Skip to content
a piece of wood with a piece of wood on it

Oh No, an Audit Finding!

Published
Feb 23, 2024
By
Freddy Smith
Stephen Bearry
Share

There are many misconceptions about what it means to have a finding reported in the schedule of findings and questioned costs. Some individuals believe that a finding means they could lose their job or receive embarrassing press, while others may ignore the information altogether. So, what is an audit finding? Why is it important? What does it tell us? To answer these questions, one must first understand why the auditor must report findings and what they convey. 

What is the purpose of an audit? 

Let’s consider two types of audits: a financial statement audit and a compliance audit. A financial statement audit is designed to provide assurance to a user of financial statements, whereas a compliance audit, like a Single Audit for federal grants, provides assurance to providers of funds and other stakeholders that funds were administered compliantly.  

If your organization receives state or federal funds, your entity may be required to obtain a financial statement audit in accordance with Government Audit Standards, an audit of compliance pursuant to Subpart F of the Uniform Guidance (aka Single Audit), or both. Under these standards, the following reports and schedules are required:  

  • The auditor’s report on the financial statements.
  • A report on internal controls over financial reporting and compliance and other matters.
  • A report on compliance for each major program and on internal controls over compliance, and (if subject to Single Audit).
  • A schedule of findings and questioned costs. 

In performing these audits with the goal of issuing the above reports, an auditor considers internal controls over financial reporting and those over compliance with certain laws, regulations, contracts, and/or grants to determine whether the financial statements might be misstated or noncompliance might exist. 

What is an audit finding? 

In that process of reviewing internal controls and compliance, if an auditor identifies weaknesses in internal control issues or instances of noncompliance, the auditing standards require, in certain circumstances, that these matters be reported in writing. There are two types of internal control findings that may be identified by the auditor. These are as follows: 

  • A significant deficiency is a deficiency, or a combination of deficiencies, in internal controls that is less severe than a material weakness, yet important enough to merit attention by those charged with governance.
  • A material weakness is a deficiency, or combination of deficiencies, in internal controls that leads to a reasonable possibility that a material misstatement of the entity’s financial statements will not be prevented, or detected and corrected, on a timely basis. 

Noncompliance that may be reported as a finding might involve a range of issues, including those pertaining to federal or state grants, payroll tax matters, restrictions of tax propositions, violations of debt covenants, violations of law, or others that could affect the financial statements or overall compliance with the terms of a grant program. Examples could include failure to file payroll tax returns and submit deposits, disallowed costs charged to a grant, or failure to operate within a budget, which are generally limited to material matters. An intentional act of non-compliance or misappropriation can be considered fraud, which also must be reported as a finding.  

It is important to remember that a compliance finding, including those involving fraud, is often an indicator of a potential deficiency in internal controls over compliance. It could, therefore, result in a finding in both areas as the graphic below illustrates: 

Audit internal controls compliance finding

Evaluating a finding 

 
Findings must be evaluated by report users and by management so they can be remediated by management and monitored by regulators and oversight agencies. When evaluating a compliance finding, one should consider the frequency of the finding, its pervasiveness, and the possible effects to the financial condition of the organization for questioned costs—or its impacts to current and future grant funding. 
 
To more clearly explain the matters reported by auditors, standards require certain components to a finding as described below: 
 
  • Identification data – Agency, program, Assistance Listing (ALN) award number and year.
  • Criteria – What is the law, rule or standard?
  • Condition – How did the auditee not comply with the law rule or standard?
  • Cause – Why did this happen?
  • Effect – What is the impact, financial or other, of the finding?
  • Questioned costs and how computed – Known costs are reported.
  • Recommendations – Auditors’ input on how to remediate the finding.
  • View of responsible officials – Auditee provides a response and can reference a corrective action plan, if applicable. 

Who’s to blame? 

 
The financial and legal environment in which governments operate is complex and sometimes difficult to navigate. New laws, additional federal funding, complex accounting standards, and a shortage of up-and-coming government finance officers create many challenges for state and local governments. This, and the fact that organizations are managed and governed by humans, makes audit findings rather common versus being the exception.  
 
Absent fraud, impropriety, or misappropriation, there’s no shame in having a finding in your report. Just as with all shortcomings or mistakes, the larger problem occurs when an organization fails to take action to remedy the finding. If understood in the proper context, a finding can be an opportunity to improve knowledge and processes, thereby allowing an organization to better serve its customers, citizenry, and constituents. 
 

 

What's on Your Mind?

a man in a suit smiling

Freddy Smith

View Profile

Stephen Bearry

View Profile

Start a conversation with the team

Explore More Insights

a brick building with a door and a blanket from the window
Article

Utilizing Prepositioned Contracts as a Disaster Preparedness Strategy

  • Disaster Recovery
Read More
a building with a glass front
Article

Maximizing Subrecipient Monitoring: Best Practices and Uniform Guidance

  • Disaster Recovery
Read More
a group of people writing on paper
On-Demand Webinar

Audit Insight 2024 | Navigating GASB Updates & Federal Audits

Read More
a close-up of a stamp
Article

Navigating the Proposed Revisions to Uniform Guidance 2 CFR Part 200

Read More
a doctor showing a young girl something on the tablet
Article

Comparing Fee-for-Service and Cost-Based Reimbursement for School-Based Medicaid Programs

  • School-Based Medicaid
Read More
a building with flags in front of it
On-Demand Webinar

Navigating Federal Grants in 2023 | Insights and Changes

Read More
a close up of a logo
Video

How Fraud Prevention Intersects with Governmental Funding | Part I

  • Fraud Awareness
Read More
a wooden sculpture of a dog and a cat
Article

Build America, Buy America Act: Navigating the Implications for ARPA and IIJA-Funded Projects

Read More
a man holding an umbrella
Article

Navigating FEMA Public Assistance and Cost Share

  • Disaster Recovery
Read More
engineering drawing
Article

Key Updates from U.S. Treasury’s 2023 Interim Final Rule for ARPA State & Local Fiscal Recovery

  • Coronavirus
Read More
a group of white pillars
Article

Second Payment Available: Local Assistance and Tribal Consistency Fund (LATCF)

  • Coronavirus
Read More
background pattern
Article

Addressing the Digital Divide

Read More
View All Insights

Receive the latest business insights, analysis, and perspectives from EisnerAmper professionals.

Subscribe