Read without ads and support Scribd by becoming a Scribd Premium Reader.
See Premium Plans
 
Internal Auditing and Management Testing: SamplingTechniques
ByJames J. Finn, MBA, CISA, and CIAIndependent ConsultantJames J. Finn, is the founder of an independent Financial, IT, andICFR consulting business, and has worked as a CFO, programmanager (PMO), internal auditor, and compliance consultant for small, medium and large public companies and for Mutual InsuranceCompanies. Mr. Finn holds a BSBA degree in Finance with Honors,and an MBA from Northeastern University, Boston Massachusetts. Through the years, Mr. Finnhas acquired over 25 years of hands-on experience at various financial positions ranging from“Management Trainee” at the First National Bank of Boston, to “CFO and VP of Finance” at acommercial printer, Dynagraf Inc. Also, as a qualified, CIA, and CISA, he has focused oninternal controls and compliance programs for Sarbanes Oxley, since 2004.In addition to authoring this “Guideline”, he has written comments to the SEC on SarbanesOxley related issues, and was the editor for a comprehensive accounting policy and proceduresguideline for Digital Equipment Corporation’s worldwide internal “Product Line ManagementAccounting” system, and a “White Paper” titled “The Great SOX Caper” which discusses theimpact of AS-2 and AS-5 on SOX programs.Version 1.50, 2/10/10While this document is believed to contain correct information, the author, James J. Finn doesnot make any warranty, express or implied, or assume any legal responsibility for its accuracy,completeness, or usefulness. Reference herein to any specific product or publication does notnecessarily constitute or imply its endorsement, recommendation, or favoring by the author. Theviews and opinions expressed are those of the author.
Intellectual Property of James J. FinnCopyright 2009 ©For discussion and negotiation purposes only
-1-
2010
Finn Consulting LLC James J Finn
 
Table of Contents
I. Guideline Overview ......................................................................................................... 3A. Description ..........................................................................................................3B. Scope and Application of the Guideline ............................................................. 3C. Purpose of the Guideline .....................................................................................4II. Sampling and Risk ..........................................................................................................5A. What is sampling? ...............................................................................................6B. What is Sampling Risk? ...................................................................................... 7III. Sample Bias ................................................................................................................... 9A. Risk of Sample Bias ........................................................................................... 9B. How Sample Bias Arises ...................................................................................101. Bias from Sampling Procedures ............................................................102. "Crazy Eddies, Inc.", an example of fraud ........................................... 12IV. Use of Sampling in Auditing .......................................................................................15A. Sampling Methods and Procedures ...................................................................15B. Statistical Sampling ..........................................................................................171. General considerations ........................................................................172. Specific Considerations for Auditing .................................................... 203. Valid Statistical Sampling Examples ....................................................21C. Nonstatistical Sampling ...................................................................................271. General Considerations: .........................................................................272. Specific Considerations for auditing ..................................................... 28D. Testing of Controls, Non Inferential sampling .................................................321. Intended End Use of a Sample (inferential vs. non inferential) ...........322. Sampling Steps for tests of Controls ..................................................... 36E. Practical Limitations on Sampling ....................................................................37F. Statistical Inference and Sample Size ................................................................38G. The Rise and fall of Statistical Sampling in Auditing ......................................39V. Effective Statistical Sampling ......................................................................................40A. Probability Theory ............................................................................................40
Intellectual Property of James J. FinnCopyright 2009 ©For discussion and negotiation purposes only
-2-
 
B. Sampling Method vs. Sample Selection Methods ............................................ 411. Techniques for selecting samples ..........................................................42VI. Comparative Analysis of Sampling ............................................................................441. Sampling in Financial Reporting Processes ......................................... 442. Statistical Process Control (SPC) ..........................................................45Bibliography ..................................................................................................................... 45
I.
Guideline Overview
A.Description
This guideline surveys the concepts underlying the use of sampling techniques tostrengthen the sufficiency, relevance, and reliability of evidence collected to support internalaudit conclusions and managements testing for internal control and financial reporting procedureeffectiveness. Evidence that is derived from effective sampling techniques would be one way of fulfilling the requirements of “Practice Advisory 2310-1: Identifying information”, and, sincesampling is based on testing a relatively small number of items, it can be a cost effectivetechnique. This guideline is intended to provide practical information related to improvingsampling techniques. In addition, this guideline reviews the history of sampling, and providesexamples of erroneous conclusions in auditing caused by intentional sample bias (fraud) or byunintentional sample bias (incorrect sampling training or techniques). Sampling is viewed in acomparative manner that provides insights into the use of similar sampling techniques inindustries where sampling is governed by military specifications, and ISO commercial standards.Sampling, as used in internal auditing, has generally relied on the PCAOB authoritativeguidance contained in AU 350, the AICPA Audit Guide, and the prior AICPA guidance as provided by SAS-39, which has been amended by SAS-111. These sources are analyzed andexpanded upon to address the practical application of statistical and non-statistical samplingtechniques for internal auditing and management control testing.
B.Scope and Application of the Guideline
Sampling is essentially a process of gathering partial information with an expectation thatthe partial information can be used to determine either a statistic (e.g. the mean, or median value)of a population of interest, or to estimate the percentage of occurrence of an items feature(attribute) in a population of interest. In addition to using sampling to determine statistics for a population, sampling can also be used to determine the probability that a “lot” or “batch” of  products or transactions have an “acceptable” percentage of deficiencies. This application of sampling is generally referred to as “Lot Acceptance” testing, or, in auditing, as “controlstesting”. In each case, sampling and examining items for a statistic or the presence or absence of an attribute is a process, which can be used with great effect by an internal auditor or 
Intellectual Property of James J. FinnCopyright 2009 ©For discussion and negotiation purposes only
-3-
Search
Search History:
Searching...
Result 00 of 00
00 results for result for
  • p.
    • Notes
    Load more