Web Quiz

Assignment Name: Rittenberg/Johnstone/Gramling, Auditing: A Business Risk Approach 7e, Chapter 8

Summary
Total Possible: 13.0Time Spent: 00:03:21 / 01:00:00

correct
10.00
76.92%
To email the results to your instructor(s), complete this form:

E-mail results to:

Additional message:
Your first name:
Your last name:
Your email address:

Required field

Audit sampling is used to obtain evidence about which of the following?

a. Control procedures placed in operation
1

b. Management integrity
c. Quality of disclosures

d. Assessment of inherent risk

status: correct (1.0)
correct: a
your answer: a
feedback: Correct.
Which one of the following is a decision the auditor needs to make about attribute sampling?
a. Sample size
2

b. Selection of items included in the sample

c. Evaluation of sample information

AU Section 350 - Audit Sampling

Sampling and Nonsampling Risk
AU Section 350 of the AICPA Professional Standards indicates that audit risk arises
from sampling and nonsampling risk. Sampling risk results from performing an audit
procedure on less than one hundred percent of the population. It represents the risk
that the audit sample is not representative of the population. In other words, that the
auditor's evaluation of a population based on an audit sample is different from what it
would be if the entire population was tested. Nonsampling risk results from human
error. It represents the risk that the selected audit procedure is not appropriate for the
intended purpose or the evidence from an audit procedure is misinterpreted.
Nonsampling risk exists regardless of the number of items selected from a population
for testing.
Sampling risk should be considered when an auditor performs an audit procedure on
less than one hundred percent of a clearly definable population for the purpose of
evaluating the population. There are two aspects to sampling risk when performing
tests of controls:
The risk of assessing control risk too low represents the risk that an audit
sample supports the conclusion that the design and operation of an internal
control is effective when in fact it is not.
The risk of assessing control risk too high represents the risk that an audit
sample supports the conclusion that the design and operation of an internal
control is not effective when in fact it is effective.
Similarly there are two aspects to sampling risk when performing substantive tests:
The risk of incorrect acceptance represents the risk that an audit sample
supports the conclusion that a material misstatement does not exist when in fact
a material misstatement does exist. This risk is similar to the risk of assessing
control risk too low.
The risk of incorrect rejection represents the risk that an audit sample supports
the conclusion that a material misstatement exists when in fact a material
misstatement does not exist. This risk is similar to the risk of assessing control
risk too high.

The risk of assessing control risk too low and the risk of incorrect acceptance are
concerned with the effectiveness of audit tests while the risk of assessing control risk
too high and the risk of incorrect acceptance are concerned with the efficiency of audit
tests.
Sampling risk can be considered using a non-statistical or statistical approach. Both
approaches require professional judgement. The main difference between the two
approaches is that statistical approaches allow auditors to quantify sampling risk.
Sample Selection Methods
Five methods are commonly used to select population items for audit testing:
Random Sampling involves selecting items from the population so that each
item has an equal chance of being selected. Random selection requires the use
of random number tables or computer programs to guarantee that each
population item has an equal chance of selection.
Systematic Sampling involves selecting every kth item from the population after
a random start.
Haphazard Sampling involves selecting items from the population without
consideration to known characteristics of the items in the population (i.e. any
conscious bias in the selection of population items).
Block Sampling involves selecting items from the population in contiguous
groups (or blocks).
Purposive or Directed Sampling involves selecting items from the population
using some prespecified criteria (i.e., selecting accounts receivable for
confirmation based on the size of the outstanding balance).
The first two sample selection methods are referred to as probability (statistical)
sample selection methods since every population item has a known probability of
selection. The last three methods are referred to as non-probability (non-statistical)
sample selection methods since every population item does not have a known
probability of selection. This distinction is important because sample results from
probability selection methods can be assessed using statistical theory whereas sample
results from non-probability samples cannot. The subjectivity of non-probability
selection precludes the development of a theoretical framework for evaluating sample
results. Non-probability samples can be assessed only by subjective evaluation, not by

assumption-free statistical methods. Nevertheless both probability and non-probability

selection methods are considered acceptable and used in practice.
Attribute Sampling
Attribute sampling is a statistical approach used with tests of controls. It requires the
use of a probabilistic sample selection method (random or systematic sampling).
Attribute sampling allows the auditor to estimate the proportion of population items
containing a specified characteristic. The characteristic auditors are concerned with
for tests of controls is deviations from internal controls.
Sample size for attribute sampling can be determined by reference to attribute
sampling tables. These sample determination tables require the auditor to establish
three factors:
Risk of assessing control risk too low represents the risk that the auditor
concludes that the design and operation of an internal control is effective when
in fact it is not. The level used for this risk is based on the auditor's desired
control risk assessment. The lower the desired control risk assessment the lower
the needed risk of assessing control risk too low. This risk is inversely related to
sample size.
Expected Population Deviation Rate represents the auditor's best estimate of
the population deviation rate. This rate is normally based on prior experience
with the client. This rate is directly related to sample size.
Tolerable Deviation Rate represents the highest deviation rate the auditor could
accept and still conclude that the design and operation of an internal control is
effective. This rate is based on the tolerable misstatement relative to the number
and dollar size of traansactions included in the population. Tolerable
misstatement represents the maximum misstatement that could occur before the
population would be considered materially misstated. The lower the required
tolerable misstatement relative to the number and dollar size of transactions the
lower the needed tolerable deviation rate. This rate is inversely related to
sample size.
Sample results are evaluated by comparing the computed maximum population
deviation rate to the tolerable deviation rate. The computed maximum population
deviation rate equals the sample deviation rate plus an allowance for sampling risk. If
the maximum population deviation rate is larger than the tolerable deviation rate the
auditor will conclude that the design and operation of the internal control is not
effective. If the computed maximum population deviation rate is less than or equal to

the tolerable deviation rate the auditor will conclude that the design and operation of
the internal control is effective.
Attribute sampling tables have been constructed to determine the computed maximum
population deviation rate. These attribute evaluation tables require the auditor to know
three factors:
Risk of assessing control risk too low (see above).
Sample Size represents the number of population items tested.
Sample Deviations represents the number of sample items that deviated from
internal controls.
Probability-proportionate-to-size Sampling (Monetary-unit Sampling)
Probability-proportionate-to-size Sampling (PPS) is used with substantive tests. It
requires the use of a probabilistic sample selection method (random or systematic
sampling). PPS allows the auditor to estimate the total misstatement of a population. It
is different from other sampling approaches used by auditors in that each dollar in the
population is treated as a separate sampling unit instead of each customer, invoice,
check, vendor, etc.
Sample size for a PPS application can be determined by reference to a PPS sampling
table. The factors considered when determining sample size for substantive tests are:
Risk of incorrect acceptance represents the risk that the auditor concludes that a
material misstatement does not exist when in fact a material misstatement does
exist. The level used for this risk is based on the auditor's planned detection risk
and other planned substantive tests. A higher risk of incorrect acceptance is
used with a higher planned detection risk and/or other planned substantive tests.
This risk is inversely related to sample size.
Expected Number of Misstated Dollars represents the auditor's best estimate of
the number of sample dollars that will be misstated. This estimate is based on
prior experience with the client and is normally expected to be zero when PPS
is used. This estimate is directly related to sample size.
Tolerable Misstatement represents the highest misstatement that could occur
before the population would be considered materially misstated. This amount
has an inverse relationship with sample size.

 Reported $ Balance represents the total recorded dollar balance in the

population.
The risk of incorrect acceptance and expected number of misstated dollars are used to
determine the PPS Factor from the PPS table. The sample size is then determined
using the following formula:

Obviously, substantive tests are not performed on individual dollars but rather are
performed on logical units (invoice, customer, check, vender, etc,) containing
individual dollars. Therefore, evaluation of sample results requires restatement of the
logical unit results in terms of the sampling unit (individual population dollars).
Sample results are evaluated by comparing the adjusted upper and lower limits on
misstatements (error bounds) to tolerable misstatement. If the adjusted upper and
lower limits on misstatements are smaller than or equal to tolerable misstatement the
auditor will conclude that a material misstatement does not exist. If either the upper or
lower limit on misstatement is greater than tolerable misstatement the auditor will
conclude that a material misstatement does exist.
The adjusted upper and lower limits on misstatements can be calculated using the PPS
table. The first step in calculating the adjusted upper and lower limits on misstatement
is to divide misstated dollars into over and understated dollars and then to rank them
from the highest to lowest percent misstatement. The percent misstatement for each
misstated dollar is call tainting and is calculated using the following formula:

The second step is to calculate an unadjusted upper and lower limit on misstatement
using the PPS table. These calculations require the auditor to know the risk of
incorrect acceptance, sample size, recorded dollars in the population (reported
balance), sample dollars misstated, and tainting of misstated dollars. The unadjusted
upper limit on misstatement is based on the observed overstated dollars and the lower
limit on misstatement is based on the observed understated dollars. The unadjusted
upper and lower limits on misstatement are calculated using the following formula:

The taintings are used in order of highest to lowest.

The third step is to calculate the estimated dollar overstatement and understatement in
the population. The estimated dollar overstatement is calculated based on the number
of observed overstated dollars. The estimated dollar understatement is calculated
based on the number of observed understated dollars. These amounts are calculated
using the following formula:

The final step is to calculate the adjusted upper and lower limits on misstatement. The
adjusted upper limit on misstatement is calculated by subtracting from the unadjusted
upper limit on misstatement the estimated dollar understatement in the population.
The adjusted lower limit on misstatement is calculated by subtracting from the
unadjusted lower limit on misstatement the estimated dollar overstatement in the
population.
Non-statistical Sampling
Non-statistical sampling can be used with tests of controls or substantive tests. Nonstatistical sampling does not require the use of a probabilistic selection method. The
main advantage of non-statistical sampling is that it is less complex and less time
consuming than statistical sampling. The main disadvantage is that sampling theory
cannot be used to quantify sampling risk.

Sample size for non-statistical sampling is left entirely to the auditors professional
judgement. The factors considered when determining sample size for tests of controls
using a non-statistical approach are the same as those considered for attributes
sampling. The factors considered when determining sample size for substantive tests
using a non-statistical approach are:
Risk of incorrect acceptance represents the risk that the auditor concludes that a
material misstatement does not exist when in fact a material misstatement does
exist. The level used for this risk is based on the auditor's planned detection risk
and other planned substantive tests. A higher risk of incorrect acceptance is
used with a higher planned detection risk and/or other planned substantive tests.
This risk is inversely related to sample size.
Risk of incorrect rejection represents the risk that the auditor concludes that a
material misstatement exists when in fact a material misstatement does not
exist. The level used for this risk is based on the cost and difficulty of obtaining
additional evidence. A lower risk of incorrect acceptance is used when more
costly or difficult evidence will be required if expanded testing is needed. This
risk is inversely related to sample size.
Expected Misstatement represents the auditor's best estimate of the population
misstatement. This estimate is normally based on prior experience with the
client. This estimate is directly related to sample size.
Tolerable Misstatement represents the highest misstatement that could occur
before the population would be considered materially misstated. This amount
has an inverse relationship with sample size.
Sample results for tests of controls are evaluated by comparing the sample deviation
rate to the tolerable deviation rate and calculating an allowance for sampling risk. The
sample deviation rate is calculated by dividing the number of sample deviations by the
sample size. The allowance for sampling risk is calculated by subtracting the sample
deviation rate from the tolerable deviation rate. If the allowance for sampling risk is
large and positive the auditor would most likely conclude that the design and
operation of an internal control is effective. However, if the allowance for sampling
risk is small or negative the auditor would conclude that the design and operation of
an internal control is not effective. What constitutes a large enough difference is a
matter for professional judgement. Generally, smaller allowances for sampling risk are
tolerated with higher risks of assessing control risk too low and larger sample sizes.

Sample results for substantive tests are evaluated in a similar manner. A projected
population misstatement is calculated based on the sample results and compared to the
tolerable misstatement. The projected population misstatement is computed by
dividing the sample misstatement by the dollar value of the sample and multiplying
this amount by the dollar value of the population. The difference between the
projected population misstatement and tolerable misstatement is called the allowance
for sampling risk. If the allowance for sampling risk is large and positive the auditor
would most likely conclude that a material misstatement does not exist. However, if
the allowance for sampling risk is small or negative the auditor would conclude that a
material misstatement does exist. What constitutes a large enough difference is a
matter for professional judgement. Generally, smaller allowances for sampling risk are
tolerated with higher risks of incorrect acceptance and larger sample sizes.
Analyze Exceptions/Misstatements
Regardless of whether a statistical or non-statistical approach is used to evaluate
sample results, the auditor needs to consider the nature and cause of every observed
exception or misstatement. Exceptions or misstatements that are intentional will
normally affect the audit tests performed even when the quantitative analysis supports
effective controls or no material misstatement. Additionally, the auditor may need to
revise the original inherent risk and control risk assessments based on subsequently
performed substantive tests. The original assessments may need to be revised upward
if misstatements are observed.