SU (SelviaUtama): Responding to Audit Findings

Working for Audit Finding

After the audit, the audit committee, executive director, and senior financial staff are responsible for reviewing the draft audit report, asking questions about the auditors' findings, and evaluating any recommendations before they are presented to the board in the final report.

What is the client representation "letter to management”? This letter, sometimes referred to simply as the "management letter" serves to identify areas of operations or procedures that the nonprofit may want to improve or redesign. Since auditors work with a variety of organizations, they often are aware of "best practices" or -- at the very least -- "better practices" that they can point out in the letter to management. The audit committee or staff often asks to review a draft of the management letter just to make sure that the letter is accurate before the final version goes to the board of directors, since the board is likely to be concerned about any deficiencies or even less serious concerns that the auditors identify in the letter. The accounting standards require the auditors to report to the board any "material weaknesses" and significant deficiencies. (SAS Nos. 114, 115)

Issues that auditors may point out in the client representation letter typically fall into two categories:

Material internal control issues: Issues that auditors would identify include any weaknesses in the processes, systems, and internal procedures that help to ensure that all financial transactions are recorded properly. Strong internal controls (e.g., early detection and correction) serve to highlight errors and irregularities in financial operations. Correcting the issues will provide additional integrity to the financial statements and may help to reduce audit costs in the future. The auditors will point out any material internal control issues in the management letter so that the nonprofit can address those issues before the next audit.
Operating inefficiencies: Management letters may identify issues that are, or could become red flags, and propose improvements to resolve problems and strengthen operations. Sometimes it takes an independent or outsider’s eye to identify inefficiencies that could be improved or new technologies that will improve operations. The auditor’s letter to management may also point out operating procedures that are inefficient or unnecessary.

Questions for the audit committee to discuss with the executive director (“ED”) after the audit:

Did the auditors perform their work efficiently and effectively? Are you (ED) satisfied with the scope, nature, and timing of the audit?
Are you (ED) satisfied with the knowledge, skills, and abilities of those assigned to do the audit?
Did the auditors work with the organization to ensure complete coverage and effective use of resources without redundant efforts?
Did the committee and ED review the fee arrangement between the organization and the auditors?
Was there any documentation that the auditors requested that the staff could not produce?
Were there any significant changes to the audit plan that occurred during the course of the audit?
Were there any serious disputes or difficulties encountered by the staff during the audit?
Does the staff believe that the auditors were diligent in their review?
Was the auditors’ presence on site during fieldwork disruptive?
Are you satisfied that the external auditors remain independent of the organization in spite of any audit-related, or non-audit services the auditors provide to the organization?

Six questions for the audit committee/board to ask the auditors after the audit:

When the draft report and client representation letter to management is ready but before they are finalized, the audit committee/board liaison should meet with the auditors one final time before the report and letter are dated and released to the board of directors. These questions are designed to determine whether there are any issues to bring to the board's attention in connection with the audit, and to anticipate questions that a board member may typically ask when presented with the independent auditor's report.

Was the management team cooperative and forthcoming with requested information and documentation?
How do our accounting policies and procedures compare with those of other comparable nonprofits?
Are there any items that might be disputed by the IRS? If yes, what documentation should be on hand to bolster the item?
Did the management team follow suggestions noted by auditors in prior years to correct weaknesses in the internal accounting system?
Did you discover anything regarding the financial statements or internal financial management procedures that should be brought to the attention of the board of directors?
Do you have any suggestions for improvements in accounting, reporting, or operating procedures?

Release of the auditor's report to management

After all questions have been asked and answered, including confirmations of anything that the auditors needed to check, the final step is that the auditors will sign and date the report, and deliver it to the board of directors with a client representation letter, the same date as the audit report.

Presentation of the audit report to the board of directors

During the meeting that the board of directors receives the independent audit, the appropriate action for the agenda is for the board of directors to "accept" the auditor's report and letter to management, rather than "approve" them. This is because the board's action in connection with the audit is literally to receive and "accept" the auditor's independent report. The findings in the report are not subject to change by the board after the report is submitted to the board, consequently, the board's action is not to approve/disapprove, but to accept the report. However, discussion by the full board of the audit report should be encouraged so that board members are familiar with the report's findings. Generally all board members receive a copy of the independent audit and management letter in their board materials for the meeting during which the report is accepted.

Responding to Audit Findings

Example 1:

Finding:

12 transactions did not contain documented supervisory approvals.

Good Response:

We agree with this finding and have amended procedures to require approvals. In addition for the 12 exceptions we have retroactively performed supervisory review and approval.

Need to define Coordinator of the action plan (who is responsible to ensure completion)
Need an expected date of completion that makes sense.
Coordination of efforts, technical ownerships vs functional ownerships of issue.

Example 2:

Finding:
The department does not have written policies and procedures.

Recommendation:
The department should perform the following:

Develop and document all of its significant business processes
Make the policies and procedures available to all personnel
Ensure they are accurate, complete, and current at all times.
Revise policies and procedures for changes in business processes and policies. This is particularly important when new systems are developed and implemented or other organizational changes occur.
Communicate significant changes to all affected personnel immediately to ensure they are aware of any revisions to their daily duties and responsibilities.
In the event that there are changes in personnel (i.e. new employees are hired, promotions granted, etc.), documented policies and procedures will facilitate training and provide guidelines for the respective positions.

Management’s Response

We agree with the auditors' comments, and the following action will be taken to improve the situation. We will have each unit supervisor to document the policies and procedures for their respective business processes by the end of the first quarter of 20XX. We will then consolidate these documents into one user manual that will be available to all staff members via our website.

Revisions to the users’ manual will be made as needed to ensure the manual is current at all times. The staff will be advised of all revisions.

Read More:

MFA

Wayne State University
National Council of Nonprofits

Responding to Audit Findings

No comments: