Professional Documents
Culture Documents
AUDIT SAMPLING
Nature of Audit Sampling
Auditors frequently use sampling, usually in combinations with other
auditing procedures, in examining account balances or classes of
transactions.
As a result, auditors conclusion reach about account balances & classes
of transactions are based on testing samples rather than entire
populations.
Thus, w/n auditor decides to select less than 100 percent of
population for testing for purpose of making inferences about
population, it is called audit sampling.
There is neither sufficient time nor sufficient reason to test all of
transactions underlying entity's account balances or classes of
Why Do Auditors Use Sampling?
Auditors use sampling
To test controls (compliance tests) for assessing
control risk
To test balances (substantive tests) for
determining whether balances are materially
misstated.
Selecting A Representative Sample
A representative sample is one in w/c characteristics in sample of
audit interests are approximately same as those of population.
This means that sampled items are similar to items not sampled.
But, it could be highly representative, reasonably representative,
& non-representative.
Two things can cause a sample result to be non-representative:
AR = IR x CR x DR, where
Assurance model is in fact opposite of Audit risk model.
If audit risk is considered to be 5%, audit assurance is considered
Inherent Risk
It is perceived level of risk that material misstatement may
occur in client’s financial statements or underlying levels of
aggregation, in absence of internal control procedures.
It is linked to kind of activities of audited entity & depend on
Competence of staff
Audit techniques
Audit Planning and Audit Risk
Use of audit risk/audit assurance model relates to planning &
underlying resource allocation for particular audit programmed
or several audit programmed & has two purposes:
Providing high level of assurance: Assurance is provided at certain
level, e.g. for 95% assurance, audit risk is then 5%.
Performing efficient audits: with given assurance level of for example
95%, auditor should develop audit procedures taking into
consideration IR & CR.
This allows audit team to reduce audit effort in some areas & to focus
on more risky areas to be audited.
Audit Planning And Audit Risk
adequate controls are in place, one can assess control risk as 12.5%.
latter meaning that auditor can take more risks by reducing sample
size.
In end this will mean less detailed & less costly audit.
If auditor finds control effective, he or she will have over relied on system
Assume that TER is 6 percent, ARACR is high, and the true population
The auditor, of course, does not know the true population exception rate.
The ARACR of high means that the auditor is willing to take a fairly
substantial risk of concluding that the control is effective after all testing is
would have over relied on the system of internal control (used a lower
Factor
Assessed control risk. Consider:
Nature, extent, & timing of substantive tests (extensive
planned substantive tests relate to higher ACR & Vice Versa)
Quality of evidence available for tests of controls (lower quality
of evidence available results in a higher assessed CR & Vice Versa.)
Judgment Guideline
ARACR of low
Lowest assessed control risk
ARACR of medium
Moderate assessed control risk ARACR of high
Higher assessed control risk ARACR not applicable
Guidelines For ARACR And TER Tests Of
Control
Factor
Significance of the transactions and related account balances that
Internal controls are intended to affect
Judgment Guideline
Planned reduction in
substantive tests of TER for substantive
details of balances tests of transactions
Effect on initial
Type of change sample size
exception rate.
Most auditors using non-statistical sampling follow this approach.
Example, if auditor takes a sample of 100 items for attribute and finds no
It is much more likely that the true PER is less than or equal to the TER in the
Therefore, most auditors would probably find the population acceptable based
on the first sample result and not acceptable based on the second.
When SER exceeds the EPER used in designing the sample, auditors usually
conclude that the sample results do not support the preliminary assessed control
risk.
In that case, auditors are likely to conclude that there is an unacceptably high
Step 13: Analyze exceptions
In addition to determining SER for each attribute &
evaluating whether true (but unknown) exception rate is
likely to exceed TER,
Auditors must analyze individual exceptions to determine
breakdown in internal controls that allowed them to happen.
Exceptions can be caused by many factors, such as
carelessness of employees, misunderstood instructions, or
intentional failure to perform procedures.
Step 14: decide acceptability of
population
When generalizing from sample to population,
most auditors using non -statistical sampling
subtract SER from TER & evaluate whether
difference (calculated sampling error) is
sufficiently large.
If auditor concludes difference is sufficiently large,
the control being tested can be used to reduce
assessed control risk as planned.
Cont...