the actual population deviation rate is less than
1) Audit sampling for tests of controls is generally the tolerable rate.
appropriate when application of the control leaves 3) The three key factors affecting sample size are:
evidence of its performance. the desired confidence level, tolerable deviation
rate, and expected population deviation rate.
2) The objective of sampling tests of controls is to Auditors use these factors to determine an
provide evidence about the design and operating appropriate sample size.
effectiveness of controls. The sample size is of
the actual population deviation rate is less than
1) Audit sampling for tests of controls is generally the tolerable rate.
appropriate when application of the control leaves 3) The three key factors affecting sample size are:
evidence of its performance. the desired confidence level, tolerable deviation
rate, and expected population deviation rate.
2) The objective of sampling tests of controls is to Auditors use these factors to determine an
provide evidence about the design and operating appropriate sample size.
effectiveness of controls. The sample size is of
the actual population deviation rate is less than
1) Audit sampling for tests of controls is generally the tolerable rate.
appropriate when application of the control leaves 3) The three key factors affecting sample size are:
evidence of its performance. the desired confidence level, tolerable deviation
rate, and expected population deviation rate.
2) The objective of sampling tests of controls is to Auditors use these factors to determine an
provide evidence about the design and operating appropriate sample size.
effectiveness of controls. The sample size is of
tests of Audit sampling for tests of controls is generally
control appropriate when application of the control
Reduction in Greater use Reduced use leaves evidence of performance. detection of other of other risk because substantive substantive STEPS IN THE APPLICATION OF SAMPLING TESTS of other tests tests OF CONTROLS substantive PLANNING tests relating to the same 1. Define the test objectives FS 2. Define the population characteristics assertions Define the sampling population Tolerable Larger Smaller error measure measure Define the sampling unit Expected Smaller Larger Define the control deviation error expected expected conditions errors, errors, 3. Determine the sample size using the individually individually following inputs: or in or in The desired confidence level of aggregate aggregate risk of incorrect acceptance Population Smaller Larger The tolerable deviation rate value monetary monetary The expected population deviation significance significance rate to the FS to the FS No. of items Virtually no effect on sample PERFORMANCE in population size unless population is small 4. Selected sample items Acceptable Higher Lower 5. Perform auditing procedures level of detection EVALUATION risk 6. Analyze exceptions Stratification Stratification No - Calculate the sample deviation and of the stratification the computed upper deviation rates population, if of the 7. Draw final conclusions appropriate population ILLUSTRATIONS OF ATTRIBUTE SAMPLING FOR BASIC STEPS IN AUDIT SAMPLING TESTS OF CONTROLS
Audit sampling is applied to tests of controls and PLANNING
substantive tests through a set of basic defined Step 1: Determine the Test Objectives steps. The following basic steps are divided into three sections: PLANNING, PERFOMANCE, AND The objective of tests of control is to provide EVALUATION evidence about the design and operating effectiveness of controls. It will support the PLANNING auditor’s planned assessed level of control risk. 1. Define the test objectives Example: 2. Define the population characteristics 3. Determine the sample size The objective of the test is to determine if the revenue process is functioning as documented. PERFORMANCE More particularly, the auditor wants to 4. Select sample items determine if the sales contracts are properly 5. Perform the auditing procedures authorized for credit approval. The auditor wants to determine this control identified as reliable EVALUATION are operating effectively and thus allow control risk to be set below maximum level. 6. Analyze exceptions 7. Draw final conclusions AUDIT SAMPLING FOR TESTS OF CONTROLS Step 2: Define the Population Characteristics risk of assessing control risk too low – that is, the risk of the actual deviation rate exceeds the Define the sampling population. Auditors would tolerable deviation rate – is a critical risk in the determine that the population from which the tests of control. This is because the risk sample was drawn is appropriate for the specific influences the effectiveness of the audit. Since audit objective and complete. the results of tests of control play a major role in Define the sampling unit. Auditors define the determining the nature, timing, and extent of sampling unit to obtain an efficient and effective other audit procedures, auditors usually specify sample to achieve the particular audit a low level of risk – 5 or 10% is often used. objectives. The tolerable deviation rate. Auditors specify the Example: tolerable deviation rat based on (1) their planned assessed level of control risk, and (2) the degree The physical representation of the population is of assurance desired from the evidential matter the sales contracts maintained in the sales in the sample. The lower the planned level of department. The population of the sales control risk (or more assurance desired from the contracts for the year contains 125,000 items sample), the lower tolerable deviation rate. that are numbered from 1 to 125,000. The sampling unit for this test is defined as the sales The AICPA’s Auditing Procedure Study, titled contract. Auditor can perform all tests for the “Audit Sampling”, includes the following control. overlapping ranges to illustrate between the planned assessed level of control risk and Define the control deviation definition. tolerable deviation rate. Professional judgment is used by the auditor in defining the attributes and deviation conditions Planned Assessed Tolerable Deviation for particular tests of controls. Attributes are Level of Control Risk Rate characteristics that provide evidence that a Low 2%-7% control was actually performed. Deviation Moderate 6%-12% happens when a sample item does not have one Slight below 11%-20% or more attributes. maximum Maximum omit test Example: The deviation is the failure of the credit The expected population deviation rate. The department personnel to follow proper credit expected population deviation rate also affects approval procedures for new and existing the sample size in attribute sampling. This customer such as deviation rate is significant because it represents the rate that the auditors expect to Checking the creditworthiness of new discover in their sample from the population. customers and establishing credit limit based on the evaluation and In estimating the expected population deviation Comparing the total accounts receivable rate, the auditors may also estimate the rate after the new order to the customer’s based on their experience with similar tests for credit limit. If it is less than the credit other clients or by examining a small pilot limit, the order is processed. If more than sample. the credit limit, it is subject for review of Example the credit manager before the sale is approved. The auditor decides to set the desired confidence level at 95% (the risk of incorrect acceptance is Step 3: Determine the sample size 5%), the tolerable deviation rate at 6%, and the The three factors affecting sampling size for expected deviation rate at 1%. The auditor has tests of controls are: planned a high confidence level. The sample size is 94. The desired confidence level or risk of incorrect acceptance. Professional judgment is used by Table 9.4 is used to determine the sample size for the auditor in determining the appropriate risk the 95% desired confidence level (5% risk of of assessing control risk too low and the incorrect acceptance). tolerable deviation rate for a test of control. The PERFORMANCE that size that allows the auditor to conclude that the tolerable deviation rate is not exceeded. Step 4: Select Sample Items Step 5: Perform the Audit Procedures It is essential for the auditor that the sample items are selected in random manner. Random When testing the sample items, an auditor samples may be selected using random number examines each sample item for the attributes of sales, random number generators, or systematic interest. Each item will be classified as to sampling. When selecting a sample, auditors whether or not it contains a deviation from the often select extra items to be substituted for any prescribed control. The auditor performing the voided, used, or inapplicable items. test should also be alert for evidence of any unusual matters, such as evidence of fraud or Voided Documents. The auditor may occasionally related-party transactions. select voided document in a sample. If the transaction has been properly voided, it does not Example: represent a deviation. The item should be The auditors proceed to test the 78 sales replaced with a new sample item. contracts for proper credit authorization Unused or inapplicable documents. Sometimes procedures by credit department personnel. The a selected item it is not appropriate for the result can be documented in a working paper. definition of the control. The auditor would Performing these tests, auditors must be alert simply replace the item with another item. for evidence of any unusual matters such as evidence of fraud. Example Before calculating the sample results and Since the invoices are serially numbered, the drawing final conclusions on the sampling plan, auditor decides to use generalized audit the auditor investigates the nature and cause of software program to generate a list of random the exceptions. The auditor also considers numbers to select the sample for testing. whether the deviations may impact the other Table 9.4 Statistical Sample Sizes for Tests of phases of audit. Controls – 95% Desired Confidence Level Example: Two deviations were detected during the test. Auditor’s investigation indicates that both deviations had occurred when sales in excess of credit limits were made to existing customers. Further investigation disclosed that the sales manager instead of credit manager had approved the sale. The auditor now knows the nature and cause of the errors. Step 6: Calculate the Sample Deviation and the Computed Upper Deviation Rates After testing the sample items and summarizing the deviations from a control, the auditors evaluate the sample result. Auditors may use the following steps: 1. Determine the sample deviation rate Sample deviation rate = No. of deviations observed / Sample size Sample size too large to be cost-effective for most audit applications 2. Determine the upper deviation rate by using Table 9.5. The column for the actual The number in parentheses represents the number of deviations is read down until maximum number of deviations in a sample of the appropriate sample size is found. Allowance for sampling risk is the
(Geotechnologies and The Environment 9) Dean Goodman, Salvatore Piro (Auth.) - GPR Remote Sensing in Archaeology-Springer-Verlag Berlin Heidelberg (2013) PDF