Audit Health Score | Fiscal Patriots

try the simulator!

Audit Health Score Simulator

Move the slider to see how "risk points" affect the final score and tier.

Risk Points: 10

0 (Perfect) 150+ (High Risk)

90 Score

Low

Fewer oversight risk signals.

Important: Audit Health Score is a screening signal, not proof of wrongdoing. A low score does not mean fraud. It means “there are more audit flags worth reviewing.”

What it is used for

Audit Health Score supports three core tasks:

Triage and prioritization: Quickly sort entities into “Low”, “Medium”, and “High” tiers.
Explainable interpretation: Convert multiple audit signals into a single summary, while still allowing users to drill down into the underlying signals.
Guided exploration in dashboards: The dashboards show the underlying audit patterns and funding context that help explain why an entity is in a tier.

Who is this for?

Oversight & Accountability Teams

Inspectors General, audit resolution offices, and compliance units who need a fast triage signal to decide what deserves deeper review first.

Grant Managers

Federal, state, and local managers who want to monitor recipients, spot repeat issues, and prioritize technical assistance or follow-up.

Auditors

Firms and auditors using it as a screening lens to focus attention on patterns like repeat findings, internal control issues, and questioned costs.

Policy Makers

Budget staff who need an interpretable 0–100 summary plus tiers (Low, Medium, High) to discuss oversight risk at a portfolio level.

Journalists & Watchdogs

Investigative organizations looking for a defensible starting point for stories, with clear guardrails that it is not proof of fraud.

Researchers & Students

Those studying public policy, audit patterns, risk clustering, reporting lag, and funding context.

General Public

Taxpayers benefitting from a plain-language “warning light” score that helps them understand where oversight signals cluster without overclaiming causality.

What it measures (and what it does not)

Measures

Audit Health Score summarizes audit oversight signals into a single score via “risk points.” Examples include:

Serious internal control issues
Repeat findings
Questioned costs

Does NOT measure

Proof of fraud or intent
Program effectiveness or service quality
Causality (it does not claim spending caused findings)
Real-time conditions (reporting can lag)

Score Components

Risk Factors (Add Points)

These conditions increase the risk count.

Going Concern +25
Material Weakness (General) +20
Material Weakness (Findings) +20
Repeat Finding +15
Questioned Costs +15
Prior Findings +10
Significant Deficiency +10
Modified Opinion +10
Internal Control Deficiency +5
Noncompliance +5
Other Findings +2
Other Matters +2

Mitigating Factors (Subtract Points)

These conditions reduce the risk count.

Low Risk Auditee -15
Has Corrective Action Plan -5

Core calculation

The score is computed from risk_points using a capped, interpretable transformation.

      risk_points_capped = clamp(risk_points, 0, 100)

      audit_health_score = 100 - risk_points_capped

Why cap risk points? Capping prevents extreme outliers from making the score hard to interpret. The goal is an interpretable public-facing metric that stays within 0–100.

Tiers (Thresholds)

Green – Low 80–100

Interpretation: Fewer oversight risk signals. Still validate with context, especially at high funding volumes.

Yellow – Medium 60–79

Interpretation: Moderate oversight signals. Review patterns, check whether issues persist year over year.

Red – High 0–59

Interpretation: Highest oversight signals. Prioritize for deeper review and validation.

Current dataset snapshot

These numbers give a quick sense of how entities distribute across tiers in our project summary:

Green
10,044 entities
Mean score ≈ 85.48
Yellow
22,202 entities
Mean score ≈ 68.35
Red
9,976 entities
Mean score ≈ 17.43

How to interpret the score

Think of Audit Health Score as a dashboard warning light:

Green: The entity shows fewer audit flags in our scoring lens.
Yellow: There are signals worth monitoring and comparing.
Red: There are signals that warrant deeper review.

Guardrail: "Red" does not mean "bad actor." It simply means "more oversight signals exist in the audits and should be reviewed carefully."

Recommended workflow

Start with tier: Red (prioritize), Yellow (monitor), Green (validate).
Identify drivers: Look for the specific audit signals and counts that contributed to risk points.
Add funding context: Large funding + many signals often deserves attention first.
Compare over time: Check whether issues are persistent, improving, or newly emerging.

Example Scenarios

Scenario A: Red tier + high funding + repeat issues

Check first: Which signals are driving risk points? Do they appear across multiple years?
Increase confidence: Persistent repeat findings, multiple high-severity categories.
Lower confidence: A single one-time issue that was resolved.

Scenario B: Yellow tier + sudden funding increase

Check first: Did new findings emerge in the same period? Is the increase tied to known expansion?
Increase confidence: New severe signals appearing alongside higher dollars.
Lower confidence: Funding change is policy-driven with no change in signals.

Scenario C: Green tier + very large funding

Check first: Does the entity stay Green across years? Are there "near-threshold" risk points?
Increase confidence: Stable Green tier, clean audit outcomes.
Lower confidence: Missing data coverage or reporting lags.