Educational Resources
What is a Single Audit?
The Single Audit Act of 1984—Public Law No. 98-502 and its Amendments of 1996—Public Law No. 104-156, established a standardized and uniform audit process for non-Federal entities that receive and expend Federal funds to administer various Government programs and initiatives. The type of audit created by the Single Audit Act is commonly referred to as a Single Audit.
The provisions of the Single Audit Act were codified by the Office of Management and Budget (OMB) in the Uniform Guidance, Subpart F—Audit Requirements.
A Single Audit is an audit of a non-Federal entity's financial statements and of its expenditures of Federal awards. Single Audits are conducted in accordance with Generally Accepted Auditing Standards, Generally Accepted Government Auditing Standards (GAGAS) issued by the Comptroller General of the United States, and the requirements of the Uniform Guidance.
When is a Single Audit required?
As specified in the Uniform Guidance, Subpart F, a Single Audit is required for a non-Federal entity that expends $750,000 or more in Federal awards during the entity's fiscal year. The Audit must cover the entire operations of the entity or must cover a series of audits that includes all departments, agencies, and other organizational units that expended or otherwise administered Federal awards during the audit period.
Non-Federal entities are required to submit the data collection form and reporting package within the earlier of 30 calendar days after receipt of the auditor's report(s) or 9 months after the end of the audit period, to comply with 2 CFR § 200.512(a)(1).
Note: OMB revised the Uniform Guidance and released the final updated version in April 2024. As part of this guidance, the Single Audit threshold increases from $750,000 to $1,000,000. The effective date for the threshold change is for audits with periods beginning on or after October 1, 2024.
What is the Uniform Guiance?
The Uniform Guidance is issued by the Federal Office of Management and Budget. The Uniform Guidance is codified at 2 CFR 200 and establishes uniform administrative requirements, cost principles, and audit requirements for Federal awards. Federal agencies must not impose additional requirements except as allowed in 2 CFR 200.102, 200.211, or unless specifically required by Federal statute, regulation, or Executive order. Certain programs are excluded from certain requirements of the Uniform Guidance as discussed within the document. To learn more about administrative requirements, cost principles and audit requirements, review the Uniform Guidance issued by the Office of Management and Budget.
Administrative requirements
Subparts B through D set forth the uniform administrative requirements for Federal financial assistance. This includes establishing requirements for Federal agencies management of Federal financial assistance programs before a Federal award is made, and requirements that Federal agencies may impose on recipients and subrecipients throughout the lifecycle of a Federal award.
Cost principles
Subpart E establishes principles for determining allowable costs incurred by recipients and subrecipients under Federal awards. These principles are for the purpose of cost determination. They do not address the circumstances nor dictate the extent of Federal Government funding of a particular program or project.
Single Audit Requirements and Audit Follow-up
Subpart F is issued pursuant to the Single Audit Act Amendments of 1996 (31 U.S.C. 7501-7507). Subpart F sets forth the standards for achieving consistency and uniformity among Federal agencies for the audit of non-Federal entities expending Federal awards. Subpart F also provides the policies and procedures for Federal agencies or pass-through entities when using the results of these audits.
What is the OMB Compliance Supplement?
The compliance supplement is a guide from the Office of Management and Budget (OMB) meant to help auditors complete the single audit process. Auditors should use the compliance supplement as a source of information to identify high risk programs when making major program determinations, and also to determine which compliance requirements are applicable to each major program they are auditing. The following is a high level overview of the compliance supplement.
Compliance Supplement - Part 1 - Background, Purpose, and Applicability
Part 1 discusses background information the legislative source of audit requirements, and the purpose of the compliance supplement. The Supplement is a document that identifies existing compliance requirements that the federal government expects to be considered as part of an audit required by the 1996 Amendments to the Single Audit Act. Without the Supplement, auditors would need to research many laws and regulations for each program under audit to determine which compliance requirements are important to the federal government and could have both a direct and material effect on a program. Providing the Supplement is a more efficient and cost-effective approach to performing this research. The Supplement provides information for auditors to understand Federal program's objectives, procedures, and requirements subject to the audit.
2 CFR Part 200, Subpart F, provides that federal agencies are responsible for annually informing OMB of any updates needed to the Supplement and working with OMB to ensure that the Supplement focuses the auditor's testing on the compliance requirements most likely to cause improper payments, fraud, waste, or abuse, or generate audit findings for which the Federal awarding agency will impose sanctions. The agency responsibility includes submitting to OMB in a timely manner the necessary updates to program objectives, procedures, and compliance requirements that are to be subject to the audit (including statutory and regulatory citations).
2 CFR Part 200, Subpart F, describes the non-federal entity's responsibilities for managing federal assistance programs (2 CFR section 200.508) and the auditor's responsibilities (2 CFR section 200.514 through 200.520). Auditors are required to follow 2 CFR Part 200, Subpart F, and the Compliance Supplement.
Compliance Supplement - Part 2 - Matrix of Compliance Requirements
Part 2 identifies the compliance requirements that the federal government has determined are subject to audit for the programs included in the Supplement. Because Part 4 (Agency Program Requirements) and Part 5 (Clusters of Programs) do not include guidance for all types of compliance requirements that pertain to the program (see introduction to Part 4 for additional information), the auditor must use Part 2 to identify the types of compliance requirements that have been identified as subject to the audit. Note that comparable information is included in each program/cluster in parts 4 and 5 of the Supplement. The box for each type of compliance requirement either contains a “Y” (for “Yes” if the type of compliance requirement is subject to audit for the program) or “N” (for “No” if the requirement is not subject to audit for the program).
Compliance Supplement - Part 3 - Compliance Requirements
Part 3 discusses compliance requirements generally applicable to all programs. The objectives of most compliance requirements for federal programs administered by states, local governments, Indian tribes, institutions of higher education, and nonprofit organizations (non-federal entities) are broadly applicable. For example, many programs have eligibility requirements for individuals or organizations to participate in a particular program. While the criteria for determining eligibility vary by program, the objective of the compliance requirement that only eligible individuals or organizations participate is consistent across programs. Rather than repeat the compliance requirements, audit objectives, and suggested audit procedures for each of the programs contained in Part 4, “Agency Program Requirements” and Part 5, “Clusters of Programs,” they are provided once in part 3. For each program in the Supplement, Part 4 or Part 5 contains additional information about the program and the statutes and regulations governing its administration, and also specifies the compliance requirements to be tested using the guidance in Part 3.Compliance Supplement - Part 4 - Agency Program Requirements
Part 4 discusses program specific compliance requirements that should be considered when planning an audit.Compliance Supplement - Part 5 - Clusters of Programs
Part 5 discusses Clusters of programs, including R&D programs and Student Financial Assistance (SFA Cluster) programs. The end of Part 5 lists other programs that are considered clusters. A cluster of programs must be considered as one program for determining major programs, as described in 2 CFR section 200.518 (major program determination), and, with the exception of R&D as described in 2 CFR section 200.501(c), determining whether a program specific audit may be elected.Compliance Supplement - Part 6 - Internal Control
Part 6 discusses internal control over compliance requirements for federal awards (sometimes referred to as internal control over compliance). It is intended for the consideration of both non-federal entities and auditors and includes the following:- A summary of the requirements for internal control for both non-federal entities receiving federal awards (also referred to as auditee management) and auditors performing audits under 2 CFR section 200 (i.e., the Uniform Guidance);
- A background discussion on important internal control concepts; and
- Appendices that include illustrations of entity-wide internal controls over federal awards (Appendix 1), as well as illustrations of internal controls specific to each type of compliance requirement (Appendix 2).
Compliance Supplement - Part 7 - Guidance for Auditing Programs not Included in this Compliance Supplement
Part 7 discusses how to audit programs that are not specifically discussed in the compliance supplement. The 2 CFR section 200.514(d)(3) states that for those federal programs not covered in the compliance supplement, the auditor must use the types of compliance requirements (see 12 types of compliance requirements described in Part 3) contained in the compliance supplement (the Supplement) as guidance for identifying the types of compliance requirements to test, and determine the requirements governing the federal program by reviewing the provisions of the federal award, and the laws and regulations referred in such awards. The purpose of the Part is to provide the auditor with guidance on how to identify the applicable compliance requirements for programs not included in the Supplement for single audits and for program-specific audits when a program-specific audit guide is not available. The Supplement includes only the largest and/or riskiest federal programs. However, more than 1,500 assistance programs are currently funded by the federal government. Therefore, it is likely that the auditor will encounter programs that the auditor is required to test as major programs that are not included in the Supplement. For the reason, the following guidance is provided for the auditor to identify those compliance requirements that should be tested.Compliance Supplement - Part 8 - Appendix
Part 8 contains various appendices of information.
- Appendix I discusses programs that are excluded from portions of the Uniform Guidance.
- Appendix II lists codification references for how the different federal agencies apply (or supplement) the uniform guidance.
- Appendix III is a contact directory for federal programs.
- Appendix IV is a listing of programs with a “higher risk” designation and describes how that designation impacts the major program determination process.
- Appendix V discusses changes that were made when rolling forward the supplement for the current year.
- Appendix VI has links to some audit guides, including the Department of Education audit guide and Department of Housing and Urban Development audit guide.
- Appendix VII discusses audit advisories from OMB that should be considered when preparing for a Single Audit.
- Appendix VIII discusses examinations of EBT service Organizations
- Appendix IX lists the individuals responsible for the annual production of the compliance supplement.
Where can I find CPE to learn more about Single Audits?
The AICPA has an annual single audit update around the time the compliance supplement is released, typically in late Spring or early Summer. Seach for AICPA Compliance Supplement and Single Audit Update.
Many State CPA Societies and third party CPE vendors have single audit educational resources. Check with your local society or preferred vendor for their offerings.