https://crsreports.congress.gov
April 5, 2024
Defense Primer: FY2023 Department of Defense Audit Results
The Chief Financial Officers Act of 1990 (CFO Act, P.L.
101-576) requires annual audits of financial statements for
federal agencies. Under the CFO Act, audits of federal
agencies are the responsibility of the agency’s inspector
general (IG), but the IG may contract with one or more
external auditors to perform the audit.
The Department of Defense (DOD) released the results of
its sixth annual audit, FY2023, on November 15, 2023.
DOD received a disclaimer of opinion, meaning auditors
could not express an opinion on the financial statements
because the financial information was not sufficiently
reliable. The DOD’s IG coordinated the agency-wide
financial audit of DOD, covering $3.8 trillion in assets and
$4.0 trillion in liabilities. The agency-wide audit was
conducted by Independent Public Accounting (IPA) firms
contracted by DOD IG. The IPAs conducted 29 separate
audits within DOD.
Generally, the process and standards used to audit DOD are
the same as those used to audit other federal agencies.
Understanding why and how the DOD audit was conducted
can help Congress evaluate the audit results and usefulness
of the audit.
Why an Audit?
Government entities, including the United States
government as a unitary entity, issue annual reports that
present their current financial position and condition, and
discuss key financial topics and trends. An audit of the
government’s financial information provides accountability
over government agencies’ use of public resources to
Congress, oversight bodies, and the public.
Financial audits aim to provide reasonable assurance that
the audited entity’s financial statements are free of material
misstatements whether caused by error or fraud. DOD
audits can provide critical insight into (1) the reliability of
its financial data; (2) the efficiency and effectiveness of
internal operations; and (3) its compliance with statutes and
financial regulations. With such information, DOD and
Congress could take steps to improve DOD’s performance
in these areas.
DOD’s financial management has been on the Government
Accountability Office’s (GAO’s) High-Risk list (HRL)
since 1995. The HRL identifies areas that might be subject
to fraud, waste, abuse, and mismanagement. In addition to
the financial management, other aspects of DOD’s
operations that could affect the financial management are
on the GAO’s April 2023 HRL.
How Are Audits Done?
For each line item on a financial statement and notes to the
financial statement, an auditor examines a sample of
underlying economic events to determine the accuracy of
the information reported. The auditor is expected to give an
unbiased opinion on whether the financial statements and
related disclosures are fairly stated in all material respects
for a given period of time in accordance with Generally
Accepted Accounting Principles (GAAP). While the
Federal Accounting Standards Advisory Board (FASAB)
sets the financial reporting and accounting standards for the
federal government, GAO is responsible for establishing
auditing standards for federal agencies, including for
federal grant recipients in state and local governments.
Auditing Standards
GAO issues the Generally Accepted Government Auditing
Standards (GAGAS), also commonly known as the “Yellow
Book,” which provides a framework for conducting federal
government audits. Similar to the requirements in the
private sector, GAGAS requires federal financial reporting
to disclose compliance with laws, regulations, contracts,
and grant agreements that have a material effect on the
entities’ financial statements. The GAGAS requires
auditors to consider the visibility and sensitivity of
government programs in determining the materiality
threshold.
Some organizations within the federal government use a
hybrid of external and internal auditors. Whether external
or internal auditors perform the function, they are required
to adhere to the standards established under GAGAS.
In addition to examining financial information, an audit
evaluates management’s assertion of internal control over
financial reporting. Audit of internal control includes audit
of computer systems at the entity-wide, system, and
application levels. GAGAS recommends using specific
frameworks for internal control policies and procedures,
including certain evaluation tools created specifically for
federal government entities.
Types of Audit Opinions
Auditors form opinions by examining the types of risks an
organization might face and the types of controls that exist
to mitigate those risks. Once the risks and controls to
mitigate those risks have been determined, the auditors will
