Section 2-90 of the Connecticut General Statutes authorizes the Auditors of Public Accounts to examine the books and records of state departments, commissions, and boards as well as certain quasi-public agencies. Subsection (c) provides that each such audit may include an examination of performance to determine the effectiveness in achieving expressed legislative purposes.
According to Generally Accepted Government Auditing Standards (GAGAS) published by the federal Government Accountability Office (GAO), a performance audit provides findings or conclusions based on an evaluation of sufficient, appropriate evidence against criteria. Performance audits provide objective analysis to assist management and those charged with governance and oversight in using information to improve program performance and operations, reduce costs, facilitate decision making by parties with responsibility for overseeing or initiating corrective action, and contribute to public accountability. The term program is used in GAGAS to include government entities, organizations, programs, activities, and functions. Current GAO performance audit standards are included in Government Auditing Standards, also known as the Yellow Book.
This performance audit work may be done as a part of a compliance audit or as a separate performance audit, depending on the scope of the review to be undertaken.
Section 2-90 of the Connecticut General Statutes authorizes the Auditors of Public Accounts to examine the books and records of state departments, commissions and boards, as well as certain quasi-public agencies. Generally, these audits will cover two fiscal years and focus on state, rather than federal, funds. These audits will be in addition to whatever audit work may have been done to satisfy the requirements for the Comprehensive Annual Financial Report (CAFR) audit and the federal Statewide Single Audit. A departmental audit is a compliance audit that focuses on the agency’s internal control structure and compliance with certain laws, regulations, contracts and grant agreements. A departmental audit is a type of performance audit as defined in the GAO Yellow Book. The financial statement audit is done as part of our work on the CAFR.
The transaction testing performed as part of a compliance audit at individual state agencies is directed at evaluating the internal control systems and compliance issues relative to the agency. Where the internal control structure or compliance issue is material or significant to issuing an opinion on the CAFR or to satisfy the requirements of the federal Single Audit Act, the internal control structure or compliance issue has been included under the scope of our CAFR or Single Audit.
Federal Single Audit
Congress passed the Single Audit Act of 1984 and the Single Audit Act Amendments of 1996 to improve state and local governments’ financial management of federal financial assistance programs, establish uniform requirements for audits of federal financial assistance, promote efficient and effective use of audit resources, and ensure that federal departments rely on and use the audit work performed under the act. The act establishes requirements for audits of the entity’s financial statements, including the Schedule of Expenditures of Federal Awards (SEFA), and for testing and reporting on internal controls and compliance with laws and regulations relevant to federal financial assistance. The act requires independent auditors to perform the audit in accordance with Generally Accepted Government Auditing Standards (GAGAS) as published by the Government Accountability Office (GAO) in its Yellow Book.
State and local governments must perform a single audit if they receive federal financial assistance of $750,000 or more. A single audit consists of an audit of the basic financial statements and of the federal financial assistance (FFA). Office of Management and Budget (OMB) Uniform Guidance specifies that FFA programs be classified as either Type A or Type B, depending on a dollar threshold calculated in accordance with Uniform Guidance and based largely on the total FFA expended by the entity. All Type A and Type B programs will be subject to a risk analysis to determine which federal programs will be audited.
For major federal programs, the auditor must plan and perform tests of internal controls to ensure that the relevant controls are expected the prevent or detect material noncompliance with applicable FFA requirements. Additionally, the auditor must determine whether the agency has complied with laws, regulations, and the provisions of contracts or grant agreements that have a direct and material effect on each of the major federal programs. The compliance requirements applicable to FFA programs can be found in the Uniform Guidance published by the Office of Management and Budget.
Comprehensive Annual Financial Report (CAFR) Audit
Each year, the Office of the State Comptroller issues a Comprehensive Annual Financial Report (CAFR), prepared in accordance with generally accepted accounting principles. Included within this report are all necessary presentations and disclosures to present fairly, in all material respects, the financial position of the state at fiscal year-end and the results of the operations of the state for the fiscal year.
The Auditors of Public Accounts is responsible for auditing the records of the state in accordance with generally accepted auditing standards and expressing an opinion on the state’s basic financial statements published in the CAFR.
The federal Single Audit Act of 1984, as amended by the Single Audit Act Amendments of 1996, requires that an annual audit be performed, which reviews the state’s controls over federal funds and compliance with federal program requirements.
As part of this audit, federal Office of Management and Budget Uniform Guidance requires the auditor to determine whether the financial statements of the audited agency present its financial position fairly and the results of its financial operations in accordance with generally accepted accounting principles. Thus, the audit work performed to obtain the evidence needed to issue the audit certificate included in the CAFR is also required by the Single Audit Act and becomes an integral part of the Statewide Single Audit.
Information Technology Audits
The Auditors of Public Accounts conducts audits of the state’s information technology systems. These audits are intended to determine whether the state’s information systems adequately maintain the integrity of data, protect against breaches of privacy, and ensure there are proper safeguards to protect against fraud.