Audits and Reviews

Overview - Auditing Standards - Risk Assessment - Types of Audit Projects - Annual Audit Plan

Overview of Audits and Reviews including Audit, Information Systems Audit, Quality Control, Investigations and Classification

Audits and Reviews provides state leaders with useful information to assist them in managing financial, service and business risk throughout the state. This is accomplished through audit, reviews and other attestation engagements all designed to address risks in state government operations. Through these engagements, the SAO helps improve the business systems used to manage the State’s resources and improves the accuracy and reliability of information used by state decision makers.

Auditing Standards

Audits, as well as all other attestation engagements, are conducted in accordance with auditing standards. Primary guidance is from Government Auditing Standards promulgated by the United States Government Accountability Office. Guidance from the American Institute of Certified Public Accountants is also applied. Standards are divided into general, fieldwork and reporting standards.

General standards encompass the independence of the audit organization and its auditors, the exercise of professional judgment in the performance of work and the preparation of related reports; the competence of the audit staff, including the need for their continuing professional education and the existence of quality control systems and external peer reviews.
Fieldwork standards include adequate planning and supervision of audits and a sufficient understanding of internal controls and competent evidential matter must be obtained.
Reporting standards identify the specific information and statements that must be included in the report such as deficiencies in internal controls, fraud and abuse and violation of contract or grant provisions. They also provide the opportunity for management responses to the audit report.

Risk Assessment

The SAO’s audit work is focused on the highest risk areas in state government. Risk in this context means the likelihood that something adverse could occur. The risk assessment process includes an ongoing statewide review and evaluation of data from information collected at legislative and agency hearings and meetings and other credible sources, past audit findings, and concerns from legislators or legislative staff.

Types of Audit Projects

Audit projects are developed from the ongoing risk assessment process. The SAO is authorized to perform statutorily mandated and risk-based projects. Audit project categories include financial/compliance, economy/efficiency, and effectiveness. In addition, the SAO is authorized to conduct investigations of fraud and abuse of state resources.

Annual Audit Plan

The Annual Audit Plan outlines the audits, reviews and other activities the State Auditor’s Office will conduct during each fiscal year. The plan is developed to satisfy responsibilities established by Government Code, Chapter 321, and applicable auditing standards and is approved by the Legislative Audit Committee. This plan is a working document in that the State Auditor is authorized to perform work not specified in the plan when deemed necessary in the State Auditor's professional judgment after approval from the Legislative Audit Committee. However, the Legislative Audit Committee is notified concerning additions to, deletions from, or other changes to the Audit Plan.