Audit Sampling

Audit Sampling

Sampling is the process of selecting limited items from the population to represent the entire population. Although there are many audit procedures which do not involve sampling such as inquiry, observation, analytical review procedures, audit sampling is an investigative tool in which less than 100% of the total items within the population of items are selected to be audited. It is also an auditing technique that provides supporting evidence that allows auditors to issue audit opinions without having to audit every single item and transaction. The size of a sample necessary to provide sufficient audit evidence depends on both the objectives and the efficiency of the sample.

There are two general approaches to audit sampling which are statistical and nonstatistical. Although statistical sampling assists the auditor in quantitative ways, but, it is not a substitute for professional judgment. That’s why, the auditor must exercise professional judgement in both statistical and nonstatistical sampling. Evaluating the appropriateness of audit evidence is solely a matter of auditing judgment.

Both approaches to audit sampling, when properly applied, can provide sufficient audit evidence. The sufficiency of audit evidence is related to the design and size of an audit sample, among other factors. The difference between statistical and non-statistical sampling is that statistical sampling allows the user to measure the sampling risk associated with the procedure while even a perfectly designed nonstatistical plan cannot provide for the measurement of sampling risk. Generally, the decision to apply a statistical or non-statistical sampling application to a particular audit test is a matter of cost effectiveness. Statistical applications usually require more training for auditors and more time to apply. But, in recent decades, many audit programs have been developed for sampling approaches which use predetermined allowances for acceptable sampling risk, expected and tolerable error.  If the selected sample does not have the ability to represent the population, sampling risks arise. Sampling risks;

• Opinion that controls are effective but ineffective — alpha risks (type I error)
• Opinion that controls are effective when they are not — beta risk (type II error)

Audit risk includes both uncertainties due to sampling and uncertainties due to factors other than sampling. These aspects of audit risk are sampling risk and nonsampling risk.

Nonsampling Risk; Nonsampling risk includes all audit risks other than sampling risk. Or, stated differently, nonsampling risk is the probability of arriving at an incorrect conclusion, despite having selected a correct sample.

Sampling Risk; To summarize in a nutshell without describing with technical terms, because it is impossible for auditors to check the whole population due to time and cost constraints, they must use sampling, which gives rise to sampling risk. In literature, sampling risk is a risk that the auditor’s conclusion may be different if it is based on the entire population instead of a sample when a test of controls or a substantive test is restricted to a sample. A number of factors contribute to risk such as viewing from the outside, management hiding errors, inadvertent mistakes, and employees trying to deceive. The use of audit sampling and, through it, the existence of sampling risk can affect two major areas of the audit procedures of an audit assignment. These are the test of controls and substantive procedures that auditors use.

• Sampling Risks in Tests of Controls: The test of controls is a process in which auditors examine the internal control systems of their clients to ensure these systems are effective in detecting or preventing and correcting material misstatements. The auditor is also concerned with two aspects of sampling risk in performing tests of controls when sampling is used.
  • The risk of assessing control risk too low is the risk that the assessed level of control risk based on the sample is less than the true operating effectiveness of the control.
  • The risk of assessing control risk too high is the risk that the assessed level of control risk based on the sample is greater than the true operating effectiveness of the control. It relates to the efficiency of the audit.
• Sampling risks in Substantive Testing: In performing substantive tests of details the auditor is concerned with two aspects of sampling risk which are the risk of incorrect acceptance and incorrect rejection. Tests of details consist of auditors using a sample to verify individual documents. However, in the case of the test of details, the goal isn’t to test the effectiveness of internal controls. The objective of the test of details is to verify the details of transactions.
  • The risk of incorrect acceptance, you may think a sample record is representative of the whole population when this is not really the case. Instead, the account balance is materially incorrect. Both the risk of incorrect acceptance and the risk of assessing control risk too low relate to the effectiveness of an audit in detecting an existing material misstatement.
  • The risk of incorrect rejection, you may decide that a certain record doesn’t represent the whole population of records, but it actually does. In other words, you incorrectly reject your sample and then gather more records in the same population to sample.

The auditors may use sampling procedures to estimate many different characteristics of populations, but generally estimates are either of a rate of occurrence (attribute sampling) or of a numerical quantity (variables sampling or proportional-to-size (PPS) sampling). The reason that defining the type of application is so important is that sample size is dependent on which type of application is being performed.

• Sampling in Tests of Controls: “Attribute sampling” is primarily used for testing internal controls and is used when the auditor is only concerned with acceptance or rejection of a hypothesis. It is used to reach a yes or no answer about a question.
• Sampling in Substantive Test: “Variables sampling” is used to reach a conclusion about a population in terms of an amount. It is commonly used to determine the dollar size of a population or to determine if the stated dollar size is correct.

Sampling in Tests of Controls: Attribute Sampling

It is used when it is desired to estimate how many times a particular trait occurs in a population. The important thing in attribute sampling is not how much the error or fraud is in monetary terms, but how many. This sampling technique is used in compliance audits; when we try to determine the existence of controls in processes and the effectiveness of these controls, attribute sampling should come to mind when it comes to compliance testing.

Controls often relate to authorization, validity, completeness, accuracy, appropriate classification, accounting in conformity with GAAP, and proper period. The dollar value of the samples has no effect on the sample size. Factors in determining sample size for a test of controls are;

• Risk of assessing control risk too low; There is an inverse relationship to sample size.
• Tolerable Deviation Rate; There is an inverse relationship to sample size.
• Expected Deviation Rate; There is an direct relationship to sample size
• Population Size; Population is not an issue provided that the population is large

The compliance rate is compared with the expected error rate to allow the auditor to determine whether someone can trust a control. Attribute sampling refers to three different but related types of proportional sampling.

• Sampling for attribute; it answers the question of “how many?”
• Stop-or-Go sampling; allows an audit test to be stopped as early as possible.
• Discovery sampling; this technique is used when we try to find at least one exception in the population instead of revealing the nature/character of the population unlike the others. It arises the auditor believes that deviation rate is zero or near zero.

Sampling in Substantive Test: Variable Sampling and PPS Sampling

Variable sampling is a statistical sampling method used to estimate the numerical measurement of a population, such as a dollar value. It is used to estimate the total monetary value or average value of the population based on the information obtained from the selected sample. A critical question to be answered before calculating the sample size for a variable sample is whether the population is relatively homogeneous. Homogeneous populations can be tested using smaller size samples as there are fewer exceptions to skew the results. If a population is non-homogeneous, the auditor can reduce the sample size through stratification and identifying individually significant items. Account balance, amount, valuation, presentation, and disclosure are more likely relate to substantive tests. Factors such as dollar amount, nature of the items, and nature of the test in determining the stratification for substantive test.

• Sample size has a direct relationship; Expected Misstatement, Standard Deviation, and Assessed Level of Risk.
• Sample size has an inverse relationship; Tolerable Misstatement, and Acceptable Level of Risk.

Classical variables sampling measures sampling risk by using the variation of the underlying characteristics of interest. There are three commonly used classical variables sampling plans.

• Mean-per-unit estimation, the sample size is affected by the variability in the population.
• Ratio estimation, is most effective if there is a correlation between book values and audit values.
• Difference estimation

PPS (Probability-Proportional-to-Size) Sampling is considered to be a hybrid method, because it uses attribute sampling theory to express a conclusion in dollar amounts rather than as a rate of occurrence. PPS sampling is a method designed to estimate overstatement errors. Zero balances, negative balances, and understated balances require special design considerations. PPS emphasizes larger items by stratifying the sample.