PUBLIC SECTOR KNOWLEDGE BRIEF

GRANT AUDITING IN THE PUBLIC SECTOR Strategies to identify risks and evaluate success

Table of Contents

Introduction ................................................................................................................................................... 1

The rise in public sector grants .......................................................................................................... 1

Stakes and contexts ..................................................................................................................................... 2

Characteristics unique to grants ........................................................................................................ 2

Relationship between grant phases, administration, and management ......................................... 3

Risks related to grants ................................................................................................................................. 4

A broad view of risk ............................................................................................................................. 4

Most common risks .............................................................................................................................. 4

Communication of results ............................................................................................................................ 6

Requirements according to the Standards ........................................................................................ 6

Additional considerations ............................................................................................................................ 7

List of internal audit strategies ........................................................................................................... 7

Conclusion .................................................................................................................................................... 8

INTRODUCTION

The rise in public sector grants

In the 2018 fiscal year, 347,272 federal grants were

allocated to provide basic goods and services deemed

beneficial for societal well-being. This represents a 32

percent increase in the total number of grants reported in

the 2017 fiscal year, and a nearly 12 percent increase from

2016.1 Internal audit has long cemented its role in grant

administration and management processes by providing

assurance on related risk management efforts by the first

and second lines of defense. But the escalating number of

public sector grants requires both new and experienced

internal auditors to reinforce their knowledge of the

characteristics that make this type of audit unique and

challenging (see Standard 1210 – Proficiency; Standard

1220 – Due Professional Care).

While not meant to be exhaustive, this knowledge brief is

designed to provide internal auditors with an overview of

the primary challenges they may confront when tasked

with completing an audit of a grant in the public sector, as

well as standards to bear in mind to better align their

processes within the International Professional Practices

Framework (IPPF).

1 USASpending. “Award Search.” Accessed February 8, 2019. https://www.usaspending.gov/#/.

Audit Focus

IIA Standard 1210: Proficiency

Internal auditors must possess the

knowledge, skills, and other

competencies needed to perform their

individual responsibilities. The internal

audit activity collectively must possess

or obtain the knowledge, skills, and

other competencies to perform its

responsibilities.

IIA Standard 1220: Due Professional

Care

Internal auditors must apply the care

and skill expected of a reasonably

prudent and competent internal auditor.

Due professional care does not imply

infallibility.

IIA Standard 2200: Engagement Planning

Internal auditors must develop and

document a plan for each engagement,

including the engagement’s objectives,

scope, timing, and resource allocations.

The plan must consider the

organization’s strategies, objectives,

and risks relevant to the engagement.

STAKES AND CONTEXTS Where internal audit falls within a grant’s life cycle

Characteristics unique to grants

Unlike most transactions, a grant in the basic sense is

defined not by the equal exchange of goods and services,

but by a non-exchange transaction where there is no

expectation or guarantee the grantor will receive

compensation, profit, or even a desired outcome from the

grantee. However, many grants are awarded under

conditions that limit or specifically direct their use. In the

public sector, such uses could include tuition

reimbursement, Medicare or Medicaid reimbursement,

infrastructure construction or repairs, or, especially in

recent times, investments in private sector research and

development to counter various public concerns (e.g.,

illnesses, energy resources).

The challenge for internal audit is to identify measurable,

quantifiable stakes by which risk can be derived, which

may not always be easily definable. The success of federal

grants allocated toward research of cures for Alzheimer’s

disease, for example, are not likely to be measured based

on whether or not a cure is found. In other words, it is critical

to the success of the engagement to understand precisely

what is trying to be accomplished, and why.

To do so, internal audit should establish the context of the

engagement early. By extension, this will also aid the

auditor in highlighting probable risks that may impede the grant’s ability to successfully accomplish its

objectives (see Standard 2200 – Engagement Planning). An internal audit from the grantor’s perspective may

include considering the grant’s mission, the type of grant (e.g., block, matching, conditional, unconditional),

the intentions of relevant stakeholders, previous audit reports if applicable, and any documentation (e.g.,

policies, legislation, manuals) that provides the grant’s frameworks. For the internal auditor representing the

grantee, engagement context may be established through analyzing the grantee’s proposals, the outcomes

derived from previous grant funding, any applicable laws and regulations funding must be compliant with, and

the grantee’s accounting processes that track related expenditures.

Audit Focus

IIA Standard 2210: Engagement

Objectives

Objectives must be established for each

engagement.

2210.A2 – Internal auditors must

consider the probability of significant

errors, fraud, noncompliance, and

other exposures when developing

engagement objectives.

IIA Standard 2220: Engagement Scope

The established scope must be sufficient

to achieve the objectives of the

engagement.

2220.C1 – In performing consulting

engagements, internal auditors must

ensure that the scope of the

engagement is sufficient to address

the agree-upon objectives. If internal

auditors develop reservations about

the scope during the engagement,

these reservations must be

discussed with the client to

determine whether to continue with

the engagement.

To read more, join the Center!