Making the GradeMay 23, 2011
By Leslie A. Zoll, CPA
I recently attended a joint Board of Finance/Board of Selectman meeting of a municipality and was asked “So…what grade did we get?” I have been asked similar questions in the past such as “How did we do?" or, “Did the audit go well?” but was never challenged to actually assign a grade.
Assigning a grade to an audit would be no easy task. How would it be measured? How would it be interpreted? Auditors are not rating agencies that analyze financial data and risk of organizations. The work of an auditor is simply to inform the reader whether or not the financial statements prepared by the municipality are, in all material respects, presented fairly in accordance with generally accepted accounting principles. So then, how does an auditor answer “How was the audit?”
Under the criteria set forth in governmental auditing standards as well as in the OMB Circular A-133 and the State Single Audit Act, all municipal audits will answer three basic questions. These questions are a good place to start in assessing how well your organization did.
Are there financial statement reporting findings?
If the answer is yes, and there are significant deficiencies or material weaknesses on the financial statements, it is clear to those charged with governance that improvements are needed. The board members would most likely raise a red flag and demand a corrective action plan to rectify the issue and make improvements to eliminate such findings in the future.
Are there federal or state single audit compliance findings?
If the answer is yes, and there are single audit findings, this may also spark more interest to try and resolve quickly so as to not risk loss of funding.
Are there internal control comments and recommendations?
Comments and recommendations on internal controls that were not material to the financial statement reporting are offered by auditors as a value-added service to the organization. They are not a required element of the audit but should be taken seriously. In this category, auditors document instances noted during the audit that may pose minimal risk to the municipality or may simply be helpful suggestions for improvements to the organization. This is the area of the audit where Board members and management can really take an active role in improving the organization to ensure the answers to #1 and #2 remain as “no.”
So, if the answer to all three questions is no – then your organization gets an A+ and if not, then the audit findings are your opportunity to make the appropriate changes to strive for an A+ next year. Want to get a head start for next year? Here are some of the more common findings and recommendations to measure your municipality:
- Ensure all funds are recorded on the general ledger system
- Ensure all bank account reconciliations are prepared timely, and subsequently reviewed by an individual other than the preparer
- Implement procedures for formal review of journal entries
- Segregation of duties should exist over accounts payable and payroll processing
- Develop procedures to ensure financial management system securities
- Develop and test disaster recovery plans
- Formalize procedures for computer back-up and user IDs
- Develop formal procedures for the review of capital assets
- Perform a fraud risk assessment
Management and other elected officials should be involved in assisting the municipality by following up on these comments and recommendations — whether it be finding additional resources to update their software solutions, setting up committees to explore sound technology policies or just insisting that controls are in place to safeguard all town/city assets. Asking “How well did we do?” is a great start — let us all now be challenged to also ask “What else can we do?”