Auditors engaged to perform a single audit must perform procedures to obtain an understanding of internal control pertaining to the compliance requirements for federal programs sufficient to plan an audit and to support a low assessed level of control risk for:I. major programsII. nonmajor programs

The CPA AUD exam (Auditing and Attestation) focuses on auditing procedures, GAAS, AICPA Code of Professional Conduct, and IT implications in audits. Key areas include risk assessment (25-35%), evidence gathering (30-40%), and compliance with GAO and International Standards. Key topics include Internal Controls, SSAE engagements, and governmental audit reports.  Core Audit Components (CPA AUD) AICPA Standards (GAAS): Governs audits of non-issuers (private companies), focusing on planning, evidence, and report issuance. PCAOB Standards: Governs audits of issuers (public companies), focusing... Show more

The CPA AUD exam (Auditing and Attestation) focuses on auditing procedures, GAAS, AICPA Code of Professional Conduct, and IT implications in audits. Key areas include risk assessment (25-35%), evidence gathering (30-40%), and compliance with GAO and International Standards. Key topics include Internal Controls, SSAE engagements, and governmental audit reports. 

Core Audit Components (CPA AUD)
AICPA Standards (GAAS): Governs audits of non-issuers (private companies), focusing on planning, evidence, and report issuance.
PCAOB Standards: Governs audits of issuers (public companies), focusing on Sarbanes-Oxley Act requirements.
International Standards on Auditing (ISA): Standards issued by the IAASB that apply to international audit engagements. 

Governmental Auditing Standards
Yellow Book (GAO): Government Auditing Standards (GAGAS) provided by the GAO apply to audits of government entities, programs, and grants.
Key Requirements: Focus on compliance with laws, regulations, contracts, and fraud reporting, often in addition to GAAS. 

Information Technology (IT) in Auditing 
IT Controls: Evaluates General Controls (ITGC) and Application Controls (input, processing, output).
Audit Procedures: Uses Computer-Assisted Audit Techniques (CAATs) to test data, systems, and security.
Service Organizations: Evaluates controls at service organizations (e.g., cloud providers) using SSAE reports (SOC 1, SOC 2). 

Key Exam Areas
Ethics/Independence: AICPA Code, SEC/PCAOB regulations, and DOL regulations.
Risk Assessment: Assessing risk of material misstatement (inherent vs. control risk).
Evidence: Substantive procedures, audit documentation, and sampling methods.
Reporting: Types of opinions (unmodified, modified) and report formatting.

Show less