CPE for Government Auditors

What is an auditor?

Please enjoy this first chapter of self-study book Essential Skills for Government Auditor  available on YellowBook-CPE.com.

So here you are, an auditor. No other job title is more likely to be a conversation stopper at a dinner party.  No one likes to be audited.

But auditors do have an important role to play because, unfortunately, government leaders can’t trust program managers when they say, “Everything here is fine.  Don’t worry about us!” Government leaders and citizens do worry and want assurance from someone they can trust that everything is going well.  The auditor is that professional whom the leaders and the citizens can trust.

One definition of auditor is:  An independent professional who evaluates a subject matter against agreed-upon criteria.

This definition has several important components: independence, subject matter, and criteria.  Let’s look at each of those components in turn.


Auditors must be independent of their clients and the subject matter they are auditing.  But who are these clients?

The Government Accountability Office (GAO), the federal audit organization that writes the governmental auditing standards (a.k.a. the Yellow Book) has a very broad definition of client.  The GAO says, “A distinguishing mark of an auditor is acceptance of responsibility to serve the public interest.” And they define public interest as “the collective well-being of the community and entities the auditors serve.”  Did you know you had such a noble job?

CPAs are held to the same standard. They are certified “public” accountants after all. They have a primary responsibility to the public and a secondary responsibility to their audit client.

Clients in the government realm include management of the auditee, governing bodies, oversight bodies, special interest groups, other citizens, and the people who actually benefit from the government’s services.

If you think about it, auditors are often the only professionals involved in an organization or in a program who can comfortably speak the truth because they are, hopefully, shielded from backlash because they are independent.

GAGAS (Yellow Book) 20113.04     Auditors and audit organizations maintain independenceso that their opinions, findings, conclusions, judgments, and recommendations will be impartial and viewed as impartial by reasonable and informed third parties. Auditors should avoid situations that could lead reasonable and informed third parties to conclude that the auditors are not independent and thus are not capable of exercising objectiveand impartial judgment on all issues associated with conducting the audit and reporting on the work.

The recipients of governmental funds aren’t likely to uncover their own risks or highlight their own weaknesses because they could lose their funding. And the oversight bodies might be so far removed from the program that they don’t have a sense of what is really happening.

You can make quite a difference in an organization. The GAO’s Yellow Book says that you are “essential to the nation’s governing process!” Wow, that is quite a responsibility!

Consulting vs. Auditing

Some professionals who call themselves auditors are actually consultants. They help the client implement systems or spend months working to help the client with a technical issue. Consultants are allowed to get involved in the day-to-day operations of a department.

The Institute of Internal Auditors (one of the standard setting bodies that I will explain further in the next chapter) encourages consulting and has created consulting standards for their members.

The Government Accountability Office (GAO) calls consulting by another name, “non-audit services,” and puts up numerous barriers to prevent auditors from also serving as consultants. The GAO believes that you cannot both consult regarding an audit subject matter and later serve as objective, independent evaluator of the same subject matter.

In this text, our focus will be on auditing and auditing standards.

Subject matter and criteria

Auditors opine or conclude on whether a subject matter meets a certain criteria.

All auditors struggle to keep their audits limited in size and scope. It is extremely easy to create monstrous projects that are hard to reign in and report on.

In response to this struggle, most audit standards require that you develop a finite objective and scope for each engagement.   Imbedded in the audit objective are the audit subject and the criteria the auditor will use to evaluate the audit subject.

The GAO has this to say about the audit objective and scope in the Yellow Book:

GAGAS6.08The objectives are what the audit is intended to accomplish. They identify the audit subject matter and performance aspects to be included, and may also include the potential findings and reporting elements that the auditors expect to develop. Audit objectives can be thought of as questions about the program that the auditors seek to answer based on evidence obtained and assessed against criteria. The term “program” is used in GAGAS to include government entities, organizations, programs, activities, and functions.GAGAS 6.09

Scope is the boundary of the audit and is directly tied to the audit objectives. The scope defines the subject matter that the auditors will assess and report on, such as a particular program or aspect of a program, the necessary documents or records, the period of time reviewed, and the locations that will be included.

The objective and scope define what the project is, as well as what it is not. Objectives are assessed against agreed upon criteria, which are benchmarks established by law, governing organizations, or company policies and procedures. (For more on criteria, read Chapter 6.)

To satisfy the audit objective, you will gather and document audit evidence.  The techniques that you use to gather evidence are called audit methodologies.

6.10     The methodology describes the nature and extent of audit procedures for gathering and analyzing evidence to address the audit objectives. Audit procedures are the specific steps and tests auditors perform to address the audit objectives. Auditors should design the methodology to obtain reasonable assurance that the evidence is sufficient and appropriate to support the auditors’ findings and conclusions in relation to the audit objectives and to reduce audit risk to an acceptable level.

All three of these elements – the objective, scope, and methodology – are essential to describe what you seek to accomplish on the audit. (For more on methodology, see Chapter 15.)   The GAO requires that auditors both document these three defining elements in the working papers and disclose them in the audit report.

Audit deliverables

As Stephen Covey says, you should begin with the end in mind.  So before we dig in to the steps of conducting an audit, let’s look at what you will have when you are all done.  Auditors create three deliverables from an audit project:

  • The answer to the audit objective – called either an audit conclusion or an audit opinion
  • Findings – issues that the auditor would like to see addressed or corrected by the client
  • Working papers –documentation of the evidence the auditor gathered to support the conclusions and the findings.

If you are following GAO’s audit standards (The Yellow Book) for performance audits, you must put this promise – word for word – in your audit report:

7.30     We conducted this performance audit in accordance with generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives.

As you seek to satisfy your audit objectives, you will gather evidence using audit methodologies.  Some auditors call audit methodologies audit tests or audit program steps.  The results of applying these methodologies must be documented.

6.79     Auditors must prepare audit documentation related to planning, conducting, and reporting for each audit. Auditors should prepare audit documentation in sufficient detail to enable an experienced auditor, having no previous connection to the audit, to understand from the audit documentation the nature, timing, extent, and results of audit procedures performed, the audit evidence obtained and its source and the conclusions reached, including evidence that supports the auditors’ significant judgments and conclusions. An experienced auditor means an individual (whether internal or external to the audit organization) who possesses the competencies and skills that would have enabled him or her to conduct the performance audit. These competencies and skills include an understanding of (1) the performance audit processes, (2) GAGAS and applicable legal and regulatory requirements, (3) the subject matter associated with achieving the audit objectives, and (4) issues related to the audited entity’s environment.6.80     Auditors should prepare audit documentation that contains evidence that supports the findings, conclusions, and recommendations before they issue their report.

Questions auditors answer

In order to give the client assurance regarding an audit subject, you must answer questions that naturally arise as you seek the answer to your audit objective.

Notice that these questions assume that something is wrong.  Auditors tend to think that way!  Because of time constraints, auditors focus on risks, negative events, and the issues that need fixing instead of proving the good that occurs in an organization.  In that way, auditors are like journalists.

  1. What is the current state of affairs? (condition)
  2. What should be the current state of affairs? (criteria)
  3. What has caused the current state of affairs? (cause)
  4. Why is the current state of affairs undesirable? (effect)
  5. What should be done to correct the current state of affairs? (recommendation)

You will see these questions used in later chapters and referred to as the “elements of a finding.” Auditors following IIA & GAO standards use them to write audit findings when they find something that needs to be corrected, such as an internal control weakness, non-compliance, fraud, and/or abuse.

What I hope to do in this text is show you the steps auditors follow to create their three main deliverables (the conclusion/opinion, the findings, and the audit documentation) as well as give you the tools to answer these questions for your clients.

Let’s tweak that definition of an auditor

Now that we have discussed independence, audit subject matter, audit criteria, and audit deliverables, we should tweak our definition of an auditor. We began the chapter with this definition: An independent professional who evaluates a subject matter against agreed-upon criteria.

Please allow me to enhance it a bit based on what we just read: An auditor is an independent professional who concludes whether a subject matter meets an agreed upon criteria by gathering evidence through performing custom-designed audit methodologies.  Aren’t you glad I didn’t start with that?

Visit the Yellowbook-CPE.com Student Center
Click to learn more about Yellowbook requirements.


Lost your password?