Internal Control Reporting When There are No Issues

In this post, I provide an overview of the internal control reporting requirements when no significant deficiencies or material weaknesses are noted in an audit of the financial statements. I also provide guidance for when such an engagement is subject to the Government Auditing Standards (i.e., Yellow Book). You’ll see a video that shows you what the audit opinion and Yellow Book reports look like when both are in play, and there are no issues. 

Internal Control Reporting Standards

There are two sets of rules when you perform an audit that is subject to the Yellow Book requirements:

1. Generally accepted auditing standards from AICPA
2. Government Auditing Standards (i.e., Yellow Book) from GAO

And only one set of rules if the audit is not subject to the Yellow Book requirements:

1. Generally accepted auditing standards from AICPA

Consider two scenarios.

1. Perform an audit not subject to Yellow Book 

If you perform an audit (not subject to Yellow Book) and have no significant deficiencies or material weaknesses, then no internal control letter is required (for anyone). I refer to this letter as the “SAS 115 letter” since that’s where the original generally accepted auditing rule came from. Some people opt to issue one anyway. But again, this is not required.

In this scenario, you issue one report:

Audit opinion (and no internal control letter is issued)

2. Perform an audit subject to Yellow Book 

If you perform an audit that is subject to Yellow Book and have no significant deficiencies or material weaknesses, then no SAS 115 internal control letter is required. Some people opt to issue one anyway.

A Yellow Book report is required (even though there are no significant deficiencies or material weaknesses) and is included in the audited financial statements, usually after the notes to the financial statement. 

You do not need to send this report to anyone separately (i.e., the government) since it’s included in the bound audit report.

So, in this scenario, you issue two reports:

1. Audit opinion, and
2. Yellow Book report

But what do these reports look like? 

Yellow Book Report and Amendments to Audit Opinion

Here is a video that shows you what a Yellow Book reports looks like when there are no significant deficiencies or material weaknesses. 

I also show you how to amend your standard audit opinion (governmental example) when the Yellow Book report is provided. 

See my related article about capturing and reporting control deficiencies. I define significant deficiencies and material weaknesses in another post.