CPA REVIEW SCHOOL OF THE PHILIPPINES AT-9209

Manila

AUDITING THEORY CPA Review

AUDIT SAMPLING

1. “Audit Sampling” involves the application of audit procedures to less than 100% of items
within an account balance or class of transactions.

2. Sampling may be statistical or nonstatistical.

I. STATISTICAL SAMPLING means any approach to sampling that has the following
characteristics:
a) Random selection of a sample; and
b) Use of probability theory to evaluate sample results.
II. NONSTATISTICAL SAMPLING – A sampling approach that does not have characteristics
(a) and (b).

AUDIT SAMPLING PLAN refers to the procedures an auditor applies to accomplish a sampling
application. It aids an auditor in forming conclusions about one or more characteristics of either
a particular class of transactions or a particular account balance.

1. ATTRIBUTE SAMPLING
• Applicable to tests of control.
• Used to test an entity’s rate of deviation (also called rate of occurrence) from a prescribed
control procedure.
2. VARIABLES SAMPLING
• Applicable to substantive tests.
• Most commonly used to test whether recorded account balances are fairly stated.

SAMPLING RISK

1. “Sampling risk” arises from the possibility that the auditor’s conclusion, based on a sample
may be different from the conclusion reached if the entire population were subjected to the
same audit procedures.

2. The confidence level (also called reliability level) is the mathematical complement of the
applicable sampling risk factor.

3. Sampling risk is to be measured and controlled. The auditor controls sampling risk by
specifying the acceptable level when developing the sampling plan.

4. For tests of control, sampling risk has the following aspects:

a. Risk of assessing control risk too low (Risk of overreliance/Beta risk/Type II risk)
• The risk that the auditor will conclude that control risk is lower than it actually is.
• It affects audit effectiveness and is more likely to lead to an inappropriate audit
opinion.
b. Risk of assessing control risk too high (Risk of Underreliance/Alpha risk/Type I risk)
• The risk that the auditor will conclude that control risk is higher than it actually is.
• It affects audit efficiency as it would usually lead to additional work to establish that
initial conclusions were incorrect.

5. For substantive tests, sampling risk has the following aspects:

a. Risk of incorrect acceptance (Beta risk/Type II risk)
• The risk that the auditor will conclude that a material error does not exist when in fact
it does.

Page 1 of 10 Pages
CPAR - MANILA AT-9209

• It affects audit effectiveness and is more likely to lead to an inappropriate audit

opinion.
b. Risk of incorrect rejection (Alpha risk/Type I risk)
• The risk that the auditor will conclude that a material error exists when in fact it does
not.
• It affects audit efficiency as it would usually lead to additional work to establish that
initial conclusions were incorrect.

NONSAMPLING RISK
Nonsampling risk arises from factors that cause the auditor to reach an erroneous conclusion for
any reason not related to the size of the sample. For example, most audit evidence is persuasive
rather than conclusive, the auditor might use inappropriate procedures, or the auditor might
misinterpret evidence and fail to recognize an error.

STEPS IN AN ATTRIBUTE SAMPLING PLAN

1. Define the objectives of the plan.

The auditor should clearly state what is to be accomplished.

2. Define the population.

For example, if an auditor’s objective is to test controls designed to assure that all shipped
goods are invoiced, the population would be defined as all shipping documents issued during
the period, not all sales invoices.

3. Define the attribute and deviation conditions.

An attribute is a characteristic of a control. For example, the supervisor’s signature of approval
on a document. A deviation is the absence of an attribute.

4. Determine the sample size.

The sample size is determined by considering the following factors:
a. Risk of assessing control risk too low
b. Tolerable deviation rate
c. Expected population deviation rate

Risk of assessing control risk too low

• There is an inverse relationship between this risk and the sample size. The higher the
acceptable risk, the smaller the sample size.
• Because the risk of assessing control risk too low relates to the effectiveness of the audit,
it is kept at a relatively low level by the auditor.

Tolerable deviation rate (tolerable error)

• This is the maximum deviation rate that the auditor is willing to accept.
• The lower the rate of deviation that the auditor is willing to accept, the larger the sample
size needs to be.

Expected population deviation rate (expected error)

• The rate of deviation from the prescribed control procedure the auditor expects to find in
the population.
• The higher the rate of deviation that the auditor expects, the larger the sample size needs
to be so as to be in a position to make a reasonable estimate of the actual rate of deviation.
• Factors relevant to the auditor’s consideration of the expected error rate include:
▪ The auditor’s understanding of the business (in particular, procedures undertaken to
obtain an understanding of the accounting and internal control systems);
▪ Changes in personnel or in the accounting and internal control systems;
▪ The results of audit procedures applied in prior periods; and
▪ The results of other audit procedures.

Page 2 of 10 Pages
CPAR - MANILA AT-9209

5. Determine the method of sample selection.

Some commonly used methods are:
a. Random number sampling
• Each item in the population has an equal chance and nonzero probability of selection.
• It is usually accomplished by generating random numbers from a random number
table or computer program and tracing them to associated documents or items in the
population.
• It is appropriate for both statistical and nonstatistical sampling.

b. Systematic selection
• The number of sampling units in the population is divided by the sample size to give
a sampling interval, for example 50, and having determined the starting point within
the first 50, each 50th sampling unit is thereafter selected.
• Although the starting point may be determined haphazardly, the sample is more likely
to be truly random if it is determined by use of a computerized random number
generator or random number tables.
• When using systematic selection, the auditor would need to determine that sampling
units within the population are not structured in such a way that the sampling interval
corresponds with a particular pattern in the population.

c. Block selection (or cluster sampling)

• It involves selecting a block(s) of contiguous items from within the population.
• It cannot ordinarily be used in audit sampling because most populations are structured
such that items in sequence can be expected to have similar characteristics to each
other, but different characteristics from items elsewhere in the population.
• Although in some circumstances it may be an appropriate audit procedure to examine
a block of items, it would rarely be an appropriate sample selection technique when
the auditor intends to draw valid inferences about the entire population based on the
sample.

d. Haphazard selection
• The auditor selects the sample without following a structured technique.
• It is not appropriate when using statistical sampling.

e. Stratification
• This involves subdividing a population into subpopulations or strata, i.e., a group of
sampling units which have similar characteristics (often monetary value).
• The strata must be explicitly defined so that each sampling unit can belong to only
one stratum.
• This method enables the auditor to direct his efforts towards the items he considers
would potentially contain the greater monetary error.

6. Perform the sampling plan.

The sampling units selected should be examined for the attributes of interest and deviations
should be documented in the working papers.

7. Evaluate and document results.

These include:
a. Determining the sample deviation rate.
Sample Deviation Rate = Number of deviations observed
Sample size

b. Determining the maximum population deviation rate (achieved upper deviation limit) and
the allowance for sampling risk (achieved precision).
• The maximum deviation rate is based on the sample size and the number of deviations
discovered. There are standard tables that yield maximum population deviation rates
at specified risks of assessing control risk too low.
• Allowance for sampling risk = Maximum Deviation Rate – Sample Deviation Rate
Page 3 of 10 Pages
CPAR - MANILA AT-9209

c. Considering qualitative information.

The auditor considers each of the deviation’s nature, importance, and probable cause.

d. Reaching an overall conclusion.

In assessing control risk, the auditor considers all available quantitative and qualitative
information.

COMMONLY USED ATTRIBUTES SAMPLING TECHNIQUES

1. Attribute estimation sampling

• A statistical sampling plan for tests of controls.
• Appropriate when an auditor wishes to estimate a true but unknown population deviation
rate.
• Uses a fixed sampling plan, i.e., the auditor tests a single sample.
2. Sequential sampling (also called stop-or-go sampling)
• The sampling plan is performed in several steps.
• Following each step, the auditor decides whether to stop or to go on to the next step.
• Appropriate when the auditor expects zero or very few deviations.
3. Discovery sampling
• Appropriate when the expected deviation rate is near zero and when the auditor’s
objective is to find at least one deviation in a sample if the actual population deviation
rate exceeds or equals a predetermined critical rate (tolerable deviation rate).

STEPS IN A VARIABLES SAMPLING PLAN

1. Determine the objectives of the test.

The auditor’s objective is to test the reasonableness of a recorded account balance, called
hypothesis testing.

2. Define the population and sampling unit.

For example, the population might consist of 1,000 accounts receivable with a reported book
value of P1,500,000.

3. Choose an audit sampling technique.

a. Statistical vs Nonstatistical
b. Classical Variables Sampling vs Probability-Proportional-To-Size Sampling

4. Determine the sample size.

The auditor considers the following:

a. Variation within the population
• Sample size varies in the same direction as the variation in population amounts. As
population variation increases, so does the sample size.
• An estimate of population variation is made by determining a population standard
deviation.
b. Acceptable risk of incorrect rejection
c. Acceptable risk of incorrect acceptance
d. Tolerable error – the maximum monetary error that may exist in an account balance
without causing the financial statements to be materially misstated.

5. Determine the method of sample selection.

6. Perform the sampling plan.
7. Evaluate the sample results.

Page 4 of 10 Pages
CPAR - MANILA AT-9209

The following procedures are performed:

a. Projecting the sample error to the population
b. Considering sampling risk
c. Considering qualitative information
d. Reaching an overall conclusion

CLASSICAL VARIABLES SAMPLING TECHNIQUES

a. MEAN-PER-UNIT ESTIMATION – A classical variables sampling technique that projects the

sample average to the total population by multiplying the sample average by the number of
items in the population.

b. DIFFERENCE ESTIMATION – A classical variables sampling technique that uses the average
difference between audited amounts and individual recorded amounts to estimate the total
audited amount of a population and an allowance for sampling risk.

c. RATIO ESTIMATION – A classical variables sampling technique that uses the ratio of audited
amounts to recorded amounts in the sample to estimate the total amount of the population
and an allowance for sampling risk.

Conditions for using difference and ratio estimation

1. Each population item must have a recorded book value.
2. Total population book value must be known.
3. Expected differences between audited and recorded book values must not be too rare.

Choosing between difference and ratio estimation

Ratio estimation is more appropriate when the differences are nearly proportional to book values.

Difference estimation is more appropriate when there is little or no relationship between the
absolute amounts of the differences and the book values.

PROBABILITY-PROPORTIONAL-TO-SIZE SAMPLING (PPS)

• PPS uses a peso as the sampling unit.

• PPS sampling gives each individual peso in the population an equal chance of selection.
• PPS is only useful for TESTS OF OVERSTATEMENTS (e.g., assets) since the sample selection
method dictates that the larger the transaction or amount, the more likely that it will be
selected.
• PPS is inappropriate for testing liabilities because understatement is the primary audit
consideration.

Examples of Factors Influencing Sample Size for Tests of Control

Effect on
Factor Sample Size
An increase in the auditor’s intended reliance on accounting and internal
control systems. Increase
An increase in the rate of deviation from the prescribed control procedure
that the auditor is willing to accept (tolerable error) Decrease
An increase in the rate of deviation from the prescribed control procedure
that the auditor expects to find in the population (expected error) Increase
An increase in the auditor’s required confidence level (or conversely, a
decrease in the risk that the auditor will conclude that the control risk
is lower than the actual control risk in the population) Increase
An increase in the number of sampling units in the population Negligible
effect

Page 5 of 10 Pages
CPAR - MANILA AT-9209

Examples of Factors Influencing Sample Size for Substantive Procedures

Effect on
Factor Sample Size
An increase in the auditor’s assessment of inherent risk Increase
An increase in the auditor’s assessment of control risk Increase
An increase in the use of other substantive procedures directed at the
same financial statement assertion Decrease
An increase in the auditor’s required confidence level (or conversely,
a decrease in the risk that the auditor will conclude that a material error
does not exist, when in fact it does exist) Increase
An increase in the total error that the auditor is willing to accept
(tolerable error) Decrease
An increase in the amount of error the auditor expects to find in the
population (expected error) Increase
Stratification of the population when appropriate Decrease
The number of sampling units in the population Negligible
effect

MULTIPLE CHOICE QUESTIONS

1. Audit sampling involves the

A. Selection of all items over a certain amount.
B. Application of audit procedures to less than 100% of items within a class of transactions
or an account balance such that all items have a chance of selection.
C. Application of audit procedures to all items that comprise a class of transactions or an
account balance.
D. Application of audit procedures to all items over a certain amount and those that are
unusual or have a history of error.

2. Population, as defined in PSA 530, means the entire set of data from which a sample is
selected and about which the auditor wishes to draw conclusions. It is important for the
auditor to ensure that the population is
I. Appropriate to the objective of the audit procedure.
II. Complete.
A. I only C. Both I and II
B. II only D. Neither I nor II

3. An advantage of statistical over nonstatistical sampling methods in tests of controls is that

the statistical methods
A. Afford greater assurance than a nonstatistical sample of equal size.
B. Provide an objective basis for quantitatively evaluating sampling risks.
C. Can more easily convert the sample into a dual-purpose test useful for substantive
testing.
D. Eliminate the need to use judgment in determining appropriate sample sizes.

4. The risk of incorrect acceptance and the likelihood of assessing control risk too low relate
to the
A. Effectiveness of the audit.
B. Efficiency of the audit.
C. Preliminary estimates of materiality levels.
D. Tolerable misstatement.

5. The likelihood of assessing control risk too high is the risk that the sample selected to test
controls
Page 6 of 10 Pages
CPAR - MANILA AT-9209

A. Does not support the auditor’s planned assessed level of control risk when the true
operating effectiveness of internal control justifies such an assessment.
B. Contains misstatements that could be material to the financial statements when
aggregated with misstatements in other account balances of transactions classes.
C. Contains proportionately fewer deviations from prescribed internal controls than exist
in the balance or class as a whole.
D. Does not support the tolerable misstatement for some or all of management’s
assertions.

6. While performing a test of details during an audit, the auditor determined that the sample
results supported the conclusion that the recorded account balance was materially
misstated. It was, in fact, not materially misstated. This situation illustrates the risk of
A. Incorrect rejection C. Assessing control risk too low
B. Incorrect acceptance D. Assessing control risk too high

7. Which of the following sample planning factors would influence the sample size for a
substantive test of details for a specific account?
Expected Error Tolerable Error
A. No No
B. Yes Yes
C. No Yes
D. Yes No

8. An underlying feature of random-based selection of items is that each

A. Stratum of the accounting population be given equal representation in the sample.
B. Item in the accounting population be randomly ordered.
C. Item in the accounting population should have an opportunity to be selected.
D. Item must be systematically selected using replacement.

9. Which of the following best illustrates the concept of sampling risk?

A. A randomly chosen sample may not be representative of the population as a whole on
the characteristic of interest.
B. An auditor may select audit procedures that are not appropriate to achieve the specific
objective.
C. An auditor may fail to recognize errors in the documents examined for the chosen
sample.
D. The documents related to the chosen sample may not be available for inspection.

10. Which of the following statistical selection techniques is least desirable for use by an auditor?
A. Systematic selection C. Block selection
B. Stratified selection D. Sequential selection

11. The expected population deviation rate of client billing errors is 3%. The auditor has
established a tolerable rate of 5%. In the review of client invoices the auditor should use
A. Stratified sampling C. Discovery sampling
B. Variable sampling D. Attribute sampling

12. Which of the following sampling methods would be used to estimate a numerical
measurement of a population, such as a peso value?
A. Attributes sampling C. Variables sampling
B. Stop-or-go sampling D. Random-number sampling

13. Which of the following statements is correct concerning statistical sampling in tests of
controls?
A. Deviations from control procedures at a given rate usually result in misstatements at a
higher rate.
B. As the population size doubles, the sample size should also double.
C. The qualitative aspects of deviations are not considered by the auditor.
D. There is an inverse relationship between the sample size and the tolerable rate.

Page 7 of 10 Pages
CPAR - MANILA AT-9209

14. Which of the following statistical sampling plans does not use a fixed sample size for tests
of controls?
A. Attributes sampling C. PPS sampling
B. Sequential sampling D. Variables sampling

15. If certain forms are not consecutively numbered

A. Selection of a random sample probably is not possible.
B. Systematic sampling may be appropriate.
C. Stratified sampling should be used.
D. Random number tables cannot be used.

16. When performing a test of a control with respect to control over cash receipts, an auditor
may use a systematic sampling technique with a start at any randomly selected item. The
biggest disadvantage of this type of sampling is that the items in the population
A. Must be systematically replaced in the population after sampling.
B. May systematically occur more than once in the sample.
C. Must be recorded in a systematic pattern before the sample can be drawn.
D. May occur in a systematic pattern, thus destroying the sample randomness.

17. In testing accounts receivable, an auditor sends out positive confirmation requests to 100
randomly selected customers. A customer returns the confirmation indicating that the
balance is correct when, in fact, the balance is overstated. This is an example of:
A. Projected misstatement. C. Standard error.
B. Sampling error. D. Nonsampling error.

18. An auditor is testing internal control procedures that are evidenced on an entity’s vouchers
by matching random numbers with voucher numbers. If a random number matches the
number of a voided voucher, that voucher ordinarily should be replaced by another voucher
in the random sample if the voucher
A. Constitutes a deviation.
B. Has been properly voided.
C. Cannot be located.
D. Represents an immaterial peso amount.

19. An auditor plans to examine a sample of 20 purchase orders for proper approvals as
prescribed by the client’s internal control procedures. One of the purchase orders in the
chosen sample cannot be found, and the auditor is unable to use alternative procedures to
test whether that purchase was properly approved. The auditor should
A. Choose another purchase order to replace the missing purchase order in the sample.
B. Consider this test of control invalid and proceed with substantive tests since internal
control cannot be relied upon.
C. Treat the missing purchase order as a deviation for the purpose of evaluating the
sample.
D. Select a completely new set of 20 purchase orders.

20. The tolerable rate of deviations for a test of a control is generally

A. Lower than the expected rate of errors in the related accounting records.
B. Higher than the expected rate of errors in the related accounting records.
C. Identical to the expected rate of errors in the related accounting records.
D. Unrelated to the expected rate of errors in the related accounting records.

21. If the auditor is concerned that a population may contain exceptions, the determination of
a sample size sufficient to include at least one such exception is a characteristic of
A. Discovery sampling C. Random sampling
B. Variables sampling D. PPS sampling

22. Which of the following courses of action would an auditor most likely follow in planning a
sample of cash disbursements if the auditor is aware of several unusually large cash
disbursements?

Page 8 of 10 Pages
CPAR - MANILA AT-9209

A. Set the tolerable rate of deviation at a lower level than originally planned.
B. Stratify the cash disbursements population so that the unusually large disbursements
are selected.
C. Increase the sample size to reduce the effect of the unusually large disbursements.
D. Continue to draw new samples until all the unusually large disbursements appear in
the sample.

23. While performing a test of details during an audit, an auditor determined that the sample
results supported the conclusion that the recorded account balance was materially
misstated. It was, in fact, not materially misstated. This situation illustrates the risk of
A. Assessing control risk too high
B. Assessing control risk too low
C. Incorrect rejection
D. Incorrect acceptance

24. For which of the following audit tests would an auditor most likely use attribute sampling?
A. Making an independent estimate of the amount of FIFO inventory.
B. Examining invoices in support of the valuation of fixed asset additions.
C. Selecting accounts receivable for confirmation of account balances.
D. Inspecting employee time cards for proper approval by supervisors.

25. The diagram below depicts the auditor’s estimated maximum deviation rate compared with
the tolerable rate and also depicts the true population deviation rate compared with the
tolerable rate.
True State of Population
Auditor’s
Estimate Deviation Rate Deviation Rate
Based on Is less than Exceeds
Sample Results Tolerable Rate Tolerable Rate

Maximum
Deviation Rate I. III.
Is Less than
Tolerable Rate

Maximum
Deviation Rate II. IV.
Exceeds
Tolerable Rate

As a result of tests of controls, the auditor assesses control risk higher than necessary and
thereby increases substantive testing. This is illustrated by
A. I C. III
B. II D. IV

Questions 26 and 27 are based on the following information.

An auditor desired to test credit approval on 10,000 sales invoices processed during the
year. The auditor designed a statistical sample that would provide 1% risk of assessing
control risk too low (99% confidence) that not more than 7% of the sales invoices lacked
approval. The auditor estimated from previous experience that about 2 ½% of the sales
invoices lacked approval. A sample of 200 invoices was examined and seven of them were
lacking approval. The auditor then determined the achieved upper precision limit to be 8%.

26. In the evaluation of this sample, the auditor decided to increase the level of the preliminary
assessment of control risk because the
A. Tolerable rate (7%) was less than the achieved upper precision limit (8%).
B. Expected deviation rate (7%) was more than the percentage of errors in the sample (3
½%).

Page 9 of 10 Pages
CPAR - MANILA AT-9209

C. Achieved upper precision limit (8%) was more than the percentage of errors in the
sample (3 ½%).
D. Expected deviation rate (2 ½%) was less than the tolerable rate (7%).

27. The allowance for sampling risk was

A. 5 ½%. C. 3 ½%.
B. 4 ½%. D. 1%.

28. In addition to evaluating the frequency of deviations in tests of controls, an auditor should
also consider certain qualitative aspects of the deviations. The auditor most likely would
give broader consideration to the implications of a deviation if it was
A. The only deviation discovered in the sample.
B. Identical to a deviation discovered during the prior year’s audit.
C. Caused by an employee’s misunderstanding of instructions.
D. Initially concealed by a forged document.

29. When the auditor goes through a population and selects items for the sample without regard
to their size, source, or other distinguishing characteristics, it is called
A. Block selection
B. Systematic selection
C. Haphazard selection
D. Random selection

30. When an auditor has chosen a random sample and is using nonstatistical attributes
sampling, that auditor
A. Need not consider the risk of assessing control risk too low.
B. Has committed a nonsampling error.
C. Will have to use discovery sampling to evaluate the results.
D. Should compare the deviation rate of the sample to the tolerable deviation rate.

31. An error that arises from an isolated event that has not recurred other than on specifically
identifiable occasions and is therefore not representative of similar errors in the population
is a/an
A. Anomalous error
B. Isolated error
C. Individual error
D. Non-recurring error

32. If all other factors specified in an attributes sampling plan remain constant, decreasing the
tolerable rate and decreasing the risk of assessing control risk too low would have what
effect on sample size?
A. Increase.
B. Remain the same.
C. Decrease.
D. Indeterminate, depends upon exact change being made.

33. Which of the following statements is correct about the sample size in statistical sampling
when testing internal controls?
A. The auditor should consider the tolerable rate of deviation from the controls being
tested in determining sample size.
B. As the likely rate of deviation decreases, the auditor should increase the planned
sample size.
C. The allowable risk of assessing control risk too low has no effect on the planned
sample size.
D. Of all the factors to be considered, the population size has the greatest effect on the
sample size.

--- END ---

Page 10 of 10 Pages