Audit Types
To accomplish our mission, audits must be comprehensive and diversified. An audit of a state agency, program, activity, or function could include any of several types of audits, which are described below:
DEPARTMENTAL AUDITS
The Auditors of Public Accounts conducts audits of each state and quasi-public agency approximately every two years. These audits are intended to determine whether these agencies are following laws, regulations, internal policies, and prudent business practices. These reports are distributed to policymakers, the public, state agencies, and the media. Agencies must provide the auditors access to all records to conduct these audits. The APA must protect confidential records.
Section 2-90 of the Connecticut General Statutes authorizes the Auditors of Public Accounts (APA) to examine the books and records of state departments, commissions, and boards as well as quasi-public agencies. Generally, these audits cover two fiscal years and focus on state, rather than federal, funds. The scope of these audits includes, but may not necessarily be limited to, the fiscal years audited. These audits are conducted in addition to whatever audit work may have been done to satisfy the detailed requirements for the Annual Comprehensive Financial Report (ACFR) audit and the Federal Single Audit. A departmental audit is a compliance audit that focuses on the agency's internal controls and compliance with certain laws, regulations, contracts, and grant agreements. A departmental audit is a type of performance audit as defined by the Federal Government Accounting Office (GAO) in its Yellow Book and may also include an evaluation of the effectiveness, economy, and efficiency of certain management practices and operations.
Transaction testing performed as part of a departmental audit at individual state agencies is primarily directed at evaluating the internal controls over significant management and financial functions and compliance with policies and procedures. Where internal controls or compliance are material or significant to issuing an opinion on the ACFR or to satisfy the requirements of the Federal Single Audit Act, the audit area is included under the work related to the ACFR or Single Audit.
FEDERAL SINGLE AUDIT
Our office determines whether state agencies follow federal requirements on major federally funded programs (e.g., Medicaid, Student Financial Aid, Energy Assistance (LIHEAP), Food Stamps (SNAP), and transportation projects) through our work on the Federal Single Audit. This audit is required annually as a condition of the state receiving more than $14 billion in federal financial assistance each year.
Congress passed the Single Audit Act of 1984 and the Single Audit Act Amendments of 1996 to improve state and local governments' financial management of federal financial assistance programs, establish uniform requirements for audits of federal financial assistance, promote efficient and effective use of audit resources, and ensure that federal departments rely on and use the audit work performed under the act. The act establishes requirements for audits of the entity's financial statements, including the Schedule of Expenditures of Federal Awards (SEFA), and for testing and reporting on internal controls and compliance with laws and regulations relevant to federal financial assistance. The act requires independent auditors to perform the audit in accordance with Generally Accepted Government Auditing Standards (GAGAS) as published by the Government Accountability Office (GAO) in its Yellow Book.
State and local governments must perform a single audit if they receive federal financial assistance of $1,000,000 or more. A single audit consists of an audit of the basic financial statements and federal financial assistance (FFA). Office of Management and Budget (OMB) Uniform Guidance specifies that federal programs be classified as either Type A or Type B, depending on a dollar threshold calculated in accordance with Uniform Guidance and based largely on the total federal financial assistance expended by the entity. All Type A and Type B programs will be subject to a risk analysis to determine which federal programs will be audited.
For major federal programs, the auditor must plan and perform tests of internal controls to ensure that the relevant controls are expected to prevent or detect material noncompliance with applicable federal financial assistance requirements. Additionally, the auditor must determine whether the agency has complied with laws, regulations, and the provisions of contracts or grant agreements that have a direct and material effect on each of the major federal programs. The compliance requirements applicable to federal financial assistance programs can be found in the Compliance Supplement published by the Office of Management and Budget.
FINANCIAL AUDITS
The APA certifies whether the state's financial statements in the State Comptroller's Annual Comprehensive Financial Report (ACFR) are presented fairly and accurately. We also conduct annual financial audits of the financial statements in the State Treasurer's Annual Report, the statements of the University of Connecticut, and the statements of the UConn Health Center.
The objectives of a financial audit are to determine whether: (a) an audited agency's financial statements present fairly the financial position, results of operations, and cash flows or changes in financial position in accordance with generally accepted accounting principles or another comprehensive basis of accounting; and (b) the entity has complied with laws and regulations that may have a material effect on the financial statements.
Each year, the Office of the State Comptroller issues an Annual Comprehensive Financial Report (ACFR) prepared in accordance with generally accepted accounting principles. Our office is responsible for auditing the state's records in accordance with generally accepted auditing standards and expressing an opinion on the state's basic financial statements published in the ACFR. For our work on the ACFR, we complete financial testing at several state agencies to evaluate the statewide financial statements.
The Federal Single Audit Act of 1984, as amended by the Single Audit Act Amendments of 1996, requires the state to obtain an annual audit, which reviews its controls over federal funds and compliance with federal program requirements. As part of this audit, the Federal Office of Management and Budget Uniform Guidance requires the auditor to determine whether the financial statements of the audited agency present its financial position fairly and the results of its financial operations in accordance with generally accepted accounting principles. Thus, the audit work performed to obtain the evidence necessary to issue the audit opinion included in the ACFR is also required by the Single Audit Act and becomes an integral part of the Federal Single Audit.
PERFORMANCE AUDITS
Performance audits are conducted to determine whether state programs or systems are operating efficiently and effectively.
Section 2-90(c) of the Connecticut General Statutes provides that our office may conduct an examination of performance to determine effectiveness in achieving expressed legislative purposes.
Performance audits provide objective analysis to assist management and those charged with governance and oversight in using information to improve program performance and operations, reduce costs, facilitate decision-making by parties with responsibility for overseeing or initiating corrective action, and contribute to public accountability. According to Generally Accepted Government Auditing Standards (GAGAS), also known as the Yellow Book, published by the federal Government Accountability Office (GAO), a performance audit provides findings or conclusions based on an evaluation of sufficient, appropriate evidence against criteria. GAGAS uses the term "program" to include government entities, organizations, programs, activities, and functions.
This work may be done either as a part of a departmental audit or as a separate performance audit depending on the scope of the review. Some performance audits may include a topic that spans multiple agencies.
Performance audit objectives vary widely and include assessments of program effectiveness, economy, and efficiency; internal control; compliance; and prospective analyses. Audit objectives may also pertain to the current status or condition of a program. Audit objectives are further detailed below:
- Economy and Efficiency - determines (a) whether the entity is acquiring, protecting, and using its resources (such as personnel, property, and other resources) economically and efficiently; (b) the causes of inefficiencies or uneconomical practices; and (c) whether the entity has complied with laws and regulations pertaining to economy and efficiency.
- Program Effectiveness - determines (a) whether the desired results or benefits that the legislature or other authorizing bodies established are being achieved; and (b) the effectiveness of organizations, programs, activities, or functions, and whether the entity has complied with laws and regulations applicable to the program.
- Internal Control - relates to an assessment of one or more aspects of an entity's system of internal control that is designed to provide reasonable assurance of achieving effective and efficient operations, reliability of reporting for internal and external use, or compliance with provisions of applicable laws and regulations. Internal control objectives may also be relevant when determining the cause of unsatisfactory program performance.
- Compliance - relates to an assessment of compliance with criteria established by provisions of laws, regulations, contracts, and grant agreements, or other requirements that could affect the acquisition, protection, use, and disposition of the entity's resources and the quantity, quality, timeliness, and cost of services the entity produces and delivers.
- Prospective Analysis - uses information that is based on assumptions, determines events that may occur in the future along with possible actions that the audited entity may take in response to the future events.
INFORMATION TECHNOLOGY AUDITS
Information technology audits examine and evaluate the state's IT systems.
The APA conducts audits of the state's information technology (IT) systems. These audits are intended to assess and evaluate the design and implementation of IT general controls and practices against industry standards and state policies and procedures and identify and communicate opportunities for improvement in the IT control environment.