Nonprofit Audit Readiness: What to Prepare, When to Start,…

Audit preparation is one of the most misunderstood administrative tasks in nonprofit management. The evidence that survives audit scrutiny is created throughout the year during normal operations — not assembled in the weeks before the auditor arrives. Organizations that understand this distinction close audits faster, with fewer findings, and at lower staff cost.

Two Types of Audits, Two Distinct Obligations

Financial statement audits are required for most mid-sized nonprofits, either by state law, by major funders as a condition of grant agreements, or by board policy. The auditor examines your financial statements and issues an opinion on whether they are presented fairly in accordance with US GAAP as applied to nonprofits (primarily FASB ASC 958 and related standards). The audit scope is your organization’s finances as a whole.

Single Audits (also called Uniform Guidance audits) are federally required when an organization expends $750,000 or more in federal awards in a single fiscal year. A Single Audit does everything a financial statement audit does, and adds a compliance layer: an examination of whether your organization administered each major federal program in accordance with the applicable regulations and grant requirements. The scope expands from organizational finances to federal program compliance.

These are not the same audit with different names. Many nonprofits have annual financial statement audits but have never had a Single Audit. The moment an organization crosses the $750,000 federal expenditure threshold — often by adding one federal grant or by having a state passthrough grant reclassified — Single Audit requirements apply for that fiscal year.

The $750,000 threshold applies to expenditures during the year, not award amounts. A $1.2 million federal grant awarded in Year 1 but spent mostly in Year 2 triggers the Single Audit in Year 2 based on when the money was expended, not when it was awarded.

What Auditors Actually Request

Understanding the request list is the starting point for effective preparation. Requests differ between financial audits and Single Audits.

For a financial statement audit, expect to provide:

General ledger for the fiscal year
Bank statements and completed bank reconciliations for each month
Board minutes for the full fiscal year
Major contracts, grant agreements, and loan documents
Fixed asset additions, disposals, and current depreciation schedule
Payroll registers and related tax filings (Forms 941, W-2s, 1099s)
Supporting documentation for major transactions flagged during audit planning
Functional expense allocation methodology and supporting calculation
In-kind contribution documentation if reported

For a Single Audit, all of the above plus:

Schedule of Expenditures of Federal Awards (SEFA), draft and final
All federal award agreements and amendments, including passthrough agreements
Personnel time records documenting grant allocations for each pay period
Procurement records for federally funded purchases above the micro-purchase threshold
Subrecipient agreements, risk assessments, and monitoring documentation
Federal financial and programmatic reports submitted during the year, with submission timestamps
Prior-year audit findings and corrective action status
Internal controls documentation for federal programs

The documentation that most often creates audit delays is in the second list — time records, subrecipient monitoring files, and procurement documentation. These are not financial records that accounting teams naturally maintain. They require deliberate systems.

The SEFA: Foundation of the Single Audit

The Schedule of Expenditures of Federal Awards is the document that defines the scope of a Single Audit. It lists every federal award your organization administered during the fiscal year — the federal agency, the Assistance Listing number (formerly CFDA number), the award name, the award identification number, and the total expenditures for the year.

Auditors use the SEFA to:

Confirm the $750,000 threshold is met
Identify which programs are candidates for major program selection
Verify that the SEFA is complete (no federal programs missing)
Reconcile SEFA totals to the general ledger

SEFA accuracy errors are a common finding. Missing programs — most often passthrough awards from state agencies that staff did not identify as federal funds — result in audit adjustments and sometimes restatements. Every federal award, whether received directly from a federal agency or through a state/local passthrough entity, must appear on the SEFA.

Preparation for the SEFA should begin at the start of the fiscal year, not at year-end. Maintain a running log of all federal award agreements, amendments, and expenditures. At year-end, the SEFA reconciliation is a verification exercise rather than a reconstruction project.

Organizing Your Evidence Binder

A well-organized audit evidence binder reduces fieldwork duration and demonstrates to auditors that your organization maintains records contemporaneously. The organization that retrieves documentation in minutes creates a different impression than the organization that retrieves it in days.

Structure the binder around the categories that match auditor requests:

Financial section: Trial balance, general ledger by account, bank reconciliations by month, major account reconciliations (pledges receivable, fixed assets, deferred revenue), functional expense allocation.

Governance section: Board minutes for the year, conflict of interest disclosures, organizational chart, key personnel list.

Grant and contract section: All active grant agreements and amendments, funder correspondence, reporting schedules, submitted reports for the year.

Federal compliance section (Single Audit only): SEFA draft, federal award agreements by program, personnel time records by pay period, procurement files for federally funded purchases, subrecipient files with risk assessments and monitoring reports.

Prior-year findings section: Status of each prior finding, documentation of corrective actions completed.

Digital organization is sufficient. What matters is that files are named consistently, folders are structured logically, and the person who needs to retrieve a specific document during fieldwork can find it without asking for help.

The Preparation Timeline

Throughout the year: Maintain personnel time records updated every pay period. Attach documentation to expenditures at entry. Complete subrecipient monitoring as required. Log all federal award information for SEFA purposes. File all funder correspondence and submitted reports in the grant file.

60–90 days before fieldwork: Complete the SEFA draft and reconcile to the general ledger. Conduct an internal review of major program compliance for the prior year’s high-risk areas. Confirm prior-year audit findings are addressed and documented. Brief the auditor on any significant changes to operations, systems, or personnel during the year.

30 days before fieldwork: Package the evidence binder. Confirm which staff will be available to respond to auditor questions and for what periods. Identify any transactions or accounts likely to receive audit attention and prepare explanations in advance.

During fieldwork: Respond to requests promptly. Provide complete documentation on first request when possible. Do not provide explanations that contradict the written records — if a discrepancy exists between two sets of records, acknowledge it and explain it with documentation.

What Findings Actually Look Like

Most audit findings do not indicate fraud or intentional misuse. They indicate documentation failures — the underlying activity and spending were correct, but the records do not adequately demonstrate compliance.

The corrective action process for a finding requires: a written corrective action plan, an implementation timeline, and a designated responsible party. Corrective actions are reviewed at the next audit. A finding that recurs — the organization had the same finding in the prior year and did not fix it — is treated as a repeat finding, which receives greater scrutiny and can affect future award eligibility.

The most durable way to prevent findings is to build the compliance documentation habit into normal operations. Time records completed every pay period rather than reconstructed quarterly. Invoices attached to expenditure entries at the time of payment rather than filed separately and retrieved at audit. Subrecipient monitoring completed on schedule rather than assembled retroactively. The organizations that close audits without findings are not doing more work at audit time — they are doing less, because the work was already done.

Put Nonprofit Audit Readiness: What to Prepare, When to Start, and What Auditors Actually Request into practice

Pick a plan to see how GrantPipe turns nonprofit audit readiness: what to prepare, when to start, and what auditors actually request into a repeatable donor, grant, and compliance workflow.

See plans & pricing

Single Audit: An organization-wide audit of financial statements and federal compliance required for entities expending $750,000 or more in federal awards per fiscal year under 2 CFR Part 200.501. Results are submitted to the Federal Audit Clearinghouse within nine months of fiscal year-end. Single Audit results are publicly accessible and reviewed by federal agencies and funders when evaluating future awards.

Schedule of Expenditures of Federal Awards (SEFA): A required supplementary schedule to the audited financial statements that lists every federal award the organization administered during the fiscal year, including the federal agency, Assistance Listing (CFDA) number, award identification, and total expenditures. The SEFA is the foundation of the Single Audit package and the document auditors use to determine which programs require compliance testing.

Major program: A federal program selected for compliance testing in a Single Audit based on a risk-based determination process under 2 CFR Part 200.518. Auditors test major programs for compliance with applicable requirements including allowable costs, eligibility determination, reporting, and subrecipient monitoring. Type A programs (generally those with expenditures above a dollar threshold) are automatically assessed for major program status.

Corrective action plan: A required response to audit findings, documenting what steps the organization will take to address each finding, who is responsible for each corrective action, and the target completion date. Corrective action plans are included in the Single Audit package and reviewed by federal agencies. Prior-year findings that are not corrected and recur are treated as repeat findings, which result in increased scrutiny.

Federal Audit Clearinghouse: The federal repository where Single Audit packages are submitted and stored. Single Audit results are publicly accessible at the Federal Audit Clearinghouse. Funders, federal program officers, and state agencies routinely review Clearinghouse filings when assessing organizations applying for new awards. A history of material findings affects funding prospects.

“The auditors we've talked to say the same thing: the organizations that close audits quickly are the ones where documentation retrieval takes minutes, not days. That is an operations problem, not an accounting problem. It requires building systems that generate audit evidence as a byproduct of normal work.”

Angel Campa , Founder at GrantPipe

Q&A

What is included in the Single Audit package?

The complete Single Audit package includes: audited financial statements with notes, the Schedule of Expenditures of Federal Awards (SEFA), an auditor's report on financial statements, a report on internal control over financial reporting, a report on compliance for major programs, a schedule of findings and questioned costs, and the organization's summary schedule of prior audit findings. If there are audit findings, the organization's corrective action plan is also included. The complete package is submitted to the Federal Audit Clearinghouse.

Q&A

How does an organization prepare an evidence binder for a financial audit?

An audit evidence binder should be organized by the categories auditors request: financial statements with supporting schedules, bank reconciliations for each month, general ledger with account descriptions, fixed asset additions and disposals, significant contract and grant agreements, payroll registers and related tax filings, board minutes for the fiscal year, and documentation for major transactions. For Single Audits, add a SEFA draft, all federal award agreements, subrecipient agreements, monitoring reports, procurement records for federal purchases, and personnel time records by grant. Binder organization that mirrors the auditor's request list reduces fieldwork duration.

Q&A

What are the most common Single Audit findings?

Common Single Audit findings include: inadequate time-and-effort documentation for personnel costs charged to federal grants, procurement violations (not following required competition procedures for federally funded purchases), subrecipient monitoring failures (not documenting that pass-through grant recipients are compliant), allowable cost violations (charging unallowable expenses to federal grants), and reporting deficiencies (late or incomplete federal financial reports). Most findings are documentation failures — the underlying activities and spending were correct but the records do not adequately demonstrate compliance.

Frequently asked

Frequently Asked Questions

What triggers a Single Audit?

Expending $750,000 or more in federal awards in a single fiscal year triggers the Single Audit requirement under 2 CFR Part 200.501. This includes all federal money flowing through your organization — direct federal awards, and federal funds received as a subrecipient through a state, county, or other passthrough entity. The $750,000 threshold applies to expenditures in the year, not to the total award amounts.

What is the difference between a financial audit and a Single Audit?

A financial statement audit examines your organization's financial statements (statement of financial position, statement of activities, statement of cash flows) and expresses an opinion on whether they are presented fairly in accordance with GAAP. A Single Audit does all of that and adds a second layer: a compliance audit of the federal programs you administered, including whether federal funds were spent in accordance with applicable regulations and grant requirements. Financial audits are typically required by funders or state law; Single Audits are federally required when the $750,000 expenditure threshold is met.

What do nonprofit auditors typically request?

Financial statement auditors typically request: the general ledger, bank statements, reconciliations, board minutes, major contracts and grant agreements, payroll records, fixed asset schedules, and documentation for significant transactions. Single Audit fieldwork adds: the Schedule of Expenditures of Federal Awards (SEFA), all federal award agreements, sub-recipient agreements and monitoring documentation, procurement records for federally funded purchases, time-and-effort records for personnel on federal grants, and prior-year audit reports with any corrective action plans.

How far in advance should we prepare for a Single Audit?

Preparation for a Single Audit should be continuous throughout the year — not a pre-audit sprint. The documentation auditors request (time records, expenditure receipts, monitoring reports) is generated during the year. Organizations that maintain these records in real time need only organize and package them before fieldwork. Organizations that attempt to reconstruct documentation retroactively face weeks of staff time and still produce records that look assembled after the fact. The formal preparation process — completing the SEFA, coordinating with auditors, reviewing internal controls — typically begins 60–90 days before fieldwork.

What is a Schedule of Expenditures of Federal Awards (SEFA)?

The SEFA is a supplementary schedule to the financial statements that lists every federal award the organization administered during the fiscal year, the federal agency, the Assistance Listing (CFDA) number, and the total expenditures for each program. It is a required component of the Single Audit package. The SEFA is the document auditors use to determine which federal programs are major programs subject to compliance testing, and which programs received more than $750,000 in expenditures during the year.

What is a major program in a Single Audit?

Major programs are the federal programs that receive the most detailed compliance testing in a Single Audit. Auditors use a risk-based approach under 2 CFR Part 200.518 to identify major programs, based on total expenditures and risk factors. Programs that exceed a percentage threshold of total federal expenditures are typically treated as major. For each major program, auditors test compliance with the applicable requirements: allowable activities, allowable costs, eligibility, equipment and real property management, matching, reporting, and subrecipient monitoring.

Nonprofit Audit Readiness: What to Prepare, When to Start, and What Auditors Actually Request