Federal Information System Controls Audit Manual (FISCAM)


Book Description

FISCAM presents a methodology for performing info. system (IS) control audits of governmental entities in accordance with professional standards. FISCAM is designed to be used on financial and performance audits and attestation engagements. The methodology in the FISCAM incorp. the following: (1) A top-down, risk-based approach that considers materiality and significance in determining audit procedures; (2) Evaluation of entitywide controls and their effect on audit risk; (3) Evaluation of general controls and their pervasive impact on bus. process controls; (4) Evaluation of security mgmt. at all levels; (5) Control hierarchy to evaluate IS control weaknesses; (6) Groupings of control categories consistent with the nature of the risk. Illus.







Financial Audit Manual: Volume 3


Book Description

The new vol. 3 of the GAO and the President¿s Council on Integrity and Efficiency (PCIE) ¿Financial Audit Manual¿ (FAM). GAO and the PCIE issued the joint FAM in July 2001. The FAM presents a methodology to perform financial statement audits of fed. entities in accordance with professional standards. GAO has updated the FAM for significant changes that have occurred in auditing financial statements in the U.S. gov¿t. since the last major revisions to the FAM were issued in July 2004. These checklists are tools that may be used by entities and auditors to document conformity with U.S. generally accepted accounting principles (U.S. GAAP).







Standards for Internal Control in the Federal Government


Book Description

Policymakers and program managers are continually seeking ways to improve accountability in achieving an entity's mission. A key factor in improving accountability in achieving an entity's mission is to implement an effective internal control system. An effective internal control system helps an entity adapt to shifting environments, evolving demands, changing risks, and new priorities. As programs change and entities strive to improve operational processes and implement new technology, management continually evaluates its internal control system so that it is effective and updated when necessary. Section 3512 (c) and (d) of Title 31 of the United States Code (commonly known as the Federal Managers' Financial Integrity Act (FMFIA)) requires the Comptroller General to issue standards for internal control in the federal government.




Federal information system controls audit manual. Volume I financial statement audits.


Book Description

The manual is a companion to GAO's Financial Audit Manual (FAM) and discusses the control objectives that auditors should consider when assessing computer-related controls, and it provides examples of control techniques commonly used at federal agencies along with suggested audit procedures."




Government Auditing Standards - 2018 Revision


Book Description

Audits provide essential accountability and transparency over government programs. Given the current challenges facing governments and their programs, the oversight provided through auditing is more critical than ever. Government auditing provides the objective analysis and information needed to make the decisions necessary to help create a better future. The professional standards presented in this 2018 revision of Government Auditing Standards (known as the Yellow Book) provide a framework for performing high-quality audit work with competence, integrity, objectivity, and independence to provide accountability and to help improve government operations and services. These standards, commonly referred to as generally accepted government auditing standards (GAGAS), provide the foundation for government auditors to lead by example in the areas of independence, transparency, accountability, and quality through the audit process. This revision contains major changes from, and supersedes, the 2011 revision.




Assessing the Reliability of Computer-Processed Data


Book Description

Computer-processed data (CPD) from outside sources are often central to audit reports. Because assessing CPD requires more technical tests, it may seem that such data are subject to a higher standard of testing than other evidence. This is not the case. For ex., we apply the same tests of sufficiency and appropriateness that we apply to other types of evidence, but in assessing CPD, we focus on one test in the evidence standard -- appropriateness -- which includes validity and reliability, which in turn includes the completeness and accuracy of the data. This guide provides a flexible, risk-based framework for data reliability assessments that can be geared to the circumstances of each audit. Illus. This is a print on demand edition of an important, hard-to-find report.