Академический Документы
Профессиональный Документы
Культура Документы
Audit Sampling
AUDIT SAMPLING
JULIUS A GOPITA
Abstract
Audit sampling is the application of audit procedures to less than all the items within a population of
audit relevance such that all sampling units have a chance of being selected, in order to provide the auditor with
a reasonable basis on which to draw conclusions about the entire population. Readers should note that a
sampling unit is not necessarily a monetary unit; it can be a physical item. For instance, a sampling unit can be
an individual debtor balance, which is a monetary unit. On the other hand, a sampling unit can be an invoice or
even an accounting entry, which are physical items.
In practice, auditors may perform their tests on all items, specific items, and audit samples. In general,
auditors are unlikely to test all items in the case of tests of controls, unless they are using computer assisted
auditing techniques. Full testing in this case is impractical due to both the time and cost involved. It is more
usual to do a full examination on tests of details. For example, an auditor may test all items if a population
includes a small number of large value items, when there is a significant risk and other means do not provide
sufficient appropriate audit evidence, or when a full examination is cost effective. Selecting specific items for
testing is based on the auditors judgement and may be subject to non-sampling risk1. Auditors may select high
value items or all items over a certain amount. These two selection methods do not constitute audit sampling
because the results of audit procedures applied to items selected in these ways cannot be projected to the entire
population.
Audit Planning
Now readers should have an understanding of the risks involved in audit sampling, the next step is to
commence the audit planning. Lets review the implications of sample size. For tests of controls, the auditor
makes an assessment of the expected rate of deviation based on the auditors understanding of the relevant
controls or on the examination of a small number of items from the population. This assessment is made
in order to design an audit sample and to determine the sample size. For example, if the expected rate of
deviation is unacceptably high, the auditor will normally decide not to perform tests of controls. For tests of
details, the auditor makes an assessment of the expected misstatement in the population. If the expected
misstatement is high, all items are examined or a large sample size may be used.
In determining the sample size, the auditor should consider whether sampling risk is reduced to an
acceptably low level. Sample size is affected by the level of sampling risk that the auditor is willing to accept.
The lower the risk the auditor is willing to accept, the greater the sample size will need to be. Absolute
assurance cannot be achieved through sampling procedures. The lower the assurance required, the smaller the
required sample size. For tests of controls, the tolerable rate of deviation is the maximum deviation rate that can
be accepted to
conclude that the audit objective has been achieved. For tests of details, the tolerable misstatement is the
maximum misstatement that can be accepted to conclude the audit objective has been achieved.
Audit efficiency may be improved if the auditor stratifies a population by dividing it into discrete sub-
populations which have an identifying characteristic. The objective of stratification is to reduce the variability
of items within each stratum and therefore to allow the sample size to be reduced without increasing the
sampling risk. This enables the auditor to devote more time to items considered most vulnerable to material
misstatement. For example, the auditor may stratify the accounts receivable balances by age and focus on the
overdue accounts.
After carrying out the planned audit procedures, the auditor has to analyze the misstatements or
deviations detected and uses these results to estimate the total misstatement or deviation rate in the population.
When analysing these results, the auditor should consider their nature, cause and possible impacts on other audit
areas and financial statements as a whole. The risk that the actual misstatement or deviation rate may exceed the
tolerable misstatement or tolerable rate of deviation should be assessed. In extremely rare circumstances, when
the auditor considers a misstatement or deviation discovered in a sample to be an anomaly, the auditor shall
4
Audit Sampling
obtain a high degree of certainty that such a misstatement or deviation is not representative of the population.
The auditor shall obtain this degree of certainty by performing additional
audit procedures to obtain sufficient appropriate audit evidence that the misstatement or deviation does
not affect the remainder of the population. For tests of controls, no explicit projection of deviations is necessary
since the sample deviation rate is also the projected deviation rate for the population as a whole. The
auditor determines whether the tests of controls performed provide an appropriate
basis for reliance on the controls, whether additional tests of controls are necessary,
or whether the potential risks of misstatement need to be addressed using substantive
procedures.
Sampling risk
risk that the auditors conclusions based on a sample may be different from the conclusion they
would reach if they examined every item in the population
Nonsampling risk
risk pertaining to nonsampling errors
Can be reduced to low levels through effective planning and supervisions of audit engagements
Nonstatistical sampling
The auditor estimates sampling risk by using professional judgment rather than statistical techniques
Provides no means of quantifying sampling risk
Sample may be larger than necessary or auditors may unknowingly accept a higher than acceptable
degree of sampling risk
Random sample results in a statistically unbiased sample that may not be a representative sample
Random sample techniques
Random number tables
Random number generators
Systematic selection
Discovery sampling
5
Audit Sampling
A method of sampling to assess whether the percentage error is not in excess of a specified
percentage of the population. The sampling considers the population size, minimum unacceptable error
rate and the confidence level. If the sample does not have any errors then the actual error rate is below
the minimum unacceptable rate.
Tested used both as a test of control and substantiating the dollar amount of an account balance
Ex. Test to evaluate the effectiveness of a control over recording sales transactions and to
estimate the total overstatement or understatement of the sales account
Amount used to create a range, set by + or limits from the sample results, within which the true value
of the population characteristic being measured is likely to lie
Precision
Wider the interval, more confident but less precise conclusion
Can be used to construct a dollar interval
Sample Size
2 possible approaches:
1. Use the bracketed number from Table 9.4. If you find that number or less deviations, conclude that you
have accomplished your audit objective.
2. Use Table 9.5 for a more precise conclusion.
Approach 1You have met your audit objective (because the bracketed number was (2), you meet objective
when you identify 0, 1 or 2 deviations). What can you say?
I believe that the deviation rate in the population is less than 9 percent. You will be wrong 5
percent of the time when the deviation is exactly 9 percent. If the deviation rate is in excess of 9 percent you
will be wrong even less than 5 percent of the time. The planned assessed level of control risk is achieved.
Approach 2
You have tested 68 items, a number not on Table 9-5 (next slide
To be conservative go to next lowest number on table (65) and use it for your conclusions (we could,
but won't interpolate for a more precise answer).
You have met your audit objective. Table 9-5 gives us an answer of 4.6 percent. What can you say?
"I believe that the deviation rate in the population is less than 4.6 percent. You will be wrong 5
percent of the time when the deviation rate is exactly 4.6 percent. If the deviation rate is in excess of 4.6
percent you will be wrong even less than 5 percent of the time. The planned assessed level of control risk is
achieved.
Approach 1You have not met your audit objective. What can you say?
The achieved upper deviation rate is higher than 9 percent. The planned assessed level of control
risk is not achieved. You need to consider increasing the assessed level of control risk above the planned
assessed level.
Accordingly, you may not rely on internal control to the extent planned. Thus, the auditor will
need to increase the scope of substantive procedures (the nature, timing, and/or extent).
Approach 2You have not met your audit objective. Table 9-5 provides us an answer of 11.5 percent
I believe that the deviation rate in the population is less than 11.5 percent. You will be wrong 5
percent of the time when the deviation rate is exactly 11.5 percent. But this is not good enough as you wanted 9
percent rather than 11.5 percent. The planned assessed level of control risk is not achieved. You need to
consider increasing the assessed level of control risk above the planned assessed level.
As per Approach 1, an increase in the scope of substantive procedures is appropriate.
The ISA goes on to specify that a sampling approach that does not possess the
characteristics in (i) and (ii) above is considered non-statistical sampling.
Projecting misstatements
The auditor is required to project misstatements for the population to obtain a broad view of the scale of
misstatement. When a misstatement has been established as an anomaly, it may be excluded when projecting
misstatements to the population. However, such an effect, if uncorrected, still needs to be considered in addition
to the projection of the non-anomalous misstatements. In the case of tests of details, the projected misstatement
plus anomalous misstatement is the auditors best estimate of misstatement in the population. When the
projected misstatement plus anomalous misstatement exceeds tolerable misstatement, the sample does not
provide a reasonable basis for conclusions about the tested population. Considering the results of other audit
procedures helps the auditor to assess the risk that actual misstatement in the population exceeds tolerable
misstatement, and the risk may be reduced if additional audit evidence is obtained.
If the auditor concludes that audit sampling has not provided a reasonable basis for
conclusions about the tested population, the auditor may:
(i) Ask management to investigate misstatements that have been identified and the potential for further
misstatements, and make any necessary adjustments; or
(ii) Tailor the nature, timing and extent of those further audit procedures to best achieve the required assurance.
For example, in the case of tests of controls, the auditor might extend the sample size, test an alternative control
or modify related substantive procedures.
APPENDIX
8
Audit Sampling
Relating the Risk of Incorrect Acceptance for a Substantive Test of Details to Other Sources of Audit Assurance
In Table 1 it is assumed, for illustrative purposes, that the auditor has chosen an audit risk (AR) of 5 percent for
an assertion. Table 1 incorporates the premise that internal control cannot be expected to be completely
effective in detecting aggregate misstatements equal to tolerable misstatement that might occur. The table also
illustrates the fact that the risk level for substantive procedures for particular assertions is not an isolated
decision. Rather, it is a direct consequence of the auditor's assessments of the risk of material misstatement
(RMM) (combined assessments of inherent and control risks), and judgments about the effectiveness of
substantive analytical procedures (AP) and other relevant tests of details (TD), and it cannot be properly
considered out of this context.
Table 1
Allowable Risk of Incorrect Acceptance (TD) for Various
Assessments of RMM and AP; for AR = .05
RMM APP
10% 30% 50% 100%
TD
10% * * * 50%
30% * 55% 33% 16%
50% * 33% 20% 10%
100% 50% 16% 10% 5%
* The allowable level of AR of 5 percent exceeds the product of RMM and AP,
and thus, the planned test of details may not be necessary unless specified
by regulation or other Standards (e.g., confirmation or inventory observation
procedures).
Note: The table entries for TD are computed from the illustrated model: TD
equals AR/(RMM x AP). For example, for RMM = .50, AP = .30, TD = .05/(.50 x
.30) or .33 (equals 33%).
9
Audit Sampling
Table 2
Factors Influencing Sample Sizes for a
REFERENCES
onlinelibrary.wiley.com/doi/10.1002/9781118445112.stat03346.pub2/full
www.businessdictionary.com/definition/discovery-sampling.html
11
Audit Sampling