Is the CPA AUD formula sheet free?

Yes. The full CPA AUD formula sheet is free, with no signup, no email, and no credit card required. 43 formulas across 4 topics, all rendered with the same KaTeX math notation used in the FreeFellow study app.

Will there be a printable PDF version?

A printable PDF is rolling out shortly. In the meantime, the inline page below is print-friendly: most browsers print clean copies via the Print menu (the navigation, footer, and download CTA are hidden in print).

What's covered on the CPA AUD formula sheet?

Every formula is grouped by official syllabus topic, with the formula in math notation plus a one-line note on when to use it (or a watch-out from CAIA, CFA, or other prep-provider commentary). Coverage is calibrated to the 2026 syllabus and refreshed when the corpus changes.

What is FreeFellow's relationship with CPA?

No. FreeFellow is not affiliated with the CPA or any examination body. This is an independent study aid covering the published syllabus.

What else is free at FreeFellow for CPA AUD candidates?

The full question bank with detailed solutions, mixed practice, readiness tracking, lessons (where available), and the formula sheet are all free forever. Fellow ($59/quarter or $149/year per track) unlocks timed mock exams, spaced-repetition flashcards, performance analytics, AI essay grading, and a personalized study plan.

Free CPA AUD (Auditing & Attestation) Formula Sheet (2026)

Every CPA AUD formula you need on the test, grouped by topic, rendered with full math notation. 43 formulas across 4 topics, calibrated to the 2026 syllabus. Free forever, no signup required.

43 Formulas

4 Topics

2026 Syllabus

Free Forever

All CPA AUD Formulas

Ethics, Professional Responsibilities and General Principles 7 items

Independence: financial interest threshold

Direct financial interest of ANY amount impairs independence.
Indirect financial interest: impairs independence only if material to the covered member.
Covered member = professional on engagement team, firm, or network firm.

Permitted vs prohibited nonattest services for audit clients

Permitted (with safeguards): bookkeeping (non-issuer), payroll, tax compliance, advisory. Prohibited for issuers (SOX §201): bookkeeping, management functions, FIS design/implementation, internal audit outsourcing, broker-dealer, legal, expert witness.

AICPA Threats and Safeguards framework

Threats (7): Adverse Interest, Advocacy, Familiarity, Mgmt Participation, Self-Interest, Self-Review, Undue Influence. Safeguards: profession/legislation, client, firm, remove from engagement, refuse engagement. If threats > safeguards → not independent.

Engagement letter required content

Required: 1) Objectives + scope 2) Auditor + management responsibilities 3) Inherent limitations (material misstatements may go undetected) 4) Applicable reporting framework 5) Form/content of report 6) Laws referenced 7) Fees/billing 8) Period covered. Signed by both parties.

PCAOB inspection authority (issuer audits)

PCAOB inspects registered firms auditing issuers: 1) Annual if >100 issuer audits/yr 2) Triennial if ≤100 3) Reports deficiencies; firm may request re-review 4) Authority from SOX 2002; SEC oversees PCAOB.

Quality control elements (SQCS 8 — HR-PMA-MSC mnemonic)

Six elements: 1) HR — Human Resources 2) P — engagement Performance 3) M — Monitoring 4) A — Acceptance & continuance of clients 5) MSC — Mgmt responsibilities (leadership/tone) 6) E — Ethics & independence. Mnemonic: HELP-ME or HR-PMA-MSC.

AICPA Code — covered member independence categories

Covered members: 1) engagement team; 2) those who can influence the engagement; 3) partners in lead partner's office; 4) the firm; 5) partners/managers providing ≥10 hrs nonattest services to the client.

Assessing Risk and Developing a Planned Response 13 items

Detection risk (solved)

\text{DR} = \frac{\text{AR}}{\text{IR} \times \text{CR}}

Higher IR or CR → lower acceptable DR → more or better substantive procedures required.

Materiality benchmarks (planning)

0.5–1% of revenues or assets
5–10% of pre-tax NI
1–2% of equity
Smaller entities: 2–5% of gross profit or 0.5% of assets.

Risk of material misstatement (RMM)

RMM=IR×CR\text{RMM} = \text{IR} \times \text{CR}RMM=IR×CR
Assessed at financial statement level and assertion level.
Higher RMM → more responsive substantive procedures (nature, timing, extent).

Risk assessment procedures (RAP)

Required for ALL audits to identify risks (NOT to obtain audit evidence): 1) Inquiry of management + others; 2) Analytical procedures (preliminary); 3) Observation + Inspection. Mnemonic: IAO.

Audit Risk model (AR = IR × CR × DR)

AR = IR \times CR \times DR

; solve

DR = AR / (IR \times CR)

— AR = audit risk (set low, e.g. 5%), IR = inherent risk, CR = control risk, DR = detection risk (only auditor-controlled lever via substantive procedures).

Going concern evaluation (auditor's responsibility, ASC 205-40)

Steps: 1) Evaluate conditions/events for substantial doubt about ability to continue 1 yr from F/S issue date. 2) Consider management's mitigation plans. 3) If doubt remains: require disclosure + add emphasis-of-matter paragraph (qualified/adverse if disclosure inadequate).

Management's assertions about transactions vs balances vs presentation

Transactions: OCCAC (Occurrence, Completeness, Cutoff, Accuracy, Classification). Balances: ECRV (Existence, Completeness, Rights/obligations, Valuation). Presentation/Disclosure: OCCA (Occurrence+R&O, Completeness, Classification, Accuracy+Valuation).

Performance materiality vs clearly trivial threshold

PM = OM \times (50\%\text{–}75\%)

;

CTT \approx 5\% \times OM

. OM = overall materiality, PM = performance materiality (account-level buffer for aggregation risk), CTT = clearly trivial threshold (misstatements below are not accumulated).

COSO Internal Control framework — 5 components (CRIME)

CRIME: 1) Control environment 2) Risk assessment 3) Information & communication 4) Monitoring 5) Existing control activities. COSO 2013 adds 17 underlying principles mapped across the 5 components.

Significant risks — characteristics + audit response

Indicators: 1) Complexity 2) Fraud potential 3) Related-party txns 4) Subjective estimates 5) Nonroutine txns. Response: substantive procedures REQUIRED — no reliance on controls alone, regardless of control test results (AU-C 315/330).

Fraud risk — types + auditor's response

Fraud types: 1) Misappropriation of assets 2) Fraudulent financial reporting. Response: a) team discussion b) inquire mgmt/audit committee c) presume revenue recognition fraud risk d) test mgmt override of controls. AU-C 240.

Materiality — overall vs performance vs tolerable

1) Overall = 0.5-1% revenue, 5-10% pretax NI, or 1-2% total assets 2) Performance = 50-75% × Overall (buffer for aggregation) 3) Tolerable Misstatement = subset of Performance, applied to specific account/balance

Specialist (auditor's expert vs management's expert)

Both: evaluate competence, capabilities, objectivity. 1) Auditor's expert (AU-C 620): + evaluate scope & adequacy of assumptions/methods/data. 2) Management's expert (AU-C 500): + evaluate work performed & whether reliable as audit evidence.

Performing Further Procedures and Obtaining Evidence 17 items

Attribute sampling: sample size formula

n = \frac{R}{\text{TDR} - \text{EPER}}

R

= reliability factor (from table based on confidence level and expected deviations),

\text{TDR}

= tolerable deviation rate,

\text{EPER}

= expected population deviation rate.

Reliability factors (attribute sampling)

95% conf: 0 dev → R=3.0; 1 dev → R=4.75.
90% conf: 0 dev → R=2.31; 1 dev → R=3.89.
Higher conf → larger R → larger sample.

Upper deviation rate (attribute sampling)

UDR=Ractual deviationsn\text{UDR} = \frac{R_{\text{actual deviations}}}{n}UDR=nRactual deviations​​
From reliability factor table at desired confidence level given actual deviations found.
If UDR > TDR, internal control cannot be relied upon; increase substantive testing.

Accounts receivable turnover and DSO

A/R Turnover=Net Credit SalesAvg A/R\text{A/R Turnover} = \frac{\text{Net Credit Sales}}{\text{Avg A/R}}A/R Turnover=Avg A/RNet Credit Sales​
DSO=365A/R Turnover\text{DSO} = \frac{365}{\text{A/R Turnover}}DSO=A/R Turnover365​
Analytical procedure; deviations signal potential misstatement.

Reperformance vs reliance on internal controls

1) Reperformance: auditor independently re-executes a control/procedure (e.g., recompute payroll) — high-quality evidence. 2) Reliance on Controls: test operating effectiveness; if effective, reduce substantive testing extent/timing.

Sufficient appropriate audit evidence

Sufficiency (quantity) × Appropriateness (quality) — both required. 1) Sufficiency ↑ as RMM ↑ or evidence quality ↓ 2) Appropriateness = Relevance + Reliability 3) More evidence cannot offset poor quality 4) Professional judgment; document in workpapers (AU-C 500).

Variables (PPS / classical) sampling

PPS:

n = (Recorded\$ \times RF) / (TM - EM \times EF)

— RF=reliability factor, TM=tolerable misstmt, EM=expected, EF=expansion. Tests overstatement only. Classical variables: stratify + mean/SD; tests both directions.

Reliability hierarchy of audit evidence

Most → least reliable: 1) Auditor direct (observation, recalculation); 2) External independent (bank confirms, attorney letters); 3) Internal corroborated externally (signed contracts); 4) Internal w/ strong ICFR; 5) Internal w/ weak ICFR; 6) Inquiry alone.

Audit Data Analytics (ADA) — techniques

ADA = analyze patterns + flag anomalies in full populations. Uses: 1) Benford's Law on JEs 2) revenue cut-off 3) AR aging 4) 3-way match (PO/receiver/invoice) 5) duplicate vendors. Supplements (not replaces) traditional procedures; AICPA Audit Data Standards govern.

Subsequent events procedures (Type I + II)

Period: B/S date → report date. Procedures: 1) Read minutes; 2) Read interim F/S; 3) Inquire mgmt re: new commitments/events; 4) Obtain rep letter; 5) Review legal letter. Type I (existed at B/S): adjust F/S. Type II (arose after): disclose only. Dual-date = responsibility limited to specific event.

Going concern audit response — assessment + report modification

GC steps: 1) Evaluate mgmt's mitigation plans 2) Assess disclosure adequacy. Adequate → unmodified + emphasis-of-matter (GC) paragraph. Inadequate → qualified or adverse. Mgmt refuses GC para → consider withdrawal. PCAOB: disclose as CAM.

CAATs (Computer-Assisted Audit Techniques)

CAAT types: 1) Generalized audit software (ACL, IDEA) — query/analyze client data 2) Custom audit programs 3) Integrated test facility (ITF) — dummy entity processed live 4) Parallel simulation — auditor's program reruns client data. Enables 100% population testing + journal-entry fraud testing.

Test of controls vs substantive procedures

ToC: test operating effectiveness (frequency/consistency) — only if relying on controls. Substantive: tests of details + analytical procedures at assertion level. Substantive ALWAYS required for significant risks regardless of ToC.

Attribute sampling — control deviation rate components

Components: 1) TDR = max deviation rate auditor accepts to rely on control 2) EPDR = expected rate based on prior yrs/risk 3) Sample size = f(reliability factor, TDR − EPDR). Sample size ↑ as TDR ↓ or EPDR ↑.

Direction of audit testing — completeness vs occurrence

Completeness: trace source docs → records (e.g., shipping docs → sales journal; catches understatement). Occurrence: vouch records → source docs (e.g., recorded sales → shipping docs; catches overstatement). Direction = which error you catch.

Confirmations — positive vs negative

POSITIVE: respondent MUST reply (agree or disagree) — higher quality, use for high-risk/large balances. NEGATIVE: reply only if disagrees — lower quality, use ONLY when (1) low risk, (2) many small balances, (3) low expected exception rate. AU-C 505.

Substantive analytical procedures (SAP)

Steps: 1) Develop expectation from plausible relationships 2) Set tolerable difference 3) Compare to recorded amount 4) Investigate variances > threshold. Required at planning + final review; effective when relationships are stable/predictable (e.g., interest, payroll).

Forming Conclusions and Reporting 6 items

Audit opinion thresholds

Unmodified: no material misstatement, full scope.
Qualified: material but not pervasive OR scope limit.
Adverse: material AND pervasive (GAAP violation).
Disclaimer: scope limit too severe — no opinion.

Going concern paragraph — issuer vs nonissuer

1) Issuer (PCAOB): Explanatory paragraph titled "Substantial Doubt About the Company's Ability to Continue as a Going Concern" — placed AFTER opinion. 2) Nonissuer (AICPA AU-C 570): Emphasis-of-Matter paragraph, same concept, after opinion.

Critical Audit Matters (CAMs) — PCAOB AS 3101

CAM (issuer audits only) = matter (1) communicated to audit committee, (2) related to material accounts/disclosures, AND (3) involving especially challenging/subjective/complex auditor judgment. Report each CAM: identify, why CAM, how addressed, FS accounts affected.

Audit report opinion ladder (5 outcomes)

1) Unmodified — fair per framework; 2) Unmodified + EoM/OM — clean + emphasis para (GC, framework change); 3) Qualified — material, not pervasive; 4) Adverse — material AND pervasive misstatement; 5) Disclaimer — scope limit material AND pervasive.

SSARS — preparation, compilation, review (no opinion)

SSARS engagements (no audit, no opinion): 1) Preparation (AR-C 70): no assurance, no report, independence not required. 2) Compilation (AR-C 80): no assurance, report issued, lack of independence OK if disclosed. 3) Review (AR-C 90): limited assurance, written report, independence required.

Single Audit (Uniform Guidance / 2 CFR 200)

Trigger: nonfederal entity expends

\geq

$750K federal funds/yr. Components: (1) F/S audit; (2) major-program compliance + ICOC audit (risk-based selection). Reports: F/S opinion + Schedule of Federal Awards + compliance opinion + IC report.

Free CPA AUD (Auditing & Attestation) Formula Sheet (2026)

All CPA AUD Formulas

Frequently Asked Questions

Formula sheets for other exams

About FreeFellow