Audit Reports

-A A +A
skip-to-content

Quality Control Review of the Independent Auditor’s Report on the Department of Transportation’s Audited Consolidated Financial Statements for Fiscal Years 2020 and 2019

Required by the Chief Financial Officers Act of 1990
Project ID: 
QC2021008
What We Looked At
We contracted with the independent public accounting firm KPMG LLP to audit the Department of Transportation’s (DOT) consolidated financial statements as of and for the fiscal years ended September 30, 2020, and September 30, 2019, and provide an opinion on those financial statements, to report on internal control over financial reporting, and to report on compliance with laws and other matters. The contract requires the audit to be performed in accordance with U.S. generally accepted Government auditing standards, Office of Management and Budget audit guidance, and the Government Accountability Office’s and Council of the Inspectors General on Integrity and Efficiency’s Financial Audit Manual. We performed a quality control review of KPMG’s report dated November 13, 2020, and related documentation, and inquired of its representatives.
 
What We Found
Our quality control review disclosed no instances in which KPMG did not comply, in all material respects, with U.S. generally accepted Government auditing standards.
 
Recommendations
DOT concurred with KPMG’s seven recommendations. We agree with KPMG’s recommendations and are not making any additional recommendations.

Recommendations

Open

Closed

No. 1 to OST

KPMG recommends that DOT management design and implementprocedures to consistently and timely perform and document audit log reviews asrequired by standards for effective internal control systems and/or internalpolicy.

No. 2 to OST

KPMG recommends that DOT management design and implementprocedures to consistently and timely perform and document user account accessreviews as required by standards for effective internal control systems and/orinternal policy.

No. 3 to OST

KPMG recommends that management design and implementcomponent-specific system security plan requirements in instances where plansfor those areas not addressed in the Departmental system security plan.

No. 4 to OST

KPMG recommends that management design and implementprocedures related to the retention of appropriate supporting evidence ofinternal controls including, but not limited to, access administration, accessrecertification, audit log review, and patch management.

No. 5 to OST

KPMG recommends that DOT management maintain a documentation trail which demonstrates completion of each step in the performance of their input validation control in accordance with the TIFIA Loan Subsidy Re-estimates standard operating procedures.

No. 6 to FTA

KPMG recommends that FTA management perform a documentedrisk assessment and develop a tailored grant accrual methodology for each newgrant accrual category in which the expected costs incurred but not recordedmay differ based on the characteristics of the grant funding. To the extentcontradictory evidence or actual incurrence does not align with the initialassumptions developed, management should refine the methodology accordingly.

No. 7 to FTA

KPMG recommendeds that FTA management establish a documented review process to clearly demonstrate the historical disbursement days for all grant accrual categories have been reviewed prior to recording the grant accrual.