Skip to main content
U.S. flag

An official website of the United States government

Audit Reports

Date

Quality Control Review of the Independent Auditor’s Report on the Department of Transportation’s Audited Consolidated Financial Statements for Fiscal Years 2020 and 2019

Requested By
Required by the Chief Financial Officers Act of 1990
Project ID
QC2021008
File Attachment
What We Looked At
We contracted with the independent public accounting firm KPMG LLP to audit the Department of Transportation’s (DOT) consolidated financial statements as of and for the fiscal years ended September 30, 2020, and September 30, 2019, and provide an opinion on those financial statements, to report on internal control over financial reporting, and to report on compliance with laws and other matters. The contract requires the audit to be performed in accordance with U.S. generally accepted Government auditing standards, Office of Management and Budget audit guidance, and the Government Accountability Office’s and Council of the Inspectors General on Integrity and Efficiency’s Financial Audit Manual. We performed a quality control review of KPMG’s report dated November 13, 2020, and related documentation, and inquired of its representatives.
 
What We Found
Our quality control review disclosed no instances in which KPMG did not comply, in all material respects, with U.S. generally accepted Government auditing standards.
 
Recommendations
DOT concurred with KPMG’s seven recommendations. We agree with KPMG’s recommendations and are not making any additional recommendations.

Recommendations

Closed on
No. 1 to OST
KPMG recommends that DOT management design and implementprocedures to consistently and timely perform and document audit log reviews asrequired by standards for effective internal control systems and/or internalpolicy.
No. 2 to OST
KPMG recommends that DOT management design and implementprocedures to consistently and timely perform and document user account accessreviews as required by standards for effective internal control systems and/orinternal policy.
No. 3 to OST
KPMG recommends that management design and implementcomponent-specific system security plan requirements in instances where plansfor those areas not addressed in the Departmental system security plan.
Closed on
No. 4 to OST
KPMG recommends that management design and implement procedures related to the retention of appropriate supporting evidence of internal controls including, but not limited to, access administration, access recertification, audit log review, and patch management.
Closed on
No. 5 to OST
KPMG recommends that DOT management maintain a documentation trail which demonstrates completion of each step in the performance of their input validation control in accordance with the TIFIA Loan Subsidy Re-estimates standard operating procedures.    
Closed on
No. 6 to FTA
KPMG recommends that FTA management perform a documentedrisk assessment and develop a tailored grant accrual methodology for each newgrant accrual category in which the expected costs incurred but not recordedmay differ based on the characteristics of the grant funding. To the extentcontradictory evidence or actual incurrence does not align with the initialassumptions developed, management should refine the methodology accordingly.
Closed on
No. 7 to FTA
KPMG recommendeds that FTA management establish a documented review process to clearly demonstrate the historical disbursement days for all grant accrual categories have been reviewed prior to recording the grant accrual.