Types of Engagements
Government managers are responsible for the stewardship of financial resources and for preparing financial statements that conform to accounting principles promulgated by the Governmental Accounting Standards Board (GASB). Audits of entity financial statements provide the Legislature, Florida’s citizens, investors, bond rating agencies, and other users of the financial statements independent assurance of the reliability of the financial statement information provided by government managers. Such independent assurance is given in the form of an opinion on the financial statements and is preceded by the performance of an examination of the entity’s financial records and related representations made by government officials. The nature, timing, and extent of the work performed are governed by professional standards issued by the AICPA and the Comptroller General of the United States in Government Auditing Standards. Under those standards, consideration of information technology internal controls is often an essential and significant part of the financial audit process because public entity operations and business processes are usually dependent on information technology.
Financial audits may include audit procedures to evaluate the entity’s compliance with requirements that could have a direct and material effect on each major Federal awards program and the effectiveness of internal controls established by management to consistently ensure compliance therewith. That is because, as a condition of receiving Federal funds, the United States Office of Management and Budget (OMB) requires a Single Audit of the recipient’s financial statements and major Federal awards programs. The audit is referred to as a Single Audit because it is an organization-wide audit that includes, within its scope, work designed to meet the oversight needs of many Federal and pass through grantors and State accountability officials. Federal awards audit requirements are located in the OMB Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Title 2, Part 200, Code of Federal Regulations).
Operational audits evaluate management’s performance in establishing and maintaining internal controls, including internal controls designed to prevent and detect fraud, waste, abuse, and noncompliance, and in administering assigned responsibilities in accordance with applicable laws, rules, contracts, grant agreements, and other guidelines. Operational audits examine internal controls, including certain information technology internal controls, that are designed and placed in operation to promote and encourage the achievement of management’s control objectives in the categories of compliance, economic and efficient operations, reliability of financial records and reports, and safeguarding of assets, and identify weaknesses in those internal controls. Operational audits may also include comparisons of the performance of a program, activity, or function of a governmental entity to specific criteria. Our operational audits include a broad array of operational areas and are conducted in accordance with applicable Government Auditing Standards. The areas of operations included within the scope of operational audits are determined through risk assessment processes that, among other procedures, include inquiries of legislative staff concerning areas of concern and interest to the Legislature.
Information Technology Operational Audits
Information technology operational audits evaluate the effectiveness of information technology (IT) controls applicable to particular IT systems and applications. The audits focus on areas of risk pertaining to critical IT operations, including the IT infrastructure supporting various mission-critical applications, network and vulnerability management, data security and integrity management, third-party services, and deployment of new environments and processes. IT operational audits are conducted in accordance with applicable Government Auditing Standards.
Performance audits examine a program, activity, or function of a governmental entity with respect to issues such as economy, efficiency, and effectiveness of a program; the adequacy of a program to meet the needs identified by the Legislature or governing body; alternative methods of providing program services or products; the accuracy or adequacy of public documents, reports, or requests prepared under a program by the public entity; and compliance of a program with appropriate policies, rules, or laws. Performance audits are conducted in accordance with applicable Government Auditing Standards.
Attestation examinations consist of obtaining sufficient, appropriate evidence to express an opinion on whether the subject matter of the examination is based on (or in conformity with) specified criteria in all material respects or an assertion is presented, in all material respects, based on the specified criteria. Examination engagements are conducted in accordance with the Standards for Attestation Engagements issued by the AICPA and applicable Government Auditing Standards. Our evaluations of school district and other entities’ compliance with State requirements governing the determination and reporting of full-time equivalent students under the Florida Education Finance Program and the number of students transported are attestation examination engagements.
Quality Assessment Reviews of Internal Audit Activities
Pursuant to Section 11.45(2)(i), Florida Statutes, the Auditor General conducts quality assessment reviews of the State agencies’ Offices of Inspectors General (OIGs) internal audit activities. During the reviews, we evaluate the design of the OIG's quality assurance program related to the internal audit activity and whether the program provides reasonable assurance of conformance with applicable professional auditing standards. We also evaluate OIG compliance with those provisions of Section 20.055, Florida Statutes, governing the operation of the State agency's OIG internal audit activity.