CPA Exam Blueprints 2025 PDF

Summary

This document provides blueprints for the CPA Exam, effective January 2025. It details the different sections of the exam, including Auditing and Attestation, Financial Accounting and Reporting, Taxation, and Regulation. The content covers question types and scoring details, ensuring that candidates have all the information needed for effective exam preparation.

Full Transcript

Uniform CPA Examination ®

Blueprints
Approved by the Board of Examiners
American Institute of CPAs
Sept. 12, 2024

Effective date: January 2025
Uniform CPA Examination Blueprints

Table of Contents
2 Introduction: Uniform CPA Examination Blueprints BAR1 Discipline Examination Section – Business Analysis
and Reporting (BAR)
AUD1 Core Examination Section – Auditing and Attestation (AUD) BAR2 Section Introduction
BAR6 Summary Blueprint
AUD2 Section Introduction
BAR7 Area I – Business Analysis
AUD6 Summary Blueprint
BAR11 Area II – Technical Accounting and Reporting
AUD7 Area I – Ethics, Professional Responsibilities
BAR15 Area III – State and Local Governments
and General Principles
AUD11 Area II – Assessing Risk and Developing a Planned ISC1 Discipline Examination Section – Information Systems
Response and Controls (ISC)
AUD17 Area III – Performing Further Procedures and ISC2 Section Introduction
Obtaining Evidence
ISC6 Summary Blueprint
AUD22 Area IV – Forming Conclusions and Reporting
ISC7 Area I – Information Systems and Data Management
FAR1 Core Examination Section – Financial Accounting ISC10 Area II – Security, Confidentiality and Privacy
and Reporting (FAR) ISC14 Area III – Considerations for System and Organization
FAR2 Section Introduction Controls (SOC) Engagements
FAR6 Summary Blueprint
TCP1 Discipline Examination Section – Tax Compliance
FAR7 Area I – Financial Reporting
and Planning (TCP)
FAR12 Area II – Select Balance Sheet Accounts TCP2 Section Introduction
FAR16 Area III – Select Transactions TCP5 Summary Blueprint
TCP6 Area I – Tax Compliance and Planning for Individuals
REG1
Core Examination Section – Taxation and Regulation (REG) and Personal Financial Planning
REG2 Section Introduction TCP9 Area II – Entity Tax Compliance
REG5 Summary Blueprint TCP14 Area III – Entity Tax Planning
REG6 Area I – Ethics, Professional Responsibilities TCP16 Area IV – Property Transactions (disposition of assets)
and Federal Tax Procedures
REG8 Area II – Business Law
REG11 Area III – Federal Taxation of Property Transactions
REG12 Area IV – Federal Taxation of Individuals
REG15 Area V – Federal Taxation of Entities
(including tax preparation)

Uniform CPA Examination Blueprints 1
Introduction

Uniform CPA Examination Blueprints
The CPA licensure model requires all candidates to pass three Core exam The following table presents the scoring weight of MCQs and TBSs for each Core
sections and one Discipline exam section of a candidate’s choosing. The Uniform and Discipline Exam section.
CPA Examination (the Exam) has been designed accordingly as reflected in the
Exam Blueprints. The Core exam sections assess the knowledge and skills that Score Weighting
all newly licensed CPAs (nlCPAs) need in their role to protect the public interest.
Multiple-Choice Tasked-Based
The Discipline exam sections assess the knowledge and skills in the respective Section
Questions (MCQs) Simulations (TBSs)
Discipline domain applicable to nlCPAs in their role to protect the public interest.
AUD – Core 50% 50%
The three Core exam sections, each four hours long, are: Auditing and Attestation
(AUD), Financial Accounting and Reporting (FAR) and Taxation and Regulation
FAR – Core 50% 50%
(REG). The three Discipline exam sections, each four hours long, are: Business REG – Core 50% 50%
Analysis and Reporting (BAR), Information Systems and Controls (ISC) and Tax
BAR – Discipline 50% 50%
Compliance and Planning (TCP).
ISC – Discipline 60% 40%
The table below presents the design of the Exam by Core and Discipline section,
TCP – Discipline 50% 50%
section time and question type.
The AICPA adopted a skill framework for the Exam based on the revised Bloom’s
Multiple-Choice Tasked-Based Taxonomy of Educational Objectives1. Bloom’s Taxonomy classifies a continuum of
Section Section Time
Questions (MCQs) Simulations (TBSs)
skills that students can be expected to learn and demonstrate.
AUD – Core 4 hours 78 7
Each Exam section consists of five parts that we call testlets. The first two testlets are
FAR – Core 4 hours 50 7 comprised of MCQs. The next three testlets contain the TBSs.
REG – Core 4 hours 72 8
Testlet 1 Testlet 2 Testlet 3 Testlet 4 Testlet 5
Section
BAR – Discipline 4 hours 50 7 (MCQ) (MCQ) (TBS) (TBS) (TBS)

AUD – Core 39 39 2 3 2
ISC – Discipline 4 hours 82 6
FAR – Core 25 25 2 3 2
TCP – Discipline 4 hours 68 7
REG – Core 36 36 2 3 3

BAR – Discipline 25 25 2 3 2

ISC – Discipline 41 41 1 3 2

TCP – Discipline 34 34 2 3 2

1
 evised taxonomy see Anderson, L.W. (Ed.), Krathwohl, D.R. (Ed.), Airasian, P.W., Cruikshank, K.A., Mayer, R.E., Pintrich, P.R., Raths, J., & Wittrock, M.C. (2001). A taxonomy for learning, teaching, and assessing: A revision of Bloom’s Taxonomy of Educational Objectives
R
(Complete Edition). New York: Longman. For original taxonomy see Bloom, B.S. (Ed.), Engelhart, M.D., Furst, E.J., Hill, W.H., & Krathwohl, D.R. (1956). Taxonomy of educational objectives: The classification of educational goals. Handbook 1: Cognitive domain. New York:
David McKay.

Uniform CPA Examination Blueprints 2
Introduction

Uniform CPA Examination Blueprints (continued)

Representative tasks that are critical to an nlCPA’s role in protecting the public Each section of the Exam has a section introduction and a corresponding
interest have been identified. The representative tasks combine both the section blueprint.
applicable content knowledge and skills required in the context of the work of
The section introduction outlines the scope of the section, the content
an nlCPA. Based on the nature of a task, one of four skill levels, derived from the
organization and tasks, the content allocation, the overview of content
revised Bloom’s Taxonomy, is assigned to each of the tasks, as follows::
areas, section assumptions, the skill allocation and a listing of the section’s
applicable reference literature.
Skill Levels
The section blueprint outlines the content to be tested, the associated skill
The examination or assessment of problems,
Evaluation level to be tested and representative tasks an nlCPA would likely encounter. The
and use of judgment to draw conclusions.
blueprints are organized by content AREA, content GROUP and content TOPIC.
The examination and study of the interrelationships Each topic includes one or more representative TASKS that an nlCPA may be
Analysis of separate areas in order to identify causes and find expected to complete.
evidence to support inferences.
The purpose of the blueprint is to:
The use or demonstration of knowledge, concepts
Application or techniques. D
 ocument the minimum level of knowledge and skills necessary for
initial licensure.
Remembering The perception and comprehension of the significance
and Understanding of an area utilizing knowledge gained. A
 ssist candidates in preparing for the Exam by outlining the knowledge
and skills that may be tested.
The skill levels to be assessed on each Core and Discipline section of the Exam
A
 pprise educators about the knowledge and skills candidates will need
are included in the table below.
to function as nlCPAs.
Remembering and Guide the development of Exam questions.
Section Application Analysis Evaluation
Understanding

AUD – Core 30–40% 30–40% 15–25% 5–15% The tasks in the blueprints are representative and are not intended to be
(nor should they be viewed as) an all-inclusive list of tasks that may be tested
FAR – Core 5–15% 45–55% 35–45% –
on the Exam. The number of tasks associated with a particular content group or
REG – Core 25–35% 35–45% 25–35% – topic is not indicative of the extent such content group, topic or related skill level
will be assessed on the Exam.
BAR – Discipline 10–20% 45–55% 30–40% –
ISC – Discipline 55–65% 20–30% 10–20% –
TCP – Discipline 5–15% 55–65% 25–35% –

Uniform CPA Examination Blueprints 3
Uniform CPA Examination
Auditing and Attestation (AUD)
Blueprint
Section Introduction

Auditing and Attestation
The Auditing and Attestation (AUD) section of the Uniform CPA Examination review services standards) to complete a range of tasks including identifying
(the Exam) tests the knowledge and skills that nlCPAs must demonstrate when issues, analyzing facts and determining appropriate responses.
performing the following engagements:
A list of reference materials relevant to the AUD section of the Exam is included
A
 udit engagements include financial statement audits, compliance audits, under References at the conclusion of this introduction.
audits of internal control integrated with an audit of financial statements, audits
of entities receiving federal awards or grants and audits of financial statements Content organization and tasks
of employee benefit plans subject to the Employee Retirement Income Security The AUD section blueprint is organized by content AREA, content GROUP
Act of 1974 (ERISA). Audits include issuer entities subject to the requirements and content TOPIC. Each topic includes one or more representative TASKS
set forth by the Public Company Accounting Oversight Board (PCAOB), that an nlCPA may be expected to complete when performing various types
nonissuer entities subject to the requirements set forth by the American of engagements.
Institute of CPA’s (AICPA) Auditing Standards Board or governmental entities
The tasks in the blueprint are representative. They are not intended to be
subject to the requirements of the U.S. Government Accountability Office (GAO)
(nor should they be viewed as) an all-inclusive list of tasks that may be tested
or the Office of Management and Budget (OMB).
in the AUD section of the Exam. Lists or examples included within the text of
Attestation engagements include assertion-based examinations, direct a representative task beginning with the word “including” are not intended to
examinations and review or agreed-upon procedures engagements that are be exhaustive. Within some representative tasks are parenthetical lists. If a
subject to the requirements set forth by the AICPA’s Auditing Standards Board. parenthetical list begins with “e.g.”, this is not intended to be an exhaustive list but
rather examples of the types of content that could be assessed. Parenthetical lists
A
 ccounting and review service engagements include preparation, compilation
that do not include “e.g.” are intended to be an exhaustive list of the content to be
and review engagements that are subject to the requirements set forth by the
assessed with respect to that representative task.
AICPA’s Accounting and Review Services Committee.
Content allocation
The assessment will focus on an nlCPA’s role in planning, risk assessment,
The following table summarizes the content areas and the allocation of content
performing procedures, obtaining evidence and reporting for these engagement
tested in the AUD section of the Exam:
types. The assessment will incorporate:
D
 ata and technology concepts with a focus on understanding how data is Content area Allocation
structured and flows through underlying systems, verifying the completeness
and accuracy of source data and using the outputs of data analytic techniques Area I Ethics, Professional Responsibilities and General Principles 15–25%
to assist in risk assessment or to complete planned procedures.
Area II Assessing Risk and Developing a Planned Response 25–35%
P
 rofessional skepticism and professional judgment with a focus on the critical
assessment of evidence and the need to apply knowledge and experience to Area III Performing Further Procedures and Obtaining Evidence 30–40%
make informed decisions.
Area IV Forming Conclusions and Reporting 10–20%
A
 pplied research with a focus on reviewing and using excerpts of source
materials (e.g., auditing standards, attestation standards, accounting and

Uniform CPA Examination Blueprints: Core Examination Section – Auditing and Attestation (AUD) AUD2
Section Introduction

Auditing and Attestation (continued)
Overview of content areas SOC 1® reports as they affect the audit of user-entity financial statements.
Area I of the AUD section blueprint covers ethics, professional responsibilities and
Materiality including performance materiality or tolerable misstatement.
general principles, including the following:
A
 ssessing and responding to risks of material misstatement, whether
E
 thics and independence including understanding and applying the AICPA
due to fraud or error.
Code of Conduct and the ethical and independence requirements of the
U.S. Securities and Exchange Commission (SEC), PCAOB, GAO and Department P
 lanning for and using the work of others including management’s specialists
of Labor (DOL). and auditor’s specialists.
P
 rofessional skepticism including the critical assessment of evidence and the S
 pecific areas of engagement risk including compliance with laws and
need to apply knowledge and experience to make informed decisions. regulations, accounting estimates, related parties and requirements for
single audits in accordance with the Uniform Guidance for Single Audits.
Nature, scope and terms of engagements including engagement preconditions.

R
 equirements for engagement documentation and communication with To the extent applicable, the audits of financial statements of employee benefit
management or those charged with governance. plans subject to ERISA are eligible for testing in each group and topic in this Area.

U
 nderstanding of audit and assurance quality on an engagement and Area III of the AUD section blueprint covers performing procedures and obtaining
responsibilities within a firm. evidence. The Area includes the following:

To the extent applicable, the audits of financial statements of employee benefit U
 se of data and information including requesting, preparing and transforming
plans subject to ERISA are eligible for testing in each group and topic in this Area. data, reliability of data and information and data analytics.

S
 ufficient appropriate evidence including sources of evidence and concluding
Area II of the AUD section blueprint covers planning and risk assessment and
on whether evidence obtained achieves the engagement’s planned objectives.
design of procedures responsive to identified risks. The Area includes the following:
S
 ampling techniques including appropriate populations, sample size,
Engagement strategy and engagement planning.
stratification and extrapolation of results.
Internal and external factors related to understanding an entity and its
P
 erforming procedures to obtain evidence including tests of controls, tests of
environment including basic economic concepts such as supply and
details, analytical procedures and external confirmations.
demand and business cycles.
S
 pecific matters that require special audit consideration such as accounting
U
 nderstanding an entity’s control environment and business processes including
estimates, investments in securities, inventory, litigation, claims and
an understanding of the COSO Internal Control – Integrated Framework,
assessments, going-concern and testing transactions related to federal awards
entity-level controls and the design of internal controls, IT environment and related
during a single audit.
IT general controls. The IT environment consists of an entity’s IT infrastructure,
applications, processes to manage access to the IT environment and program M
 isstatements and internal control deficiencies including preparing a summary
change control, including personnel responsible for those processes. of misstatements and determining their effect on the financial statements and
the nature, timing and extent of procedures.

Uniform CPA Examination Blueprints: Core Examination Section – Auditing and Attestation (AUD) AUD3
Section Introduction

Auditing and Attestation (continued)
Written representations requested from management. To the extent that there are different requirements for an entity under audit
or review, the question will include an explicit reference to the entity type
S
 ubsequent events including identification of subsequent events and the impact
(issuer or nonissuer).
to an entity’s financial statements and disclosures.
Questions may refer to an audit engagement by including phrases such as
To the extent applicable, the audits of financial statements of employee benefit
“an audit of a nonissuer” or “an audit of an issuer”. Questions will refer to other
plans subject to ERISA are eligible for testing in each group and topic in this Area.
types of engagements by including phrases such as “examination of pro forma
Area IV of the AUD section blueprint covers engagement reporting. The Area financial information”, “review engagement”, “interim review”, “compilation
includes the following: engagement”, etc. The use of the terms “auditor”, “accountant” or “practitioner”
will also be used to further identify engagement types and applicable professional
R
 eporting on auditing and attestation engagements including factors to standards. Candidates should be mindful of the engagement type when
consider when forming an opinion, types of opinions and the appropriate answering a question.
form and content of a report.
Skill allocation
Considerations for performing preparation engagements. The Exam applies a skill framework based on the revised Bloom’s Taxonomy
C
 onsiderations for reporting on compilation and review engagements, including of Educational Objectives2. Bloom’s Taxonomy classifies a continuum of skills
the appropriate form and content of a report. depicted in the table below:

C
 onsiderations for reporting on compliance aspects as part of an audit Skill Levels
engagement or an attestation engagement related to compliance with a
specific requirement or rule. The examination or assessment of problems, and use
Evaluation of judgment to draw conclusions.
O
 ther reporting considerations when performing engagements, including
consistency, other information, review of interim financial information, The examination and study of the interrelationships
Analysis of separate areas in order to identify causes and find
supplementary information, special-purpose frameworks and additional
evidence to support inferences.
reporting requirements under GAO Government Auditing Standards.
The use or demonstration of knowledge, concepts
Section assumptions Application or techniques.
The AUD section of the Exam includes multiple-choice questions and
task-based simulations. When completing multiple-choice questions and Remembering The perception and comprehension of the significance
task-based simulations in the AUD section of the Exam, candidates should and Understanding of an area utilizing knowledge gained.
be aware of the entity type and engagement type presented in the question.

2
 evised taxonomy see Anderson, L.W. (Ed.), Krathwohl, D.R. (Ed.), Airasian, P.W., Cruikshank, K.A., Mayer, R.E., Pintrich, P.R., Raths, J., & Wittrock, M.C. (2001). A taxonomy for learning, teaching, and assessing: A revision of Bloom’s Taxonomy of Educational Objectives
R
(Complete Edition). New York: Longman. For original taxonomy see Bloom, B.S. (Ed.), Engelhart, M.D., Furst, E.J., Hill, W.H., & Krathwohl, D.R. (1956). Taxonomy of educational objectives: The classification of educational goals. Handbook 1: Cognitive domain. New York:
David McKay.

Uniform CPA Examination Blueprints: Core Examination Section – Auditing and Attestation (AUD) AUD4
Section Introduction

Auditing and Attestation (continued)

The AUD section of the Exam assesses content at all of the skill levels of Bloom’s AICPA Statements on Auditing Standards and Related Auditing Interpretations
Taxonomy as described below:
P
 CAOB Auditing Standards (SEC approved), Auditing Interpretations and Ethics
R
 emembering and Understanding is mainly concentrated in Area I and Area IV. and Independence Rules
Area I contains much of the general audit knowledge that is required for nlCPAs.
U.S. GAO Government Auditing Standards
In Area IV, many of the tasks relate to reporting and are driven by templates and
illustrative examples. Single Audit Act, as amended
A
 pplication is tested in all four areas of the AUD section. Application tasks focus OMB Audit Requirements for Federal Awards (2 CFR 200)
on general topics such as professional responsibilities and documentation, and
the day-to-day tasks that nlCPAs perform, using standardized application tools AICPA Statements on Quality Control Standards
such as audit programs and sampling techniques. A
 ICPA Statements on Standards for Accounting and Review Services
A
 nalysis and Evaluation skills, tested in Area II and Area III, involve tasks that and Related Accounting and Review Services Interpretations
require a higher level of analysis and interpretation. These tasks, such as A
 ICPA Statements on Standards for Attestation Engagements
concluding on sufficiency and appropriateness of evidence, require nlCPAs to and Interpretations
apply professional skepticism and judgment.
AICPA Audit and Accounting Guides
The representative tasks combine both the applicable content knowledge and
AICPA Code of Professional Conduct
the skills required in the context of the work that an nlCPA would reasonably be
expected to perform. Title III and Title IV of the Sarbanes-Oxley Act of 2002

References – Auditing and Attestation U
.S. DOL Interpretive bulletins relating to guidelines on independence of
The References detailed below are the sources of the subject matter eligible for accountant retained by Employee Benefit Plan (29 CFR 2509.75-9)
assessment in the AUD section, to the extent that the subject matter is included
U.S. SEC Independence Rules
in the blueprint’s content areas, groups and topics. Further, the assessment of the
subject matter described in a representative task that identifies an organization, T
 he Committee of Sponsoring Organizations of the Treadway Commission
publication, law, regulation, standard or framework is limited to the specific (COSO): Internal Control — Integrated Framework
sections of the References detailed below. Similarly, subject matter identified in
a representative task and related subject matter is eligible for assessment to the C
 urrent textbooks on auditing, attestation services, economics and ethics
extent it is included in the References detailed below. The subject matter eligible and independence
for assessment is limited to the References detailed below and does not extend to
links or references within these References to other sources.

Uniform CPA Examination Blueprints: Core Examination Section – Auditing and Attestation (AUD) AUD5
Auditing and Attestation (AUD)

Summary Blueprint

Content area allocation Weight

I. Ethics, Professional Responsibilities and General Principles 15–25%

II. Assessing Risk and Developing a Planned Response 25–35%

III. Performing Further Procedures and Obtaining Evidence 30–40%

IV. Forming Conclusions and Reporting 10–20%

Skill allocation Weight

Evaluation 5–15%

Analysis 15–25%

Application 30–40%

Remembering and Understanding 30–40%

The following pages include the detailed blueprints that define the areas, groups,
topics and representative tasks for the AUD section. It is important to note that
the number of representative tasks associated with a particular content group or
topic is not indicative of the extent to which such content group, topic or related
skill level will be assessed on the Exam (i.e., more numerous tasks in a particular
group, topic or skill compared to another should not infer more content weight
assigned to that group, topic or skill).

Uniform CPA Examination Blueprints: Core Examination Section – Auditing and Attestation (AUD) AUD6
Auditing and Attestation (AUD)

Area I – Ethics, Professional Responsibilities and General Principles (15–25%)
Skill

Remembering
Content group/topic Application Analysis Evaluation Representative Task
& Understanding

A. Ethics, independence and professional responsibilities

1. A
 ICPA Code of Understand the principles, rules and interpretations included in the AICPA Code
Professional Conduct of Professional Conduct.

Apply the principles, rules and interpretations included in the AICPA Code of
Professional Conduct to situations (e.g., maintaining integrity and objectivity
and compliance with standards, maintaining the confidentiality of client
information when using automated or third-party tools and techniques
including artificial intelligence).

Apply the Conceptual Framework for Members in Public Practice and Members
in Business included in the AICPA Code of Professional Conduct to situations
that could present threats to compliance with the rules included in the Code.

Apply the Conceptual Framework for Independence included in the AICPA Code
of Professional Conduct to situations that could present threats to compliance
with the rules included in the Code.

2. R
 equirements of the Securities Understand the ethical and independence requirements of the Securities and
and Exchange Commission and Exchange Commission and the Public Company Accounting Oversight Board.
the Public Company Accounting
Oversight Board Apply the ethical requirements and independence rules of the Securities and
Exchange Commission and the Public Company Accounting Oversight Board to
situations that could compromise compliance or impair independence during
an audit of an issuer.

3. R
 equirements of the Government Understand the ethical and independence requirements of the Government
Accountability Office and the Accountability Office Government Auditing Standards.
Department of Labor
Understand the independence requirements of the Department of Labor.

Uniform CPA Examination Blueprints: Core Examination Section – Auditing and Attestation (AUD) AUD7
Auditing and Attestation (AUD)

Area I – Ethics, Professional Responsibilities and General Principles (15–25%) (continued)
Skill

Remembering
Content group/topic Application Analysis Evaluation Representative Task
& Understanding

A. Ethics, independence and professional responsibilities (continued)

3. R
 equirements of the Government Apply the ethical requirements and independence rules of the Government
Accountability Office and the Accountability Office Government Auditing Standards to situations that could
Department of Labor (continued) present threats to compliance during an audit of, or attestation engagement
for, a government entity or an entity receiving federal awards.

Apply the independence rules of the Department of Labor to situations when an
accountant would not be considered independent during an audit of employee
benefit plans.

B. Professional skepticism and professional judgment

Understand the concepts of professional skepticism and professional judgment.

Understand unconscious auditor biases and other impediments to acting with
professional skepticism, including threats, incentives and judgment-making
shortcuts.

C. Nature and scope

1. Audit engagements Identify the nature, scope and objectives of the different types of audit
engagements for issuers and nonissuers.

2. E
 ngagements conducted under Identify the nature, scope and objectives of engagements performed in
Government Accountability Office accordance with Government Accountability Office Government Auditing
Government Auditing Standards Standards, including single audits.

3. Other engagements Identify the nature, scope and objectives of attestation engagements and
accounting and review service engagements.

Uniform CPA Examination Blueprints: Core Examination Section – Auditing and Attestation (AUD) AUD8
Auditing and Attestation (AUD)

Area I – Ethics, Professional Responsibilities and General Principles (15–25%) (continued)
Skill

Remembering
Content group/topic Application Analysis Evaluation Representative Task
& Understanding

D. Terms of engagement

1. Preconditions for an engagement Identify the preconditions needed for accepting or continuing an engagement.

2. Terms of engagement and the Identify the factors affecting the acceptance or continuance of an engagement,
engagement letter including communication with predecessor auditors.

Recall when it is acceptable to agree to management’s request for a change
in the type of engagement (e.g., from an audit to a review).

Perform procedures to confirm that a common understanding of the terms
of an engagement exist with management and those charged with governance.

Document the terms of an engagement in a written engagement letter or
other suitable form of written agreement.

E. Requirements for engagement documentation

Identify the elements that comprise sufficient appropriate documentation in
physical or electronic form for an engagement.

Identify the requirements for the assembly and retention of documentation in
physical or electronic form for an engagement.

Prepare documentation that is sufficient to enable an experienced auditor or
practitioner having no previous connection with an engagement to understand the
nature, timing, extent and results of procedures performed, the significant findings
and conclusions reached and the significant professional judgments made.

Uniform CPA Examination Blueprints: Core Examination Section – Auditing and Attestation (AUD) AUD9
Auditing and Attestation (AUD)

Area I – Ethics, Professional Responsibilities and General Principles (15–25%) (continued)
Skill

Remembering
Content group/topic Application Analysis Evaluation Representative Task
& Understanding

F. Communication with management and those charged with governance

1. P
 lanned scope and timing Identify the matters related to the planned scope and timing of an engagement
of an engagement that should be communicated to management and those charged with
governance.

Prepare presentation materials and supporting schedules for use in communicating
the planned scope and timing of an engagement to management and those charged
with governance.

2. Internal control related matters Identify the matters related to deficiencies and material weaknesses in internal
control that should be communicated to those charged with governance and
management for an engagement and the timing of such communications.

Prepare written communication materials for use in communicating identified
internal control deficiencies and material weaknesses for an engagement to
those charged with governance and management.

G. Audit and assurance quality

Identify a CPA firm’s responsibilities for its accounting and auditing practice’s
engagement quality.

Explain procedures and responsibilities for managing engagement quality.

Uniform CPA Examination Blueprints: Core Examination Section – Auditing and Attestation (AUD) AUD10
Auditing and Attestation (AUD)

Area II – Assessing Risk and Developing a Planned Response (25–35%)
Skill

Remembering
Content group/topic Application Analysis Evaluation Representative Task
& Understanding

A. Planning an engagement

1. Overall engagement strategy Explain the purpose and significance of the overall engagement strategy
for an engagement.

2. Engagement plan Prepare a draft engagement plan for specific processes, accounts or classes
of transactions considering the prior period and changes in the current period.

Prepare supporting planning-related materials (e.g., client assistance request
listings, time budgets) for a detailed engagement plan starting with the prior-year
engagement plan or with a template.

B. Understanding an entity and its environment

1. External factors Understand supply and demand, elasticity measures and profit maximization
(e.g. marginal cost, marginal revenue).

Understand the business cycles (trough, expansion, peak, recession) and leading,
coincident and lagging indicators of economic activity (e.g., consumer price index,
producer price index, federal funds rate, bond yields, unemployment).

Identify relevant factors (e.g., economic, environmental, financial reporting
framework, government policy, industry, regulatory, supply chain, technology)
that could impact an entity, its operations, and/or the inherent risk of
material misstatement.

2. Internal factors Understand the entity’s responsibilities with respect to the corporate governance
provisions of the Sarbanes-Oxley Act of 2002.

Identify the relevant factors that define the nature of an entity, including the
impact on the risk of material misstatement (e.g., its operations, ownership and
governance structure, investment and financing plans, selection of accounting
policies, objectives and strategies, adoption and use of technologies including
artificial intelligence).

Uniform CPA Examination Blueprints: Core Examination Section – Auditing and Attestation (AUD) AUD11
Auditing and Attestation (AUD)

Area II – Assessing Risk and Developing a Planned Response (25–35%) (continued)
Skill

Remembering
Content group/topic Application Analysis Evaluation Representative Task
& Understanding

C. Understanding an entity’s control environment and business processes, including information technology (IT) systems

1. C
 OSO Internal Control – Define internal control within the context of the COSO internal control framework,
Integrated Framework including the purpose, objectives and limitations of the framework.

Identify and define the components, principles and underlying structure of the
COSO internal control framework.

2. C
 ontrol environment, IT general Understand the elements of an entity’s control environment, including the design
controls, and entity-level controls and implementation of IT general controls and entity-level controls.

Perform procedures to obtain an understanding of how an entity has responded
to risks arising from the use of IT, including identifying and testing the design and
implementation of relevant IT general controls.

3. B
 usiness processes and the Identify and document the significant business processes and data flows that
design of internal controls, directly or indirectly impact an entity’s financial statements.
including the IT environment
Perform a walkthrough of a significant business process and document
(e.g., flow charts, process diagrams, narratives) the flow of relevant transactions
and data from initiation through financial statement reporting and disclosure.

Obtain an understanding of an entity’s IT infrastructure (e.g., ERP, cloud computing
or hosting arrangements, custom or packaged applications) and document the
procedures performed to obtain that understanding.

Obtain an understanding of IT applications that are, directly or indirectly, the source
of financial transactions or the data used to record financial transactions (e.g., how
the entity uses IT applications to capture, store, and process information).

Perform tests of the design and implementation of relevant automated and
manual transaction-level internal controls (e.g. authorizations and approvals,
reconciliations, verifications, physical or logical controls, segregation of duties).

Uniform CPA Examination Blueprints: Core Examination Section – Auditing and Attestation (AUD) AUD12
Auditing and Attestation (AUD)

Area II – Assessing Risk and Developing a Planned Response (25–35%) (continued)
Skill

Remembering
Content group/topic Application Analysis Evaluation Representative Task
& Understanding

C. Understanding an entity’s control environment and business processes, including information technology (IT) systems (continued)

3. Business processes and the Identify and document the relevant automated and manual controls within the flow
design of internal controls, of an entity’s transactions for a significant business process and consider the effect
including the IT environment of these controls on the completeness, accuracy and reliability of an entity’s data.
(continued)
Conclude whether relevant automated and manual transaction-level internal
controls are effectively designed and placed in operation.

4. Implications of an entity Understand the differences between SOC 1® and SOC 2® engagements.
using a service organization
Identify and document the purpose and significance of an entity’s use of a service
organization, including the impact of using a SOC 1® Type 2 report in an audit of
an entity’s financial statements.

Use a SOC 1® Type 2 report to determine the nature and extent of testing procedures
to be performed in an audit of an entity’s financial statements.

5. L
 imitations of controls and Understand the limitations of internal controls and the potential impact on the risk
risk of management override of material misstatement of an entity’s financial statements.

Identify and document the risks associated with management override of internal
controls and the potential impact on the risk of material misstatement of an
entity’s financial statements.

D. Materiality

1. F
 or the financial statements Understand materiality, including qualitative considerations, as it relates to the
as a whole financial statements and related disclosures as a whole.

Calculate materiality for an entity’s financial statements as a whole.

Calculate the materiality level (or levels) to be applied to classes of transactions,
account balances and disclosures in an audit of an issuer or nonissuer.

Uniform CPA Examination Blueprints: Core Examination Section – Auditing and Attestation (AUD) AUD13
Auditing and Attestation (AUD)

Area II – Assessing Risk and Developing a Planned Response (25–35%) (continued)
Skill

Remembering
Content group/topic Application Analysis Evaluation Representative Task
& Understanding

D. Materiality (continued)

2. T
 olerable misstatement Understand the use of tolerable misstatement or performance materiality in an
and performance materiality audit.

Determine tolerable misstatement or performance materiality for the purposes of
assessing the risk of material misstatement and determining the nature, timing
and extent of further audit procedures in an audit of an issuer or nonissuer.

E. Assessing and responding to risks of material misstatement, whether due to fraud or error

Determine the pressures, incentives and opportunities for fraud (e.g., fraudulent
financial reporting, misappropriation of assets) that could lead to the risk of
material misstatement.

Determine risk of material misstatement, whether due to fraud or error, at the
financial statement level and relevant assertion level for each significant class
of transactions, significant account and disclosure.

Determine a response to risks of material misstatement at the financial statement
level (e.g. maintaining professional skepticism, engagement team supervision,
incorporating elements of unpredictability), considering the auditor’s understanding
of the control environment.

Determine appropriate procedures to assess the operating effectiveness
of relevant controls.

Determine appropriate substantive procedures to test relevant assertions for each
significant class of transactions, significant account and disclosure.

Determine procedures to satisfy the requirements and objectives of an attestation
engagement.

Determine procedures to satisfy the requirements and objectives of an accounting
and review services engagement.

Uniform CPA Examination Blueprints: Core Examination Section – Auditing and Attestation (AUD) AUD14
Auditing and Attestation (AUD)

Area II – Assessing Risk and Developing a Planned Response (25–35%) (continued)
Skill

Remembering
Content group/topic Application Analysis Evaluation Representative Task
& Understanding

E. Assessing and responding to risks of material misstatement, whether due to fraud or error (continued)

Assess risks of material misstatement, whether due to fraud or error, at the
financial statement level and develop a response by leveraging the combined
knowledge and understanding of the engagement team.

Assess the potential impact of identified risks of material misstatement at the
relevant assertion level for each significant class of transactions, significant
account and disclosure, considering the controls the auditor intends to test.

Analyze the risk of material misstatement, including the potential impact of
individual and cumulative misstatements, to provide a basis for developing
planned audit procedures.

Use outputs from audit data analytic procedures (e.g. reports and visualizations)
to identify transactions that may have a higher risk of material misstatement and
interpret the results to develop planned audit procedures.

F. Planning for and using the work of others

Identify the factors to consider in determining the extent to which an engagement
team can use the work of the internal audit function, IT auditor, auditor’s specialist,
management’s specialist, component auditor or a referred-to auditor.

Determine the nature and scope of the work of the internal audit function,
IT auditor, auditor’s specialist, management’s specialist, component auditor
or a referred-to auditor.

Perform and document procedures to determine the extent to which an
engagement team can use the work of the internal audit function, IT auditor,
auditor’s specialist, management’s specialist, component auditor or a
referred-to auditor.

Uniform CPA Examination Blueprints: Core Examination Section – Auditing and Attestation (AUD) AUD15
Auditing and Attestation (AUD)

Area II – Assessing Risk and Developing a Planned Response (25–35%) (continued)
Skill

Remembering
Content group/topic Application Analysis Evaluation Representative Task
& Understanding

G. Specific areas of engagement risk

1. A
 n entity’s compliance Understand the accountant’s responsibilities with respect to laws and regulations
with laws and regulations that have a direct effect on the determination of material amounts or disclosures
in an entity’s financial statements for an engagement.

Understand the accountant’s responsibilities with respect to laws and regulations
that are fundamental to an entity’s business but do not have a direct effect on the
entity’s financial statements in an engagement.

Perform tests of compliance with laws and regulations that have a direct
effect on material amounts or disclosures in an entity’s financial statements
in an engagement.

Perform tests of compliance with laws and regulations that are fundamental to
an entity’s business, but do not have a direct effect on the entity’s financial
statements for an engagement.

2. Accounting estimates Recognize the potential impact of lower complexity and higher complexity
significant accounting estimates on the risk of material misstatement, including the
indicators of management bias.

3. R
 elated parties and related Perform procedures to identify related party relationships and transactions,
party transactions including consideration of significant unusual transactions and transactions
with executive officers.

4. U
 niform Guidance Understand when an entity is required to have a single audit in accordance with
for single audits the audit requirements of the Uniform Guidance, including the identification of
federal awards and major programs.

Uniform CPA Examination Blueprints: Core Examination Section – Auditing and Attestation (AUD) AUD16
Auditing and Attestation (AUD)

Area III – Performing Further Procedures and Obtaining Evidence (30–40%)
Skill

Remembering
Content group/topic Application Analysis Evaluation Representative Task
& Understanding

A. Use of data and information

1. R
 equesting, preparing Explain the components of a relational database (e.g., tables, records, fields/
and transforming data attributes, primary and foreign keys, normalization).

Explain the characteristics and uses of different measurement scales (e.g.,
nominal, ordinal, interval, ratio, continuous, discrete).

Determine attribute structures, format, and sources of data needed when making
a data extraction request to complete planned procedures.

Determine methods to transform (e.g., preparing, cleaning, scrubbing) data to
complete planned procedures.

2. R
 eliability of data Perform procedures (e.g., agreeing information to original sources, validating
and information search or query criteria used to obtain data) to validate the reliability
(completeness, accuracy, authenticity and susceptibility to management bias)
of data and information obtained from internal and external sources (e.g.,
analyses, schedules, reconciliations prepared using various technologies
including artificial intelligence).

3. Data analytics Describe how to apply automated tools and techniques to process, organize,
structure or present data in a given context to generate useful information that
can be used as evidence.

Perform procedures using outputs (e.g. reports, visualizations) from audit data
analytic techniques to determine relationships, trends or notable items in the
data and identify the appropriate audit response.

Uniform CPA Examination Blueprints: Core Examination Section – Auditing and Attestation (AUD) AUD17
Auditing and Attestation (AUD)

Area III – Performing Further Procedures and Obtaining Evidence (30–40%) (continued)
Skill

Remembering
Content group/topic Application Analysis Evaluation Representative Task
& Understanding

B. Sufficient appropriate evidence

Determine the sources of sufficient appropriate evidence (e.g., obtained from
management’s specialists, obtained from external sources, developed by the audit
team from internal or external sources).

Exercise professional skepticism and professional judgment while analyzing
information to be used as audit evidence taking into account its relevance and
reliability, authenticity and whether such information corroborates or contradicts
the assertions in the financial statements.

Conclude whether sufficient appropriate evidence has been obtained to achieve
the objectives of the planned procedures.

C. Sampling techniques

Understand the purpose and application of sampling techniques including the use
of automated tools and audit data analytic techniques to identify significant events
or transactions that may impact the financial statements.

Identify the appropriate population of items to sample to meet the objectives of
the planned procedures.

Determine the appropriate sampling method to be used in order to accomplish
the objective (control, attribute, test of detail) of the planned procedures.

Use sampling techniques to extrapolate the characteristics of a population
from a sample of items.

Uniform CPA Examination Blueprints: Core Examination Section – Auditing and Attestation (AUD) AUD18
Auditing and Attestation (AUD)

Area III – Performing Further Procedures and Obtaining Evidence (30–40%) (continued)
Skill

Remembering
Content group/topic Application Analysis Evaluation Representative Task
& Understanding

D. Procedures to obtain sufficient appropriate evidence

1. Test of controls Use observation and inspection to obtain evidence.
and test of details
Use recalculation (manually or using automated tools and techniques) to test
the mathematical accuracy of information to obtain evidence.

Use reperformance to independently execute procedures or controls to
obtain evidence.

Inquire of management and others to gather evidence and document the results.

Analyze responses obtained during structured interviews or informal
conversations with management and others, including those in non-financial
roles, and ask relevant and effective follow-up questions to understand their
perspectives and motivations.

Perform tests of operating effectiveness of internal controls, including the analysis
of exceptions to identify deficiencies in an audit of financial statements or an audit
of internal control.

Perform tests of details, including the analysis of exceptions, to identify potential
misstatements in an audit of financial statements.

2. Analytical procedures Determine the suitability of substantive analytical procedures to provide evidence
to support an identified assertion.

Perform substantive analytical procedures, including developing an expectation,
on an account balance to provide evidence to support an identified assertion.

Perform analytical procedures near the end of an audit engagement that assist
the auditor when forming an overall conclusion about whether the financial
statements are consistent with the auditor’s understanding of the entity.

Evaluate and investigate differences resulting from analytical procedures
(e.g., fluctuations or relationships that are inconsistent with other information
or expected values).

Uniform CPA Examination Blueprints: Core Examination Section – Auditing and Attestation (AUD) AUD19
Auditing and Attestation (AUD)

Area III – Performing Further Procedures and Obtaining Evidence (30–40%) (continued)
Skill

Remembering
Content group/topic Application Analysis Evaluation Representative Task
& Understanding

D. Procedures to obtain sufficient appropriate evidence (continued)

3. External confirmations Confirm significant account balances and transactions using appropriate tools
and techniques (e.g., confirmation services, electronic confirmations, manual
confirmations) to obtain relevant and reliable evidence.

Analyze external confirmation responses to determine the need for follow-up
or further investigation.

E. Specific matters that require special consideration

1. Accounting estimates Recalculate and reperform procedures to validate the inputs and assumptions
of an entity’s significant accounting estimates with a higher risk of material
misstatement or complexity, such as fair value estimates.

Perform procedures (e.g. reviewing the work of a specialist and procedures
performed by the engagement team) to validate an entity’s calculations and
detailed support for significant accounting estimates, including consideration of
information that contradicts assumptions made by management.

Conclude on th