Table Of ContentBY ORDER OF THE COMMANDER AIR FORCE AUDIT AGENCY
AIR FORCE AUDIT AGENCY INSTRUCTION 65-101
28 SEPTEMBER 2018
Financial Management
AUDIT SERVICE EXECUTION
COMPLIANCE WITH THIS PUBICATION IS MANDATORY
ACCESSIBILITY: Publications and forms are available on the e-Publishing web site at
www.e-publishing.af.mil for downloading or ordering.
RELEASABILITY: There are no releasability restrictions on this publication.
OPR: HQ AFAA/DOV Certified by: HQ AFAA/DO
(Ms. Nicole Neal)
Supersedes: Pages: 35
AFAAI65-101, 19 November 2010;
AFAAI65-102, 08 May 2012;
AFAAI65-103, 16 September 2011;
AFAAI65-105, 19 November 2010
This publication implements Air Force Policy Directive 65-3, Audit Services and outlines Air
Force Audit Agency (AFAA) responsibilities and requirements for accomplishing audit services
within the Air Force. This instruction incorporates Government Accountability Office
publication GAO-12-331-G, Government Auditing Standards required by the Comptroller
General and applies to all AFAA elements and personnel when performing assigned audit-related
duties and responsibilities.
This publication may be supplemented at any level, but all supplements must be routed to the
office of primary responsibility listed above for coordination prior to certification and approval.
Refer recommended changes and questions about this publication to the office of primary
responsibility listed above using Air Force Form 847, Recommendation for Change of
Publication; route Air Force Forms 847 from the field through the appropriate chain of
command. The authorities to waive wing/unit level requirements in this publication are
identified with a Tier (“T-0, T-1, T-2, T-3”) number following the compliance statement. See
AFI 33-360, Publications and Forms Management for a description of the authorities associated
with the Tier numbers. Submit requests for waivers through the chain of command to the
appropriate Tier waiver approval authority, or alternately, to the requestor’s commander for non-
tiered compliance items. Ensure that all records created as a result of processes prescribed in this
publication are maintained in accordance with Air Force Manual 33-363, Management of
2 AFAAI65-101 28 SEPTEMBER 2018
Records, and disposed of in accordance with Air Force Records Disposition Schedule in the Air
Force Records Information Management System.
SUMMARY OF CHANGES
This publication has been substantially revised and must be completely reviewed. This
publication combines and supersedes Air Force Audit Agency Instructions 65-101, Installation
Level Audit Procedures; 65-102, Centrally Directed Audits; 65-103, Audit Management and
Administration; and 65105, Internal Quality Control Program. These changes outline new
service capabilities related to MAJCOM-level audits, terminated and cancelled audits, external
auditor support, attestations, and nonaudit services. In addition, this publication clarifies auditor
and supervisory responsibilities for audit planning and audit recommendation tracking.
Chapter 1— ROLES AND RESPONSIBILITIES 6
1.1. Overview. ................................................................................................................ 6
1.2. The Auditor General, head of the AFAA. ............................................................... 6
1.3. Assistant Auditor Generals, Deputy Assistant Auditor Generals, Directors, and
Region Chiefs. ......................................................................................................... 6
1.4. Associate Directors, Office Chiefs, and Division Chiefs. ....................................... 6
1.5. Program Managers and Team Chiefs. ..................................................................... 6
1.6. Auditors. ................................................................................................................. 6
1.7. Staff Functions. ....................................................................................................... 7
1.8. Service Types. ......................................................................................................... 7
1.9. Attestations. ............................................................................................................ 8
1.10. Nonaudit Services. .................................................................................................. 8
1.11. External Audit Support. .......................................................................................... 8
Chapter 2— QUALITY CONTROL SYSTEM 9
2.1. Overview. ................................................................................................................ 9
2.2. Supervision. ............................................................................................................ 9
2.3. Project Quality Control Procedures. ....................................................................... 9
2.4. External Quality Control Reviews. ......................................................................... 9
2.5. Internal Quality Control Reviews. .......................................................................... 10
2.6. Quality Control Review Plan. ............................................................................... 10
AFAAI65-101 28 SEPTEMBER 2018 3
Chapter 3— AUDIT PLAN 11
3.1. Overview. ................................................................................................................ 11
3.2. Audit Plan Guidance. .............................................................................................. 11
3.3. Audit Plan Development. ........................................................................................ 11
3.4. Installation-level Plan Development. ...................................................................... 11
3.5. Enterprise-level Plan Development. ....................................................................... 11
3.6. Plan Execution. ....................................................................................................... 11
3.7. Agency personnel will track plan execution in the AFAA Management
Information System. ................................................................................................. 12
Chapter 4— AUDIT PROJECT PLANNING 13
4.1. Overview. ................................................................................................................ 13
4.2. Project Planning. ..................................................................................................... 13
4.3. Fraud, Waste or Abuse. ........................................................................................... 13
4.4. Audit Announcement Memorandum. ..................................................................... 13
4.5. Previous Engagements. ........................................................................................... 14
4.6. Criteria/Magnitude. ................................................................................................. 14
4.7. Internal Control Assessment. .................................................................................. 14
4.8. Computer-Processed Data. ...................................................................................... 14
4.9. Sampling Methodology. .......................................................................................... 14
4.10. Potential Monetary and Nonmonetary Benefits. ..................................................... 15
4.11. Preliminary Testing. ................................................................................................ 15
4.12. Audit Program Design. ........................................................................................... 15
4.13. Audit Decision Point 1. ........................................................................................... 16
4.14. Status Updates. ........................................................................................................ 17
4.15. Plan Finalization. .................................................................................................... 17
Chapter 5— AUDIT FIELDWORK 18
5.1. Overview. ................................................................................................................ 18
5.2. Program Execution. ................................................................................................ 18
5.3. Communication. ...................................................................................................... 18
4 AFAAI65-101 28 SEPTEMBER 2018
5.4. Summarization. ....................................................................................................... 19
5.5. Potential Fraud or Illegal Acts. .............................................................................. 19
5.6. Revised Assessments. ............................................................................................. 19
Chapter 6— REPORTING REQUIREMENTS 21
6.1. Overview. ................................................................................................................ 21
6.2. Quality Control. ...................................................................................................... 21
6.3. Management Comments. ........................................................................................ 22
6.4. Report Processing. .................................................................................................. 22
6.5. Final Report Distribution. ....................................................................................... 23
6.6. Reissue. ................................................................................................................... 23
Chapter 7— ADMINISTRATION 24
7.1. Management Information System. .......................................................................... 24
7.2. Electronic Working Papers. .................................................................................... 24
7.3. Access to Data. ....................................................................................................... 25
7.4. General Counsel. ..................................................................................................... 25
7.5. Air Force Office of Special Investigations. ............................................................ 25
7.6. Focal Points and Gatekeepers. ................................................................................ 26
7.7. Special Handling. .................................................................................................... 26
7.8. External Consultants and Specialists. ..................................................................... 28
Chapter 8— ATTESTATION 29
8.1. Overview. ................................................................................................................ 29
8.2. Compliance with Standards. ................................................................................... 29
8.3. Independence. ......................................................................................................... 29
8.4. Approval Process. ................................................................................................... 29
8.5. Announcement Memorandum. ............................................................................... 29
8.6. Working Papers. ...................................................................................................... 30
8.7. Reporting. ............................................................................................................... 30
8.8. Quality Control. ...................................................................................................... 30
AFAAI65-101 28 SEPTEMBER 2018 5
Chapter 9— NONAUDIT SERVICES 32
9.1. Overview. ................................................................................................................ 32
9.2. Threat to Independence. .......................................................................................... 32
9.3. Approval Process. .................................................................................................. 32
9.4. Tracking Nonaudit Services. ................................................................................... 32
9.5. Nonaudit Services Product Compliance. ................................................................ 33
Attachment 1— GLOSSARY OF REFERENCES AND SUPPORTING INFORMATION 34
6 AFAAI65-101 28 SEPTEMBER 2018
Chapter 1
ROLES AND RESPONSIBILITIES
1.1. Overview. Government Auditing Standards, also referred to as generally accepted
government auditing standards, require audit organizations to establish and implement policies
and procedures designed to provide reasonable assurance that the organization and its personnel
comply with applicable professional standards and legal and regulatory requirements. Audit
personnel must comply with audit standards and quality control policies outlined in this
instruction to plan and execute audit services. (T-2) Additional detailed procedures are outlined
in AFAA internal business rules, guides, and playbooks.
1.2. The Auditor General, head of the AFAA. Directs and manages all internal audit
functions for the Air Force. The Auditor General also serves as the Air Force Liaison and
Follow-up Official between Air Force management, external audit organizations, and
Washington Headquarters Services to execute audits, reviews, evaluations, analyses,
investigations, follow-up review and external peer reviews. Specific responsibilities of the
Auditor General are outlined in Headquarters Air Force Mission Directive 1-8, The Auditor
General; Air Force Mission Directive 17, Air Force Audit Agency; Air Force Policy Directive
65-3, Audit Services; and AFIs 65-301 Internal Audit Services, and 65-302, External Audit
Services.
1.3. Assistant Auditor Generals, Deputy Assistant Auditor Generals, Directors, and Region
Chiefs. Provide oversight for mission planning and execution within their respective
directorates. Duties include establishing policies, programs, and procedures to facilitate
compliance with applicable government auditing and professional standards; developing and
approving audit topics aligned with Air Force and agency priorities; and allocating resources to
deliver timely, relevant, and quality audit services. In addition, Assistant Auditor Generals,
Deputy Assistant Auditor Generals, Directors, and Region Chiefs communicate with senior Air
Force officials to deliver relevant and responsive services.
1.4. Associate Directors, Office Chiefs, and Division Chiefs. Monitor mission execution
within their respective functional or geographical areas. In addition, second-level supervisors
provide guidance and direction to first-level supervisors, auditors, and administrative personnel.
Responsibilities include planning organizational resources and evaluating and approving
deviations from the established project objectives, milestones, or resources. Further, second-
level supervisors periodically brief directorate leadership on audit progress and operational
capabilities.
1.5. Program Managers and Team Chiefs. Allocate financial, personnel, and audit resources
for assigned projects. In addition, first-level supervisors provide and document supervision over
audit staff and project execution. Responsibilities include continuous communication with
management officials and auditors to deliver compliant audits, attestations, and nonaudit
services. Further, first-level supervisors brief second-level supervisors and senior AFAA
officials about project statuses and resource limitations.
1.6. Auditors. Manage assigned projects and tasks in accordance with professional standards
and other agency policies and procedures. Auditors document work performed and evidence
collected in working paper files. In addition, auditors should continuously communicate with
AFAAI65-101 28 SEPTEMBER 2018 7
management officials to provide services within approved milestones. Auditors also should
inform supervisors and senior AFAA officials about resource limitations and deviations from
established standards and policies.
1.7. Staff Functions.
1.7.1. The Operations Directorate is the primary source of assistance to the Auditor General
on audit and support policies and procedures. Divisions under the Operations Directorate
include the Operations Division, the Resource Management Division, and the Policy,
Oversight, and Systems Division.
1.7.1.1. The Operations Division manages strategic and audit planning, agency
performance metrics, audit report processing, recommendation tracking, and external
coordination and liaison duties. In addition, division personnel prepare semi-annual
reports for Congress.
1.7.1.2. The Resource Management Division provides personnel and financial
management services to employ a professional, high-performing, diverse workforce and
manage financial resources to meet mission requirements.
1.7.1.3. The Policy, Oversight, and Systems Division provides critical guidance, quality
control, and information technology resources to facilitate compliance with standards and
empower agency personnel to deliver timely, relevant, and quality audit services.
1.7.2. The Force Development Division oversees programs related to professional education,
training, career development, force sculpting, accession, recruiting, and retention of AFAA
personnel.
1.7.3. The Director of Staff provides strategic direction to and leads executive functions to
support the AFAA mission, and directs initiative implementation to increase organizational
effectiveness. Further, the Director of Staff acts as the advisor to the Auditor General.
1.7.4. The Master Process Office provides guidance, training, mentoring, and coaching for
agency continuous process improvement initiatives. In addition, the Master Process Office
facilitates improvement activities addressing gaps between current and standard performance
indicators using continuous process improvement methodologies and various tools.
1.8. Service Types.
1.8.1. Audit organizations, including AFAA, are authorized under generally accepted
government auditing standards and the DoD Manual 7600.07 to perform a variety of services
including performance audits, financial audits, attestations, nonaudit services, and external
audit support. All services begin with objectives and those objectives determine the
standards applied.
1.8.1.1. Audits. AFAA personnel will conduct the following audits in accordance with
generally accepted government auditing standards (T-0):
1.8.1.2. Performance Audits. Performance audits provide an independent assessment of
a government organization, program, activity, or function. Performance audits include
economy and efficiency and program audits.
1.8.1.3. Financial Audits. Financial audits include financial statement and financial-
related audits. Financial audits evaluate whether an entity (a) presented fairly its
8 AFAAI65-101 28 SEPTEMBER 2018
financial information including financial condition, results, and use of resources; (b)
adequately designed and effectively implemented a system of internal controls; and (c)
complied with laws and regulations. Auditors must comply with applicable American
Institute of Certified Public Accountants Statements on Auditing Standards when
conducting financial statement audits. (T-0)
(https://www.aicpa.org/publications/authoritativestandards.html)
1.9. Attestations. Attestations include examinations, reviews, or agreed-upon procedures
engagements with financial or non-financial objectives about a subject matter or assertion. Audit
personnel must comply with the American Institute of Certified Public Accountants Statements
on Standards for Attestation Engagements. (T-0)
(https://www.aicpa.org/publications/authoritativestandards.html) Additional guidelines for
attestations are outlined in AFI 65-301 and Chapter 8 of this instruction.
1.10. Nonaudit Services. Nonaudit services are professional services other than audits and
attestation engagements. Before accepting a nonaudit service request, audit personnel should
consider whether the service can be provided as an audit. Audit personnel must determine
whether performing the service would create a threat to independence as required by
Government Auditing Standards. (T-0) Additional guidelines to accept and execute nonaudit
services are outlined in AFI 65-301 and Chapter 9 of this instruction.
1.11. External Audit Support. Generally accepted government auditing standards allow
external auditors to use the work of internal auditors to streamline and expedite audits or
attestations. Internal auditors may assist an external audit organization by collecting data,
performing tests, and conducting inventories.
AFAAI65-101 28 SEPTEMBER 2018 9
Chapter 2
QUALITY CONTROL SYSTEM
2.1. Overview. Under generally accepted government auditing standards, audit organizations
must establish and maintain a quality control system to provide reasonable assurance that audit
services comply with applicable standards, policies, and procedures. In addition, the audit
organization should document compliance with its quality control policies and procedures. The
AFAA has established and maintains an internal quality control program that consists of four
components: supervision, project quality control procedures, external quality control reviews,
and internal quality control reviews.
2.2. Supervision. Supervisory audit personnel must provide the assigned staff sufficient
guidance and direction to address the engagement objectives and comply with applicable audit
standards. Supervisors must review audit working papers as needed to ensure engagement
results communicated to Air Force leaders are defensible and work performance and products
comply with applicable standards. Supervisors conduct reviews as frequently as needed based
on considerations of staff experience, engagement status, and project complexity. Additionally,
supervisors must approve documentation and sign off on working papers prior to designated
audit decision points, which include but are not limited to: audit program development, planning
completion, report writing, independent referencing, final report distribution, and project
finalization. (T-2)
2.3. Project Quality Control Procedures. Project quality control procedures facilitate quality
work and standards compliance.
2.3.1. Independent Referencing. The audit team will verify that working paper evidence
supports the information contained in draft reports prior to distributing them to Air Force
management. (T-0) The independent referencer, auditor, and first-level supervisor should
verify the project has been referenced.
2.3.2. Compliance Resources. Policy, Oversight, and Systems Division personnel should
develop standard quality control resources and checklists to assist personnel with verifying
compliance with professional standards. The audit team may use these quality control
resources during audit execution and finalization to assess compliance with Government
Auditing Standards and agency policies and procedures.
2.3.3. Second-level Supervisory Reviews. Associate Directors and Office Chiefs will review
and evaluate working paper files to verify audit personnel comply with established standards
and adequately support findings. (T-2)
2.3.3.1. Second-level supervisors will perform at least one quality control review per
team or branch annually. (T-2) All projects are subject to review regardless of whether
the audit team issued a final report or terminated the project.
2.3.3.2. Second-level supervisors should use standard quality control resources to
conduct reviews.
2.4. External Quality Control Reviews. Under Government Auditing Standards and the
Council of the Inspectors General on Integrity and Efficiency requirements, audit organizations
must have an external peer review at least once every 3 years. (T-0) The external peer review
10 AFAAI65-101 28 SEPTEMBER 2018
evaluates whether the audit organization’s quality control system is suitably designed and
personnel comply with applicable professional standards in all material respects.
2.5. Internal Quality Control Reviews. Staff auditors with the Policy, Oversight, and Systems
Division will annually conduct internal quality control reviews to assess compliance with
Government Auditing Standards and agency policies and procedures. (T-2)
2.5.1. Quality Control Reviews. Quality control reviews evaluate audits, attestations, and
nonaudit services execution from project initiation to finalization.
2.5.1.1. Staff auditors should use standard quality control resources and checklists to
assess compliance with Government Auditing Standards, Council of the Inspectors
General on Integrity and Efficiency requirements, DoD Manual 7600.07 and internal
quality control system procedures.
2.5.1.2. The Policy, Oversight, and Systems Division may use auditors to augment
division resources to conduct internal quality control reviews.
2.5.2. Functional Reviews. The Policy, Oversight, and Systems Division may review
projects for compliance with a specific functional requirement or professional standard. Staff
auditors or designated audit personnel may select review topics based on external peer
review results, agency management concerns, and high risk areas identified during other
quality control reviews.
2.5.3. Operational Reviews. Staff auditors or designated audit personnel may conduct
directorate or agency-wide operational reviews to evaluate selected agency operations or
quality control system elements. These reviews may address Auditor General special interest
items or programs.
2.5.4. Policy, Oversight, and Systems Division staff auditors or designated audit personnel
will analyze and summarize the results from quality control system reviews at least annually
to identify any systemic issues or trends, along with recommendations for corrective action
or training resources. (T-2)
2.6. Quality Control Review Plan. The Policy, Oversight, and Systems Division will develop
an annual quality control review plan. (T-2) Specifically, the Policy, Oversight, and Systems
Division will:
2.6.1. Coordinate with audit directorates to identify and prioritize proposed internal quality
control review topics. (T-2)
2.6.2. Establish objectives and identify resource requirements for each project included in
the plan. (T-2)
2.6.3. Brief the annual plan to the Auditor General, Assistant Auditor Generals and
Directors. (T-2)
Description:This instruction, which implements Air Force Audit Agency (AFAA) Policy required by the Comptroller General and is mandatory for all AFAA
