Glossary of Terms

Audit Terms

Agreed-upon Procedures –

An engagement during which procedures to address the needs of a specific situation are agreed upon. It is a type of attestation engagement.


Attestation –

In an attestation engagement, an auditor issues a written conclusion about the reliability of a written assertion that is the responsibility of another. An attestation can result in an examination, a review, or an agreed-upon procedures report on a subject matter that is the responsibility of another party.


Audit –

A systematic examination; an independent, objective review of an organization’s operations, systems, or processes and records, designed to add value by improving the organization’s efficiency and effectiveness; a nonpartisan assessment of the performance or cost of government policies, programs, or operations.


Auditee –

The entity being audited.


Audit Objectives –

The intended accomplishment of the audit. Objectives identify audit subject matter and performance aspects to be included. They are questions that the auditors seek to answer.


Audit Risk –

The possibility that the auditors’ findings, conclusions, recommendations, or assurance may be improper or incomplete, as a result of factors such as insufficient and/or inappropriate evidence, an inadequate audit process, intentional omissions or misleading information due to misrepresentation or fraud.


Conflict of Interest –

Any relationship that is or appears to be not in the best interest of the entity being audited. A conflict of interest prejudices an individual’s ability to perform his or her duties and responsibilities objectively.


Fieldwork –

The audit phase during which evidence is gathered to support conclusions that address the audit objectives.


Finding –

An issue identified in the audit that needs corrective action. Findings may include weaknesses or deficiencies in internal control, fraud, illegal acts, violations of provisions of contracts or grant agreements, or abuse found during the course of the audit. Findings may also be referred to as “issues” in audit reports.


Fraud –

An intentional deception to obtain money, property, or services; to avoid payment or loss of services; or to secure personal or business advantage. A false representation characterized by deceit, concealment, or violation of trust.


GAGAS (or commonly referred to as GAS) –

Generally Accepted Government Auditing Standards, the framework set by the United States Accountability Office, an independent agency of the United States Congress. These are the standards for conducting high quality government audits and attestation engagements. GAGAS contains requirements for ethics, independence, competence, judgment, quality control, the performance of fieldwork, and reporting.


Internal Controls –

Policies, procedures and practices established to safeguard an organization’s assets, check the accuracy and reliability of its accounting data, promote operational efficiency, and encourage adherence to prescribed managerial policies. There are three types of internal controls:


  • Preventive, designed to discourage errors or irregularities from occurring;
  • Detective, designed to find errors or irregularities after they have occurred; and
  • Corrective, designed to fix errors or irregularities after they are detected.


Management Representation Letter –

A letter obtained by the auditor from management acknowledging their responsibility for the information provided during the audit and asserting that the information they provided to the auditor is accurate and complete. Written information in the letter confirms verbal representations given to the auditor, documents the continuing appropriateness of such representations, and reduces the possibility of misunderstanding.


Materiality –

Information, that is important for the fair presentation of a subject matter or assertion about a subject matter.


Mitigating Controls –

A type of control used to discover and prevent mistakes that could result in uncorrected errors or fraud due to control deficiencies.


Non-Audit Services –

Other services such as consulting, investigative, and oversight-related, services that do not involve a GAGAS audit. Examples may include tasks requested by City management, such as providing benchmarking studies or technical advice.


Peer Review –

A peer review is a review of the audit organization performed by independent external auditors. The peer review determines whether the audit organization’s internal quality control system is adequate and whether policies and procedures are complied with to provide assurance of conformance with GAGAS. GAGAS requires an external peer review at least once every three years.


Professional Judgment –

The application of the collective knowledge, skills, and experiences of the auditing team involved with the audit assignment.


Scope –

The boundary of the audit that is directly tied to the audit objectives. The scope defines the subject matter that the auditors will assess and report on as well as the time period under review.


Segregation of Duties –

An internal control procedure whereby no one individual is placed in a position of being able to both perpetrate and conceal errors or fraud. Segregated duties involve assignment of different people with responsibilities of authorizing transactions, recording transactions, and maintaining custody of assets.


Workpapers –

Records of procedures applied kept by the auditor, tests performed, information obtained, and pertinent conclusions reached during the engagement.