, or item of financial statements and also audited the same
financial statements. If the audit report on the financial statements
includes a departure from a standard report, the auditor generally should
include a reference to the audit report and the departure from the
standard report in the agreed-upon procedures report.

.17 The auditor also may include explanatory language about such matters
as the following:

     o stipulated facts, assumptions, or interpretations (including the
       source);
     o description of the condition of records, controls, or data to which
       the procedures were applied;
     o explanation that the auditor has no responsibility to update the
       report; and
     o explanation of sampling risk.

.18 The auditor should state the results in definitive, rather than
qualified, language and avoid vague or ambiguous language. The following
table provides examples of appropriate and inappropriate descriptions of
findings.

Examples of appropriate/inappropriate description of findings
                                        Description of findings
Procedures agreedupon         Appropriate              Inappropriate       
Based on the total tax  Recomputed amounts for   Nothing came to our       
liability, select and   the selected excise tax  attention as a result of  
recompute the 50        returns agreed with the  applying this procedure.  
largest excise tax      amounts in the certified                           
returns from the        audit file.                                        
quarter ended September                                                    
30, 20XX, and compare                                                      
these amounts with the                                                     
certified audit file.                                                      

Examples of appropriate/inappropriate description of findings
                                          Description of findings
Procedures agreedupon             Appropriate           Inappropriate      
Select a random sample of   Revenue receipts        The revenue receipts   
45 Treasury SF-224          selected randomly from  approximated the       
reconciliations; determine  the monthly Treasury    amount shown in the    
if XYZ reported revenue     SF-224 reconciliation   Treasury FMS records.  
receipts were properly      process were properly                          
classified and reconciled   classified and agreed                          
to Treasury FMS records.    with Treasury FMS                              
                               records.                                       
Examine personnel files of  Thirty of the selected  Some of the personnel  
40 individuals randomly     files contained a       files did not contain  
selected from the           current and approved    a current and approved 
timekeeping records for the Notification of         Notification of        
year; determine if all the  Personnel Action. Ten   Personnel Action.      
selected files contain a    files did not contain a                        
current and approved        current and approved                           
Notification of Personnel   Notification of                                
Action (SF-50).             Personnel Action (list                         
                               and identify                                   
                               exceptions).                                   

                              Other Report Issues

.19 The report should be addressed to the users who have agreed upon the   
       procedures to be performed (see FAM 660.03). The date of completion of 
       the agreed-upon procedures should be used as the date of the           
       agreed-upon                                                            
       procedures report. If the audit organization's procedure is to date    
       reports                                                                
       with the issue date, the date of completion of the engagement may be   
       stated in the report (such as "We completed the agreed-upon procedures 
       on [date].").                                                          
.20 Entity comments should be obtained from the entity responsible for the 
       subject matter. If time constraints present problems, oral comments    
       may                                                                    
       be obtained and documented in a memo.                                  

                     [This page intentionally left blank.]

                                  SECTION 700

                                Internal Control

  DRAFT GAO/PCIE Financial Audit Manual Page 701 B-1 DRAFT GAO/PCIE Financial
  Audit Manual Page 701 B-2 DRAFT GAO/PCIE Financial Audit Manual Page 701 B-3
  DRAFT GAO/PCIE Financial Audit Manual Page 701 B-4 DRAFT GAO/PCIE Financial
  Audit Manual Page 701 B-5 DRAFT GAO/PCIE Financial Audit Manual Page 701 B-6

                                  SECTION 800

                                   Compliance

  802 - General Compliance Checklist

.01 The compliance testing section consists of a General Compliance
Checklist (questionnaire) for identifying laws and regulations for
compliance testing and supplements for the laws OMB requires auditors of
executive departments, agencies and government corporations to test for
(see FAM 295.01 H) and other laws of general applicability auditors may
consider during federal financial audits (see FAM 295.02 H). The
compliance supplements provide detailed guidance for assessing the
effectiveness of compliance controls and testing compliance with the
significant provisions of each law.

.02 The auditor generally should complete the General Compliance Checklist
(Form 802), or equivalent, for federal financial audits. With the
exception of the Antideficiency Act which has no materiality limit, if an
auditor considers an individual law to have a direct and material effect
on the financial statements it is significant for purposes of compliance
testing and the auditor should complete the related compliance supplement.
The auditor should complete compliance supplements only for laws required
to be tested (FAM 802.06) and for other laws (FAM 802.07) identified for
compliance testing on the General Compliance Checklist. Use of these
documents is described below.

.03 To understand and evaluate compliance controls, the auditor also
should follow the guidance in FAM 260 on identifying risk factors and in
FAM 320 on understanding information systems. The FAM also provides
additional guidance on compliance considerations for all audit phases.

    Instructions For General Compliance Checklist

.04 The checklist contains a summary of each law. The auditor generally
should use this checklist or equivalent to determine which of these laws
are considered to have a direct and material effect on the financial
statements for purposes of testing compliance, as discussed in FAM 245.
The auditor should indicate whether each law meets the criteria for direct
and material by placing a check mark in the appropriate column (yes or
no). As noted in FAM 295 H, auditors are required to test certain laws and
may also test for other laws if they have determined they are direct and
material to the financial statements being audited.

.05 The auditor may need to use estimates or interim information in the
preliminary column. The final amounts (based on the audited amounts or the
final amounts of available budget authority) are used to determine whether
all laws that would be significant in quantitative terms have been
identified for control and compliance testing. The sources of all amounts
included in this checklist should be documented. If the law is considered
to be significant from a qualitative standpoint, the reasons for this
conclusion should be documented.

.06 Laws  required  for  testing  (if  applicable)  ^[221]1  contained  in
supplements to the General Compliance Checklist (Form 802) are:

                            Law                               Supplement      
                                                                number        
Antideficiency Act                                           FAM 803       
Federal Credit Reform Act of 1990 (FCRA)                     FAM 808       
Provisions Governing Claims of the U.S.                      FAM 809       
Government as provided primarily in 31 U.S.C.                              
3711-3720E (Including the Debt Collection                                  
Improvement Act of 1996 (DCIA)                                             
Prompt Payment Act                                           FAM 810       
Pay and Allowance System for Civilian Employees              FAM 812       
as Provided Primarily in Chapters 51-59 of Title 5,                        
U.S. Code                                                                  

.07 Other frequently encountered laws contained in supplements to the
General Compliance Checklist (Form 802) that the auditor may test are:

                            Law                               Supplement      
                                                                number        
Civil Service Retirement Act                                 FAM 813       
Federal Employees Health Benefits Act                        FAM 814       
Federal Employees' Compensation Act                          FAM 816       
Federal Employees' Retirement System Act of                  FAM 817       
1986                                                                       

^1 FFMIA is discussed in FAM 701.

Entity _________________________________________________________________ Period
      of financial statements ____________________________________________

    Job code _______________________________________________________________

                           Description of Law                         Yes  No 
Civil Service Retirement Act,                                              
5 U.S.C. Chapter 83                                                        
This law provides retirement benefits to employees who were                
hired prior to January 1, 1984. For each employee, the entity              
withholds a percentage of basic pay from the employee's                    
compensation and contributes an equal amount for retirement.               
The employee and entity amounts are remitted to Treasury.                  
Does the entity's expense for retirement costs under the Civil             
Service Retirement Act for the audit period exceed planning                
materiality or are provisions of the Civil Service Retirement Act          
otherwise determined to be significant?                                    
                                                    Preliminary Final         
Expense for retirement                                                     
contributions Planning materiality                                         
If yes, complete compliance supplement FAM 813.                            
Federal Employees Health Benefits Act,                                     
5 U.S.C. Chapter 89                                                        
This law provides health insurance coverage to employees who               
elect health insurance benefits. For each employee who elects              
coverage, the entity pays an amount set by OPM for insurance               
costs. The entity portion cannot exceed 75 percent of the                  
insurance cost. The employee pays the remainder of the total               
cost. Information on the employee and entity cost of the                   
insurance is published by OPM. The entity withholds the                    
amount of the employee's portion of the cost from the                      
employee's pay and remits this amount, along with its own                  
contribution, to Treasury.                                                 
Does the entity's expense for health insurance costs for the               
audit period exceed planning materiality or are provisions of              
the Federal Employees Health Benefits Act otherwise                        
determined to be significant?                                              
                                                    Preliminary Final         
Expense for health insurance                                               
Planning materiality                                                       
If yes, complete compliance supplement FAM 814.                            

                          Description of Law                         Yes  No  
Federal Employees' Compensation Act (FECA),                                
5 U.S.C. Chapter 81                                                        
This law provides for the compensation of employees injured                
while performing their duties. Claims are paid out of the                  
Federal Employees' Compensation Fund. Federal entities are                 
billed annually by the fund for claims paid on their behalf.               
Does the entity's expense for the audit period for benefits paid           
by the Federal Employees' Compensation Fund on the entity's                
behalf exceed planning materiality or are provisions of FECA               
otherwise determined to be significant?                                    
                                                   Preliminary Final          
Expense for Compensation                                                   
Fund claims Planning materiality                                           
If yes, complete compliance supplement FAM 816.                            
Federal Employees' Retirement System Act of 1986                           
(FERS), 5 U.S.C. Chapter 84                                                
This law provides retirement benefits for employees who were               
hired after December 31, 1983. For each employee, the entity               
withholds a percentage of basic pay from the employee's                    
compensation and contributes an amount equal to the                        
employing agency's applicable normal cost percentage less the              
employee deduction rate for retirement. The employee and                   
entity amounts are remitted to Treasury.                                   
Does the entity's expense for retirement costs under the FERS              
Act for the audit period exceed planning materiality or are                
provisions of the FERS Act otherwise determined to be                      
significant?                                                               
                                                   Preliminary Final          
Expense for retirement                                                     
contributions _ Planning materiality _                                     
If yes, complete compliance supplement FAM 817.                            

    Instructions For Compliance Supplements

.08 Each compliance supplement in FAM 803-817 consists of (1) a compliance
summary, (2) a compliance audit program, and (3) notes.

Compliance Summary Compliance Audit Program

.09 For each law identified for compliance testing on the General          
       Compliance                                                             
       Checklist, the auditor generally should complete the related           
       compliance                                                             
       summary or prepare equivalent documentation. The compliance summary    
       is designed to assist the auditor in planning compliance control tests 
       and                                                                    
       summarizing the results of compliance control tests and compliance     
       tests                                                                  
       for reporting the results of the work performed.                       
.10 The first column contains a description of the specific provisions of  
       the law                                                                
       that have been identified for compliance testing, the type of          
       provision, and                                                         
       the reference to the law.                                              
.11 The second column contains the objective related to the specific       
       provision                                                              
       to be used for both compliance control and compliance testing.         
.12 The auditor should identify the control activities that the entity has 
       in place                                                               
       to achieve each objective and document the control activity in the     
       third                                                                  
       column. If the entity does not have a control activity that achieves   
       the                                                                    
       objective, the auditor should document this condition in the third     
       column.                                                                
.13 The fourth column is used to indicate (Yes or No) whether the control  
       activity is information technology (IT) system related as described in 
       FAM                                                                    
       270.04. IT system controls are those the effectiveness of which        
       depends on                                                             
       computer processing. They can generally be classified into general,    
       application, and user controls. Testing of IT system controls          
       generally                                                              
       should be performed with assistance from an IT specialist.             
.14 The auditor should design control tests to determine whether the       
       control                                                                
       activities that have been identified in the third column are in place  
       and                                                                    
       operating effectively. A control activity is considered to be          
       effective if it                                                        
       achieves the control objective. The control testing program and the    
       control                                                                
       tests should be recorded in the documentation. The results of these    
       tests                                                                  
       and the auditor's conclusions on the effectiveness of the compliance   
       controls should be documented in the fifth column of the Compliance    
       Summary. A reference to supporting documentation should be included in 
       this column.                                                           
.15 Compliance tests should be performed using the related Compliance      
       Audit                                                                  
       Program as described below. The results of the compliance tests should 
       be                                                                     
       indicated in the sixth and last column of the Compliance Summary along 
       with a reference to the supporting documentation.                      

.16 A compliance audit program has been developed for the provisions
identified on the related compliance summary for each law. For each law
identified for compliance testing on the General Compliance Checklist, the
auditor generally should perform each step of the related compliance audit
program in column 1. Because the subject matter of some laws is closely
related to matters the auditor will be planning to test for other parts of
the audit, the auditor should coordinate with that other testing and
design multipurpose tests. For example, payroll compliance testing could
be performed using multipurpose tests of payroll controls and/or
substantive payroll testing.

The auditor should initial and date in column 2 of the compliance audit
program when the procedure is performed. A reference to the documentation
recording the work performed for each step should be included in the third
and last column of the compliance audit program.

Notes

.17 Notes are provided for each compliance supplement to assist the
auditor in understanding criteria, definitions, exemptions, and
restrictions of law. The notes also provide guidance to the auditor in
testing and evaluating controls to achieve the compliance objective.

                     [This page intentionally left blank.]

Compliance 803 - Antideficiency Act

  803 - Antideficiency Act

Note: Complete this compliance summary or prepare equivalent documentation
as provisions  of  the  Antideficiency  Act  are  applicable  to  entities
receiving federal funds. with no limit on materiality.

OMB guidance on  budget execution,  including the  Antideficiency Act,  is
included in OMB Circular A-11, Part 4.

Name of entity:       Compliance Summary                  Prepared by:    
Audit period:                                             Reviewed by:    
_____                                                                     
    Provision                        Control                                              
description       Objective    activities      IT         Effective     Instances of   
                                                (Y/N)     compliance      noncompliance   
                                                             controls?        noted?      
1. The entity      1.                                                                     
shall not make     Expenditures  [Document                                [Indicate yes   
expenditures       or            the         [Is control  [Indicate       or              
    or obligations  obligations  control     dependent                    no; include     
that exceed the    do not     activities               yes or no;                      
            amount                                                                        
     available for  exceed the   used by the              include         reference to    
    expenditure or    amount     entity to   on computer                                  
        obligation                                                                        
in an              available for achieve the processing?] reference to    supporting      
appropriation or   expenditure   objective.]              supporting      documentation.] 
fund.              or obligation                                                          
                   in an                                                                  
Type:              appropriation (See note                documenta-      See Compliance  
Quantitative-based   or fund.    2.)                                                      
Ref: 31 U.S.C.                                            tion.]          Audit Program   
1341(a)(1)(A) and                                                                         
(C)                                                                                       
                                                                          FAM 803 Step 3  
2. The entity      2. Legal      [Document   [Is control                  [Indicate yes   
shall not involve  obligations   the control dependent on                 or no; include  
the government in  do not occur  activities  computer                     reference to    
a contract or      before an     used by the processing?]                 supporting      
obligation for the appropriation entity to                [Indicate yes   documentation.] 
payment of money   is made or    achieve the              or no; include  See Compliance  
before an          otherwise     objective.]              reference to    Audit Program   
appropriation is   authorized by (See note                supporting      FAM 803 Step 3. 
made unless        law.          2.)                      documentation.]                 
authorized by law.                                                                        
Type:                                                                                     
Quantitative-based                                                                        
Ref:31 U.S.C                                                                              
1341(a)(1)(B)                                                                             

                DRAFT GAO/PCIE Financial Audit Manual Page 803-1

Compliance 803 - Antideficiency Act

Name of entity:       Compliance Summary          Prepared by: Reviewed
Audit period:                                     by:        
_____                                                        
       Provision                       Control                                
      description       Objective   activities  IT   Effective  Instances of  
                                               (Y/N) compliance noncompliance 
                                                     controls?     noted?     
                      3.            (See note                                 
                      Expenditures     2.)                                    
3. The entity      or                                                      
shall not make     obligations                               See           
expenditures or    do not exceed                             Compliance    
obligations that   the legally                               Audit Program 
exceed (1) the     binding limit                             FAM 803 Step  
amount of an       on the                                    4.            
apportionment; or  entity's                                                
                      budget                                                  
                      authority.                                              
(2) a lesser       (The amount                                             
amount, if any,    of the                                                  
established by     apportionment                                           
agency regulations or a lesser                                             
(such as the       amount, if                                              
allotment level).  any,                                                    
See note 1.        established                                             
                      by the                                                  
Type:              entity's                                                
Quantitative-based regulations.)                                           
Ref: 31 U.S.C.     See note 1.                                             
1517(a)                                                                    

                DRAFT GAO/PCIE Financial Audit Manual Page 803-2

Compliance 803 - Antideficiency Act

Note: Complete this program or prepare equivalent documentation only if
provisions of the Antideficiency Act are considered to be significant as
indicated on Form 802 - General Compliance Checklist at FAM 802-3. The
procedures in this program are designed to test compliance with the
provisions listed on the Compliance Summary for this law.

Name of entity:                                                            
Audit period:                                                              
Reviewed by:                                                               
                        Audit Procedures                       Done   W/P ref 
                                                              by/date         
1. List the appropriations or other budget authority and                   
the related budget accounts that were identified for                       
compliance testing on Form 802 - General Compliance                        
Checklist. Per FAM 802-3, the auditor should identify all                  
legally binding restrictions on budget execution, from                     
sources such as appropriation legislation.                                 
(The following tests for compliance with the                               
Antideficiency Act should be coordinated with tests of the                 
Statement of Budgetary Resources and with tests of                         
expenses.)                                                                 

Compliance 803 - Antideficiency Act Compliance 803 - Antideficiency Act
Compliance 803 - Antideficiency Act

Name of entity:                                                            
Audit period:                                                              
Reviewed by:                                                               
                        Audit Procedures                       Done   W/P ref 
                                                              by/date         
2. As discussed in FAM 460.03, the auditor should                          
determine assurance that the summarized budget information                 
(obligations and expenditures) used for compliance tests                   
are reasonably accurate and complete. This assurance may                   
be provided through effective controls (usually the budget                 
controls) or, if the controls are not effective, through                   
substantive testing of budget amounts for validity,                        
completeness, cutoff, recording, classification, and                       
summarization as described in FAM 495 B.                                   
For the accounts listed in step 1, document if this                        
assurance is provided through effective controls (as                       
indicated on Form 803 - Compliance Summary) or if                          
substantive tests of the budget information are necessary.                 
If the controls are not considered to be effective in                      
meeting some or all of the budget control objectives                       
listed in FAM 395 F, perform substantive tests of the                      
budget amounts (obligations and expenditures) as discussed                 
in FAM 495 B. These substantive tests should be performed                  
only for those potential misstatements for which the                       
entity does not have effective budget controls.                            
After the auditor is satisfied as to the reasonableness of                 
the budget amounts to be used for the compliance tests,                    
perform the compliance tests in steps 3 and 4.                             
3. Compare the actual amounts of budget obligations and                    
expenditures with the related appropriation or other                       
budget authority listed in step 1. If the entity does not                  
     appear to have complied with the provision, perform step                 
6. (31 U.S.C. 1341(a)(1)(A) .                                              

Name of entity:                                                            
Audit period:                                                              
Reviewed by:                                                               
                        Audit Procedures                       Done   W/P ref 
                                                              by/date         
4. Compare timing of legal obligations (contractual or                     
otherwise) with available appropriation or other budget                    
authority listed in step 1. If the entity does not appear                  
to                                                                         
have complied with the provision, perform step 6 (31                       
U.S.C. 1341(a)(1)(B).                                                      
5. Determine the entity's legally binding level of budget                  
authority (below the appropriation level) that was                         
identified during the planning phase. This level is                        
usually                                                                    
the apportionment level unless the entity has elected a                    
lower level, such as allotments. Compare the amount of                     
actual obligations and expenditures to the legally binding                 
level of restrictions on budget authority identified for                   
compliance testing (the apportionment or allotment level).                 
If the entity does not appear to have complied with the                    
provision, perform step 5. (31 U.S.C. 1517(a))                             
6. If the entity does not appear to be in compliance based                 
on the results of tests performed, discuss these matters                   
with OGC and, when appropriate, the Special Investigator                   
Unit to conclude if noncompliance actually has occurred                    
and the implications of such noncompliance. For any                        
noncompliance noted, the auditor should                                    
o identify the weakness in controls that allowed the                       
noncompliance to occur, if not previously identified                       
during control testing;                                                    
o report the nature of any weakness in controls and                        
consider modification of the opinion on internal control                   
as appropriate (see FAM 580.32-.61);                                       
o consider the implications of any instances of                            
noncompliance on the financial statements; and                             
o report instances of noncompliance, as appropriate (see                   
FAM 580.67-.75.).                                                          

Name of entity:                                                            
Audit period:                                                              
Reviewed by:                                                               
                        Audit Procedures                       Done   W/P ref 
                                                              by/date         
7. Contact the entity office responsible for submitting                    
ADA violations to the President, Congress, and GAO and:                    
o Obtain a listing of violations for the year under audit.                 
o Inquire if all known violations have been included on                    
the list and reported.                                                     
o For each ADA violation determine if it was reported to                   
the President, the Congress, and GAO.                                      
8. Check GAO'S ADA reporting website :                                     
http:/www.gap.gov/ada/antideficiencyrpts.htm to identify                   
and obtain background about ADA violations reported by                     
the entity and compare audit evidence with what the entity                 
reported in ADA violation reports. Be aware that there may                 
be time lags as to when violations are reported,                           
particularly at year end.                                                  
9. Document conclusions on compliance with each provision                  
on Form 803 - Compliance Summary.                                          

Note 1: Entities are required to establish regulations that provide for a
system of administrative controls over their execution of budget authority
(31 U.S.C. 1514(a)). As discussed in FAM 250.03, the entity may elect to
lower the level at which budget limitations are legally binding in these
regulations. For example, the entity may elect to reduce the legally
binding limit on the obligation and expenditure of budget funds from the
apportionment to the allotment level. The auditor should determine the
level at which the entity's legally binding limit has been established.

Note 2: The auditor should consider the results of the evaluation and
testing of budget controls (FAM 370.11). These controls relate to the
execution of budget authority and usually are the same controls that are
used to comply with the Antideficiency Act. Accordingly, additional
determinations of controls that achieve the compliance objective generally
is not necessary if the auditor has assessed whether the entity achieves
all of the budget control objectives listed in FAM 395 F. The auditor
should reference this compliance summary to the budget control evaluation
and testing and perform any additional procedures determined to be
necessary to conclude if compliance controls are effective.

DRAFT GAO/PCIE Financial Audit Manual Page 808-1 DRAFT GAO/PCIE Financial Audit
                               Manual Page 808-2

Compliance 808 - Federal Credit Reform Act of 1990

Compliance 808 - Federal Credit Reform Act of 1990

DRAFT GAO/PCIE Financial Audit Manual Page 809-1 DRAFT GAO/PCIE Financial Audit
    Manual Page 809-2 DRAFT GAO/PCIE Financial Audit Manual Page 809-3 DRAFT
                   GAO/PCIE Financial Audit Manual Page 810-1

                DRAFT GAO/PCIE Financial Audit Manual Page 810-2

DRAFT GAO/PCIE Financial Audit Manual Page 812-1 DRAFT GAO/PCIE Financial Audit
    Manual Page 813-1 DRAFT GAO/PCIE Financial Audit Manual Page 813-2 DRAFT
                   GAO/PCIE Financial Audit Manual Page 814-1

                DRAFT GAO/PCIE Financial Audit Manual Page 814-2

                DRAFT GAO/PCIE Financial Audit Manual Page 814-3

                DRAFT GAO/PCIE Financial Audit Manual Page 814-4

Compliance
816 - Federal Employees' Compensation Act (FECA), 5 U.S.C. Chapter 81

                DRAFT GAO/PCIE Financial Audit Manual Page 816-1

Compliance
816 - Federal Employees' Compensation Act (FECA), 5 U.S.C. Chapter 81

                DRAFT GAO/PCIE Financial Audit Manual Page 816-2
DRAFT GAO/PCIE Financial Audit Manual Page 817-1 DRAFT GAO/PCIE Financial Audit
                               Manual Page 817-2

817 - Federal Employees' Retirement System Act of 1986 (FERS), 5 U.S.C.
Chapter 84

Note 1: Employees may be covered by the Civil Service Retirement Act
(CSRS) or the Federal Employees' Retirement System Act (FERS), generally
depending on their employment dates. Employees hired after January 1, 1984
are in FERS.

Note 2: For most employees, the percentage to be withheld is 0.8 percent
(7 percent less the Social Security tax rate). For congressional
employees, Members of Congress, and law enforcement officers,
firefighters, air traffic controllers, and nuclear materials couriers, the
withholding rates are higher. (See 5 U.S.C. 8422(a)(1).).

Note 3: The Office of Personnel Management (OPM) computes the normal cost
percentage. For example: for FY 2006 it is 11.2 percent for regular
employees. OPM lists the percentages in its Benefits Administration
Letters, accessible on its Internet site,
[222]http://www.opm.gov/asd/htm/bal06.htm (where the 2 digits after "bal"
represent the calendar year of the letters). (5 U.S.C. 8401(23))

Note 4: If multipurpose testing is used for the compliance test and/or
compliance control test and a substantive test of payroll expense details,
the sample items for the compliance test and/or compliance control test
should be selected using the sampling method used for the substantive
test. Otherwise, the items should be selected using attribute sampling, as
discussed in FAM 460.02.

As with all sampling applications, the auditor should consider the
completeness of the test population. For efficiency, the auditor should
consider using records that were tested for validity and completeness (as
well as the other financial statement assertions) in conjunction with
substantive tests of payroll or other payroll related compliance tests.

Note 5: If the entity outsources payroll processing, the entity remains
responsible for compliance. Dividing responsibility for payroll processing
activities between the entity and the service organization could make
payroll testing more complicated, although the same testing should be
performed. The auditor may accomplish that testing with the assistance of
the service organization's auditor, who may issue an internal control
report on the service organization under AU 324 (SAS 70). Or the service
organization's auditor may assist the entity auditor by performing
agreed-upon procedures at the service organization (e.g., substantive
testing) under AT 201 (see FAM 660).

                                  SECTION 900

                              Substantive Testing

  902 - Related Parties, Including Intragovernmental Activity and Balances

.01 This section provides detailed guidance on the procedures that the
auditor should perform with respect to related parties, as described in
FAM 280 and FAM 550. Additionally, in determining whether related party
activities are properly accounted for and disclosed in the financial
statements, the auditor should consult AU 334, which provides general
guidance on related parties relationships and transactions. Further, the
American Institute of Certified Public Accountants (AICPA) has issued a
toolkit for accountants and auditors titled Accounting and Auditing for
Related Parties and Related Party Transactions ^[223]1. This toolkit
includes selected authoritative accounting and auditing literature, an
illustrative audit program, disclosure checklist, confirmation letter, and
letter to other auditors and is available at the AICPA's website at
http://www.aicpa.org.

.02 The U.S. government in its entirety is an economic entity and federal
entities are components of the U.S. government. Therefore, transactions
between federal entities are considered intragovernmental (Note: Federal
Accounting Standards Board's (FASAB) Statements of Financial Accounting
Standards (SFFAS) refers broadly to the cost of goods and services between
federal entities as "inter-entity" costs). Within the U.S. government,
many reporting entities rely on other federal entities to help them
achieve their missions and fulfill their operating objectives. These
arrangements may be voluntary, stipulated by law, or established by mutual
agreement of the entities involved and may not be carried out on an
arm's-length basis.

In many cases, the entity receiving goods or services reimburses the
providing entity in accordance with an agreed-upon price, which may or may
not represent market value. However, frequently one entity provides goods
or services to another entity free of charge (without reimbursement) and
the cost of such activity is paid by appropriated funds of the providing
entity. For example, the General Services Administration (GSA) routinely
provides property management services and contract award and
administration to other entities without charge.

.03 In addition, certain federal entities can significantly influence the
operating policies of the transacting entities. For example, the Office of
Management and Budget (OMB) provides budget, policy and/or general
management guidance to other federal entities. The Office of Personnel
Management (OPM) helps federal civilian entities recruit nationwide; sets
human resources management rules with the federal entities' involvement;
administers systems for setting federal compensation and benefits; manages
federal employee health and life insurance programs; and operates
retirement programs for federal employees.

These tools are based on the best practices guidance received from the
participating accounting and auditing firms and the AICPA publication,
Practice Alert No. 95-3, Auditing Related Parties and Related Party
Transactions.

.04 In the U.S. government, the most significant related parties are other
governmental entities. Other possible related parties outside of the
federal government include states, members of entity's management, and
individuals and companies with which members of management may be related.

.05 The auditor should make inquiries about the possible existence of
related parties with material activity and balances that could affect the
financial statements, including intragovernmental activity and balances.
The auditor should also inquire about the possible existence of related
parties involving members of management that usually are not material to
the financial statements, but may be a sensitive conflict-of-interest
issue involving potential misuse of government assets.

The identification of related parties and activity and balances is
important because (1) U.S. GAAP requires disclosure of material
related-party transactions and certain control relationships, (2)
fraudulent financial reporting and misappropriation of assets have been
facilitated by the use of an undisclosed related party, and (3) distorted
or misleading financial statements may result in the absence of adequate
disclosure.

.06 Financial statement users need related party information to make
informed judgments. If parties are related, the transactions between them
may not be based on an arm's-length relationship. For example, certain
goods or services may be donated or be at an amount that does not
represent market value, thus affecting the cost of the receiving entity's
operations. In addition, an entity may have transactions with another
entity based on a common control situation, such as when the entity
controls or can significantly influence the management or operating
policies of the transacting entity. In these cases, users of financial
statements should be aware of the nature of the relationship since this
control relationship could result in operating results or financial
positions significantly different from those that would have been achieved
in the absence of such relationship.

.07 Disclosures include the nature of the relationship between the entity
and its related parties, a description of the transactions, including
donations, dollar amounts of transactions that occurred during the period,
and amounts due to or from related parties as of the end of the period.
Disclosures may aggregate similar transactions by type. In cases of common
control relationships, the nature of the control relationship is disclosed
even if there are no transactions between the entities. Related party
transactions between components of the audited entity that are eliminated
in consolidation are disclosed. However, if separate statements of the
components are issued, the disclosures are presented in the separate
component statements.

.08 The following sections discuss intragovernmental activity and
balances, and other related parties.

    Intragovernmental Activity and Balances

.09 Intragovernmental amounts represent activity and balances within or
between federal entities. Intradepartmental amounts are activity and
balances within the same department (a department here means any
department, agency, administration or other entity designated by OMB as a
financial reporting entity that is not part of a larger financial
reporting entity other than the government as a whole). Interdepartmental
amounts are activity and balances between two different departments. The
intradepartmental and interdepartmental amounts are subsets of
intragovernmental activity and balances.

FASAB uses various terms to define intragovernmental activities. As
discussed in FAM 902.02, SFFAS No. 4 refers to these activities broadly as
inter-entity costs. SFFAS No. 30 refers to intra-departmental inter-entity
costs to describe activities within the same department, while activities
between two different departments are inter-departmental inter-entity
costs. FASAB Interpretation No. 6 uses "department" to refer to any
department, agency or other financial reporting entity that is not part of
a larger reporting entity other than the government as a whole. The
terminology used in FAM 902 is consistent with FASAB usage of the terms
intra-departmental and inter-departmental activities.

.10 Common examples of intragovernmental activities include:

a.
           Goods and services provided from one federal entity to another
           (trade transactions), costs incurred, and reimbursable costs
           (including both interdepartmental and intradepartmental activity).

b.
           Transfers between entities based on agreements or legislative
           authority, expended appropriations, taxes and fees collected,
           collections for others, accounts receivable from appropriations,
           transfers payable, and custodial revenue (including both
           interdepartmental and intradepartmental activity).

c.
           Investments in federal securities issued by Treasury's Bureau of
           the Public Debt, including interest accruals, interest income and
           expense, and amortization of premiums and discounts.

d.
           Borrowings from the Treasury and the Federal Financing Bank,
           including interest accruals, interest income, and expenses.

e.
           Costs of litigation paid by the Treasury Judgment Fund (including
           both interdepartmental and intradepartmental activity).

f.
           Transactions with OPM relating to employee benefit programs such
           as Federal Employees' Retirement System, Civil Service Retirement
           System, and federal employees' life insurance and health benefits
           programs, that include routine payments, imputed financing, and
           accruals.

g.
           Transactions with the Department of Labor (Labor) relating to the
           Federal Employee's Compensation Act (FECA) that include routine
           payments to Labor.

.11 Intradepartmental activities and balances (within the same department)
are eliminated at the department's consolidated financial statements
level. Interdepartmental activities and balances (between federal
entities) are eliminated at the U.S. government's consolidated financial
statements level.

Accounting and Reporting Guidance

.12 In accounting for and reporting of related parties, including
intragovernmental activity and balances, the auditor and the entity should
refer to FASAB accounting standards, the Financial Standards Accounting
Board (FASB) financial accounting standards (FAS), OMB guidance contained
in OMB Circular No. A-136, and Treasury guidance contained in the Treasury
Financial Manual (TFM). FAM 902.14-.20 illustrate these relevant documents
in more detail.

.13 SFFAS No. 4, Managerial Cost Accounting Concepts and Standards, and
related interpretations, address the accounting standards for inter-entity
cost activities. SFFAS No. 5, Accounting for Liabilities of the Federal
Government, addresses inter-entity liabilities, including federal debt,
pensions and retirement benefits. Also, SFFAS No. 7, Accounting for
Revenue and Other Financing Sources and Concepts for Reconciling Budgetary
and Financial Accounting, as amended, addresses inter-entity revenue and
requires disclosure of the nature of intragovernmental exchange
transactions in which an entity provides goods or services at a price less
than full cost or does not charge a price at all.

In accordance with SFFAS No. 4, as amended by SFFAS No. 30, effective for
periods beginning after September 30, 2008, the costs of program outputs
include the costs of services provided by other entities whether or not
the providing entity is fully reimbursed. Additionally, each entity's full
cost is to incorporate the full cost of goods and services that it
receives from other entities. The entity providing the goods or services
has the responsibility to provide the receiving entity with information on
the full cost of services either through billing or other advice. The
reporting entities also is to consult with the funding and administering
agencies, such as OPM, for information needed to properly record
inter-entity costs. SFFAS No. 4 directs OMB to designate the costs of
goods and services received from other entities that are to be recognized
and to issue guidance identifying these costs. ^[224]2

2 In accordance with OMB Circular No. A-136, examples of unreimbursed
costs that reporting entities are required to recognize include (but are
not limited to): (1) employees' pension, post-retirement health and life
insurance benefits, (2) other post-employment benefits for retired,
terminated, and inactive employees, which includes unemployment and
workers compensation under the Federal Employees' Compensation Act (Pub.
L. No. 103-3), and (3) losses in litigation proceedings (see FASAB
Interpretation No. 2, Accounting for Treasury Judgment Fund Transactions).
In the case of employee benefits, the imputed amount is the difference
between employer/employee contributions and the total cost of the benefit.

.14 FASB FAS No. 57, Related Party Disclosures, defines related parties
and provides examples of related party transactions and general guidance
on disclosures of transactions between related parties. Footnote
disclosures generally should include disclosure of the nature of the
relationship between the entity and its related parties, a description of
the transactions, including donations, dollar amounts of transactions that
occurred during the period, and amounts due to or from related parties as
of the end of the period.

.15 OMB Circular No. A-136, Financial Reporting Requirements, states that
federal entities are to

     o report intragovernmental assets separately from transactions with
       non-Federal entities (entities outside the federal government) on the
       balance sheet,; disclose intragovernmental assets separately from
       other non-entity assets; identify intragovernmental liabilities
       covered by budgetary resources and those not covered by budgetary
       resources (such as accrued annual leave); and separately report
       intragovernmental liabilities,
     o disclose intragovernmental costs and revenue transactions separately
       from those made with the public and describe the criteria used for the
       cost/revenue classification. Disclosure is to include an explanation
       that makes it clear to the reader that the intragovernmental expenses
       relate to the source of goods and services purchased by the reporting
       entity and not to the classification of related revenue, and
     o reconcile intragovernmental balances and transactions at least
       quarterly and submit intragovernmental balance information as a note
       disclosure.

OMB also has issued a memorandum titled Business Rules for
Intragovernmental Transactions that requires agencies to use the same
methodology in accounting for certain intragovernmental transactions,
which should help in reconciliation.

.16 To emphasize entity management's responsibility for identifying
intragovernmental transactions and balances and reconciling data with
other entities, specific representations are included in the management
representation letter for intragovernmental activity. These
representations include intradepartmental eliminations, proper accounting
and disclosure of transactions, and reconciliation (or inability to
reconcile) with entities providing the goods or services (see FAM 1001).
If such disclosure is included in the financial statements and the auditor
believes that the disclosure is either not supported by management, or if
management refuses to disclose related party transactions, the auditor
generally should express a qualified or adverse opinion because of the
inadequate disclosure, depending on materiality, and include the necessary
disclosures in a separate paragraph of the audit report.

.17 TFM section "Federal Intragovernmental Transactions Process" and
Treasury's Federal Intragovernmental Transactions Accounting Policies
Guide (Treasury Guide) provides governmentwide procedures for federal
entities to account for and reconcile transactions occurring within and
between each other. The procedures in this guidance does not apply to
transactions between federal entities and nonfederal entities. Further
information is available at the Treasury/Financial Management Service's
(FMS) web site at [225]http://www.fms.treas.gov.

.18 The TFM also includes procedures for CFO Act departments to reconcile
and confirm intragovernmental activity and balances as of and for the
fiscal year ended September 30. Each department's CFO is to provide the
department's Inspector General (IG) with representations indicating
whether the department completed the reconciliation. In addition, the
department is to describe noncompliance with the reconciliation
requirements. The auditor should include this representation in the
management representation letter (see FAM 1001).

.19 The Treasury Guide provides detailed information on accounting and
reconciling intragovernmental balances. According to the guide, entities
are to identify trading partners ^[226]3 for all intragovernmental
transactions and accumulate detail and summary information for each
activity by trading partner from their accounting records. The trading
partner code may be incorporated (1) as part of account coding
classification, or (2) in the customer/vendor identification code in
accounts receivable and payable systems. These codes are the same as the
Treasury index agency code used by the Treasury to prepare the
governmentwide consolidated financial statements. If the two-digit
Treasury index agency code is not adequate to identify the trading
partner, entities may expand the partner code to components below the
department level and communicate these codes to their trading partners.

.20 The Treasury Guide also indicates that federal entities are to use the
Standard General Ledger (SGL) account attributes to indicate the nature of
account balances and to identify intragovernmental transactions. For
example, the federal "F" and nonfederal "N" attributes used in conjunction
with an SGL account in the Federal Agencies' Centralized Trial Balance
System (FACTS) I submissions enable Treasury/FMS to prepare elimination
entries for the governmentwide financial statements. When the federal
attribute "F" is used with an SGL account, a trading partner is to be
designated for each transaction posted to the account.

Continuing Issues from Prior Year Audits

.21 Prior year audits of federal entity financial statements have
identified numerous instances where entities did not identify, summarize,
or reconcile intragovernmental activity and balances by trading partner.
Controls over the intragovernmental transactions were not adequate. For

Trading partners are federal agencies, bureaus, programs or other entities
(within or between entities) participating in transactions with each
other.

example, one department instructed its components to make buyer's
intragovernmental transaction amounts agree with seller's information
without requiring an adequate reconciliation or verification if goods or
services were provided. Similar issues were also identified concerning
activity and balances within the same entity (intradepartmental).
Accordingly, there is no assurance that the entity records contained
balances that are fairly presented. This has been a material weakness at
the

U.S. government consolidated financial statement level in that entity
intragovernmental accounts do not completely eliminate in consolidation.

Intragovernmental Payment and Collection (IPAC) System

.22 IPAC is the primary method used by most federal entities to
electronically bill and/or pay for services and supplies within the U.S.
government. IPAC is used to communicate to Treasury and the trading
partner agency that the online billing and/or payment for services and
supplies has occurred. IPAC, however, is not intended to be a control over
the intragovernmental transactions (reciprocal accounts). The auditor
should understand that IPAC was not designed as an accounting system and
does not require trading partners to record transactions at the same time
or in the same amounts. In addition, unreconciled IPAC differences could
affect the existence and completeness of intragovernmental activity and
balances.

.23 The IPAC billing entity initiates an IPAC transaction either as a
collection or a payment. The IPAC customer entity receives an IPAC
transaction either as a payment or a collection. Monthly, the Treasury
compares the customer and billing amounts from Statement of Transactions
(FMS 224) reported by the entity with the IPAC data. If there is a
difference, a Statement of Differences (SOD) ^[227]4 , including a
detailed list of all transactions charged or credited to a particular
agency location code, is generated monthly. The SOD is an Internet
application of the Government On-Line Accounting Link Information Access
System II (GOALS II/IAS). Entities are to investigate the differences and
make any necessary corrections on their next Statement of Transactions.

.24 The auditor generally should examine the entity's IPAC reconciliation
procedures to determine if the entity performs the reconciliation and
researches and resolves differences reflected on the statement of
differences properly and timely. The auditor may coordinate these
procedures with Fund Balance with Treasury (FBWT) audit procedures to
assess the effectiveness of the entity's IPAC reconciliation (see FAM
921).

.25 The auditor generally should also design audit procedures to
understand whether the entity uses other systems (EFT, check, standard
forms used to transfer funds between appropriations, credit cards, etc) in
addition to the IPAC system to process intragovernmental activity and
balances. The auditor generally should determine whether these systems
affect the

The Government Wide Accounting (GWA) system is being implemented over the
next several years and the SOD is scheduled to be eliminated (see FAM
921.11-.12).

fairness of intragovernmental activity and balances. (See audit procedures
below and FAM 902 C.)

Audit Procedures

.26 The auditor should identify audit risk and materiality in determining
the nature, extent, and timing of procedures for auditing
intragovernmental activity and balances and in evaluating the results of
these procedures. Throughout the audit, the auditor evaluates the possible
existence of material intragovernmental activity and balances that could
affect the financial statements. The auditor also evaluates information
available concerning material intragovernmental activity and balances to
determine the adequacy and appropriateness of financial statement
disclosures.

.27 During the planning phase, the auditor should assess inherent, fraud,
and control risk. The auditor evaluates several conditions to assess
inherent risk related to intragovernmental activity and balances. For
example, inherent risk may exist because of the nature of the
intragovernmental activity, such as a significant volume or dollar amount
of transactions, number of trading partners, or complexity of
transactions. The auditor should also assess the impact of inherent and
control risk on control testing and substantive procedures. The auditor
should determine whether similar conditions continue to exist and should
understand management's response to such conditions.

.28 In assessing inherent and control risk, the auditor should obtain an
understanding of management responsibilities and the relationship of each
component to the total department and of each department to other
departments. The auditor should also obtain an understanding of the
entity's operations to identify, respond to, and resolve accounting and
auditing problems early in the audit. This includes:

a.
           knowledge of the entity's trading partners,

b.
           the nature of intragovernmental transactions that occur,

c.
           the volume and dollar amount of transactions, and

d.
           management's attitude and awareness with respect to
           reconciliations of intragovernmental activity and balances.

.29 The auditor should determine the effectiveness of the entity's
internal control over intragovernmental activity and balances. This begins
with the auditor identification of policies and procedures that pertain to
the entity's ability to record, process, summarize, and report
intragovernmental activity and balances by trading partner. The entity
generally should emphasize the importance of identifying and classifying
intragovernmental transactions by trading partner when they are initiated
and on all documentation thereafter. Without this initial identification,
the entity's accounting system may not be able to adequately track
intragovernmental activity and balances.

.30 Without proper and timely reconciliation of intragovernmental activity
and balances, misstatements in these account balances at the component
and/or department level could materially affect the balances at the
governmentwide level (as well as at the department or component level). In
addition, when preparing consolidated financial statements, the preparer
must eliminate intragovernmental activity and balances within and between
departments or components. Because the amounts reported for entity trading
partners for certain intragovernmental accounts could be significantly out
of balance, the preparer would not be able to eliminate these accounts in
the consolidated financial statements. The auditor may advise the entity
about the need for monthly confirmation and reconciliation of these
transactions with trading partners, as annual or quarterly reconciliations
may not be sufficient to detect and resolve misstatements promptly.

.31 If the auditor determines that the entity's reconciliation control for
intragovernmental transactions is not effectively designed and placed in
operation, the auditor should consider the effect on the financial
statements. Where intragovernmental transactions are or could be material,
significant additional work is usually necessary to express an unqualified
opinion. In those cases where the auditor finds significant deficiencies
or material weaknesses in the intragovernmental reconciliation control and
no other mitigating controls exist, the auditor must disclose this in the
report or opinion on internal controls (FAM 580).

.32 TFM contains agreed-upon procedures to perform for federal
intragovernmental activity and balances. These procedures are intended to
assist with accounting for and eliminating intragovernmental activity and
balances in the preparation of department and governmentwide financial
statements and reports. These procedures should be performed regardless of
the effect on the entity's consolidated financial statements or internal
control report.

.33 To avoid duplicate procedures, the auditor should consider the
agreedupon procedures contained in the TFM when designing the tests for
intragovernmental activity and balances. Examples of the account risk
analysis (ARA), specific control evaluation (SCE), and audit procedures
for the audit of intragovernmental activity and balances are in FAM 902 A,
FAM 902 B, and FAM 902 C, respectively. The ARA, SCE(s), and audit
procedures generally are customized by the auditor for the particular
entity. For example, if the auditor determines that the intragovernmental
accounts receivable line item is significant, the auditor generally should
prepare a separate ARA, SCE(s), and audit procedures for the
intragovernmental accounts receivable account and its related accounting
applications. (Note that a single SCE for a line-item/account-related
accounting application is presented. There are likely transaction-related
accounting applications listed on the ARA that also would have SCEs.) In
addition, to improve efficiency, the auditor may coordinate tests of
intragovernmental activity and balances with tests of nonfederal activity
and balances.

    Other Related Parties

.34 To effectively plan and perform an audit, the auditor generally should
understand the entity's organization and its characteristics. The auditor
generally should identify the possible existence of other related parties
and other related party transactions throughout the audit to ensure that
they are properly accounted for and disclosed (see FAM 902.07). Other
related parties may include states that federal entities made payments to
in carrying out or executing their federal programs. Examples of these
programs are Department of Health and Human Services grants to states for
Medicaid; ^[228]5 Department of Transportation, Federal Highway
Administration, programs such as federal aid for highways and highway
safety construction programs; and Department of Labor, State Unemployment
Insurance, and Employment Service Operations.

As indicated at FAM 902.04-.05, the auditor should also be alert to other
related party transactions involving members of entity's management, and
individuals and companies with which members of management may be related.
While these transactions are usually not material to the entity's
financial statements, there may be a sensitive conflict-of-interest issue
involving the potential misuse of government assets.

.35 The auditor should attempt to detect these other relationships by
inquiring of management, reviewing major contracts/agreements, and reading
financial disclosure statements. The auditor should document the names of
related parties so audit staff are aware of them as they conduct the
audit. Work done to test transactions with such parties may be coordinated
with sensitive payments work, as discussed in FAM 280.05.

.36 In addition to the procedures on related parties, the auditor also
generally should inquire about other parties that may not be related
parties, but that the entity may wish to disclose because of a public
perception that they might be related, although professional standards do
not require disclosure if the parties are not related (as defined in AU
334). FAM 902 C provides examples of audit procedures for other related
parties as well as for intragovernmental activity and balances. The
auditor should customize the steps for the particular audited entity.

    Practice Aids

.37 The following practice aids are presented as appendixes:

     o FAM 902 A - Example Account Risk Analysis (ARA),
     o FAM 902 B - Example Specific Control Evaluation (SCE), and
     o FAM 902 C - Example Audit Procedures

Medicaid assists  states in  providing medical  care to  their  low-income
populations  by  granting  federal  matching  payments  under  the  Social
Security Act to states with approved plans.

  DRAFT GAO/PCIE Financial Audit Manual Page 902 A-1 DRAFT GAO/PCIE Financial
  Audit Manual Page 902 A-2 DRAFT GAO/PCIE Financial Audit Manual Page 902 A-3
               DRAFT GAO/PCIE Financial Audit Manual Page 902 A-4

Substantive Testing 902 A - Example Account Risk Analysis for
Intragovernmental Activity and Balances

               DRAFT GAO/PCIE Financial Audit Manual Page 902 A-5
  DRAFT GAO/PCIE Financial Audit Manual Page 902 A-6 DRAFT GAO/PCIE Financial
  Audit Manual Page 902 A-7 DRAFT GAO/PCIE Financial Audit Manual Page 902 A-8

Substantive Testing

    902 B - Example Specific Control Evaluation for Intragovernmental Accounts

Accounting Relevant Potential misstatements in

                               Control objectives

Internal control activities IT Effective-W/P ref, application assertions
in line accounting application

(Y/N) ness of control assertions items assertions

control testing activities step various various

Existence or various various Substantiation occurrence 1. Recorded 1.
Quarterly, intragovernmental N II.1.g-i

1a. Recorded intragovernmental balances recorded in the entity's assets
and liabilities do ^intragovernmental general ledgers are confirmed

                             assets and liabilities

not exist at a given date. [should exist at a given] and reconciled with
trading [date.] partners.

    1. The entity and trading partners ^N II.1.g-i work together to exchange
       data/ correct errors promptly concerning the intragovernmental
       balances.
    2. Reconciliation adjustments and N supporting documents are ^III.A.1-7
       reviewed and approved by authorized personnel before being entered in
       the general ledgers.
    3. Reconciliation between Y [III.A.1-7] intragovernmental general ledger
       balances and subsidiary ledger balances are performed quarterly and
       reviewed by supervisory personnel.

     DRAFT GAO/PCIE Financial Audit Manual Page 902 B-1 Substantive Testing

Accounting     Relevant     Potential          Control         Internal        IT   Effective- W/P ref, 
                            misstatements    objectives        control                                  
                            in                                 activities                               
application assertions in   accounting                                        (Y/N)  ness of    control 
            line            application                                                                 
assertions       items       assertions                                              control    testing 
                                                                                    activities   step   
            various various                                                                             
                                                               Same as 1a.                              
                                          1b. Recorded      1. above.                           Same as 
                                          intragovernmental                                      above. 
                                                 assets and                                             
                                             liabilities of                                             
                                          the entity, at a  2. The entity       Y               II.1.l  
                                          given date,          maintains the                            
                                          should be            transaction                              
                                          supported by         logs and                                 
                                          appropriate          detailed                                 
                                          detailed records     records of                               
                                          that are             transactions                             
                                          accurately           to facilitate                            
                                          summarized and       the                                      
                                          reconciled to the    reconciliation                           
                                                               process and to                           
                                                               provide                                  
                                                               sufficient                               
                                                               information                              
                                                               for the                                  
                                                               location of                              
                                                               the supporting                           
                                                               documents.                               
                                          account balance.                                              
                                                               The entity's                             
                                                               critical forms                           
                                          1c. Access to     1. and              Y               Example 
                                          intragovernmental    records are                      control 
                                                               protected by                             
                                                               safes                                    
                                          assets, critical     and locks,                         tests 
                                               forms,          guards,                              are 
                                                               cameras, alarm                           
                                          records, and         systems, and                     omitted 
                                                               backup of                                
                                                               electronic                               
                                           processing and      data.                           from the 
                                            storage areas                                       example 
                                               should                                                   
                                          be permitted only 2. Changes made     Y               audit   
                                                 in            to the trading                           
                                            accordance with    partner codes                            
                                                      laws,    file are                          pro    
                                                               restricted                               
                                          regulations, and     to authorized                   cedures. 
                                                               accounting                               
                                               management's    personnel.                               
                                                    policy.                                             

               DRAFT GAO/PCIE Financial Audit Manual Page 902 B-2

Substantive Testing

Accounting Relevant Potential misstatements in

                               Control objectives

Internal control activities IT Effective-W/P ref, application assertions
in line accounting application

(Y/N) ness of control assertions items assertions

control testing activities step various various

Completevarious various Account Completeness ness

2. Intragovernmental ^2. All intragovernmental 1. Same as existence above.
Same as assets and liabilities of ^accounts that belong above. the entity
exist but are ^in the financial state

[omitted from the] ments should be so [financial statements.] included.
There should 2. The entity reviews all transacY II.1.a-f be no undisclosed
tions to identify and properly assets or liabilities. code
intragovernmental transactions.

    1. The entity reconciles and Y II.2 & resolves IPAC differences (and
       III.B.1.c differences from other systems/ methods, if any, used to
       process intragovernmental transactions) promptly and records
       adjustments properly.
    2. Supervisory personnel review and Y II.1.m approve monthly account
       analyses of intragovernmental accounts and examine budget-to-actual
       and trend analyses.

               DRAFT GAO/PCIE Financial Audit Manual Page 902 B-3

Substantive Testing 902 B - Example Specific Control Evaluation for
Intragovernmental Accounts

Accounting application assertions

Valuation or allocation

                       Relevant assertions in line items

various various

Valua-Valua-tion or tion or allocaalloca

Potential misstatements in

Control objectives

Internal control activities accounting application assertions

    1. Elimination journal entries and supporting documentation are reviewed
       and approved by authorized personnel.
    2. Elimination entries are supported by schedules summarizing the SGL
       accounts that are combined to total the amounts eliminated.

      Valuation

3. Intragovernmental ^3. Intragovernmental 1. Same as existence and

               ^assets and liabilities completeness above. above.

              assets and liabilities W/P ref, control testing step

                                                       IT          Effective- 
                                                       (Y/N)          ness of 
                                                                      control 
                                                                   activities 
                                                           N                  
                                                           Y                  

        II.1.k
                & III.E

II.1.k
           &

                                     III.E

                                    Same as

                                   tion tion

included in the ^included in the

financial statements ^2.

                 The entity periodically evaluates N I.4.a.ii &

                              financial statements

                                are valued on an

[should be valued on] the condition and marketability

            [appropriate valuation] of intragovernmental assets, for

                              inappropriate basis.

                        bases. example, receivables are

evaluated for collectibility.
3. The entity accounting records are compared with the      I.4.a.ii & iii 
      assessed                                               N                
      values such as independent                                              
      appraisals or assets.                                                   

     DRAFT GAO/PCIE Financial Audit Manual Page 902 B-4 Substantive Testing

Accounting     Relevant     Potential            Control             Internal    IT   Effective-     W/P 
                            misstatements in     objectives          control                        ref, 
                                                                    activities                           
application assertions in      accounting                                       (Y/N)  ness of   control 
            line               application                                                               
assertions       items         assertions                                              control   testing 
                                                                                      activities  step   
            various various                                                                              
                            Measurement 4.    4. Intragovernmental 1. Same as                    Same as 
                            Intragovernmental    revenues and      existence                     above.  
                            revenues and         expenses included and                                   
                            expenses included    in the financial  completeness                          
                            in the financial     statements should above.                                
                            statements are       be properly                                             
                            measured             measured.                                               
                            improperly.                                                                  
Rights and  Rights  Rights  Ownership                                                                    
obligations and     and     5. Recorded       5. Recorded          1. Same as                    Same as 
                                                                   existence                             
                                                                   and                                   
            obliga  obliga  intragovernmental    intragovernmental completeness                   above. 
                                                                   above.                                
            tions   tions   assets are owned     assets should be                                        
                                   by                                                                    
                            others because of    owned by the                                            
                                        sale,    entity.                                                 
                                or other                                                                 
                               contractual                                                               
                              arrangements.                                                              
                            Rights                                                                       
                            6. The entity     6. Intragovernmental 1. Same as                    Same as 
                            does not                               existence                             
                                                                   and                                   
                              have certain       assets should be  completeness                   above. 
                                rights to        the               above.                                
                            recorded             entity's rights                                         
                                                 at a                                                    
                            intragovernmental    given date.                                             
                            assets because of                                                            
                                 certain                                                                 
                              restrictions.                                                              

               DRAFT GAO/PCIE Financial Audit Manual Page 902 B-5

Substantive Testing 902 B - Example Specific Control Evaluation for
Intragovernmental Accounts

Accounting Relevant Potential misstatements in

                               Control objectives

Internal control activities IT EffectiveW/P ref, application assertions in
line accounting application

(Y/N) ness of control assertions items assertions

control testing activities step various various

      Obligations

7. The entity does not 7. Intragovernmental 1. Same as existence and Same
as have an obligation for liabilities should be completeness above. above.
recorded the entity's obligations intragovernmental at a given date.
liabilities at a given date.

     DRAFT GAO/PCIE Financial Audit Manual Page 902 B-6 Substantive Testing

Accounting         Relevant        Potential            Control              Internal control   IT   Effective-     W/P 
                                   misstatements in     objectives           activities                            ref, 
application  assertions in line       accounting                                               (Y/N)  ness of   control 
                                      application                                                                       
 assertions          items            assertions                                                      control   testing 
                                                                                                     activities    step 
              various    various                                                                                        
                                   Account                                                                              
Presentation  Presen-    Presen-   classification                                                                       
and          tation and tation and 8.                8.                   1. The entity uses     Y               II.1   
disclosure   disclosure disclosure Intragovernmental    Intragovernmental    trading partner                            
                                   accounts are not     accounts should      codes to identify                          
                                   properly             be properly          and track trading                          
                                   classified and       classified and       partners when the                          
                                   described in the     described in the     intragovernmental                          
                                                                             transactions                               
                                       financial        financial            are initiated and                          
                                      statements.       statements.          on all                                     
                                                                             documentation                              
                                                                             thereafter.                                
                                                                             The entity uses                            
                                                                          2. SGL account         Y               II.1   
                                                                             attributes to                              
                                                                             identify the                               
                                                                             nature                                     
                                                                             of account                                 
                                                                             balances and to                            
                                                                             identify                                   
                                                                             intragovernmental                          
                                                                             transactions by                            
                                                                             trading partner.                           
                                                                             The entity                                 
                                                                             classifies,                                
                                                                          3. summarizes,         Y               IV.1   
                                                                             and reports                                
                                                                             intragovernmental                          
                                                                             accounts by                                
                                                                             trading partner                            
                                                                             and                                        
                                                                             presents them in                           
                                                                             the notes to the                           
                                                                             special-purpose                            
                                                                             financial                                  
                                                                             statements.                                

     DRAFT GAO/PCIE Financial Audit Manual Page 902 B-7 Substantive Testing

Accounting     Relevant     Potential       Control       Internal control   IT   Effective-     W/P 
                            misstatements  objectives     activities                            ref, 
                            in                                                                       
application assertions in    accounting                                     (Y/N)  ness of   control 
            line             application                                                             
assertions       items       assertions                                            control   testing 
                                                                                  activities  step   
            various various                                                                          
                                                          The CFO staff                              
                                                       4. checks that the     N               IV.1   
                                                          intragovernmental                          
                                                          asset and                                  
                                                          liability                                  
                                                          categories                                 
                                                          reported as                                
                                                          notes in the                               
                                                          special-purpose                            
                                                          financial                                  
                                                          statements agree                           
                                                          with                                       
                                                          the                                        
                                                          intragovernmental                          
                                                          asset and                                  
                                                          liability line                             
                                                          items reported on                          
                                                          the                                        
                                                          balance sheet.                             
                                                          The entity                                 
                                                          discloses                                  
                                                       5. intragovern         Y               IV.1   
                                                          mental gross cost                          
                                                          and earned                                 
                                                          revenue by budget                          
                                                          functional                                 
                                                          classification as                          
                                                          required by OMB                            
                            Consistency                                                              
                            9. The        9. The       1. Intragovernmental                  Same as 
                            financial     financial       accounts are                               
                            statement                                                                
                               components    statement    properly                            above. 
                                are based   components    classified and                             
                                                          described                                  
                            on accounting  should be      in the financial                           
                                            based on      statements.                                
                             principles    accounting                                                
                              different    principles                                                
                             from those     that are                                                 
                               used in      applied                                                  
                            prior         consistently                                               
                            periods.          from                                                   
                                           period to                                                 
                                            period.                                                  

               DRAFT GAO/PCIE Financial Audit Manual Page 902 B-8

Substantive Testing 902 B - Example Specific Control Evaluation for
Intragovernmental Accounts

Accounting     Relevant     Potential       Control      Internal control   IT   Effective-     W/P 
                            misstatements objectives        activities                         ref, 
                            in                                                                      
application assertions in    accounting                                    (Y/N)  ness of   control 
            line             application                                                            
assertions       items       assertions                                           control   testing 
                                                                                 activities  step   
            various various                                                                         
                            Disclosure                                                              
                            10. Required  10. The     1. Intragovernmental                  Same as 
                            information   financial      accounts are                               
                               is not     statements     properly                            above. 
                            disclosed in   or notes      classified and                             
                                 the                     described                                  
                                financial   should       in the financial                           
                            statements or contain all    statements.                                
                            in the notes  information                                               
                              thereto.       required                                               
                                             to be                                                  
                                          disclosed.                                                

               DRAFT GAO/PCIE Financial Audit Manual Page 902 B-9

Substantive Testing 902 B - Example Specific Control Evaluation for
Intragovernmental Accounts

                     [This page intentionally left blank.]

              DRAFT GAO/PCIE Financial Audit Manual Page 902 B-10

902 C - Example Audit  Procedures for Intragovernmental and Other  Related
Parties' Activity and Balances

  921 A - Treasury Processes and Reports Related to FBWT Reconciliation

    A. Verification of Collections and EFT Disbursements

These FBWT processes and reports are subject to change by the
implementation of the GWA system discussed in FAM 921.11-.12.

*CASHLINK is effective through September 30, 2007, when it is scheduled to
become part of the Government Wide Accounting (GWA) system (see FAM
921.11-.12). DRAFT GAO/PCIE Financial Audit Manual Page 921 A-1

    B. Verification of Disbursement Data

  DRAFT GAO/PCIE Financial Audit Manual Page 921 B-1 DRAFT GAO/PCIE Financial
  Audit Manual Page 921 B-2 DRAFT GAO/PCIE Financial Audit Manual Page 921 B-3
  DRAFT GAO/PCIE Financial Audit Manual Page 921 B-4 DRAFT GAO/PCIE Financial
  Audit Manual Page 921 B-5 DRAFT GAO/PCIE Financial Audit Manual Page 921 B-6

Substantive Testing

  921 C - Example Specific Control Evaluation for Fund Balance with Treasury

Relevant assertions in line

Potential
Accounting items

misstatements in Control objectives Internal control activities IT
Effectiveness W/P ref. & application

accounting application (Y/N) of control control assertions FBWT Various

assertions activities testing step

Existence or Existence Existence

Substantiation (See note 1.) Occurrence

1. Recorded FBWT 1a. Recorded FBWT 1. Entity staff performs Y (insert)
does not exist as of amounts should monthly reconciliation a given date.
exist as of a between entity general

given date. ledger (G/L) and Treasury records (appropriation and receipt
account ledgers via GWA).

2. Entity staff resolves receipt N (insert) and disbursement differences
reported by Treasury statements of differences via GWA for collections and
disbursements.

               DRAFT GAO/PCIE Financial Audit Manual Page 921 C-1

Substantive Testing 921 C - Example Specific Control Evaluation for Fund
Balance with Treasury

               DRAFT GAO/PCIE Financial Audit Manual Page 921 C-2

Substantive Testing 921 C - Example Specific Control Evaluation for Fund
Balance with Treasury

               DRAFT GAO/PCIE Financial Audit Manual Page 921 C-3

Substantive Testing 921 C - Example Specific Control Evaluation for Fund
Balance with Treasury

               DRAFT GAO/PCIE Financial Audit Manual Page 921 C-4

Substantive Testing 921 C - Example Specific Control Evaluation for Fund
Balance with Treasury

               DRAFT GAO/PCIE Financial Audit Manual Page 921 C-5

Substantive Testing 921 C - Example Specific Control Evaluation for Fund
Balance with Treasury

               DRAFT GAO/PCIE Financial Audit Manual Page 921 C-6

  941 - Auditing the Statement of Social Insurance

.01 The Statement of Social Insurance (SOSI) has grown in prominence as it
presents trillions of dollars of future federal expenditures over future
federal revenues. Beginning with fiscal year 2006, the SOSI is required to
be audited, along with certain social insurance disclosure information,
while other social insurance information is to be presented as unaudited
required supplemental information (RSI). Because most of the information
is based on actuarial projections up to 75 years into the future, it
presents a challenge to the federal entity responsible for its
preparation, as well as to the auditor. FAM 941 provides auditors with
some guidance in auditing the SOSI in accordance with U.S. GAGAS.

.02 FASAB has established accounting requirements for the SOSI through
various SFFAS. The financial statements affected are those of federal
entities responsible for Social Security, Medicare, Railroad Retirement,
and Black Lung programs, as well as the consolidated financial statements
of the federal government. For periods beginning after September 30, 2005,
the SOSI is to be presented as a basic financial statement with the
underlying significant assumptions included in notes that are presented as
an integral part of the financial statements.

.03 FASAB standards for social insurance programs require entities and the
consolidated federal financial statements to report:

        a.
                The estimated present value of the income to be received from
                or on behalf of the following groups during a projection
                period sufficient to illustrate the long-term sustainability
                of the social insurance programs for:

                   o current participants who have not yet attained
                     retirement age,
                   o current participants who have attained retirement age,
                     and
                   o individuals expected to become participants.

b.
           The estimated present value of the benefit payments to be made
           during that same period to or on behalf of the groups listed in
           item (a) above.

c.
           The estimated net present value of the cash flows during the
           projection period [the income described in item (a) above over the
           expenditures described in item (b) above, or the expenditures
           described in item (b) above over the income described in item (a)
           above].

                d.
                        In notes to the SOSI:

                          1. The accumulated excess of all past cash
                             receipts, including interest on investments,
                             over all past cash disbursements within the
                             social insurance program, represented by the
                             fund balance at the valuation date.
                          2. An explanation of how the net present value
                             referred to in item (c) above is calculated for
                             the closed group. ^[229]1
                          3. Comparative financial information for items (a),
                             (b), (c), and d (1) above for the current year
                             and for each of the four preceding years.
                          4. The significant assumptions used in preparing
                             the estimates.

    Accounting and Reporting Information

.04 FASAB has issued standards for reporting on social insurance programs
of federal entities as follows:

        * SFFAS No. 17 - Accounting for Social Insurance, effective for
          periods beginning after September 30, 1999, presents accounting
          standards for federal social insurance programs covering Social
          Security (Old-Age, Survivors, and Disability Insurance), Medicare
          (Hospital Insurance [Part A] and Supplementary Medical Insurance
          [Part B]), ^[230]2 Railroad Retirement, and Black Lung benefits,
          and Unemployment Insurance. Social insurance programs covered by
          SFFAS No. 17 have five common characteristics:

            1. financing from participants or their employers;
            2. eligibility from taxes or fees paid and time worked in covered
               employment;
            3. benefits not directly related to taxes or fees paid;
            4. benefits prescribed in law; and
            5. programs intended for the general public.

     o SFFAS No. 25 - Reclassification of Stewardship Responsibilities and
       Eliminating the Current Services Assessment requires the Statement of
       Social Insurance to become a basic audited financial statement. It
       also provides that certain information about social insurance programs
       required by SFFAS No. 17 be reported in audited notes or as unaudited
       RSI, rather than as unaudited RSSI. In accordance with SFFAS No. 28,
       the effective period was deferred one year from fiscal year 2005 to
       fiscal year 2006.
     o SFFAS No. 26 - Presentation of Significant Assumptions for the
       Statement of Social Insurance: Amending SFFAS No. 25 requires that the
       underlying significant assumptions relating to the Statement of Social
       Insurance shall be included in audited notes with other information
       required by SFFAS No. 17 - including the sensitivity analysis - to be
       presented as RSI, except to the extent that the preparer elects to
       include some or all of that information in audited notes. In
       accordance with SFFAS No. 28, the effective period was deferred one
       year from fiscal year 2005 to fiscal year 2006.

^1 The closed group is defined as those persons who, as of a valuation
date, are participants in a social insurance program as beneficiaries,
covered workers, or payers of earmarked taxes or premiums.

The Medicare Prescription Drug, Improvement, and Modernization Act of
2003, Public Law 108-173, created a new prescription drug benefit under
Medicare Part D, which is also covered by SFFAS No. 17.

o SFFAS No. 28 - Deferral of the Effective Date of Reclassification of the
Statement of Social Insurance: Amending SFFAS Nos. 25 and 26

deferred the effective dates of SFFAS No. 25 and SFFAS No. 26 for one year
to the fiscal year ended September 30, 2006.

.05 Auditors generally should follow the FAM methodology contained in the
planning, internal control, testing, and reporting phases in FAM 200-500
and the audit guidance included in the AICPA's Statement of Position (SOP)
04-1, Auditing the Statement of Social Insurance. SOP 04-1 provides
guidance to auditors in auditing the Statement of Social Insurance.

.06 As permitted by AU 543, a principal auditor may fulfill the
requirements of SOP 04-1 by using work that other independent auditors
have performed in conformity with the provisions of SOP 04-1. For example,
for the OASDI program, the auditor of the consolidated financial
statements of the U. S. government may use the work and report of the
auditor of the Social Security Administration's Statement of Social
Insurance.

.07 In AU 342.10, the auditor should obtain an understanding of how
management develops estimates. Based on that understanding, the auditor
generally should evaluate the reasonableness of an estimate by:

     o reviewing and testing the process used by management to develop the
       estimate;
     o developing an independent expectation of the estimate to corroborate
       the reasonableness of management's estimate; and
     o reviewing subsequent events or transactions occurring prior to audit
       completion.

.08 In auditing the Statement of Social Insurance, if the auditor has
assessed management's controls over the estimation process to be
effective, the auditor may determine that the most practicable and
efficient approach is to test management's process. However, if the
auditor finds that controls over the estimation process are ineffective,
the auditor should consider whether it is practicable to:

o develop an independent expectation of the estimate, or portions of the
estimate, to corroborate management's estimate, or

o obtain competent evidence from outside the audited entity's process that
would be sufficient to support the assertions in the Statement of Social
Insurance. If it is not practicable to mitigate the effects of the
ineffective controls through substantive procedures such as these, the
auditor's report on the Statement of Social Insurance should be modified
(SOP 04-1, paragraph 9).

.09 The auditor's objective when auditing the Statement of Social
Insurance is to obtain sufficient, competent, evidential matter to provide
reasonable assurance that:

     o the estimates presented in the Statement of Social Insurance are
       reasonable in the circumstances, and
     o the Statement of Social Insurance is presented fairly, in all material
       respects, in conformity with U.S. GAAP, including adequate disclosure.

.10 If the auditor does not possess the level of competence in actuarial
science to qualify as an actuary, the auditor generally should obtain the
services of an independent actuary^3 to assist the auditor in planning and
performing auditing procedures. Generally, the auditor will need the
assistance of an independent actuary in performing various procedures
during all phases of the audit and related to all elements of the
estimates (SOP 04-1, paragraph 10).

    Key Implementation Issues

      Determining Materiality

.11 In FAM 230, materiality is one of several tools the auditor uses to
determine that the planned nature, extent, and timing of procedures are
appropriate. Materiality represents the magnitude of an omission or
misstatement of an item in a financial report that, in light of
surrounding circumstances, makes it probable that the judgment of a
reasonable person relying on the information would have been changed or
influenced by the inclusion or correction of the item. Materiality has
both quantitative and qualitative aspects. Even though quantitatively
immaterial, certain types of misstatements could have a material impact on
or warrant disclosure in the financial statements for qualitative reasons.

.12 Auditors should use professional judgment in determining the
appropriate element of the financial statements to use as a materiality
base. Auditors generally consider materiality in the context of the
financial statements taken as a whole, taking into account both
quantitative as well as qualitative attributes of the financial
statements. Auditors should exercise due professional care when setting
the materiality base, carefully assessing the information gained during
the planning phase of the audit and the needs of a reasonable person
relying on the financial statements (SOP 04-1, paragraph 21).

.13 For certain federal entities, amounts reported in the Statement of
Social Insurance may vary significantly from the amounts reported in the
other basic financial statements, or may differ significantly on a
qualitative basis. In such cases, it may not be appropriate to establish a
single materiality threshold for the entire set of financial statements.
Instead, the auditor should use a separate materiality level(s) when
planning and performing the audit of the Statement of Social Insurance and
related disclosures (SOP 04-1, paragraph 22).

The actuary can either be under  contract with the independent auditor  or
employed by  the  independent  audit organization.  In  either  case,  the
actuary performing  services  for  the  auditor would  need  to  meet  the
independence standards  of  GAGAS,  which  are  applicable  to  audits  of
Statements of Social Insurance.

.14 The auditor generally should establish planning materiality in
relation to the element of the financial statements that is most
significant to the primary users of the statements (the materiality base -
see FAM 230.08). The auditor uses professional judgment in determining the
appropriate element of the financial statements to use as the materiality
base. Also, since the materiality base may be based on unaudited
preliminary information determined in the planning phase, the auditor may
estimate the year-end balance(s) of the materiality base(s). To provide
reasonable assurance that sufficient audit procedures are performed, any
estimate of the materiality base(s) should use the low end of the range of
estimated materiality so that sufficient testing is performed.

.15 SFFAS No. 17 includes a discussion of SFFAC No. 1, Objectives of
Federal Financial Reporting, which established four major reporting
objectives in applying accounting standards:

    1. budgetary integrity,
    2. operating performance,
    3. stewardship, and
    4. systems and controls.

SFFAC No. 1 provides useful information to assist the auditor in
determining an appropriate materiality base. For example, while all four
of the objectives are important, SFFAS No. 17 states that objectives No. 2
and No. 3 directly impact the social insurance standards.

.16 Objective No. 2 of SFFAC No. 1 states that federal financial reporting
should assist report users to evaluate:

     o service efforts, costs, and accomplishments of the reporting entity,
     o the manner in which these efforts and accomplishments have been
       financed, and
     o the management of the entity's assets and liabilities.

SFFAS No. 17 indicates that information about social insurance that is
relevant to this objective includes the cost of the program as well as
longrange estimates (and ranges of estimates) of future costs and other
obligations. Estimates of future costs highlight the cost impact of
changes in benefit levels as well as changes in economic and demographic
conditions, such as the cost of health care and life expectancies.

.17 Objective No. 3 of SFFAC No. 1 states that federal financial reporting
should assist report users in assessing the impact on the country of the
government's operations and investments for the period and how, as a
result, the government's and the nation's financial condition has changed
and may change in the future. Thus, federal financial reporting should
provide information that helps the reader to determine whether:

     o the government's financial position has improved or deteriorated over
       the period,
     o future budgetary resources will likely to be sufficient to sustain
       public services and to meet obligations as they come due, and
     o government operations have contributed to the nation's current and
       future well being.

.18 Fundamental questions about social insurance programs that can be
addressed by accounting standards include whether:

     o programs are sustainable as currently constructed,
     o the government's financial condition has improved or deteriorated as a
       result of its efforts to provide for these and other programs, and
     o the likelihood that these programs will be able to provide benefits at
       current levels to those who are planning on receiving them.

The information required by this standard, taken as a whole, will help
users make this assessment while acknowledging the complexity of the
programs and the uncertainty of long-term projections.

.19 In determining the materiality base for planning and performing audits
of an entity's Statement of Social Insurance, the auditor should evaluate
the actuarial present value of the estimated future:

a.
           [231]revenue (excluding interest^4) received from or on behalf of
           all current and future participants (estimated future revenue),

b.
           expenditures for or on behalf of all current and future
           participants (estimated future expenditures), and

c.
           balance of estimated future revenue (excluding interest)
           over/(under) estimated future expenditures (actuarial balance).

.20 The auditor may determine that the actuarial balances are the most
significant element of the Statement of Social Insurance to users of the
financial statements. If so, the materiality base would be the actuarial
balance. However, the auditor has the option of selecting a materiality
base of either the estimated future revenues, or the estimated future
expenditures. Regardless of which materiality base is selected, the
auditor generally should select the materiality base that provides
reasonable assurance that sufficient audit procedures are performed.

The auditor's basis for the selection of the materiality base(s) generally
should be documented, including consideration given to other possible
measures or separate bases for estimated future revenue and estimated
future expenditures. Auditors generally should follow the guidance in FAM
230.11-.13 in determining materiality for planning and performing audits
of entity Statements of Social Insurance.

Income (excluding interest) consists of payroll taxes from employers,
employees, and self-employed persons, revenue from federal income taxation
of scheduled OASDI benefits, and miscellaneous reimbursements from the
General Fund of the Treasury.

      Obtaining Management's Representations

.21 Entity management is responsible for preparing the Statement of Social
Insurance and underlying estimates in conformity with U.S. GAAP.
Management is also responsible for the accuracy and completeness of the
Statement of Social Insurance (SOP 04-1, paragraph 5). Therefore,
management should determine its best estimate^5 of the economic and
demographic conditions that will exist in the future. Because estimates in
the Statement of Social Insurance are based on subjective as well as
objective factors, management should use judgment to estimate amounts
included in the Statement of Social Insurance. Management's judgment may
be based on its knowledge and experience about past and current events and
its assumptions about conditions it expects to exist.

.22 Consistent with FAM 1001, the auditor should obtain specific
representations relating to the Statement of Social Insurance. For an
audit of an entity's Statement of Social Insurance, the representation
letter should include, as applicable, representations included in FAM 1001
A, example management representation letter.

Planning Considerations for the Consolidated Government-wide Report

.23 Pursuant to statutory requirements of the Government Management Reform
Act (GMRA) of 1994, GAO serves as the principal auditor of the
consolidated financial statements (CFS) of the U. S. government. GMRA also
requires the Secretary of the Treasury to annually prepare and submit to
the President and the Congress an audited financial statement, or
Financial Report (FR) of the United States Government, for the preceding
fiscal year. The Chief Financial Officer (CFO) of each of the verifying
[232]agencies ^6 submits their financial data using the closing package^7
process via the Governmentwide Financial Report System (GFRS) and the
Federal Agencies' Centralized Trial-Balance System (FACTS I).

All nonverifying agencies must submit FACTS I adjusted trial-balance (ATB)
data and must complete GFRS Notes and Other FR Data. The Inspector General
(IG) of each verifying agency, except those agencies with a fiscal
year-end other than September 30, opines on the closing package data,
(also referred to as the "special purpose financial statements, or
"special purpose closing package") entered by the CFO into

5

Paragraph 25 of SFFAS No. 17, Accounting for Social Insurance, states, in
part, "The projections and estimates used should be based on the entity's
best estimates of demographic and economic assumptions, taking each factor
individually and incorporating future changes mandated by current law."
Certain entities prepare social insurance information using assumptions
prepared by a board of trustees. Auditors should consider such assumptions
to represent the entity's "best estimates" if the trustees have
characterized them as such, and entity management has determined them to
be reasonable. With respect to these assumptions, the auditor should
perform audit procedures that are consistent with the guidance in
paragraphs 9 through 36 of SOP 04-1.

6

The verifying agencies are the 24 CFO Act agencies and 11 other federal
agencies.

7

The closing package process is a methodology designed to link agencies'
comparative, audited consolidated, department-level financial statements
to the FR. The closing package is the data submitted by each verifying
agency for inclusion in the FR.

GFRS, as to its consistency with the comparative, audited consolidated,
department-level financial statements.

.24 According to OMB audit guidance, the auditor should determine whether
the special purpose financial statements and accompanying notes are fairly
presented, in all material respects, in conformity with U.S. GAAP and the
presentation requirements set forth in the Treasury Financial Manual
(TFM), Part 2-Chapter 4700 (TFM 2-4700), Agency Reporting Requirements for
the Financial Report of the United States Government. Beginning with
fiscal year 2006, the Statement of Social Insurance is to be presented as
a basic financial statement in accordance with SFFAS Nos. 25, 26, and 28.

.25 TFM 2-4700 requires entities to provide the Statement of Social
Insurance data and the underlying key assumptions in the FR Notes module
in GFRS. All remaining social insurance information is to be submitted
through the Other FR Data (Stewardship and Supplemental Information)
module in GFRS^8 [233]. The auditor generally should

     o perform the procedures described in AU 558 for the Other FR Data
       information as required and defined in TFM 2-4700, And
     o assess whether the Other FR Data is materially consistent with the
       information in the special purpose financial statements.

.26 Actuarial projections of the annual cash inflow from all sources
exclude net interest on intragovernmental borrowing/lending for both the
[234]component entity's Statement of Social Insurance ^9 and the U.S.
government's consolidated Statement of Social Insurance.^10 In addition,
because paragraph 32 (1)(a) of SFFAS No. 17 only permits cash inflow from
the public to be included in the long-range actuarial projection of cash
inflow presented in the U.S. government's consolidated Statements of
Social Insurance, TFM 2-4700 requires the (1) General Fund transfers for
the Federal Supplementary Medical Insurance (SMI - Medicare Part B)
program, (2) General Fund transfers for the Federal Supplementary Medical
Insurance (SMI - Medicare Part D) program, and (3) financial
interchange^11 income for the Railroad Retirement benefits program to be
excluded from the present value of the long-range actuarial projections.
SFFAS No. 17 states that expense and liability recognition for the

8

Beginning in fiscal year 2006, TFM 2-4700 included these requirements. The
process and modules used by FMS to prepare the consolidated Statements of
Social Insurance and accompanying notes, and supplemental information
included in the FR may change in future years, based on changes that may
be made by FMS to TFM 2-4700.

9

SFFAS No. 17, paragraph 27 (a)(1).

10

SFFAS No. 17, paragraph 32 (a)(1).

11

Financial interchange (FI) income consists of transfers from the social
security trust funds under a financial interchange between the railroad
retirement and the social security systems. While the railroad retirement
system has remained separate from the social security system, the two
systems were closely coordinated with regard to earnings credits, benefit
payments, and taxes. The purpose of this financial coordination is to
place the Social Security Old-Age Survivors and Disability Insurance
(OASDI) and Hospital Insurance (HI) trust funds in the same position they
would have been in if railroad services were covered by the Social
Security and Federal Insurance Contribution Acts.

consolidated governmentwide entity are the same as for the component
entities.^12

Consequently, auditors responsible for these programs generally should
determine the impact of the TFM requirement, which excludes the General
Fund transfers and the financial interchange income from the present value
of the long range actuarial projections on their auditing procedures.
Auditors should plan and perform their department-level social insurance
related audit procedures to obtain a reasonable basis for expressing an
opinion on the Statement of Social Insurance.

SFFAS No. 17, paragraph 30.

                     [This page intentionally left blank.}

                                  SECTION 1000

                                   Reporting

  1001 A - Example Management Representation Letter

[Entity Letterhead]

[Date of auditor's report and completion of the audit]

The Honorable [name of Inspector General or Comptroller General]

[Title as Inspector General or Comptroller General of the United States]

[Name of IG entity or U.S. Government Accountability Office]

[Also, include the independent external auditor as an addressee, if
appropriate.]

Address

Dear [name(s)]:

We are providing this letter in connection with your audit of the
[entity's] balance sheet as of September 30, 20X6 and 20X5, [or dates of
audited financial statements] and the related statements of net costs,
changes in net position, budgetary resources, financing, social insurance
[if applicable] and custodial activity [if applicable], for the years then
ended (hereinafter referred to as the "financial statements").

You conducted your audit to (1) express an opinion as to whether the
financial statements are presented fairly, in all material respects, in
conformity with U.S. generally accepted accounting principles, (2) report
[or express an opinion] on the entity's internal control over financial
reporting and compliance with laws and regulations as of September 30,
20X6 [or date of latest audited financial statements], (3) (For CFO Act
agencies) report whether the [entity's] financial management systems
substantially comply with federal financial management systems
requirements, applicable federal accounting standards (U.S. generally
accepted accounting principles), and the U.S. Government Standard General
Ledger at the transaction level as of September 30, 20X6, and (4) test for
compliance with applicable laws and regulations. In addition, you have
performed certain audit procedures with respect to the [entity's] 20X6
Management's Discussion and Analysis (MD&A) and other supplementary
information, which is included as part of the 20X6 financial statements of
the [entity].

(Recommended paragraph) Certain representations in this letter are
described as being limited to matters that are material. For purposes of
this letter, matters are considered material if they involve $XX or more.
Items also are considered material, regardless of size, if they involve an
omission or misstatement of accounting information that, in the light of
surrounding circumstances, makes it probable that the judgment of a
reasonable person relying on the information would be changed or
influenced by the omission or misstatement. (OMB Bulletin 06-03 states
that the management representation letter shall specify management's
materiality threshold used for reporting items in the management
representation letter.)

We confirm, to the best of our knowledge and belief, the following
representations made to you during the audits. These representations
pertain to both years' financial statements, and update the
representations we provided in the prior year:

    1. We are responsible for the fair presentation of the financial
       statements in conformity with U.S. generally accepted accounting
       principles. We are also responsible for the preparation of the MD&A,
       and (if any): required supplementary information (RSI), required
       supplementary stewardship information (RSSI), and other supplementary
       information.
    2. The financial statements are fairly presented in conformity with U.S.
       generally accepted accounting principles. The MD&A, and (if any) RSI,
       RSSI, and other supplementary information are fairly presented and are
       consistent with the financial statements

         1. We have made available to you all

              1. financial records and related data;
              2. where applicable, minutes of meetings of the Board of
                 Directors [or other similar bodies of those charged with
                 governance] or summaries of actions of recent meetings for
                 which minutes have not been prepared; and
              3. any communications from the Office of Management and Budget
                 (OMB) concerning noncompliance with or deficiencies in
                 financial reporting practices.

    1. There are no material transactions that have not been properly
       recorded in the accounting records underlying the financial statements
       or disclosed in the notes to the financial statements.
    2. There are no uncorrected financial statement misstatements as we have
       adjusted the financial statements for all known and likely
       misstatements you have informed us of (or) We believe that the effects
       of uncorrected financial statement misstatements summarized in the
       attached summary are immaterial, both individually and in the
       aggregate, to the financial statements taken as a whole. (An example
       summary is provided in FAM 595 C.) [If management believes that
       certain of the identified items are not misstatements, management's
       belief may be acknowledged by adding to the representation, for
       example, "We believe that items XX and XX do not constitute
       misstatements because (description of reason)."]
    3. The [entity] has satisfactory title to all owned assets, including
       stewardship property, plant, and equipment. There are no liens or
       encumbrances on these assets and no assets have been pledged.
    4. We have no plans or intentions that may materially affect the carrying
       value or classification of assets and liabilities or that we are
       required to disclose in the financial statements.
    5. There are no guarantees under which the [entity] is contingently
       liable that require reporting or disclosure in the financial
       statements.
    6. Related party transactions including related accounts receivable or
       payable, revenues, expenditures, loans, transfers, leasing
       arrangements, assessments, and guarantees have been properly recorded
       and disclosed in the financial statements.
    7. No material events or transactions have occurred subsequent to
       September 30, 20X6 [or date of latest audited financial statements],
       that have not been properly recorded in the financial statements or
       disclosed in the notes.

Intra-governmental Activities

11. All inter-entity transactions and balances have been appropriately
identified and eliminated for financial reporting purposes. All
intra-governmental transactions and activities have been appropriately
identified, recorded, and disclosed in the financial statements. We have
reconciled [or have been unable to reconcile] intragovernmental
transactions and balances with the federal entity providing the goods or
services.

    Internal Control

    1. We are responsible for establishing and maintaining a system of
       internal control.

         1. Pursuant to 31 U.S.C. 3512(c), (d) (commonly known as the Federal
            Managers' Financial Integrity Act), we have assessed the
            effectiveness of the [entity's] internal control in achieving the
            following objectives:

              1. reliability of financial reporting: Transactions are
                 properly recorded, processed, and summarized to permit the
                 preparation of the financial statements and supplementary
                 information in accordance with U.S. generally accepted
                 accounting principles, and assets are safeguarded against
                 loss from unauthorized acquisition, use, or disposition.
              2. compliance with applicable laws and regulations:
                 Transactions are executed in accordance with laws governing
                 the use of budget authority; other laws and regulations that
                 could have a direct and material effect on the financial
                 statements, and any other laws, regulations, and
                 government-wide policies identified in OMB audit guidance.
              3. reliability of performance reporting: Transactions and other
                 data that support reported performance measures in the MD&A
                 are properly recorded, processed, and summarized to permit
                 the preparation of performance information in accordance
                 with criteria stated by management.

[This item is optional if the auditor is not opining on internal control.
Also, if the agency bases its internal control assessment on suitable
criteria other than 31 U.S.C. 3512(c), (d), cite the criteria used (for
example, Internal Control--Integrated Framework issued by the Committee of
Sponsoring Organizations (COSO) of the Treadway Commission).]

14. Those controls in place on September 30, 20X6 [or date of latest
audited financial statements], and during the years ended 20X6 and 20X5,
provided reasonable assurance that the foregoing objectives are met.
[Delete this item if the auditor is not opining on internal control.]

[If there are material weaknesses:

Those controls in place on September 30, 20X6, and during the years ended
20X6 and 20X5, were not effective to provide reasonable assurance that the
foregoing objectives were met because of the effects of the material
weaknesses discussed below or in an attachment.]

    1. We have disclosed to you all significant deficiencies in the design or
       operation of internal control that could adversely affect the
       [entity's] ability to meet the internal control objectives and
       identified those we believe to be material weaknesses (or determined
       that none is a material weakness). [This item is optional if the
       auditor is not opining on internal control.]
    2. There have been no changes to internal control subsequent to September
       30, 20X6 [or date of latest audited financial statements], or other
       factors that might significantly affect the effectiveness of internal
       control. [If there were changes, describe them, including any
       corrective actions taken with regard to any significant deficiencies
       or material weaknesses.] [This item is not required if the auditor is
       not opining on internal control.]

    Fraud

    1. We acknowledge our responsibility for the design and implementation of
       programs and controls to prevent and detect fraud (intentional
       misstatements or omissions of amounts or disclosures in financial
       statements and misappropriation of assets that could have a material
       effect on the financial statements).

         1. We have no knowledge of any fraud or suspected fraud affecting
            the [entity] involving:

              1. management,
              2. employees who have significant roles in internal control, or
              3. others where the fraud could have a material effect on the
                 financial statements.

[If there is knowledge of any instances, describe them.]

19. We have no knowledge of any allegations of fraud or suspected fraud
affecting the [entity] received in communications from employees, former
employees, or others. [If there is knowledge of any such allegations, they
should be described.]

Compliance of Systems with FFMIA

[For CFO Act agencies subject to the Federal Financial Management
Improvement Act of 1996 (FFMIA)]

    1. We are responsible for implementing and maintaining financial
       management systems that substantially comply with federal financial
       management systems requirements, federal accounting standards (U.S.
       generally accepted accounting principles), and the U.S. Government
       Standard General Ledger at the transaction level.
    2. We have assessed the financial management systems to determine whether
       they substantially comply with those federal financial management
       systems requirements. Our assessment was based on guidance issued by
       OMB.
    3. The financial management systems substantially complied with federal
       financial management systems requirements, federal accounting
       standards, and the U.S. Government Standard General Ledger at the
       transaction level as of [date of the latest financial statements].

[If the financial management systems substantially comply with only one or
two of the above elements, modify as follows:

As of [date of financial statements], the [agency's] financial management
systems substantially comply with [specify which of the three elements for
which there is substantial compliance (e.g., federal accounting standards
and the SGL at the transaction level)], but did not substantially comply
with [specify which of the elements for which there was a lack of
substantial compliance (e.g., federal financial management systems
requirements)], as described below (or in an attachment).]

[If the financial management systems do not substantially comply with any
of these three elements, use the following paragraph:

As of [date of financial statements], the [agency's] financial management

systems do not substantially comply with the federal financial management

systems requirements.]

[If there is a lack of substantial compliance with one or more of the
three requirements, identify all the facts pertaining to the
noncompliance, including the nature and extent of the noncompliance and
the primary reason or cause of the noncompliance.]

Laws and Regulations

    1. We are responsible for the [entity's] compliance with applicable laws
       and regulations.
    2. We have identified and disclosed to you all laws and regulations that
       have a direct and material effect on the determination of financial
       statement amounts [may list laws and regulations].

         1. There are no

              1. violations or possible violations of laws or regulations
                 whose effects we should evaluate for disclosure in the
                 financial statements or as a basis for recording a loss
                 contingency,
              2. material liabilities or gain or loss contingencies that are
                 required to be accrued or disclosed that have not been
                 accrued or disclosed, or
              3. unasserted claims or assessments that are probable of
                 assertion and must be disclosed that have not been
                 disclosed.

[When there is no general counsel and management has not consulted legal
counsel regarding contingencies, the auditor should obtain a written
representation from management that legal counsel has not been consulted.
Example wording is: "We are not aware of any pending or threatened
litigation, claims, or assessments or unasserted claims or assessments
that are required to be accrued or disclosed in the financial statements
in accordance with SFFAS No. 5. We have not consulted legal counsel
concerning litigation, claims, or assessments." (See FAM 1002.24)

    1. We have complied with all aspects of contractual agreements that would
       have a material effect on the financial statements in the event of
       noncompliance.
    2. We are not aware of any violations of the Antideficiency Act that we
       must report to the Congress and the President for the year ended
       September 30, 20x6, (or, we have reported all known violations of the
       Antideficiency Act) and through the date of this letter.

    Statement of Social Insurance

[For entities presenting a Statement of Social Insurance (SOSI) see AICPA
publication SOP 04-1, Auditing the Statement of Social Insurance, (SOP
04-1 S36) which suggests the following management representations.]

    1. Management is responsible for the assumptions and methods used in the
       preparation of the SOSI. Management agrees with the actuarial methods
       and assumptions used by the entity's actuary and have no knowledge or
       belief that would make such methods or assumptions inappropriate in
       the circumstances. Management did not give any instructions, nor cause
       any instructions to be given to the entity's actuary with respect to
       values or amounts derived, and is not aware of any matters that have
       affected the objectivity of the entity's actuary. Management believes
       that the actuarial assumptions and methods used to measure the amounts
       in the SOSI for financial accounting purposes are appropriate in the
       circumstances.
    2. Actuarial assumptions and methods used to measure the amounts in the
       SOSI for financial accounting and disclosure purposes represent
       management's best estimates regarding future events based on
       demographic and economic assumptions and future changes mandated by
       law.
    3. There were no material omissions from the data provided to the
       entity's actuary for the purpose of determining the actuarial present
       value of the estimated future income to be received and estimated
       future expenditures to be paid during the projection period sufficient
       to illustrate the long-term sustainability of (name of the social
       insurance program) as of (dates of SOSI presented).
    4. The SOSI covers a projection period sufficient to illustrate the
       long-term sustainability of the social insurance program.
    5. Management provided the auditor with all the reports developed by
       external review groups appointed by the entity or the program's
       trustees related to estimates in the SOSI.

         1. The following matters relating to the SOSI have been disclosed
            properly in the notes to the financial statements:

              1. The accumulated excess of all past cash receipts, including
                 interest on investments, over all past cash disbursements
                 within the social insurance program represented by the fund
                 balance at the valuation date.
              2. An explanation of how the net present value is calculated
                 for the closed group.
              3. Comparative financial information for items in paragraphs
                 2a, 2b 2c and 2d (1) of SOP 04-1, for the current year and
                 for each of the preceding four years. (Note any preceding
                 years that are unaudited).
              4. Significant assumptions used in preparing estimates

34. There have been no changes in (or, changes in the following have been
properly recorded or disclosed in) the actuarial methods or assumptions
used to calculate amounts recorded or disclosed in the financial
statements between

a.
           the valuation dates (for example: of January 1, 20x6 and January
           1, 20x5) or changes in the method of collecting data, and

b.
           the valuation date (for example: of January 1, 20x6), and the
           financial reporting date (of September 30, 20x6) or changes in the
           method of collecting data.

35. There have been no changes in (or, changes in the following have been
properly recorded or disclosed in) laws and regulations affecting social
insurance program income and benefits between

a.
           the valuation dates (for example: January 1, 20x6 and January 1,
           20x5)

b.
           the valuation date (for example: January 1, 20x6) and the
           financial reporting date (of September 30, 20x6).

36. Accounting estimates applicable to the financial information of the
entity included in the SOSI are based on management's best estimate, after
considering past and current events and assumptions about future events.

Budgetary and Restricted Funds

[OMB audit guidance includes a representation by management on the
consistency of budgetary data in the following paragraph.]

    1. The information presented in the (entity's) Statement of Budgetary
       Resources (materially - defined in paragraph 2 on page 1001 A-1)
       agrees with information submitted in its year-end Reports on Budget
       Execution and Budgetary Resources (SF-133s). The information will be
       used as input for fiscal year 20x6 actual column of the Program and
       Financing Schedules reported in the fiscal year 20x8 Budget of the U.S
       Government. This information is supported by the related financial
       records and data.
    2. We have disclosed in the financial statements all earmarked funds as
       defined by FASAB SFFAS No. #27 and all restricted funds that are
       material.

[Name of Head of Entity]

[Title]

[Name of Chief Financial Officer]

[Title]

Attachment

                     [This page intentionally left blank.]

  1002 - Inquiries of Legal Counsel

.01 FAM 1002 provides guidance on procedures to obtain evidence that the
financial accounting and reporting of contingencies ^[235]1 regarding
litigation, claims, and assessments conform with U.S. generally accepted
accounting principles (U.S. GAAP). FAM 1002 discusses the accounting and
reporting guidance and audit procedures for inquiries of legal counsel
concerning litigation, claims, and assessments, and includes an example
audit program at FAM 1002 A; an example legal representation letter
request at FAM 1002 B; and a legal representation letter response at FAM
1002 C.

    Accounting and Reporting Guidance

.02 Entity management is responsible for implementing policies and
procedures to identify, evaluate, account for, and disclose litigation,
claims, and assessments as a basis for the preparation of financial
statements in conformity with U.S. GAAP.

.03 Statement of Federal Financial Accounting Standards (SFFAS) No. 5,
Accounting for Liabilities of the Federal Government, as amended by SFFAS
No. 12, Recognition of Contingent Liabilities Arising from Litigation,
contains accounting and reporting standards for loss contingencies,
including those arising from litigation, claims, and assessments. ^[236]2
The Federal Accounting Standards Advisory Board (FASAB) Interpretation No.
2, Accounting for Treasury Judgment Fund Transactions, provides additional
guidance related to claims to be paid through the Treasury Judgment Fund.
^[237]3 Statement of Financial Accounting Standards (FAS) No. 5,
Accounting for Contingencies, also provides guidance for financial
accounting and reporting for loss and gain contingencies for government
corporations and entities following U.S. GAAP for the private-sector
promulgated by the Financial Accounting Standards Board (FASB). The
definition of probable for legal contingencies is essentially the same in
FAS No. 5 and SFFAS No. 5.

.04 A contingency is an existing condition, situation, or set of
circumstances involving uncertainty as to possible gain or loss to an
entity. The uncertainty will ultimately be resolved when one or more
future events occur or fail to occur. When a loss contingency exists, the
likelihood that the future event or events will confirm the loss or
impairment of an asset or the incurrence of a liability can range from
remote to probable. SFFAS

1

Including environmental and disposal liabilities that are a type of
contingency that is often a significant issue for the federal government.

2

SFFAS No. 7 has guidance for reporting claims for tax refunds. Rather than
                          recognizing probable claims

and disclosing other claims in the notes to the financial statements,
SFFAS No. 7 indicates that other

claims for refunds that are probable should be included as supplementary
information.

3

 A permanent, indefinite appropriation, commonly known as the Judgment Fund, is
                             available to pay final

judgments, settlement agreements, and certain types of administrative
awards against the United States

when payment is not otherwise provided for. The Secretary of the Treasury
certifies all payments from the

fund. (See 31 U.S.C. 1304, Judgments, awards, and compromise settlements.)
FASAB Interpretation No. 2

clarifies how federal entities report the costs and liabilities arising
from claims to be paid by the Judgment

Fund and how the Judgment Fund accounts for the amounts that it is
required to pay on behalf of federal

entities.

Nos. 5 and 12 use the terms remote, reasonably possible, and probable to
identify three areas within the range of probability, as follows:

     o Remote--The chance of the future event or events occurring is slight.
     o Reasonably possible--The chance of the future event or events
       occurring is more than remote but less than probable.
     o Probable--For pending or threatened litigation and unasserted claims,
       the future confirming event or events are likely to occur. (For other
       contingencies, the future event or events are more likely than not to
       occur.)

.05 The entity should recognize a liability and a related charge to
expense for an estimated loss from a loss contingency only when ^[238]4

a.
           a past event or exchange transaction has occurred,

b.
           a future outflow or other sacrifice of resources is probable, and

c.
           the future outflow or sacrifice of resources is measurable.

.06 Disclosure of the nature of an accrued liability for loss
contingencies, including the amount accrued, may be necessary for the
financial statements not to be misleading. For example, if the amount
recognized is large or unusual, the entity should determine whether to
disclose the contingency. However, if no accrual is made for a loss
contingency because one or more of the conditions in FAM 1002.05 are not
met, the federal government and its entities should report contingent
losses that involve situations where there is at least a reasonable
possibility that a loss has been incurred.

The entity should disclose the nature of the contingency, and an estimate
of the possible liability or range of possible liability, if estimable, or
a statement that such an estimate cannot be made. The reporting of
contingent losses depends on the likelihood that a future event or events
will confirm the loss or impairment of an asset or the incurrence of a
liability. Terms used to assess the likelihood of loss are remote,
reasonably possible, and probable as discussed in FAM 1002.04.

Contingent losses that are assessed as probable and measurable are accrued
in the financial statements. Losses that are assessed to be at least
reasonable possible are disclosed in the notes. For an overview of the
standards that provide criteria for how federal agencies are to account
for contingent losses based on the likelihood of the loss and the
measurability, see table 1 below:

If the Judgment Fund will pay the claim, the entity still recognizes the
liability and cost at this time. Once the claim is settled or a court
judgment is assessed and the Judgment Fund is determined to be the
appropriate source for payment, the entity reduces the liability by
recognizing an (imputed) financing source. Note that for Judgment Fund
payments made under the Contract Disputes Act and in employment
discrimination cases, the entity establishes a payable to reimburse the
Judgment Fund.

Likelihood of                                                              
future            Loss amount can be Loss range can be   Loss amount range 
outflow or other  reasonably         reasonably measured cannot be         
                     measured                               reasonably        
sacrifice of                                             measured          
resources                                                                  
                     Accrue the                             Disclose nature   
Probable: Future  liability          Accrue liability of of contingency    
confirming                           best estimate or    and include a     
event(s) are                         minimum amount in   statement that an 
likely to occur                      loss range if there estimate cannot   
                                        is no best          be                
                                        estimate, and       made              
                                        disclose                              
                                        nature of                             
                                        contingency and                       
                                        range of estimated                    
                                        liability                             
Reasonably                                               Disclose nature   
possible:         Disclose nature of Disclose nature of  of                
Possibility of    contingency and    contingency and     contingency and   
future                                                   include           
confirming        estimated amount.  estimated loss      a statement that  
event(s)                             range.              an                
occurring is more                                        estimate cannot   
than                                                     be                
remote and less                                          made              
than                                                                       
likely                                                                     
Remote:           No action is       No action is        No action is      
Possibility of    required           required            required          
future event(s)                                                            
occurring is                                                               
slight                                                                     

Management decides what to report. The auditor evaluates whether
management's reporting is in accordance with U.S. GAAP.

In addition, if the Judgment Fund might be involved in the payment of the
possible loss, the federal entity involved in the litigation should
discuss the Judgment Fund's role in a note to the financial statements.

.07 Although management often relies on advice of legal counsel about the

(a) likelihood of an unfavorable outcome and (b) estimates of the amount
or range of potential loss for litigation, claims, and assessments,
management is ultimately responsible for determining whether these
contingencies are probable, reasonably possible, or remote. Management
does this to decide whether they should be recognized as liabilities
and/or disclosed in the notes to the financial statements. Thus, the
Office of Management and Budget's (OMB) audit guidance requires CFO Act
entity management to prepare a schedule summarizing legal contingencies
including whether they are probable, reasonably possible, or remote, and
whether (and in what amounts) they have been accrued or disclosed in the
financial statements. An Example Management Summary Schedule is provided
at FAM 1002 D.

    Audit Procedures

.08 The auditor should design procedures to test the entity's accounting
for and disclosure of litigation, claims, and assessments. AU 337 (SAS
#12) provides guidance on the procedures to identify litigation, claims,
and assessments to evidence that they are appropriately accounted for and
disclosed. AU 9337 provides auditing interpretations of AU 337. OMB audit
guidance also contains procedures for inquiries of legal counsel. (See FAM
1002 A for example audit procedures.)

.09 The auditor should obtain evidence relevant to the following factors
with respect to litigation, claims, and assessments:

a.
           The existence of a condition, situation, or set of circumstances
           indicating uncertainty as to the possible loss to an entity
           arising from litigation, claims, and assessments.

b.
           The period in which the underlying causes for legal action
           occurred.

c.
           The likelihood of an unfavorable outcome (probable, reasonably
           possible, or remote).

d.
           The amount or range of potential loss, if estimable.

.10 The auditor may discuss with management the events or conditions in
accounting for and reporting of litigation, claims, and assessments. The
auditor should perform audit procedures to corroborate the information
provided by management, including requesting that management send a legal
letter request to the entity's legal counsel.

.11 A letter from legal counsel to the auditor, in response to a legal
letter request from management to legal counsel, is the auditor's primary
means of corroborating the information furnished by management concerning
the accuracy and completeness of litigation, claims, and assessments. The
auditor should ask management to have the legal letter request include
either (1) a list of pending or threatened litigation, claims, and
assessments, or (2) a request by management that legal counsel prepare the
list. The auditor should also ask management to have the legal letter
request include a list of unasserted claims and assessments the lawyer
determined probable of assertion, and that, if asserted, would have at
least a reasonable possibility of an unfavorable outcome, to which legal
counsel has devoted substantive attention on the entity's behalf in the
form of legal consultation or representation (or a statement that
management is not aware of any matters meeting the criteria). The auditor
should obtain assurance from management, ordinarily in writing, that it
has disclosed all unasserted claims when it is considered probable that a
claim will be asserted and there is a reasonable possibility that the
outcome will be unfavorable.

Legal counsel then would supplement management's information about those
unasserted claims and assessments, including an explanation of any matters
where their views differ from those expressed by management in the legal
letter request. In the federal government, where the general counsel may
be part of management, the general counsel may instead provide the list of
unasserted claims or assessments meeting the above criteria.

The auditor should ask management to have the legal letter request include
a request for legal counsel to make a statement that they will advise
management about unasserted claims and assessments that management should
evaluate for disclosure. See the example request at FAM 1002 B and example
response at FAM 1002 C.

.12 The auditor should also perform procedures to learn about legal claims
against the government where no monetary damages are being sought,
commonly referred to as non-monetary cases. In these cases, plaintiffs
seek that the government either take or cease a particular action, which
if successful, could cost the government significant amounts of money to
comply. An example is a claim regarding the Department of Energy's
classification of radioactive waste for disposal, which if successful
could result in considerable environmental expense and liability. Auditors
should make inquiries of management and legal counsel to determine if such
nonmonetary cases exist. Management should determine the effect of losing
the case, if any, on the entity's financial statements.

    Timing of Legal Letter Request and Responses

.13 The auditor generally should perform procedures for inquiries of legal
counsel concerning litigation, claims, and assessments on a timely basis
to give priority to the resolution of potential problem areas and to
complete other procedures. To meet deadlines, the auditor, entity
management, and legal counsel generally should coordinate the timing of
legal letter requests, responses (including interim responses), and
related management schedules. The auditor and the entity management should
determine the due dates for obtaining responses from component units to
provide legal letter responses for the entity's financial statements as
well as for the U. S. Government's Consolidated Financial Statements. In
setting the due dates, the auditor and entity management generally should
allow for management to inquire of Department of Justice legal counsel on
a case-specific basis.

.14 In addition, when an entitywide audit team uses the work of entity
component audit teams, the entitywide and component audit teams generally
should coordinate the timing of legal letter requests, responses, and
management schedules and determine the due dates for the component
financial statements as well as the entitywide financial statements. The
entitywide team generally should receive copies of the component letters
from the component audit teams by the due dates.

.15 The legal counsel's response should include matters that existed at
the balance sheet date and through a date near the completion of the
audit. If the effective date is substantially in advance of the completion
of the audit (for example, earlier than 2 weeks before the completion of
the audit), the auditor should contact the legal counsel for an updated
response. To avoid this situation, the legal letter request may specify
the period the legal counsel's response is to cover and the date the
auditor expects to receive the response.

.16 To assist the auditor in completing the review of legal matters in a
timely manner (and to assist management in preparing the financial
statements), the auditor may ask management to request legal counsel to
submit a preliminary or interim response covering matters that existed at
the current date and through a point in time reasonably before the
completion of the audit so that a preliminary evaluation of the
significance of material legal matters can be made. This is particularly
applicable to large federal agencies with numerous and complex cases.
^[239]5

If an interim letter is used, the auditor should ask the entity to request
that legal counsel submit a final or updated response covering matters
from the interim date through the date of audit completion. The entity
should request that the updated response contain only changes or a
statement indicating there are no changes from the interim response and
any new matters from the interim date through the completion of the audit.
The auditor should ask the entity to request that legal counsel date and
submit the final legal representation letter to coordinate with the
management representation letter in FAM 1001.

However, in some cases, the legal representation letters are ready first
so entity management may rely upon them before signing the management
representation letters. In theses cases, the auditor should make oral
inquiries of legal counsel and document whether material changes had
occurred from the date of the legal representation letter to the date of
audit completion. The auditor should plan to receive letters to meet the
reporting deadline in accordance with OMB Financial Reporting
Requirements. See FAM 1002 B for an example legal letter request that
includes requests for interim and updated responses from legal counsel.

    Determining a Materiality Level

.17 The auditor and the entity may agree to limit the legal inquiry to
matters that are considered individually or collectively material to the
financial statements, provided that the entity and the auditor have agreed
on the materiality level. The auditor should ask the entity to indicate
the materiality level, if used, in the legal letter request and the entity
should ask the lawyer to include the materiality in the response.

.18 In determining a materiality level for the legal letter, the auditor
and the entity should set the level sufficiently low that the cases not
included in the legal letter would not be material to the financial
statements taken as a whole when aggregated with

(1)
           other cases not included in the letter,

(2)
           all other types of contingencies,

(3)
           all other items that would not be adjusted because they are judged
           immaterial (unadjusted misstatements),

For example, for its fiscal year 2006 audit, the Department of Justice
asked its components to submit interim representations by July 11, 2006,
for contingencies that existed through June 30, 2006. This was to allow
review of cases before external issuance.

(4)
           all other amounts in the financial statements that would not be
           tested directly because they were judged to be immaterial, and

(5)
           all other items resolved on the basis of materiality
           considerations. (For example, the auditor of the U.S Government's
           Consolidated Financial Statements used 2.5 percent of design
           materiality for individual cases and 5 percent of design
           materiality for the aggregate of all cases.)

.19 In aggregating cases, the auditor and the entity may use two levels of
aggregation. First, similar cases are aggregated (such as employment
discrimination cases, harbor maintenance fee cases, spent nuclear fuel
cases, or military promotion board challenges), treated as a group and the
auditor should compare the total with the individual materiality level.
The aggregation generally includes a list of the individual cases and a
discussion of the items of information included in the legal letter for
the aggregated cases (see FAM 1002 B and FAM 1002 C).

Second, cases not included in the legal letter individually or as part of
a group of similar cases are aggregated. The auditor may use a higher
materiality level for such an aggregation. However, the auditor may set
this higher materiality level sufficiently low that the cases not included
in the legal letter would not be material to the financial statements
taken as a whole when aggregated with the other items listed in the
previous paragraph.

.20 Where the entity engages more than one legal counsel, the entity and
the auditor should determine whether matters considered not material
individually would exceed the materiality limit when aggregated. In
addition, when separate legal representation letters are requested on
individual components (such as bureaus or offices) of a consolidated
entity because of individual component audits, the auditor may determine
materiality levels for each component.

    Legal Counsels from Whom Information Should be Requested

.21 Most federal entities have a general counsel who has primary
responsibility for and knowledge about the entity's litigation, claims,
and assessments. The auditor should request entity management to send a
legal letter request to the general counsel. In addition, the auditor
should ask the management and/or general counsel whether the entity used
outside legal counsel whose engagement may be limited to particular
matters (e.g., specific litigation).

.22 In the federal government, the main legal counsel outside of the
entity is the Department of Justice. ^[240]6 The entity's management, its
legal counsel, or the auditor may consult with Justice as well as other
outside legal counsel to assure completeness and accuracy of the
presentation of matters related to litigation, claims, and assessments.
Such consultation may include requesting a list of pending litigation,
claims, and assessments from Justice or other outside legal counsel, or
discussion of specific cases.

.23 The auditor should ask the entity to request that legal counsel cover
all litigation, claims, and assessments pertaining to the federal
reporting entity, including matters handled by Justice and other outside
legal counsel on behalf of the entity. If the general counsel has overall
responsibility for handling and evaluating litigation, claims, and
assessments, the evaluation and responses by general counsel ordinarily
are adequate evidence. However, evidential matter obtained from general
counsel is not a substitute for information that outside legal counsel
refuses to furnish to the auditor.

.24 Where there is no general counsel and management has not consulted
legal counsel, the auditor should obtain a written representation from
management that legal counsel has not been consulted. Such representation
may be incorporated as an item in the management representation letter.
(See FAM 550 and 1001.) An example item is: "We are not aware of any
pending or threatened litigation, claims, or assessments or unasserted
claims or assessments that are required to be accrued or disclosed in the
financial statements in accordance with SFFAS No. 5. We have not consulted
legal counsel concerning litigation, claims, or assessments."

    Evaluation of Responses

.25 Written responses from legal counsel will vary considerably in the
scope of information provided and in the opinion expressed. In preparing
the responses, legal counsel uses the guidance contained in the American
Bar Association's Statement of Policy Regarding Lawyers' Responses to
Auditors' Requests for Information (ABA Policy Statement) (included in its
entirety in AU 337 C).

.26 The auditor should ask the entity to request that legal counsel cover
all entity components included in the financial statements being audited.
Additionally, legal counsel generally should indicate the disposition of
cases included in the prior year's letter that are no longer
contingencies.

The Accounting and Auditing Policy Committee (AAPC) guidance (Technical Release
                                No. 1) clarifies

FASAB Interpretation No. 2, with respect to the Department of Justice's
role related to legal letters in

cases in which Justice's legal counsels are handling legal matters on
behalf of other federal reporting

entities. The letter from the entity's general counsel may provide
sufficient evidence for the auditor. If the

auditor determines that additional evidence is needed about a specific
case, the auditor may request entity

management and legal counsel to send a legal letter request to Justice,
directed to the lead Justice legal

counsel handling the case, asking that person to provide a description and
evaluation directly to the

auditor.

.27 The auditor should evaluate each response in terms of sufficiency as
evidence and consider (a) the possible limitations on the scope of legal
counsel's responses and (b) the lack of sufficient opinion on the
resolution of a case. AU 9337 provides guidance in evaluating legal
counsel's responses. The auditor should evaluate any "unable to determine"
and vague and unclear responses. The auditor also should evaluate the
legal counsel's response in light of any other information that comes to
the auditor's attention.

Possible Limitations on the Scope of Legal Counsel's Responses

.28 When legal counsel limits the response, the auditor should determine
whether the limitation affects the auditor's report. Legal counsel may
appropriately limit their response to certain matters. For example, to
matters that (a) legal counsel has given substantive attention to in the
form of legal consultation or representation, and (b) are determined to be
individually or collectively material to the financial statements,
provided the entity and the auditor have reached an understanding on
materiality levels. These limitations are acceptable and are not
limitations on the scope of the audit.

.29 The following are examples of limitations on legal counsel's responses
that the auditor should not accept and that would ordinarily result in a
scope limitation:

a.
           Legal counsel refuses to furnish the requested information. When
           legal counsel refuses to furnish the information requested in the
           legal letter request, the auditor should evaluate this matter as a
           scope limitation sufficient to preclude an unqualified opinion.

b.
           Legal counsel excludes matters requested. The legal counsel's
           responses may not address all information requested. The auditor
           should compare legal counsel's response with the legal letter
           request and determine whether legal counsel has addressed all the
           information requested. If legal counsel has excluded any of the
           requested matters, the auditor should obtain responses for those
           matters from legal counsel. If the auditor is unable to obtain all
           the information needed, the auditor should evaluate this as a
           scope limitation that could be sufficient to preclude an
           unqualified opinion.

c.
           Legal counsel indicates that certain information is being withheld
           due to attorney-client privilege. Under the American Bar
           Association (ABA) Code of Professional Responsibility, legal
           counsel is required to preserve the confidences and secrets of the
           client. Legal counsel may disclose confidences to the auditor only
           with the consent of the client. If the legal letter request is
           prepared in accordance with AU 337, the auditor should expect that
           legal counsel would be responsive; otherwise the scope of the
           audit would be restricted. On the other hand, explanatory language
           in the legal letter request or in legal counsel's response
           emphasizing that management or legal counsel does not intend to
           waive attorney-client privilege or attorney work-product privilege
           does not result in a scope limitation.

      Lack of Sufficient Opinion on the Resolution of a Case

.30 The following are examples of legal counsel responses that lack
sufficient opinion on the resolution of a case:

a.
           Uncertainties. Legal counsel may be unable to respond concerning
           the likelihood of an unfavorable outcome of litigation, claims,
           and assessments or the amount or range of potential loss, because
           of inherent uncertainties. In these circumstances, the auditor
           generally should conclude that the financial statements are
           affected by an uncertainty concerning the outcome of a future
           event, which is not susceptible to reasonable estimation. See FAM
           580 for reporting on uncertainties.

                b.
                        Unclear responses. Legal counsel sometimes use
                        general terms to indicate their evaluation of the
                        outcome of a case. The ABA Policy Statement states
                        that legal counsel may, in the appropriate
                        circumstances, communicate to the auditor their view
                        that an unfavorable outcome is "probable" or
                        "remote." The legal letter responses may include
                        phrases that mean remote or probable. The phrases
                        below are examples of opinions that provide
                        sufficient clarity that the likelihood of an
                        unfavorable outcome is remote:

                           o "We are of the opinion that this action will not
                             result in any liability to the entity."

                                * "We believe that the plaintiff's case
                                  against the entity is without merit."
                                * The following are examples of opinions that
                                  indicate significant uncertainty as to
                                  whether the entity will prevail:

                           o "In our opinion, the entity has a substantial
                             chance of prevailing in this action." (A
                             "substantial chance," a "reasonable
                             opportunity," and similar terms indicate more
                             uncertainty than an opinion that the entity will
                             prevail.)
                           o "It is our opinion that the entity will be able
                             to assert meritorious defenses to this action."
                             (The term "meritorious defenses" indicates that
                             the court will not summarily dismiss the
                             entity's defenses; it does not indicate legal
                             counsel's opinion that the entity will prevail.)

.31 To avoid unclear and incomplete responses, the auditor generally
should ask management to request legal counsel to use Justice's standard
forms to describe legal contingencies (see FAM 1002 C-4 to C-6 for
examples of these forms). When legal counsel does not indicate whether the
unfavorable outcome is probable or remote, management and the auditor
should conclude that the outcome is reasonably possible, management should
determine the disclosure. Management, with legal counsel's advice,
determines whether cases are probable, reasonably possible, or remote, to
decide whether to recognize them as liabilities and/or disclosed them in
the notes to the financial statements.

.32 If the auditor is not certain about legal counsel's evaluation, the
auditor should discuss the matters with legal counsel and entity
management (and document the oral discussion) and/or obtain written
clarification in a follow-up letter. Sometimes legal counsel may give a
clearer indication of likelihood orally. If legal counsel is unable to
give a clear evaluation of the likelihood of an unfavorable outcome,
management should disclose the uncertainty and the auditor should evaluate
the uncertainty's effect on the audit report.

    Example Legal Letter Request

.33 The legal letter request, which the auditor may assist management to
draft, should be on the audited entity's letterhead, signed by the Chief
Financial Officer (CFO), or equivalent, and ask that the reply be sent
directly to the auditor with a copy to management by specified due dates.
FAM 1002 B provides an example legal letter request that includes requests
for interim and updated responses from legal counsel and matters that
should be covered in the letter.

    Example Legal Counsel's Responses and Management's Schedule

.34 The General Counsel's response on General Counsel letterhead is sent
to the auditor with a copy to management by the agreed-upon due dates. The
counsel may indicate that the response is provided for the auditor's use
in connection with the audit.

.35 FAM 1002 C shows an example of a legal counsel response, including the
legal representation letter that should include Justice's legal
contingency standard forms for each case or group of cases. Forms can be
obtained on Justice's website at
[241]http://www.usdoj.gov/civil/forms/forms.htm and auditors should check
that current forms were used.

.36 FAM 1002 D shows an example of management's schedule that documents
how the information contained in the legal counsel's responses was used in
preparing the financial statements. Management should include each case
discussed in the legal letter and indicate (1) the amount accrued for
probable cases and (2) note disclosure for reasonably possible cases,
probable cases where the amount cannot be estimated, and probable cases
where a range of amounts above the accrued amount is estimated.

    Practice Aids

.37 The following practice aids are provided at:

FAM 1002 A - Example Audit Procedures for Inquiries of Legal Counsel;

FAM 1002 B - Example Legal Letter Request;

FAM 1002 C - Example Legal Representation Letter, and

FAM 1002 D - Example Management Summary Schedule.

                     [This page intentionally left blank.]

  1002 C - Example Legal Representation Letter

[General Counsel Letterhead]

[Date]

[Auditor]

[Title]

[Agency or Firm Name]

[City]

Subject: Legal Response in Connection with the 20X6 and 20X5 Financial
Statement Audits of [entity name]

Dear [Auditor]:

As General Counsel of [entity], I am writing in response to the legal
letter request from the [entity]'s Chief Financial Officer (CFO) dated
[date], in connection with the audit of [entity]'s financial statements as
of and for the years ended September 30, 20X6 and 20X5 [see FAM 1002 B].
[In an interim response, add "I will, as further requested by the CFO,
provide an updated response by [date]."]

I call your attention to the fact that as General Counsel for [entity], I
have general supervision of [entity]'s legal affairs. [If the general
legal supervisory responsibilities of the person signing the letter are
limited, set forth a clear description of those legal matters over which
the signer exercises general supervision, indicating exceptions to such
supervision and situations where the auditor may primary rely on other
sources.] In such capacity, I have reviewed litigation and claims
threatened or asserted involving [entity] and have consulted with outside
legal counsel about them when I have deemed appropriate.

Subject to the foregoing and to the last paragraph of this letter, I
advise you that since [insert date of beginning of period under audit]
neither I, nor any of the lawyers over whom I exercise general legal
supervision, have given substantive attention to, or represented [entity]
in connection with (1) loss contingencies [over the amount of (state
materiality level agreed to with auditor and stated in request letter, for
example $1 million)], or (2) loss contingencies that are less than or
equal to [for example, $1 million] but in the aggregate exceed, [for
example, $5 million] coming within the scope of clause

(a) of Paragraph 5 of the Statement of Policy referred to in the last
paragraph of this letter, except as follows:

[Describe litigation and claims that fit the foregoing criteria as
follows. General Counsel may use current Department of Justice forms to
describe the cases (one for pending or threatened litigation, another for
unasserted claims); see the DOJ website at
[242]http://www.usdoj.gov/civil/forms/forms.htm. ] ^[243]1

It is expected that cases or matters will be aggregated where appropriate.

(Excluding unasserted claims and assessments, which are discussed below)

    1. Nature of the matter (include a description of the case or cases and
       amount claimed, if specified).
    2. Progress of the case to date.
    3. Current or intended response.
    4. Evaluation of the likelihood of an unfavorable outcome (categorize
       likelihood as probable, reasonably possible, or remote).
    5. Estimated amount or range of potential loss, if determinable, for
       losses considered to be probable or reasonably possible.
    6. Name of [entity]'s legal counsel handling the case and names of any
       outside legal

counsel representing or advising the government in the matter. Pending or
threatened litigation that was reported in the prior year's legal
representation letter, which is no longer pending or threatened is as
follows

[Identification of litigation with a short description of its
disposition.] With respect to matters that have been specifically
identified as contemplated by clauses

(b) or (c) of paragraph 5 of the ABA Statement of Policy, I advise you,
subject to the last paragraph of this letter, as follows:

    Unasserted Claims and Assessments

(considered to be probable of assertion and which, if asserted, would have
at least a reasonable possibility of an unfavorable outcome)

    1. Nature of the matter.
    2. Intended response if claim would be asserted.
    3. Evaluation of the likelihood of an unfavorable outcome. (Categorize
       likelihood as probable or reasonably possible.)
    4. Estimated amount or range of potential loss, if determinable.

There are no potential claims against the government where no monetary
damages are being sought but plaintiffs are seeking that the government
either take or cease a particular action, which if successful, could cost
the government an amount management has determined will exceed $XX to
comply. [or describe potential claims and amounts.]

                                   * * * * *

The information set forth herein is [(as of the date of this letter) or
(as of (insert date), the date on which we commenced our internal review
procedures for purposes of preparing this response)], except as otherwise
noted. [If an interim response, add "Upon receipt of a request to update
the response, I will provide an updated response, which is due on
[date],"] {If a final response: I disclaim any undertaking to advise you
of changes that, after the date of this letter, may be brought to my
attention or the attention of our lawyers over whom I exercise general
legal supervision.}

This response is limited by, and in accordance with, the ABA Statement of
Policy Regarding Lawyers' Responses to Auditors' Requests for Information
(December 1975); without limiting the generality of the foregoing, the
limitations set forth in such statement on the scope and use of this
response (Paragraphs 2 and 7) are specifically incorporated herein by
reference, and any description herein of any "loss contingencies" is
qualified in its entirety by Paragraph 5 of the statement and the
accompanying commentary (which is an integral part of the statement).

Consistent with the last sentence of Paragraph 6 of the ABA Statement of
Policy, this will confirm as correct the [entity]'s understanding that
whenever, in the course of performing legal services for the [entity] with
respect to a matter recognized to involve an unasserted possible claim or
assessment that may call for financial statement disclosure, I have formed
a professional conclusion that the [entity] must disclose or consider
disclosure concerning such possible claim or assessment, I, as a matter of
professional responsibility to [entity], will so advise the [entity] and
will consult with the [entity] concerning the question of such disclosure
and the applicable requirements of Statement of Federal Financial
Accounting Standards (SFFAS) No. 5, Accounting for Liabilities of the
Federal Government, as amended by SFFAS No. 12, and Interpretation Number
2 of SFFAS No. 4 and 5.

[Describe any other or additional limitation as indicated by Paragraph 4
of the statement.]

Sincerely yours,

[Name of General Counsel]

[Title]

cc: Chief Financial Officer

attachments (DOJ forms or other case information)

                     [This page intentionally left blank.]

Reporting 1002 D - Example Management Summary Schedule

The auditor should see that management prepare this schedule (or
equivalent) summarizing the information contained in the legal letters. In
particular, the auditor should determine that management has concluded as
to the likelihood of loss about each case to determine whether an amount
should be recorded in the financial statements and/or if note disclosure
is necessary for the financial statements to conform with U.S. GAAP.
Although most information comes directly from the legal letter, the
auditor should determine that financial staff have accurately added the
information in the last two columns to indicate the disposition of each
case in the financial statements.

Management's Schedule of Information Contained in Legal Letter Responses
for Financial Reporting Purposes

                              Amounts in thousands

1 2 3

4

5

6 7

                                               Amount or  Disposition in      
                      Name of                  range of   financial           
Reference Amount   case/   Likelihood       potential  statements          
key       claimed  related of loss          loss                           
                      cases              (a) P (b) R/P (c) Upper Amt.
                                               recorded Note disclosure

****insert rows here as necessary**** ***insert rows here as necessary***
***insert rows here as necessary***

      TOTALS $ -$ -$ -$

$ -$ -

        Guidance for Preparation:

    1. Matters should be listed on this schedule in order of the amount or
       range of potential loss, starting with the largest.
    2. The level of aggregation should generally be at the same level as in
       the general counsel's letter. However, there may be instances where
       the level of aggregation is too high to be able to prepare this
       schedule in a way that is meaningful. In such cases, the auditor
       should request that the CFO work with legal counsel to provide further
       disaggregation of dissimilar cases. There may also be other instances
       in which ahigher level of aggregation is desirable. The auditor should
       request that CFOs use professional judgment,

considering the purpose of this schedule when determining the level of
aggregation.

DRAFT GAO/PCIE Financial Audit Manual Page 1002 D-1

Column:
     1   Reference key: Page number of legal representation letter obtained
         from General Counsel discussing the case, or
         other reference information.
     2   Amount claimed: Amount claimed in the litigation, claim, or
         assessment (if specified)
     3   Name of case or related cases: Where appropriate, provide name of
                                        case or aggregated cases which meet
         materiality threshold.
     4   Likelihood of loss: Indicate management's evaluation of the
         likelihood of loss on individual or aggregated cases.
           Options:        P: probable (loss likely to occur);
         R/P: reasonably possible (the chance of loss is less than probable,
                              but more than remote); or
                               R: remote (the chance of loss is slight).
     5   Amount or range of potential loss:
           Options:    5a: Probable (P) -- Provide single estimate or lower
                       end of range, if known. Enter "U" if unknown. (Also
         provide column totals.)
         5b: Reasonably possible (R/P) -- Provide single estimate or lower
         end of range, if provided. Enter "U" if
         unknown. Also provide column totals.
                                 5c: If amounts in P or R/P are ranges,
                                     provide upper end of range; otherwise,
                                     enter "n/a."
         Disposition in financial statements - amount recorded: If
     6   applicable, provide corresponding dollar amount
         recorded as a liability in the financial statements. (Also provide
         column totals.)
     7   Disposition in financial statements - note disclosure: If
         applicable, indicate by note reference number
         where case information is separately disclosed or included in
         amounts disclosed in notes to the financial statements.
         (Also provide column totals.)
DRAFT            GAO/PCIE Financial Audit Manual             Page 1002 D-2 

  1003 - Financial Statement Audit Completion Checklist

Entity:

Job Code:

Principal Report:

Other Reports (including management reports and testimonies):

    Instructions

.01 This checklist is a tool to help auditors of financial statements
determine whether they have complied with GAGAS, OMB audit guidance, and
the FAM. The auditor-in-charge (AIC), audit senior, or audit manager
should prepare this checklist before the audit completion date and sign in
section VIII. The assistant director and first partner (audit director)
should review this checklist before the audit completion date and also
sign in section VIII. For GAO audits, the chief accountant or second
partner should review the checklist and sign in section IX when engagement
quality control review (previously called a second partner review) is
completed before the audit completion date. If the audit is conducted at
multiple sites, the site supervisor may complete parts of the checklist
for each site (with the AIC, audit senior, or audit manager completing the
overall checklist). While parts of the checklist are useful in audit
planning, no signatures are required on the checklist in the planning
phase.

.02 The detailed questions in this checklist are to be answered "Yes",
"No", or "N/A (not applicable)". For most questions, "No" answers indicate
departures from professional standards or from auditor policies. The
auditor should explain all "No" answers in section VII of this checklist
and determine the effects and significance of "No" answers, including any
effects on the auditor's report. Auditors should check "N/A" when the item
does not exist or when the item exists but is judged to be not material.
Because the checklist is designed for a wide range of financial statement
audits, there may be many "N/A" answers. If the reason why a question is
not applicable is not obvious, the auditor should document the reason on
the checklist or in an attachment. It is not necessary to create
additional documentation to support the "Yes" answers, but a column is
provided to insert a reference to related audit documentation ("Ref.").
The questions are summarized. For most questions, there is a reference to
professional literature that provides more detail.

.03 Section V has questions on GAO's report considerations and section VI
has questions on GAO's quality control. GAO auditors should complete these
sections. IG auditors and other auditors may use these sections or may
substitute forms that conform to their reporting style and quality
controls.

.04 See FAM 650 related to reviewing this checklist (or equivalent) when
using the work of others.

.05 FAM Volume 3 has two checklists, Checklist for Federal Accounting (FAM
2010), and Checklist for Federal Reporting and Disclosures, (FAM 2020),
which superseded the July 2004 FAM 1050 checklist. The two checklists
cover accounting, financial reporting, and disclosure requirements related
to federal financial statements prepared using U.S. GAAP promulgated by
FASAB and includes form and content presentation contained in OMB Circular
No. A-136 (June 29, 2007). The AICPA publishes a disclosure checklist for
financial statements prepared using U.S. GAAP promulgated by FASB.
Preparers of entity financial statements may document their conformity
with U.S. GAAP by either

     o completing the FAM 2010 and FAM 2020 checklists, or
     o completing the AICPA disclosure checklist, as applicable, and a
       supplemental checklist for FASAB requirements, or
     o completing an equivalent checklist that addresses applicable
       accounting, financial reporting, and disclosure requirements.

Preparers should tailor checklists to the needs of their individual entity
financial statements and auditors should review finished checklists for
completeness and accuracy. If the preparer does not complete the
checklists, the auditor should complete FAM 2010 and FAM 2020 or
equivalent to document the conformity of the entity's financial statements
with U. S. GAAP as discussed in FAM 560.

.06 For GAO's financial audits, this checklist incorporates, by reference,
additional job-related documentation requirements.

.07 For GAO's financial audits, the chief accountant or second partner
should perform an engagement quality control review. This review should be
documented on FAM 1003-29. IG auditors and other auditors should determine
the need for a similar review as part of their system of quality control
under GAGAS.

Reporting 1003 - Financial Statement Audit Completion Checklist

CONTENTS Section Topic Page

Planning and Concluding the
Audit.............................................................................
4
Key Audit Areas
...........................................................................................................
10
Consultation
.................................................................................................................
17
Report...........................................................................................................................
18
GAO's Report Considerations
....................................................................................
23
GAO's Quality
Control.................................................................................................
24
Explanation of "No" Answers and Other
Comments.............................................. 27
Conclusions
.................................................................................................................
28
Engagement Quality Control Review (Second Partner
Review)........................... 29

References:

AICPA Professional Standards (vol. 1, Auditing)
............................................................. AU GAO/PCIE
Financial Audit
Manual..................................................................................FAM
Government Auditing Standards (2007 edition)
........................................................GAGAS

Reporting 1003 - Financial Statement Audit Completion Checklist Reporting
1003 - Financial Statement Audit Completion Checklist Reporting 1003 -
Financial Statement Audit Completion Checklist Reporting 1003 - Financial
Statement Audit Completion Checklist Reporting 1003 - Financial Statement
Audit Completion Checklist Reporting 1003 - Financial Statement Audit
Completion Checklist Reporting 1003 - Financial Statement Audit Completion
Checklist Reporting 1003 - Financial Statement Audit Completion Checklist
Reporting 1003 - Financial Statement Audit Completion Checklist Reporting
1003 - Financial Statement Audit Completion Checklist Reporting 1003 -
Financial Statement Audit Completion Checklist Reporting 1003 - Financial
Statement Audit Completion Checklist Reporting 1003 - Financial Statement
Audit Completion Checklist Reporting 1003 - Financial Statement Audit
Completion Checklist Reporting 1003 - Financial Statement Audit Completion
Checklist Reporting 1003 - Financial Statement Audit Completion Checklist
Reporting 1003 - Financial Statement Audit Completion Checklist Reporting
1003 - Financial Statement Audit Completion Checklist Reporting 1003 -
Financial Statement Audit Completion Checklist Reporting 1003 - Financial
Statement Audit Completion Checklist Reporting 1003 - Financial Statement
Audit Completion Checklist Reporting 1003 - Financial Statement Audit
Completion Checklist Reporting 1003 - Financial Statement Audit Completion
Checklist Reporting 1003 - Financial Statement Audit Completion Checklist
Reporting 1003 - Financial Statement Audit Completion Checklist

Section I: Planning and Concluding the Audit              N/A Yes No* Ref. 
1. Has the audit team documented that it has                               
a. established an understanding with those contracting                     
for the audit, officials of the entity, or others defined                  
as the client and those charged with governance as to the                  
objectives of the work; management's responsibilities;                     
auditors' responsibilities; an overview of the nature,                     
extent, and timing of planned audit procedures, the form,                  
general content, and timing of communications; planned                     
reporting on the financial statements, internal control,                   
and compliance; the planned level of assurance; any                        
limitations of the work and any potential restrictions on                  
the auditor's reports; and                                                 
b. issued an engagement letter, contract, or other                         
written communication to describe the terms of                             
the engagement?                                                            
(FAM 215 and GAGAS, par. 4.06)                                             
2. Was an entrance conference held? (FAM 215 A)                            
3. Does audit documentation contain an understanding of                    
the entity, its operations, and its internal controls                      
sufficient to assess risk and plan the audit? (FAM                         
290.03-.04)                                                                
4. Does the audit documentation contain an adequate                        
audit strategy and audit plan? (FAM 290.05 and FAM                         
290.09)                                                                    

Section I: Planning and Concluding the Audit              N/A Yes No* Ref. 
5. Did the audit team adequately perform and document                      
planning steps (FAM 290.05) to include                                     
          a. Perform preliminary analytical procedures? (FAM                  
225)                                                                       
b. Determine planning and design materiality and                           
               tolerable misstatement? (FAM 230)                              
c. Identify and justify methodology used to assess                         
          computer-related controls if other than the                         
FISCAM? (FAM 240)                                                          
d. Identify significant laws and regulations? (FAM                         
245)                                                                       
e. Identify relevant budget restrictions? (FAM 250)                        
       f. Design the audit to achieve an acceptable level of                  
           audit assurance that the financial statements are                  
            not materially misstated? (GAO uses 95 percent.)                  
(FAM 260)                                                                  
     g. Discuss the susceptibility of the entity's financial                  
              statements to material misstatement? (FAM 260)                  
       h. Assess inherent risk and the overall effectiveness                  
         of the control environment, risk assessment,                         
           communication, and monitoring, including                           
              whether weaknesses in the control environment,                  
              risk assessment, communication, and monitoring                  
        preclude the effectiveness of specific control                        
activities? (FAM 260)                                                      
i. Assess fraud risks, including any related to                            
             revenue and to management override of controls,                  
             and exercise professional skepticism throughout                  
              the audit? (FAM 260 and FAM 290.08)                             
j. Brainstorm risk of material misstatement                                
              including fraud risk and error risk? (FAM 260)                  
          k. Consider the effects of information technology,                  
             including service centers? (FAM 270)                             
          l. Consider operations controls to be tested? (FAM                  
275)                                                                       
m. Plan other procedures (representation letters,                          
related party transactions, sensitive payments)? (FAM                      
280)                                                                       

Section I: Planning and Concluding the Audit              N/A Yes No* Ref. 
5. (continued)                                                             
n. Determine locations to be visited? (FAM 285)                            
o. Determine staffing requirements? (FAM 290.05)                           
           p. Determine timing of procedures and milestones?                  
(FAM 290.05)                                                               
q. Determine extent of assistance from entity                              
personnel? (FAM 290.05)                                                    
6. Does the audit strategy consider findings and                           
recommendations from previous audits that could                            
     affect the current audit objectives? (GAGAS, par. 4.09)                  
7. Did the audit team identify budget controls for each                    
relevant budget restriction and perform sufficient work                    
to support the conclusions on internal control?                            
(FAM 250, 310.06, 330.09)                                                  
8. Did the audit team identify compliance controls and                     
       perform sufficient work to support the conclusions on                  
internal control? (FAM 245, 310.05, 330.10)                                
9. Did the audit team use the work of others (CPA firms,                   
IGs, internal auditors, or specialists)? (FAM 650)                         
10. Did the audit team perform overall analytical                          
procedures, including documentation of                                     
a. expectations,                                                           
b. data/sources,                                                           
c. parameters,                                                             
d. explanations/corroboration, and                                         
e. conclusions?                                                            
(FAM 590.04)                                                               

Section I: Planning and Concluding the Audit              N/A Yes No* Ref. 
11. Does the documentation indicate that the audit team                    
properly performed procedures in the reporting phase of                    
the audit (FAM 590) as follows:                                            
a. Evaluate misstatements, including considering whether                   
any misstatements are indicative of fraud? (FAM 540)                       
b. Bring all uncorrected known and likely misstatements                    
to the attention of entity management and those charged                    
with governance? (FAM 540.07)                                              
c Obtain attorneys' representations? (FAM 550.02 and FAM                   
1002)                                                                      
d. Review subsequent events? (FAM 550.04 and FAM 1005)                     
e. Obtain management representations? (FAM 550.07 and FAM                  
1001)                                                                      
f. Identify and evaluate related party transactions? (FAM                  
550.12 and FAM 1006)                                                       
g. Communicate with those charged with governance? (FAM                    
550.13)                                                                    
h. Review the consistency of other information in the                      
Annual Financial Report? (FAM 580.77)                                      

Section I: Planning and Concluding the Audit              N/A Yes No* Ref. 
12. Does the audit summary memorandum or equivalent                        
properly summarize or refer to documentation (FAM                          
590.02-.03) addressing the following? a. Any changes from                  
original assessments of the risk of material                               
misstatement, materiality, or tolerable misstatement? b.                   
Additional fraud risks or other conditions identified                      
during the audit calling for an additional response and                    
the related response? c. The basis for conclusions on                      
significant auditing, accounting, and reporting issues?                    
d. Conclusions on adequacy of procedures and sufficiency                   
of evidence? e. The effects of uncorrected misstatements                   
(known and likely) on the financial statements? f.                         
Conclusions on financial statements? g. Conclusions on                     
internal control? h. Conclusions on whether the entity's                   
financial management systems meet the requirements of                      
FFMIA? i. Conclusions on compliance with laws and                          
regulations? j. Conclusions on the consistency of                          
accompanying information with the financial statements?                    
13. Has the audit director determined that communications                  
have occurred among the audit team members                                 
regarding fraud risks and error risks? (FAM 540.19)                        

Section I: Planning and Concluding the Audit              N/A Yes No* Ref. 
14. Is there documentation that                                            
a. The director approved deviations from the "should"                      
procedures in the FAM and the basis for the deviations?                    
(FAM 110.28)                                                               
b. The auditor complied with "must" procedures of                          
professional auditing standards as noted in the FAM? (FAM                  
110.28 and Appendix B)                                                     

                  Section II: Key Audit Areas                N/A Yes No* Ref. 
Answer the questions below for each key audit area or                      
cycle. The key audit areas and cycles to which these                       
questions apply are                                                        
____________________________ 1. Did the audit team                         
prepare the documentation                                                  
summarizing considerations in planning and performing the                  
work in the key audit areas and cycles                                     
for                                                                        
a. Cycle Matrix or an equivalent (or documentation in                      
Account Risk Analysis or an equivalent)                                    
            showing links between accounts, cycles,                           
           applications and line items? (FAM 290.06)                          
b. Account Risk Analysis or an equivalent? (FAM 290.07)                    
c. Cycle Memorandum and/or flowchart or equivalents? (FAM                  
390.05)                                                                    
d. Specific Control Evaluation or an equivalent? (FAM                      
390.07)                                                                    
          e. Written audit plan and procedures? (FAM 390.01)                  
2. If conditions changed during the course of the audit,                   
were the audit strategy, audit plans, and procedures                       
modified as appropriate in the circumstances, including                    
evidence of first partner/director approval?                               
(AU 311.05)                                                                

                  Section II: Key Audit Areas                N/A Yes No* Ref. 
3. When the audit team performed sampling, did it                          
properly determine and document the                                        
a. method used in relation to test objectives,                             
b. sample size and the method of determining the sample                    
size,                                                                      
c. tests performed,                                                        
d. results (misstatements and deviations found),                           
e. evaluation (including projection to the population),                    
and                                                                        
f. conclusions? (FAM 490.05)                                               
4. When the audit team performed substantive analytical                    
procedures, did it properly document a. expectations and                   
the method used to develop them, b. data                                   
sources/reliability, c. limit/criteria, d. client                          
explanations and corroborating evidence, e. additional                     
procedures, if any and f. conclusions? (FAM 490.07)                        
5. When the audit team performed interim testing, did it                   
a. test the rollforward period,                                            
b. properly document the                                                   
i. basis for using interim testing and the line items/                     
accounts and assertions tested,                                            
                 ii. procedures performed, and                                
iii. effects of any misstatements found? (FAM 495 C.06)                    
6. Did the audit team evaluate the reasonableness of                       
significant accounting estimates made by                                   
management? (AU 342)                                                       

                  Section II: Key Audit Areas                N/A Yes No* Ref. 
7. Were known and likely misstatements identified in the                   
testing of the key area carried forward to the Schedule                    
of Uncorrected Misstatements? (FAM 540.04 and FAM 595 C)                   
8. Did an IT specialist review the specific control                        
evaluation to evaluate the audit team's decision on which                  
controls are computer-related (including controls                          
relating to service-center-produced records)? (FAM                         
350.10)                                                                    

                  Section II: Key Audit Areas                N/A Yes No* Ref. 
Based on the risk of material misstatement, did the audit                  
team perform adequate substantive audit procedures for                     
line items/accounts on the following pages? (If not a key                  
area, check the N/A box.)                                                  
Fund Balance with Treasury (FBWT)                                          
Consider these issues:                                                     
o Did the audit team test the entity's year-end                            
            reconciliation of Fund Balances with Treasury to                  
Treasury accounts?                                                         
o Did the audit team determine if the entity                               
               a. researched and resolved differences before                  
                      making adjustments,                                     
                b. recorded any necessary adjustments in the                  
                    entity's FBWT accounts,                                   
          c. reported the adjustments to Treasury, if                         
                        applicable, and                                       
          d. disclosed in the notes to the financial                          
                statements material unreconciled differences                  
                  and budget clearing account differences at                  
              year-end, and material unreconciled                             
                differences written off by the entity during                  
the year?                                                                  
         o Did the audit team assess (at absolute value) the                  
          materiality of unreconciled differences, including                  
              those in budget clearing accounts?                              
Receivables                                                                
Consider these issues:                                                     
o If substantive audit procedures were performed                           
          prior to year-end, was there an adequate review of                  
           transactions from the interim date to the balance                  
sheet date? (AU 313.08-.09)                                                
o Were receivables confirmed and appropriate                               
            follow-up steps taken, including second requests                  
          and subsequent collections? (AU 330.30-.32)                         
      o Are receivables stated at net realizable value after                  
           allowance for uncollectible accounts? (AU 342.02)                  

                Section II: Key Audit Areas              N/A  Yes  No*  Ref.  
Inventories                                                                
Consider these issues:                                                     
o Were physical inventories observed at locations                          
           where material amounts were located? (AU 331)                      
o If perpetual inventory records are maintained,                           
        does the documentation indicate that differences                      
       disclosed by the physical inventory (or cycle                          
      counts) are properly reflected in the financial                         
statements? (AU 331)                                                       
o When the physical inventory is taken at a date                           
        other than the balance sheet date (or where                           
      rotating procedures are used), did the auditor                          
        consider inventory transactions between the                           
       inventory date(s) and the balance sheet date?                          
(AU 313.08-.09)                                                            
o Does the documentation contain evidence that                             
            counts were correctly made and recorded (was                      
        control over inventory tags or count sheets                           
        maintained) and test count quantities were                            
       reconciled with the counts reflected in the final                      
inventory? (AU 331)                                                        
o Were there adequate tests of                                             
          a. clerical accuracy of the inventory,                              
          b. costing methods and substantiation of costs                      
          used in pricing all elements of the inventory,                      
and                                                                        
c. cutoff?                                                                 
o Were analytical procedures used to test the                              
             overall valuation of inventories?                                
Investments                                                                
Consider these issues:                                                     
         o Was a summary schedule prepared (or obtained)                      
     and details tested with respect to the description,                      
        purchase price and date, changes during the                           
      period, income, market value, etc. of investments?                      
o Were securities either examined or confirmed?                            
(AU 332)                                                                   

                Section II: Key Audit Areas              N/A  Yes  No*  Ref.  
Property, Plant, and Equipment                                             
Consider these issues:                                                     
         o Was a summary schedule prepared (or obtained)                      
          to show beginning balances, changes during the                      
              period, and ending balances for                                 
          a. property, plant, and equipment, and                              
                b. accumulated depreciation                                   
      and were significant activity and balances tested,                      
        particularly for existence and other significant                      
assertions?                                                                
o Were property items capitalized or expensed in                           
       accordance with consistent capitalization limits?                      
     o Did the audit team perform tests of completeness,                      
          such as testing from disbursements to property                      
records?                                                                   
o Do the tests appear adequate and were proper                             
conclusions drawn?                                                         
Liabilities                                                                
Consider these issues:                                                     
o Did the audit team perform an adequate search                            
for unrecorded liabilities?                                                
o Did the audit team consider expenses that might                          
       require accrual (e.g., pensions, compensated                           
        absences, other postretirement benefits, or                           
           postemployment benefits provided to former or                      
       inactive employees prior to retirement), and                           
         whether accrued expenses were reasonably                             
stated?                                                                    

               Section II: Key Audit Areas              N/A   Yes  No*  Ref.  
Revenue and Expenses                                                       
Consider these issues:                                                     
o Did the audit team compare revenue and                                   
     expenses for the period to expectations, based on                        
       the budget and the results of the preceding                            
period? (AU 329)                                                           
o For significant variances and fluctuations from                          
          expectations, were management's explanations                        
      corroborated with other audit evidence or if                            
        explanations could not be obtained, were other                        
         audit procedures performed to determine                              
      whether the variance is a misstatement? (AU 329)                        
o Did the audit team consider                                              
       a. the entity's revenue recognition policy,                            
              b. unusual transactions, and                                    
c. fraud risks?                                                            
o Do tests appear adequate, and were proper                                
conclusions drawn?                                                         
Statement of Budgetary Resources                                           
Consider these issues:                                                     
o Were appropriate procedures applied, such as                             
         a. understanding and testing the budget                              
                   execution controls,                                        
        b. tests of the process of preparing the                              
statement,                                                                 
           c. tests of undelivered orders, and                                
        d. review of reconciliation to the President's                        
Budget?                                                                    

                   Section III: Consultation                 N/A Yes No* Ref. 
1. Where warranted by the complexity or unusual nature                     
of an issue (for example, issues where the FAM requires                    
consultation, issues not discussed in the FAM                              
or professional standards, going concern issues,                           
economic dependency issues, issues arising after                           
report issuance), was there appropriate consultation with                  
specialists, including the                                                 
o Reviewer,                                                                
o Statistician,                                                            
o Office of General Counsel, and                                           
o Technical Accounting and Auditing Expert?                                
(FAM 100.26 and FAM Appendix A)                                            
2. Were significant consultations appropriately                            
documented? (FAM 100.26)                                                   
3. Were the persons consulted made aware of all relevant                   
facts and circumstances?                                                   

                      Section IV: Report                    N/A  Yes No* Ref. 
1. Does the auditor's report or document containing the                    
        auditor's report (FAM 580.04, 580.77) include                         
a. highlights page or executive summary (for GAO                           
reports);                                                                  
b. transmittal letter (if appropriate);                                    
c. conclusions on:                                                         
i. financial statements,                                                   
ii. internal control,                                                      
             iii. whether the entity's financial management                   
                    systems substantially complied with the                   
            requirements of the Federal Financial                             
                         Management Improvement Act of 1996                   
                (FFMIA) for CFO act agencies,                                 
              iv. compliance with laws and regulations, and                   
           v. consistency of other information with                           
                    financial statements?                                     
d. objectives, scope, and methodology, including                           
               description of instances where GAGAS and OMB                   
            audit guidance were not followed; and                             
          e. entity comments and auditor evaluation?                          
2. Is the auditor's report (FAM 580) appropriate as to                     
a. wording,                                                                
b. scope of work,                                                          
c. U.S. GAAP,                                                              
d. explanatory paragraphs,                                                 
e. opinion/disclaimer on financial statements,                             
f. opinion/conclusions on internal control,                                
g. conclusions on whether the entity's financial                           
               management systems substantially comply with                   
            the requirements of FFMIA (for CFO Act                            
agencies), and                                                             
h. reporting on compliance with laws and                                   
regulations?                                                               

                      Section IV: Report                     N/A Yes No* Ref. 
3. Is background material (purpose, authority, and                         
functions of programs/activities) limited to what is                       
necessary?                                                                 
4. Is the auditor's report dated when all appropriate,                     
sufficient audit evidence is obtained to support the                       
opinion and all significant issues are resolved? (AU                       
530, FAM 580)                                                              
5. Does the auditor's report cover all periods for which                   
financial statements are presented? (AU 508.65)                            
6. If the financial statements of a prior period are                       
presented and have been audited by a predecessor                           
auditor whose report is not presented, does the auditor's                  
report refer to the predecessor auditor's                                  
report? (AU 508.74)                                                        
7. Does the auditor's report describe the responsibility                   
the auditor is taking for supplementary information,                       
including stewardship information? (AU 551; FAM                            
580.78-.81)                                                                
8. When illegal acts involve funds received from other                     
governmental entities, did the audit team                                  
a. satisfy itself that the audited entity notified the                     
proper officials of those entities within a reasonable                     
time?                                                                      
b. If the entity did not, or was unable to do so because                   
the top official was involved, did the audit team report                   
these acts to the officials of those other governmental                    
entities? (GAGAS, par. 5.15-.18)                                           

                      Section IV: Report                     N/A Yes No* Ref. 
9. Does the auditor's report include                                       
a. identification of which matters are significant                         
deficiencies and which are material weaknesses                             
(GAGAS, par. 5.11), and b. presentation of all identified                  
       (1) instances of fraud and illegal acts that are more                  
            than inconsequential, (2) material violations of                  
        provisions of contracts or grant agreements, and (3)                  
                          material abuse? (GAGAS, par. 5.15)                  
10. When appropriate, did the audit team report directly                   
to outside parties on fraud, illegal acts, violations of                   
provisions of contracts or grant agreements, or                            
significant abuse? (GAGAS, par. 5.18)                                      
11. Did the auditor consider the status of all known                       
significant findings and recommendations from prior                        
audits that affect the current year report, including                      
whether any failure to correct previously identified                       
deficiencies in internal control is a significant                          
deficiency or material weakness? (GAGAS pars. 5.11-.14.)                   
12. Did the auditor document the basis to support                          
(FAM 580.01) the                                                           
a. opinion about whether the financial statements                          
             and disclosures comply in all material respects                  
with U.S. GAAP (FAM 560),                                                  
b. opinion/conclusion on internal control,                                 
c. conclusion on whether the entity's financial                            
                management systems substantially comply with                  
            the requirements of FFMIA, (for CFO act                           
agencies), and                                                             
           d. conclusion on compliance with laws and                          
regulations?                                                               

Section IV: Report                                        N/A Yes No* Ref. 
13. Did the auditor document the basis for reported                        
findings on                                                                
a. internal control deficiencies, including                                
classification of control deficiencies as material                         
weaknesses, other significant deficiencies, or other                       
control deficiencies (FAM 590.05),                                         
b. entity's financial management systems lack of                           
substantial compliance with the requirements of FFMIA for                  
CFO act agencies (FAM 590.06), and                                         
c. noncompliance with laws and regulations (FAM 590.07),                   
if any?                                                                    
14. Did the auditor develop the elements of audit                          
findings to include (where appropriate and known) the                      
a. condition (describe the existing situation),                            
b. criteria (state what we are comparing to),                              
c. cause (reflect reason or reasons why the condition and                  
criteria differ), and                                                      
d. effect (describe the result of the difference between                   
the condition and criteria)?                                               
(GAGAS paragraphs 4.14-.18)                                                
15. Are recommendations and suggestions reasonable,                        
doable, and cost-effective?                                                

                      Section IV: Report                     N/A Yes No* Ref. 
16. Does the report obtain the views of responsible                        
officials in agency comments to include                                    
a. either oral or written comments,                                        
b. titles of senior official(s) involved,                                  
c. accurate characterization of general agreement or                       
disagreement with the report,                                              
d. description of the substance of the comments, and                       
e. auditor evaluation of the comments, particularly if                     
they disagree, are inconsistent, or conflict with the                      
report findings, conclusions, or recommendations.                          
(GAGAS paragraphs 5.32-.37)                                                
17. Are there control deficiencies that do not meet the                    
     criteria for significant deficiencies and do not affect                  
                                                         the                  
auditor's conclusions as to the effectiveness of internal                  
        controls which the auditor may communicate orally or                  
     in a separate management report? If so, did the auditor                  
document any oral communications? (FAM 580.49,                             
FAM 590.05, and GAGAS par. 5.14)                                           

               Section VI: GAO's Quality Control             N/A Yes No* Ref. 
1. Was the GAO report reviewed by the                                      
a. audit director (first partner),                                         
b. engagement quality control reviewer (second                             
partner),                                                                  
c. Office of the General Counsel (form 124A),                              
d. Applied Research & Methods (form 124C), and                             
e. other stakeholders (form124C).                                          
2. Did the audit director (first partner) review the                       
a. audit strategy (SAS 108.13-.14) or equivalent,                          
including sampling approach (FAM 290.05),                                  
b. account risk analyses or equivalent for material areas                  
with high or moderate risk of material misstatement (FAM                   
290.07),                                                                   
c. audit summary memorandum (FAM 590.02-.03),                              
d. management representation letter (FAM 1001),                            
e. legal representation letter (FAM 1002),                                 
f. schedule of uncorrected misstatements (FAM 595 C),                      
g. exit conference memorandum (FAM 590.10),                                
h. GAO report with entity financial statements and                         
related disclosures,                                                       
i. referencing review sheet (GAO form 92),                                 
j. GAO abbreviated audit documentation set (GAO form                       
419A), and                                                                 
k. this audit completion checklist (FAM 1003)?                             
(FAM 1301.17)                                                              

               Section VI: GAO's Quality Control             N/A Yes No* Ref. 
3. Did the assistant director review the                                   
a. entity profile or equivalent (FAM 290.04),                              
b. audit strategy (SAS 108.13-.14) or equivalent,                          
including sampling approach (FAM 290.05),                                  
c. account risk analyses or equivalent (FAM 290.07),                       
d. initial audit plan with procedures (FAM 290.09),                        
e. line item/account lead schedules,                                       
f. completed audit plan with procedures (FAM 290.09),                      
g. specific control evaluations (FAM 330.07),                              
h. audit summary memorandum (FAM 590.02-.03),                              
i. Checklist for Federal Accounting (FAM 2010) and                         
Checklist for Federal Reporting and Disclosures (FAM                       
2020) for statements using U.S. GAAP promulgated by                        
FASAB,                                                                     
j. financial reporting and disclosure checklist for                        
statements using GAAP promulgated by FASB,                                 
k. management representation letter (FAM 1001),                            
l. legal representation letter (FAM 1002),                                 
m. schedule of uncorrected misstatements (FAM 595 C),                      
n. exit conference memorandum (FAM 590.10),                                
o. GAO report with entity financial statements and                         
related disclosures,                                                       
p. referencing review sheet (GAO form 92),                                 
q. GAO abbreviated audit documentation set (GAO form                       
419A), and                                                                 
r. this audit completion checklist (FAM 1003)?                             
(FAM 1301.17)                                                              
4. Did the assistant director determine that all                           
significant                                                                
review notes were resolved appropriately? (FAM                             
1301.27-.28)                                                               

               Section VI: GAO's Quality Control             N/A Yes No* Ref. 
5. Did the assistant director indicate that all                            
documentation was sufficiently reviewed? (FAM 1301.05)                     
6. Were review notes, superseded versions of                               
documentation, and draft reports (except the referenced                    
draft and the draft sent to the entity for comment),                       
including review notes and superseded versions in                          
electronic form, placed in a separate folder to be                         
retained until the report is released, after which they                    
may be destroyed or deleted electronically up to 60 days                   
after the report release date? (FAM 1301.28)                               
7. Were review responsibilities documented and                             
communicated to all individuals on the assignment? (FAM                    
1301.23)                                                                   
8. Was documentation prepared by an IT specialist                          
reviewed by an IT manager or IT assistant director for                     
technical content and by a member of the audit team to                     
determine that related audit objectives were achieved?                     
(FAM 1301.24)                                                              
9. For areas that are both material and have high risk of                  
material misstatement, did the audit director or                           
assistant director perform secondary reviews of the                        
documentation? (FAM 1301.12)                                               
10. Was all documentation prepared by the audit director                   
or assistant directors read by the auditor-in-charge to                    
determine its consistency with any related documentation?                  
(FAM 1301.15)                                                              
11. If the documentation indicated a difference of                         
opinion between engagement personnel or between                            
engagement personnel and a specialist or other person                      
consulted, was the difference resolved appropriately and                   
was the basis of the resolution documented? (FAM 1302)                     

Section VII: Explanation of "No*" Answers and Other Comments
The page below is provided for comments on all "No*" answers or to expand
upon any of the "Yes" and "N/A" answers as needed, and may be modified as
necessary. * For some questions, "No" answers may indicate departures from
professional standards or from auditor policies. The auditor should
explain all "No" answers below and determine the effects and significance
of "No" answers, including any effect on the auditor's report.
Page no.       Question no.        Explanatory comments      Conclusion    

                       Section VIII: Conclusions                     Yes No** 
Based on your review and knowledge, do you believe                         
1. The audit team performed the engagement, in all material                
respects,                                                                  
in accordance with GAGAS (which include U.S. GAAS) and                     
applicable OMB guidance, or the auditor's report was                       
appropriately modified?                                                    
2. The financial statements conformed, in all material respects,           
with                                                                       
U.S. GAAP, or the auditor's report was appropriately modified?             
3. The auditor's report was appropriate in the circumstances?              
4. The documentation on this engagement supports the auditor's             
o opinion on the financial statements,                                     
o opinion/conclusions on internal control,                                 
o conclusions on whether the entity's financial management                 
systems substantially comply with the requirements of FFMIA (for           
CFO act agencies), and                                                     
o conclusions on compliance with laws and regulations.                     
5. The audit team complied, in all material respects, with the             
audit                                                                      
organization's policies and procedures.                                    

** If any of the above 5 statements have "No" responses, please describe
the response in a memorandum to the reviewer. Date of audit completion
___________________________________
Auditor-In-Charge_________________________________________ Date
_______________ Audit Manager ___________________________________________
Date _______________

Assistant    Director    ________________________________________     Date
_______________ Audit Director ___________________________________________
Date _______________

Reporting 1003 - Financial Statement Audit Completion Checklist

For GAO financial audits this is the chief accountant or another  director
who is a CPA and an experienced financial statement auditor.

Reporting 1003 - Financial Statement Audit Completion Checklist

                     [This page intentionally left blank.]

Reporting 1005 - Subsequent Events Review Entity
______________________________________________________________ Period of
financial statements __________________________________________ Job code
____________________________________________________________

References

Visible links
 209. http://www.gao.gov/special.pubs/gaopcie/
 210. fmailto:[email protected]
 220. http://www.ignet.gov/pande/faec/fsan0906.xls
 222. http://www.opm.gov/asd/htm/bal06.htm
 225. http://www.fms.treas.gov/
 241. http://www.usdoj.gov/civil/forms/forms.htm
 242. http://www.usdoj.gov/civil/forms/forms.htm

*** End of document. ***