1 / 30

Chapter 13: Audit Sampling Spring 2007

Chapter 13: Audit Sampling Spring 2007. Overview of Sampling. Basic Sampling Concepts. Definition of Audit Sampling

odakota
Download Presentation

Chapter 13: Audit Sampling Spring 2007

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 13: Audit SamplingSpring 2007

  2. Overview of Sampling

  3. Basic Sampling Concepts • Definition of Audit Sampling Audit sampling is the application of an audit procedure to less than 100% of the items within an account balance or class of transactions for the purpose of evaluating some characteristic of the balance or class. (SAS No. 39) • Why do we use sampling? • What are the two primary uses of sampling? • Test of Controls • Substantive Detail Tests • Less often used with inquiring, observing or analytical procedures unless dealing w/ multiple locations

  4. Intuitiveness of Sampling • Skydiving • How many parachutes would you want to have tested before you jumped out of a plane with one? • Odwalla • How would Odwalla ensure that their juice is good (in terms of health quality)?

  5. Basic Steps for all sampling • Basic Steps • Planning: start to develop an idea of how much comfort is necessary and how a sample of transactions can satisfy the relevant specific audit or internal control objective taking into consideration factors affecting sample size & audit efficiency • Selection: Select items so that they are representative of the population. • Evaluation: Interpret the results of the sample and what to the items from which the sample was selected and consider the “sampling risk” • Reliability of steps depends on: • Type of sampling plan used • Professional judgment

  6. Sampling Risks (p.555) True State of what is being tested Combined for both control and balance/transaction sampling Effective/Correct Ineffective/Incorrect • Risk of Assessing CR too low • Risk of Incorrect Acceptance Sample = clean results Correct Decision Results of Testing • Risk of Assessing CR too high • Risk of Incorrect Rejection Sample ≠ clean results Correct Decision

  7. Sampling & Non-sampling errors • Sampling risks – inherent risk of sampling • Effectiveness: assess CR too low or think bal is ok when not (beta risk) • Efficiency: assess CR too high or think bal is not ok when is (alpha risk) • In stat sampling sampling risk can be quantified as: one minus reliability. • Non-sampling risks – operator error • Select from pop that is not appropriate for objective • Failure to recognize deviations • Failure to evaluate findings properly

  8. Two primary uses of sampling • Test of Controls • Test of Details

  9. Control Testing • Testing of an attribute – does it work or not? • To determine the rate of deviation from a control operating effectively • Control environment control • Computer general control • Preventative control • Manual follow-up control • When does sampling not apply? • Inquiry & observation • Computer application controls

  10. Attributes Sampling and the Assessment of Control Risk Attributes sampling appropriate when: • Want to support CR below maximum • Documentary evidence of control procedure • Controls performed by individuals on transaction-by-transaction basis • Generally controls involve authorization, documents and records or independent checks • Doesn’t work for segregation of duties

  11. Test of Details Sampling • Testing that an assertion is materially correct – is the “number” right or not? • Completeness • Existence • Accuracy • Rights & Obligations (?) • Presentation& Disclosure (?) • When does sampling not apply? • When significant judgment is involved • When it is more efficient & effective to test 100% of the population (CAAT)

  12. “Coverage” testing • What is it? (p.567 2nd paragraph) • Is it “sampling”?

  13. Judgment Based Sampling (non-statistical) • Judgmental or Non-Statistical Requirements • Need to have subjective criteria and auditor experience – target the risk or higher $ amount • Sample results are evaluated and a conclusion is made regarding the entire population • Auditor’s judgment must be supported by documentation – fully explained

  14. Statistical Sampling • Statistical (Probability based): • Requirements • Homogonous population • Sample items should have a known probability of selection (i.e. generally random) • Sample results are evaluated mathematically in accordance with probability theory • Advantages • Can calculate the sample reliability and risk of reliance • Permits optimizing sample size given the mathematically measured risk they are willing to accept • Enables making objective statements about the population

  15. Question • Does Statistical sampling enable the auditor to quantify and control sampling risk? How and how not?

  16. Selecting a Representative Sample • Systematic Sampling • Select every nth item • Often used with random start, but this is still not ok for statistical sampling • What is random sample selection? • Must use for statistical sampling, can use for non-statistical sampling • Use a random number table or random number generator • Generally sample without replacement

  17. Selecting a Representative Sample cont… • To ensure a simple random sample: • Define the population and items included: • All y/e AR  Accts w/ zero, negative and positive balances • All checks written for year  all checks including voided and unrecorded checks • Define sampling frame: listing or other physical representation of items in the population – specific name of report you selected from • 12/31/0X AR Aging report • Check register for 1/1/0X to 12/31/0X

  18. What if an item can’t be found? • Ok to pick another? • No, usually not okay. This is a deviation for purposes of evaluating the sample

  19. Sampling in Tests of Controls

  20. Attributes Sampling and the Assessment of Control Risk • Recall: • For F/S audit, auditors must “obtain an understanding of internal control sufficient to plan the audit and to assess control risk” • Components of internal control are: • Control environment • Risk assessment • Information & communication • Control activities • Monitoring • Which component(s) of internal control can be sampled?

  21. Steps in Statistical Sampling for Controls • Determine the audit objectives. • Define the population and sampling unit. • Specify the attributes of interest. • Determine the sample size. • Determine the sample selection method. • Execute the sampling plan. • Evaluate the sample results.

  22. Attributes Sampling: Initial Planning Steps Step 1. Determining Audit Objective • Ensure you understand audit objectives the controls are addressing • May have to design different tests to ensure controls over all objectives are tested Step 2. Define Population and Sampling Unit • Population: the class of transactions being tested • Sampling Frame: where the selections were made from • Sampling unit: what is actually being tested Step 3. Specify Attributes of Interest • Attribute: evidence control is present or not

  23. Attributes Sampling: Determining Sample Size (step 4) For each attribute or control to be tested, the auditor must specify a numerical value for: • Risk of assessing control risk too low (1-reliability) • Inverse relationship w/ sample size 2. Tolerable deviation rate • Inverse relationship w/ sample size 3. Expected population deviation rate • Direct relationship w/ sample size • Note: Pop size has direct effect only if pop < 5000 4. Select sample size based on tables or sampling program (PCAOB set minimums)

  24. Attributes Sampling: Determining Sample Selection (step 5) Must use random method • To use, need to have way of associating a unique number with each item in population (i.e., use document sequence, etc) • Methods • Random number generator

  25. Attributes Sampling: Execute Sampling Plan (step 6) • Examine selected items to determine the nature and frequency of deviations from prescribed controls. • Deviations include • missing documents • absence of initials indicating performance of a control • discrepancies in the details of related documents and records • unauthorized values and mathematical errors found through reperformance of controls by the auditor.

  26. Attributes Sampling: Evaluate Sampling Results (step 7) • Calculate the sample deviation rate (which is the best estimate of the true deviation rate in pop) # deviations found / sample size examined • Determine the upper deviation or precision limit given your risk of assessing CR too low (use tables) • Why do the sample deviation rate and upper deviation limit differ???? • If sample deviation rate < UDL then can conclude at x% reliability that the true deviation rate is below the tolerable rate.

  27. Statistical Sampling for Test of Details • How does it differ from statistical sampling for controls?

  28. Non-Statistical Sampling for Tests of Controls • Programmed controls can be tested with a very small sample (appx 2) IF • General controls are strong) AND • There is comfort over program changes

  29. Steps in Non-Stat Sampling for Controls • Determine audit objectives and procedures • Determine population and sampling unit • Specify control of interest & evidence that control was effective or not • Judgmentally determine sample size • Risk of assessing CR too low => inverse • Tolerable deviation rate (TDR) =>inverse • Expected pop deviation rate => direct • Judgmentally select sample (gen haphazard) • Apply audit procedures for tests of controls • Evaluate sample results w/ comparison to TDR

  30. Non-stat sampling for controls: Sample size (firm “x” guidelines) Assuming NO errors Frequency of ControlSample size > 1 per day 25 Daily 15 Weekly 5 Monthly 2 Quarterly 1 Annually 1 What happens to sample size if expect errors?

More Related