Gov. Bush and Lt. Gov. Brogan
Florida Single Audit Act
State Projects Compliance Supplement
Catalog of State Financial Assistance
Catalog of State Financial Assistance
State Projects Compliance Supplement
Rules of the Executive Office of the Governor
Florida Statutes, Florida Single Audit Act
Links to Related Sites
Florida State Seal


PART ONE: BACKGROUND, APPLICABILITY, AND OVERVIEW | PART TWO: MATRIX OF COMPLIANCE REQUIREMENTS | PART THREE: COMPLIANCE REQUIREMENTS | PART FOUR: STATE PROJECT COMPLIANCE REQUIREMENTS | PART FIVE: INTERNAL CONTROLS | PART SIX: GUIDANCE FOR AUDITING PROJECTS NOT INCLUDED IN THE COMPLIANCE SUPPLEMENT | APPENDIX A: LIST OF CHANGES

PART SIX - Guidance for Auditing Projects Not Included in the Compliance Supplement

Purpose

The purpose of this part is to provide the auditor with guidance on how to identify the applicable compliance requirements for programs not included in this Supplement for single audits. While a state project may have many compliance requirements, normally there are only a few key compliance requirements that could have a direct and material effect on the project. Since the single audit process is not intended to cover every compliance requirement, the Supplement and the auditor’s focus should be on the types of compliance requirements enumerated in Part Three. The following are suggested procedures to assist the auditor in making this determination.

Steps for Identifying Compliance Requirements

Determining what compliance requirements to test involves several steps. The auditor should address the following questions:

  1. What are the project objectives, procedures, and compliance requirements for a specific project?

    The first step is to gain an understanding of how the project works (e.g., the project objectives and procedures) and determine what laws, rules, and provisions of contracts or grant agreements apply to the project. The auditor should consider the following:

    1. Discuss the project with the nonstate entity, and if necessary, the state agency.
    2. Review the Catalog of State Financial Assistance (Catalog). The Catalog provides summary information about each project and includes agency contact information.
    3. Review the contracts or grant agreements and referenced laws and rules applicable to the project, including any amendments. The documents or agreements may identify the name and telephone number of an agency contact person the auditor may wish to contact for additional information. Note: The auditor should be aware that a particular nonstate entity may be subject to provisions that are unique to that entity. For example, previous noncompliance by a nonstate entity may result in additional requirements to which the nonstate entity must adhere, in order to continue its participation in a state project, and such provisions would generally not be based on laws and regulations applicable to the state project. Reasonable procedures to identify such compliance requirements would be inquiry of nonstate entity management and review of the contracts or grant agreements pertaining to the project. Any such requirements identified which could have a direct and material effect on the major project should be included in the audit.

  2. Which of the compliance requirements could have a direct and material effect on the project?

    Generally Accepted Government Auditing Standards requires that the auditor plan the audit to provide reasonable assurance that the financial statements are free of material misstatement resulting from violations of laws and rules that have a direct and material effect on the determination of financial statement amounts. The Florida Single Audit Act requires the auditor to determine whether the nonstate entity has complied with applicable provisions of laws, rules, and guidelines that could have a direct and material effect on the state project. Therefore, the auditor must determine which compliance requirements could have a direct and material effect on each major state project.

    In assessing materiality, the auditor should consider that materiality is based on qualitative as well as quantitative aspects. Examples of characteristics indicative of compliance requirements that could have a direct and material effect on a major project include:

    1. The requirement affects a large part of the state project (e.g., a material amount of project dollars).
    2. Noncompliance could cause the state agency (or recipient in the case of a subrecipient) to take action, such as seeking reimbursement of all or a part of the award and suspending the recipient’s (subrecipient’s) participation in the project.

  3. Which of the compliance requirements are susceptible to testing by the auditor?

    The auditor is only expected to test compliance for those requirements that are susceptible to testing by the auditor, that is, the requirements can be evaluated against objective criteria, and the auditor can reasonably be expected to have sufficient basis for recognizing noncompliance. Further, the auditor would not be expected to test for compliance with requirements that the state agency should have the ability to verify in the normal course of administering the project (e.g., if the requirement is that the nonstate entity must file a report by a certain date, the state agency should know whether it received the report on time). Characteristics of compliance requirements that auditors are typically expected to test include those:

    1. Which are practical to test.
    2. With objective criteria available for the auditor to assess compliance.
    3. Where an audit objective can be written that supports an opinion on compliance.
    4. When testing adds value, i.e., the state agency does not otherwise have information that verifies compliance.

  4. Into which of the common compliance requirements enumerated in Part Three of the Supplement does each compliance requirement fall?

    The auditor shall use the compliance requirements enumerated in Part Three for identifying which requirements applicable to the project are subject to testing. Not all compliance requirements apply to all projects, and conversely, certain types almost always apply.

    1. Activities Allowed or Unallowed almost always applies to state projects. The auditor should look at the project requirements, agency rules, grant applications, and contracts or grant agreements for what constitutes allowable or unallowable activities.
    2. Allowable Costs almost always applies since most projects allow for charges of goods and services.
    3. Cash Management will generally not apply if the project operates solely on a cost-reimbursement agreement with no cash advanced.
    4. Eligibility applies to state projects that provide benefits to individuals or groups of individuals, or that make subawards. For projects with eligibility requirements, the auditor should review the project laws, rules and provisions of contracts or grant agreements to determine the specific eligibility requirements. Eligibility involves both who is eligible and the amount of benefits provided to those who are eligible.
    5. Equipment and Real Property Management applies to state projects that provide for the purchase of equipment or real property.
    6. Matching, if applicable, would be specific to the state project and the nonstate entity. Therefore, the auditor will have to review the laws, rules, and provisions of contracts or grant agreements applicable to the project to make specific determinations.
    7. Period of Availability of State Funds almost always applies to state projects. The contract or grant agreement applicable to the project often indicates the period during which the funds are available for obligation under the project. The auditor should also look for project requirements regarding carryover of unused funds to future funding periods, and whether pre-award costs are allowable, to what extent, and under what circumstances.
    8. Reporting often applies to state projects, but vary significantly.
    9. Subrecipient Monitoring applies when state awards are subawarded by the recipient to a nonstate entity.
    10. Special Tests and Provisions include those compliance requirements that do not fit the description of the types of compliance requirements discussed above. These will generally be the most difficult type of compliance requirement to identify because, by definition, they are unique to each project. In addition to reviewing the project’s contracts and grant agreements, referenced laws and rules, the auditor should also make inquiries of the nonstate entity to help identify and understand Special Tests and Provisions.

    For each of the types of compliance requirements listed above, except for Special Tests and Provisions, the auditor shall consider the compliance requirements and related audit objectives in Part Three. In making a determination not to test a compliance requirement, the auditor must conclude that the requirement either does not apply to the particular nonstate entity or that noncompliance with the requirement could not have a material effect on a major project. The suggested audit procedures in Part Three are provided to assist auditors in planning and performing tests of nonstate entities’ compliance with the requirements of state projects. Auditor judgment will be necessary to determine whether the suggested audit procedures are sufficient to achieve the stated audit objective and whether additional or alternative audit procedures are needed.

    Also, because of the diversity of systems in place among nonstate entities, Part Three does not include suggested audit procedures to test internal control. The auditor must determine appropriate procedures to test internal control on a case by case basis considering factors such as the nonstate entity’s internal control, the compliance requirements, the audit objectives for compliance, the auditor’s assessment of control risk, and the audit requirement to test internal controls as prescribed in Section 215.97(8), Florida Statutes. However, the auditor may look to Part Five which presents characteristics of internal control which may be used to reasonably ensure compliance with the types of compliance requirements enumerated in Part Three.

  5. For Special Tests and Provisions, what are the applicable audit objectives and audit procedures?

    For each of the types of compliance requirements discussed under question 4, Part Three of the Supplement provides generic audit objectives and suggested audit procedures, except for Special Tests and Provisions. As noted above, Special Tests and Provisions are sufficiently unique to every project that generic audit objectives and suggested audit procedures are not practicable. Therefore, the auditor will have to develop audit objectives and audit procedures for each identified special test or provision using the guidance described in Part Three.

PART ONE: BACKGROUND, APPLICABILITY, AND OVERVIEW | PART TWO: MATRIX OF COMPLIANCE REQUIREMENTS | PART THREE: COMPLIANCE REQUIREMENTS | PART FOUR: STATE PROJECT COMPLIANCE REQUIREMENTS | PART FIVE: INTERNAL CONTROLS | PART SIX: GUIDANCE FOR AUDITING PROJECTS NOT INCLUDED IN THE COMPLIANCE SUPPLEMENT | APPENDIX A: LIST OF CHANGES

Return To Top


Florida Single Audit Act | Catalog of State Financial Assistance | State Projects Compliance Supplement | Rules of the Executive Office of the Governor | Section 215.97, Florida Statutes, Florida Single Audit Act | Links to Related Sites