CHAPTER ONE

AUDIT SAMPLING

1.1.Understand the Nature and Methods of Audit Sampling

Audit sampling refers to the process of using auditing procedures to test less than 100 percent of various items
in a company‟s account balance such that each unit may have an equal opportunity of being selected. Thus
audit sampling can be defined as the process of selecting a subset of a population of items for the purpose of
making inferences to whole population. In auditing, sampling procedures are used because it is not practical to
examine every single item in a population.

Audit sampling is used to conduct tests of controls and substantive tests.

Audit sampling helps auditors on doing their audit work at a given period of time. Normally, it is possible
for an auditor to make detailed examination on all the items being examined. Besides, audit sampling helps to
detect error and any material misstatements.

 A representative sample is one in which the characteristics in the sample of audit interest are
approximately the same as those of the population.

 In practice, auditors never know whether a sample is representative, even after all testing is
complete. (The only way to know if a sample is representative is to subsequently audit the entire
population.) However, auditors can increase the likelihood of a sample being representative by using
care in designing the sampling process, sample selection, and evaluation of sample results.

 A sample result can be non- representative due to non- sampling error or sampling error. The risk of
these two types of errors occurring is called non sampling risk and sampling risk, respectively.

Non sampling risk is the risk that audit tests do not uncover existing exceptions in the sample.

The two causes of non-sampling risk are:

i. The auditor‟s failure to recognize exception because of exhaustion, boredom, or lack of

ii. Inappropriate or ineffective audit procedures.

Sampling risk is the risk that an auditor reaches an incorrect conclusion because the sample is not
representative of the population. Sampling risk is an inherent part of sampling that result from testing less
than the entire population.

Auditors have two ways to control sampling risk:

1) Adjust sample size.

2) Use an appropriate method of selecting sample items from the population.

Audit Sample selection approaches

The auditor may prefer to use either (A) all item selection or (B) specific selection, based on the purpose of
selection and other considerations.

1
Audit Sample Selection Methods

 Statistical Vs. Non-statistical Sampling

Audit sampling methods can be divided into two broad categories: statistical sampling and non-statistical
sampling. The following table summarizes the meaning, advantage and disadvantage of each category.

Table 1-1 Statistical and Non-statistical sampling

Statistical Non-statistical
 Through the application of mathematical  Auditor does not quantify sampling risk.
rules.  Instead, those sample items that auditor
 It allows the quantification (measurement) of believes will provide the most useful
sampling risk in planning the sample and information in the circumstances are
evaluating the results. selected.
 Example: Statistical result at a 95%  Conclusions are reached about populations
confidence level provides a 5% sampling on judgmental basis.
risk.
Advantages Disadvantage
 Very accurate.  Inadequacy of the samples.
 Economical in nature.  Chances for bias.
 Very reliable.  Problems of accuracy.
 High suitability ratio towards the different  Difficulty of getting the representative
surveys. sample.
 Takes less time.  Untrained manpower.
 In cases when the universe is very large, then  Absence of the informants.
the sampling method is the only practical  Chances of committing the errors in
method for collecting the data. sampling.

 Probabilistic Vs. Non-probabilistic Sampling

Probabilistic sample selection is a method of selecting a sample such that each population item has a known
probability of being included in the sample. It is commonly associated with statistical sampling.

Non-probabilistic sample selection is a method in which the auditor uses professional judgment rather than
probabilistic methods. It is commonly associated with non-statistical audit sampling.

Probabilistic sample selection methods include the following:

1) Simple Random sample selection

This method of sampling ensures that all items within a population stand an equal chance of selection by the
use of random number tables or computer generation of random numbers. The sampling units could be
physical items, such as sales invoices or monetary units.

2) Systematic sample selection

The method divides the number of sampling units within a population into the sample size to generate a
sampling interval. The auditor selects the items for the sample based on the size of the interval. The first item in
sample is selected at random.

2
 3) Probability Proportionate to Size sample selection (PPS)

A sample is taken where the probability of selecting any individual population item is proportional to its
recorded amount. PPS is evaluated using monetary unit sampling (MUS).

Emphasis is on large dollar items!

4) Stratified sample selection

The population is divided into subpopulations by size and larger samples are taken of the larger
subpopulations. Stratified sample selection is evaluated using variables sampling.

In many auditing situations, it is advantageous to select samples that emphasize population items with larger
recorded amounts. Thus, this is done by probability Proportional to Size and Stratified Sample Selection.

On the other hand, non-Probabilistic sample selection methods include the following:

1) Directed sample selection

In this method item selection is based on auditor judgmental criteria. The following issues should be considered
when using directed sample selection method:

 Items most likely to contain misstatements

 Items containing selected population characteristics

 Large dollar coverage

2) Block sample selection

This method of sampling involves selecting a block (blocks) of contiguous items from within a population.
Hence several items are selected in sequence forming „„blocks‟‟ of items. For example, assume the block
sample will be a sequence of 100 sales transactions from the sales journal for the third week of March. Auditors
can select the total sample of 100 by taking 5 blocks of 20 items, 10 blocks of 10 items, 50 blocks of 2 items or
1 block of 100 items.

Block selection is rarely used in modern auditing because valid references cannot be made beyond the period or
block examined. In situations when the auditor uses block selection as a sampling technique, many blocks
should be selected to help minimize sampling risk.

3) Haphazard sample selection

This method assumes selection of sample without regard to size, source, or distinguishing characteristics. When
the auditor uses this method of sampling, he does so without following a structured technique. This method of
sampling is not appropriate when using statistical sampling. Care must be taken by the auditor when adopting
haphazard sampling to avoid any conscious bias or predictability.

Audit Sampling for Exception Rates

As an auditor, you need to estimate the proportion of items in a population containing a characteristic or
attribute of interest. The occurrence rate, or exception rate, is the ratio of the items containing the specific
attribute to the total number of population items. Or Exception rate refers to the percent of items in a
population that include exceptions in prescribed controls or monetary correctness. Example: invoices are not
properly verified 2 percent of the time.

3
Following are types of exceptions in populations of accounting data:

1) Deviations from client‟s established controls

2) Monetary misstatements in populations of transaction data

3) Monetary misstatements in populations of account balance details (requires a dollar estimate)

Note that the difference between sample exception rate and population exception rate is known as Sampling
Error and that the reliability of sampling error estimate is Sampling Risk.

See the next example:

Assume a 3% sample exception rate and sampling error of 1% with a sampling risk of 10%. We conclude that
the population exception rate is between 2% and 4% at a 10% risk of being wrong (or 90% chance of being
right).

Formula! Population exception rate = Sample Exception Rate + Sampling Error

1.2. Audit Sampling for Tests of Controls

Tests of controls are used to determine the client‟s internal control systems comply with the stated policies,
plans, laws and regulations. Auditors evaluate the design of controls and determine if the controls are in
operation. They must also obtain evidence whether the controls are operating effectively.

Tests of controls are established to detect material error and whether the controls are operating effectively
throughout the period being audited. Normally tests of control provide information as to the rate of error in
terms of control failure rather than to enable direct extrapolation in terms of monetary errors in the financial
statements.

Auditors are concerned with the risk of assessing control risk too high and risk of assessing control risk
too low.

The risk of assessing control risk too high: this risk is the possibility that the sample results will cause the
auditor to assess control risk at higher level than is warranted.

The risk of assessing control risk too low: this more important risk is the possibility that the sample results will
cause the auditor to assess control risk at lower level than is warranted based on the actual operating
effectiveness of control. Auditors will inappropriately reduce the extent of substantive testing.

4
Figure 1-2: Sampling Risks- Tests of Controls

* Audit Sampling Steps

Auditors use 14 well-defined steps to apply audit sampling to tests of controls and substantive tests of
transactions. These steps are divided into three phases given below. Auditors should follow these steps carefully
to ensure proper application of both the auditing and sampling requirements.

Phase 1: Plan the sample

Phase 2: Select the sample and perform the tests

Phase 3: Evaluate the results

1. PLAN THE SAMPLE

1 State the objectives of the audit test.

Specifying the audit objective needs combination of sampling and other audit procedures. Sampling is used in
two ways:

 To estimate account balance that is not recorded.

 To test reasonableness of recorded account balance.

The objectives of the test must be stated in terms of the transaction cycle being tested. Typically, auditors
define the objectives of tests of controls and substantive tests of transactions:

 Test the operating effectiveness of controls

 Determine whether the transactions contain monetary misstatements

2. Decide whether audit sampling applies.

Audit sampling applies whenever the auditor plans to reach conclusions about a population based on a sample.
The auditor should examine the audit program and select those audit procedures where audit sampling applies.

5
Audit sampling does not apply for some procedures in a given audit program. Example:

i. Review sales transactions for large and unusual amounts (analytical procedure).

ii. Observe whether the duties of the accounts receivable clerk are separate from handling cash (test of
control).

3. Define attributes and exception conditions.

When audit sampling is used, auditors must carefully define the characteristics (attributes) being tested and the
exception conditions. Exception or Misstatement: a difference that affects the correctness of the overall
account balance.

Unless auditors carefully define each attribute in advance, the staff person who performs the audit
procedures will have no guidelines to identify exceptions.

Attributes of interest and exception conditions for audit sampling are taken directly from the auditor‟s audit
procedures.

Example: ''Credit is approved'' is an attribute for tests of billing function of ABC Trading and ''Lack of initials
indicating credit approval'' is the related exception condition.

4. Define the population.

Audit population refers to all items constituting an account balance or class of transactions defined by auditor’s
characteristic of interest. The population is those items about which the auditor wishes to generalize. Auditors
can define the population to include any items they want, but when they select the sample, it must be selected
from the entire population as it has been defined. The auditor should test the population for completeness and
detail tie-in before a sample is selected to ensure that all population items are subjected to sample selection.

5. Define the sampling unit.

Sampling units are the individual auditable elements as defined by the auditor. Auditor needs assurance that the
list accurately represents the population. The sampling unit is the physical unit that corresponds to the random
numbers the auditor generates. It is often helpful to think of the sampling unit as the starting point for doing the
audit tests.

For the sales and collection cycle, the sampling unit is typically a sales invoice or shipping document number.
For example, if the auditor wants to test the occurrence of sales, the appropriate sampling unit is sales invoices
recorded in the sales journal. If the objective is to determine whether the quantity of the goods described on the
customer‟s order is accurately shipped and billed, the auditor can define the sampling unit as the customer‟s
order, the shipping document, or the duplicate sales invoice, because the direction of the audit test doesn‟t
matter for this audit procedure.

6. Specify the tolerable exception rate (TER).

Exception rate that the auditor will permit in the population and still be willing to conclude the control is
operating effectively and/or the amount of monetary misstatements in the transactions established during
planning is acceptable (tolerable materiality).

 TER is the result of auditor judgment and is affected by materiality.

 More controls operating for an audit objective result in higher TER.

6
  High TER => Low sample size; Low TER =>High sample size

7. Specify acceptable risk of assessing control risk too low (ARACR).

The risk that the auditor is willing to take of accepting a control as effective or a rate of monetary
misstatements as tolerable, when the true population exception rate is greater than TER.

 ARACR is a measure of sampling risk.

 The lower the assessed CR => The lower the ARACR => The fewer tests of detailed balances.

The guidelines used for ARACR and TER Tests of controls are summarized in Table 1-2 below.

Table 1-2: Guidelines for ARACR and TER Tests of Controls

Judgment Guideline

Lowest assessed control risk ARACR of low

Moderate assessed control risk ARACR of medium

Higher assessed control risk ARACR of high

100% assessed control risk ARACR is not applicable

Highly significant balances TER of 4%

Significant balances TER of 5%

Less significant balances TER of 6%

8. Estimate the population exception rate (EPER).

Estimated population exception or error rate is exception rate that the auditor expects to find in the population
before testing begins.

 EPER is a judgmental estimate based on knowledge of client.

 Low EPER => Low sample size.

 As EPER approaches TER, more precision is needed and larger sample size is needed.

9. Determine the initial sample size.

Initial sample size refers to sample size decided after considering the above factors in planning.

II. SELECT THE SAMPLE AND PERFORM THE TESTS

10. Select the sample.

After auditors determine the initial sample size for the audit sampling application, they must choose the items in

7
the population to include in the sample. Auditors can choose the sample using any of the probabilistic or
non-probabilistic methods we discussed earlier in this chapter.

11. Perform the audit procedures.

The auditor performs the audit procedures by examining each item in the sample to determine whether it
is consistent with the definition of the attribute and by maintaining a record of all the exceptions found.

III. EVALUATE THE RESULTS

12. Generalize from the sample to the population.

The sample exception rate (SER) can be easily calculated from the actual sample results. SER equals the
actual number of exceptions divided by the actual sample size. It is improper for the auditor to conclude that
the population exception rate is exactly the same as the sample exception rate, as there is only a slight
chance they are identical.

For non-statistical methods, auditors use two ways to generalize from the sample to the population:

i. Add an estimate of sampling error to SER to arrive at a computed upper exception rate (CUER) for a
given ARACR.

ii. Subtract the sample exception rate from the tolerable exception rate to find the calculated sampling
error (TER – SER), and evaluate whether it is sufficiently large to conclude that the true population
exception rate is acceptable.

When SER exceeds the EPER used in designing the sample, auditors usually conclude that the sample results
do not support the preliminary assessed control risk. In that case, auditors are likely to conclude that there is
an unacceptably high risk that the true deviation rate in the population exceeds TER.

13. Analyze exceptions.

Auditors must analyze individual exceptions to determine the breakdown in the internal controls that allowed
them to happen. Exceptions can be caused by many factors, such as carelessness of employees, misunderstood
instructions, or intentional failure to perform procedures.

14. Decide the acceptability of the population

When generalizing from the sample to the population, most auditors using non-statistical sampling subtract SER
from TER and evaluate whether the difference (calculated sampling error) is sufficiently large. If the auditor
concludes the difference is sufficiently large, the control being tested can be used to reduce assessed control
risk as planned, assuming a careful analysis of the exceptions does not indicate the possibility of other
significant problems with internal controls.

When the auditor concludes that TER – SER is too small to conclude that the population is acceptable, or when
SER exceeds TER, the auditor must follow one of four courses of action:

 Revise TER or ARACR

Four factors determine sample size for audit sampling (for tests of controls): population size, TER, ARACR, and

8
EPER. Population size is not a significant factor and typically can be ignored, especially for large populations.
To understand the concepts underlying sampling in auditing, you need to understand the effect of increasing or
decreasing any of the four factors that determine sample size, while the other factors are held constant.

Table 1-3 shows the effect on sample size of independently increasing each factor. The opposite effect will
occur for decreasing each factor. A combination of two factors has the greatest effect on sample size: TER
minus EPER. The difference between the two factors is the precision of the initial sample estimate. A
smaller precision, which is called a more precise estimate, requires a larger sample.

At one extreme, assume TER is 4% and EPER is 3%. In this case, precision is 1%, which will result in a large
sample size. Now assume TER is 8% and EPER is zero for an 8% precision. In this case the sample size can
be small and still give the auditor confidence that the actual exception rate is less than 8%, assuming no
exceptions are found when auditing the sample.

Table 1-3: Effect on Sample Size of Changing Factors

Type of Change Effect on Initial Sample Size

 Increase ARACR too low Decrease

 Increase TER Decrease

 Increase EPER Increase

 Increase population size Increase (minor)

1.3. Audit Sampling for Substantive Tests

Substantive tests are conducted to provide audit evidence to the completeness, accuracy and validity of the
information contained in the financial statements.

Substantive tests are designed to detect material misstatements that may exist in the financial statements. Hence
the sampling techniques should be designed in such a way that auditors are able to estimate the amount of
misstatement in a particular account balance. Based on the sample results therefore auditors are able to conclude
whether there is high risk of material misstatement in the account balance.

Sampling risk for substantive test includes:

 The risk of incorrect rejection (alpha risk):- this is the possibility that the sample results will indicate
that an account balance is materially misstated when in fact it is not misstated.

 The risk of incorrect acceptance (beta risk):- this is the possibility that the sample results will
indicate that an account balance is not materially misstated when in fact it is materially misstated.

Figure 1-3 illustrates the sampling risks associated with substantive tests.

Figure 1-3: Sampling Risks- Substantive Tests

9
Sensitivity of Sample Size to a Change in Factors (Substantive tests)

 Six factors determine sample size for substantive procedures: Alpha risk, Beta risk, Tolerable
misstatement, Population size, Standard deviation, and Expected misstatement.

 To understand the concepts underlying sampling for substantive procedures, you need to understand
the effect of increasing or decreasing any of the six factors that determine sample size, while the
other factors are held constant. See Table 1-4 for details.

Table 1-4: Factors Affecting Sample Size for Substantive Procedures

Attributes Sampling and Variables Sampling

The statistical sampling method most commonly used for tests of controls and substantive tests of
transactions is attributes sampling. Attributes sampling enables the auditors to estimate the rate of
occurrence of certain characteristics in the population. It is frequently used in performing tests of controls.

 For example, the auditor might use attributes sampling to estimate the percentage of the cash

10
 disbursements processed during the year that were not approved.

Variables sampling on the other hand provides the auditors with an estimate of a numerical quantity, such as
the dollar balance of an account. It defines the sampling unit as each transaction or account balance in the
population. This technique is primarily used by auditors to perform substantive tests.

 For example, variables sampling might be used to plan, perform, and evaluate a sample of accounts
receivable selected for confirmation.

Frequently used classical variable sampling plans for confirmation include mean per unit estimation (MPU),
ratio estimation and difference estimation.

Mean Per Unit (MPU) Illustration

Assume the following data for a hypothetical audit client.

Population Size = 100,000 accounts

Book value of accounts= $6,250,000

Other information:

 Tolerable misstatement = $364,000

 Estimated Standard Deviation= $15

 Sampling risk:

Incorrect Acceptance = 5%

Incorrect Rejection = 4.6 %

 MPU Risk Coefficients:

Required:

a) Determine sample size

b) Compute acceptance interval for substantive procedure

11
B) Computing Acceptance Interval To determine acceptance interval for substantive test, we first compute Adjusted
Allowance for Sampling Risk as follows:

This formula “adjusts” the allowance for sampling risk to consider the standard deviation of the audited values in the
sample. It holds the risk of incorrect acceptance at its planned level.

Additional information:

Standard deviation of audited values= $16

Estimate of total audited value= $6,100,000

12
13