Nonprofit Audit vs. Review

Is an audit or review better for your nonprofit? The answer depends on the size and complexity of your organization, what kind of funding you receive, and the resources you have available. While audits and reviews both involve an independent CPA examining your financial records, an audit is much more comprehensive – and more expensive. To decide which one is right for your nonprofit, we’ve broken down the difference between an audit and a review below.

Expected Cost

Reviews are usually half the cost of a full audit. Audits may cost $10,000-$20,000 depending on the organization’s size. Audits are much more time-consuming and in-depth than reviews, which increases the overall cost.

Organization Size

For organizations with gross revenues below $500,000, a review is usually the best course of action. Larger organization may also be able to get by with only a review, or by alternating audits and reviews in different years; but the larger and more complex your organization is, the more likely it is that you’ll need an audit at some point.

Why Do You Need One?

An audit may be required as a condition of grants, federal funding, or state law. Some grantors or financial institutions may accept a review instead. Either one can demonstrate your organization’s fiscal responsibility, but audits are much more reliable.


Audits provide the highest level of assurance, with the auditor formally stating their expert opinion on your financials. The auditor looks at many different documents and conducts extensive testing. Reviews provide limited assurance, without a formal opinion. The auditor looks at a limited number of documents and may be able to identify any significant problem areas they stumble across – but they are not actively searching for them.

Additional Services

Unlike reviews, audits include the following services: developing an understanding of your nonprofit’s internal control environment by performing walk-throughs and conducting tests; confirming balances and transactions with outside parties; physical inspections and observations; and other tests of supporting documentation. A management letter is included with an audit but not with a review. This letter covers any deficiencies in internal controls that the auditor has discovered – but it is NOT a guarantee that no fraud is occurring. If you need a more in-depth look at your fraud risk, you may need a separate internal control assessment.