A practical guide for hiring managers and CPA firm leaders who want to find auditors with real technical depth, sound judgment, and the maturity to handle pressure.
Here's what happens in a lot of financial audit interviews: the candidate rattles off textbook answers, mentions GAAS, talks about materiality, and walks out feeling confident. The hiring manager feels pretty good too. Then, three months in, the new hire is struggling with workpaper documentation, flagging the wrong things in client files, or freezing when a controller pushes back on their findings.
The problem is not that audit interview questions are too hard. The problem is that most of them are too easy to fake.
Audit work is about judgment. It's about knowing why you're running a procedure, not just how. Strong candidates demonstrate that judgment in their answers. Weak candidates give you the definition and stop there. This guide gives you 30 questions that actually surface the difference.
If you want to go beyond the interview and validate that candidates can actually perform before you hire them, the MYCPE ONE pre-hiring assessment platform for CPAs lets you test real accounting and audit skills with job-relevant scenarios, not just credentials.
You don't need to ask all 30 questions in one interview. Here's a smarter approach:
Pick 10 to 12 Questions Based on the Level You're Hiring
Framework Note for Interviewers
This guide blends GAAS/AU-C, PCAOB, and IIA references because audit hiring spans different practice environments. Use the standard set relevant to the role you're filling: AU-C/GAAS for nonissuer audits, PCAOB standards for issuer audits, and internal audit standards only where relevant to the candidate's background. When a candidate cites a specific standard, evaluate it against the framework they would actually be working in.
Use Structured Scoring, Not Gut Feel
Score each answer on four criteria: technical accuracy, professional judgment, clarity, and evidence mindset. A full scoring rubric is included at the end of this guide.
Know What a Strong Answer Looks Like
Strong audit interview answers tend to share these qualities:
Looking for a more structured way to evaluate candidates before the interview even starts?
Explore pre-built assessments for CPA firms designed around real-world accounting scenarios.
These questions reveal whether a candidate understands what audit planning is actually trying to accomplish: identifying where material misstatements are most likely to occur, and designing work to address that risk.
Q1. Walk me through how you approach planning an audit for a new client.
What to listen for: Look for a structured approach: client understanding, industry risk, prior period issues, materiality setting, and team scoping. A strong candidate mentions client acceptance procedures and preliminary analytical review.
Red flag: Skipping risk assessment entirely or treating planning as an administrative task rather than a risk-identification exercise.
Q2. How do you determine what's material for a given audit engagement?
What to listen for: They should explain that materiality is based on professional judgment, often using an appropriate benchmark such as pretax income, revenue, assets, or equity, together with qualitative factors. These benchmarks are common starting points, not hard rules. Bonus if they mention performance materiality.
Red flag: Treating a single percentage threshold as a definitive rule, or failing to acknowledge that qualitative factors and professional judgment are always part of the determination.
Q3. What factors do you assess when evaluating the risk of material misstatement at the assertion level?
What to listen for: Strong candidates break this into inherent risk and control risk. They reference specific assertions like completeness, valuation, and cut-off. Look for examples drawn from actual engagement experience.
Red flag: Conflating risk of material misstatement with audit risk, or inability to name specific assertions.
Q4. Describe how you conduct a walkthrough and what you're trying to accomplish.
What to listen for: A walkthrough is a transaction trace through the entire process from initiation to recording. The goal is understanding controls, not just confirming they exist. Look for mention of inquiry, observation, and inspection as combined procedures.
Red flag: Treating walkthroughs as a control test rather than a process understanding tool.
Q5. How do you scope an engagement when management insists the risk is low?
What to listen for: The candidate should explain that scope is driven by auditor judgment based on risk assessment, not management preference. Look for references to professional skepticism and independence.
Red flag: Deferring entirely to management's view without applying independent judgment.
Q6. Tell me about a situation where your preliminary risk assessment turned out to be wrong mid-engagement. What did you do?
What to listen for: This is behavioral. Look for a real example with honest self-reflection. Strong candidates describe how they adjusted scope, communicated with the team, and documented the change in approach.
Red flag: For experienced hires, inability to provide a concrete example may be a concern. For junior candidates, accept a well-reasoned hypothetical if direct exposure is limited. The real concern is weak judgment or failure to recognize that risk assessments can and should evolve.
A candidate who understands controls knows how to make audit work more efficient and more targeted. These questions reveal whether they think strategically or just mechanically.
Q7. Explain the difference between a test of controls and a substantive test. When would you rely more on one versus the other?
What to listen for: Tests of controls evaluate whether a control operates effectively. Substantive tests directly test the financial statement balance or transaction. The decision to rely on controls hinges on their design effectiveness and the cost-benefit of testing.
Red flag: Inability to articulate the difference or suggest controls testing is always required.
Q8. What's the difference between a significant deficiency and a material weakness? How would you communicate each?
What to listen for: A material weakness represents a reasonable possibility that a material misstatement won't be prevented or detected. Significant deficiencies are less severe but also require formal communication. Both should be evaluated and communicated in accordance with the applicable framework, typically in writing to those charged with governance, with appropriate communication to management as well. Under PCAOB, material weaknesses carry especially serious consequences for ICFR conclusions.
Red flag: Treating these as interchangeable, or being unclear about the formal written communication requirements that apply to both.
Q9. How do you assess whether a client's IT general controls are adequate enough to rely on application controls?
What to listen for: IT general controls (ITGC) include access management, change management, and operations. If ITGCs are weak, application controls may not be reliable. Strong candidates mention the need to understand both layers before placing reliance.
Red flag: Auditing application controls in isolation without considering the IT environment.
Q10. Describe a control deficiency you identified during an engagement. How did you evaluate its severity and handle the communication?
What to listen for: This is a behavioral question requiring a real example. Look for structured evaluation of likelihood and magnitude, communication to the right level of management, and proper documentation in the workpapers.
Red flag: For experienced hires, inability to provide a specific situation is a concern. For junior candidates with limited direct ownership, accept a well-reasoned response about how they would evaluate severity and escalate. The concern is weak judgment about deficiency severity, not simply limited exposure.
Q11. When does it make sense to rely on the work of an internal audit function?
What to listen for: External auditors can use IA work when the function is competent, objective, and applies a systematic and disciplined approach. Strong candidates reference AU-C 610 for nonissuer audits or PCAOB AS 2605 (Consideration of the Internal Audit Function) for issuer audits, and should note the need for testing, supervision, and evaluation of the work used.
Red flag: Assuming internal audit work can always be substituted for external audit procedures, or that no supervision or testing of that work is required.
Q12. How would you approach auditing controls in a highly automated environment with limited manual review processes?
What to listen for: This tests IT audit awareness. Look for discussion of ITGC testing, automated control testing, and the use of audit data analytics or technology-assisted testing to evaluate large populations. Strong candidates also mention evaluating configuration controls and how automated controls depend on the reliability of the IT environment.
Red flag: Defaulting entirely to substantive testing without engaging with IT controls at all.
This is where technical depth becomes visible. Candidates who've done real fieldwork know the difference between going through the motions and actually gathering sufficient appropriate evidence.
Q13. Walk me through how you design a sampling approach for a population of accounts payable transactions.
What to listen for: Look for understanding of statistical vs. non-statistical sampling, how to define the population and sampling unit, tolerable misstatement, and expected error rate. Strong candidates mention how they evaluate sampling results.
Red flag: Treating sampling as purely a compliance exercise or being unable to explain how results affect conclusions.
Q5. How do you scope an engagement when management insists the risk is low?
What to listen for: The candidate should explain that scope is driven by auditor judgment based on risk assessment, not management preference. Look for references to professional skepticism and independence.
Red flag: Deferring entirely to management's view without applying independent judgment.
Q14. When would you use analytical procedures as a substantive test rather than just an overall review?
What to listen for: Substantive analytics require a strong expectation, a reliable data set, and a clear comparison. They're most useful for high-volume predictable transactions. Look for candidates who understand precision and threshold for investigation.
Red flag: Using analytics only as a preliminary tool without understanding their power as standalone substantive evidence.
Q15. How do you approach accounts receivable confirmation when a client has a large number of small-balance customers?
What to listen for: Strong candidates discuss stratification, focusing confirmations on larger balances, alternative procedures for nonresponses, and positive versus negative confirmations. Bonus if they mention that negative confirmations are appropriate only in limited low-risk situations and generally need to be supplemented by other audit procedures rather than used as the primary confirmations approach.
Red flag: Assuming all confirmations must be mailed, that nonresponses require no follow-up, or that negative confirmations alone provide sufficient appropriate evidence.
Q16. Describe your approach to observing a physical inventory count.
What to listen for: Key steps include understanding the client's count instructions, observing count procedures, making test counts, and following up on discrepancies. Strong candidates also mention cut-off testing and how they handle cycle count environments.
Red flag: Treating inventory observation as a formality rather than an active evidence-gathering procedure.
Q17. How do you evaluate the reasonableness of a management estimate, such as an allowance for doubtful accounts?
What to listen for: Strong candidates discuss reviewing historical accuracy, evaluating assumptions, assessing management bias, and testing the data inputs. They reference the need to consider management's track record and develop an independent estimate if warranted.
Red flag: Accepting management's estimate without independently challenging the key assumptions.
Q18. What do you do when you receive a confirmation with a noted exception?
What to listen for: The candidate should describe investigating the exception, determining whether it represents a client error or respondent error, and assessing its impact on the audit. Strong candidates mention communicating with the engagement supervisor.
Red flag: Treating all exceptions as client errors or dismissing them without investigation.
Senior and manager-level candidates need to navigate complex accounting standards with judgment, not just recall. These questions identify whether they can apply standards in messy, real-world situations.
Q19. Walk me through the five-step revenue recognition model under ASC 606 and describe a situation where step 3 or 4 caused audit complexity.
What to listen for: They should explain: identify contract, identify performance obligations, determine transaction price, allocate price, recognize revenue. The meaty part is the specific example from experience.
Red flag: Only reciting the five steps without demonstrating application in a complex arrangement
Q20. How do you audit a client's operating lease right-of-use assets and liabilities under ASC 842?
What to listen for: Look for understanding of the incremental borrowing rate, lease term determination, variable payments, and the completeness assertion. Bonus if they mention the challenge of transition-period testing.
Red flag: Treating ASC 842 as simply a balance sheet reclassification without addressing the audit complexity.
Q21. How do you approach auditing goodwill impairment, and what makes it particularly challenging?
What to listen for: Key challenges: management's judgments about future cash flows, discount rates, and reporting unit definitions. Strong candidates discuss reviewing the impairment model, testing significant assumptions, and potentially engaging a valuation specialist.
Red flag: Auditing only the mathematical calculation without challenging the key assumptions. .
Q22. What makes related party transactions a higher-risk audit area, and how do you audit them?
What to listen for: Related parties create risk because transactions may not be at arm's length and disclosure may be incomplete. Strong candidates reference AU-C 550, emphasize the completeness assertion, and discuss searching board minutes and agreements for undisclosed relationships.
Red flag: Focusing only on whether related party transactions are properly disclosed without questioning their substance
Q23. How do you audit a contingent liability, such as a pending lawsuit?
What to listen for: Key procedures include management inquiry, legal letter confirmation, review of board minutes, and examination of subsequent events. Strong candidates discuss the probable/reasonably estimable framework and how they evaluate adequacy of accruals. Management is the primary source; the lawyer letter is an important corroborative procedure with known limitations.
Red flag: Relying only on management inquiry and failing to pursue corroborating procedures such as legal inquiry, board minutes, and subsequent-events review.
Workpaper quality is a proxy for audit quality. Poor documentation is one of the most common findings in PCAOB inspections and peer reviews. These questions reveal whether candidates take documentation seriously. You can also use scenario-based interview questions to dig deeper into how candidates approach documentation decisions under pressure.
Q24. What makes a workpaper complete enough to stand on its own for a reviewer who wasn't on the engagement?
What to listen for: Key elements: clear objective, procedures performed, evidence obtained, significant judgments made, and conclusion reached. Strong candidates mention that a reviewer should be able to understand the purpose without asking the preparer.
Red flag: Describing documentation as just 'supporting schedules' without mentioning the conclusion or judgment elements.
Q25. How do you handle review comments from a manager or partner? Walk me through your process.
What to listen for: Look for candidates who describe understanding the comment before responding, asking questions when unclear, and clearing comments promptly. Strong candidates distinguish between technical errors and coaching feedback.
Red flag: Treating all review comments as corrections rather than learning opportunities, or being defensive about feedback.
Q26. Describe your tickmark system. What makes a strong tickmark legend?
What to listen for: A strong tickmark legend ties each mark to a specific procedure and its conclusion. It should be consistent throughout the file and understandable to any reader. Strong candidates emphasize that documentation standards require clarity and support for conclusions, not necessarily bespoke symbols.
Red flag: Tickmarks are unclear, inconsistent, or not tied to a specific procedure and conclusion, leaving a reviewer unable to understand what work was performed or what it supports.
Q27. What steps do you take when wrapping up a file to ensure it's review-ready?
What to listen for: Strong candidates describe a self-review checklist: cross-references, index completeness, open items cleared, lead schedules tied, and all exceptions resolved. They also mention verifying that the conclusion in each section aligns with the overall audit conclusion.
Red flag: Treating file wrap as an administrative task rather than a final quality control step.
Independence is non-negotiable in audit. These questions identify candidates who understand not just the rules, but why they exist.
Q28. Management is pushing back strongly on an audit adjustment you believe is material. How do you handle it?
What to listen for: Strong candidates describe a structured escalation: document the disagreement, communicate to the engagement manager/partner, and understand management's position with an open mind while maintaining professional skepticism. They mention that misstatements don't go away because management disagrees.
Red flag: Immediately deferring to management to avoid conflict, or conversely, being so rigid that they dismiss management's position without genuinely evaluating it.
Q29. Describe a situation where you felt pressure to compromise your professional judgment. What did you do?
What to listen for: This is behavioral and sensitive. Look for a real example showing the candidate maintained integrity, escalated appropriately, or sought guidance. Strong candidates describe the process, not just the outcome.
Red flag: The concern is not an absence of a dramatic story, especially for junior candidates or those from tightly supervised environments. What matters is weak skepticism, poor escalation instincts, or a candidate who describes compromising their judgment without recognizing why that was problematic.
Technical skill alone won't make a great auditor. These questions assess whether candidates can communicate clearly, handle difficult conversations, and represent the firm professionally with clients.
Q30. Tell me about a time you had to deliver findings to a client that they weren't happy to hear. How did you approach it?
What to listen for: Look for empathy, clarity, and professionalism. Strong candidates describe preparing thoroughly, being direct but not confrontational, and focusing the conversation on resolution rather than blame.
Red flag: Being vague about the specifics, or describing a situation where they avoided the difficult conversation.
Score each answer on a 1-to-5 scale across four dimensions. This gives you a structured basis for comparing candidates and reduces the role of gut feeling in your hiring decision.
| Score | Technical Accuracy | Professional Judgment | Clarity | Evidence Mindset |
|---|---|---|---|---|
| 1 | Major gaps | Poor risk awareness | Unclear / rambling | No mention of evidence |
| 2 | Basic understanding | Aware but shallow | Somewhat clear | Mentions basics only |
| 3 | Solid foundation | Good risk instincts | Clear structure | Cites specific procedures |
| 4 | Strong command | Proactive thinking | Concise and logical | References standards |
| 5 | Expert-level depth | Exceptional judgment | Compelling narrative | Evidence-first mindset |
For senior and manager-level hires, consider adding one of these mini case scenarios after the structured questions. Give the candidate 5 minutes to think, then discuss their approach.
Scenario
During year-end testing, you find five instances where revenue was recorded in the final week of December for shipments that actually left the warehouse in the first week of January. Management says the amounts are small individually but together they add up to 40% of your performance materiality threshold. What do you do?
What you're evaluating: Does the candidate recognize the aggregation issue? Do they propose adjustment or propose additional testing? Do they document their conclusion properly?
Scenario
During your inventory observation, your test counts reveal a 3.2% variance between the count sheets and the client's perpetual inventory system in the highest-value product category. Management attributes it to a system upload error that's already been corrected. What are your next steps?
What you're evaluating: Does the candidate accept management's explanation without testing it? Do they consider whether the 'correction' actually fixed the issue? Do they consider the impact on year-end balances?
Scenario
You're auditing the allowance for doubtful accounts. Management's estimate represents 1.8% of AR. Your analytical review suggests that based on aging and industry benchmarks, 3.5% to 4.2% would be more reasonable. Management insists their credit team has done a thorough review and stands by the estimate. How do you proceed?
What you're evaluating: Does the candidate clearly articulate what additional procedures would be needed? Do they understand the difference between a difference of judgment and a likely misstatement? Do they describe the escalation path?
Great audit hires don't just know the standards. They know how to apply them when the situation is messy, the client is pushing back, and the evidence isn't perfectly clear. This list of 30 financial audit interview questions gives you the tools to find those candidates.
Use the structured scoring rubric to compare candidates consistently. Add one of the case prompts for senior and manager-level roles. And when you're ready to move beyond interviews to skills-based hiring, MYCPE ONE can help you evaluate real audit competency before anyone walks through your door.
The most commonly asked financial audit interview questions for CPAs center on risk assessment, internal controls, and evidence evaluation. Interviewers typically ask candidates to walk through how they plan an engagement, how they assess risk at the assertion level and how they would handle a specific challenging situation from their experience. Questions about materiality, sampling, and audit documentation are also standard. The questions in this guide go deeper than the basics and are designed to surface real judgment rather than just textbook recall. The best behavioral answers follow a clear structure: describe the situation, explain the action you took, and share the result. The most important part is specificity. Interviewers aren't looking for theoretical answers; they want to know what you actually did, what standard you referenced, how you communicated and what changed because of your judgment. Prepare three to five real examples from your audit experience that can flex across different question types. PCAOB-focused questions are most relevant when hiring for public company audit roles. Strong questions include: how the candidate has applied PCAOB AS 2201 for integrated audits of internal control over financial reporting, how they evaluate IT general controls in a PCAOB environment, and how they've handled inspection or quality review findings. For candidates who have worked with internal audit functions, ask how they apply PCAOB AS 2605 when evaluating whether IA work can be used. Questions about evaluating whether controls meet PCAOB standards for significant accounts are also effective for senior and manager-level roles. Pre-hire skill assessments are the most reliable way to validate technical competency before you invest time in structured interviews. MYCPE ONE's AI-powered assessment platform includes job-relevant audit scenarios that test the kind of practical judgment this guide is designed to uncover in an interview. AI-powered anti-cheating monitoring ensures that results reflect the candidate's actual knowledge, not what they looked up during the test.
Amrit Singh is a business leader with 10+ years of experience in continuing education. Helping accounting, tax, and finance professionals stay compliant with ease, he began his journey as a consultant. Learning across industries before stepping into a leadership role, he is shaped by both successes and failures. Amrit is passionate about problem-solving, building products, exploring technology, and mentoring future leaders. He is dedicated to transform continuing education, making it simpler, smarter, and more meaningful. Through his blogs and talks, he shares insights on accounting careers, CPA compliance, and the future of continuing education.
Crack the Code: Unleashing Hidden Talents for Workplace Magic
.webp-1717773117 "Understanding Your Talent Development Function")
Understanding Your Talent Development Function
Fundamentals of Managing and Developing Talent
.webp "Building a Culture of Objective Hiring in Your CPA Firm")
.webp "The Cheating Problem in Pre-Employment Testing (And How AI Solves It)")
The Cheating Problem in Pre-Employment Testing (And How AI Solves It)
Amrit Singh
.webp "From Intern to Partner: How Assessment-Driven Career Pathways Transform Accounting Firms")
