Chapter 12: Audit Sampling Concepts

1 / 38

# akadms 3511 - management information systems - PowerPoint PPT Presentation

Chapter 12: Audit Sampling Concepts. Chapter 12 objectives. Define sampling Discuss the advantages and disadvantages of statistical and non-statistical sampling Identify three ways that a statistical sampling method can be selected

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

## PowerPoint Slideshow about 'akadms 3511 - management information systems ' - sandra_john

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Chapter 12 objectives
• Define sampling
• Identify three ways that a statistical sampling method can be selected
• Describe the 14 steps in planning, selecting, performing the tests and evaluating a sample
Importance of sampling to auditors
• The auditor doesn’t look at everything… just pieces. The auditor CANNOT look at everything.
Purpose of sampling
• Sampling is a method of obtaining information that will permit an estimate of the value or quality of a population by examining only a portion of the population.
Auditors sample when
• The nature and materiality of the balance or class of transactions does not demand a 100% audit
• A decision must be made about the balance or class of transactions
• The time and cost to audit 100% of the population would be too great
Sampling is used to conduct
• Walk through tests (to understand internal controls)
• Tests of controls
• Tests of details
Representative sampling
• Definition: The characteristics in the sample of audit interest are approximately the same as those of the population
Practice question 12-17, p. 364
• Sampling multiple choice
• Concept check
Representative sampling (cont’d)
• Non-representativeness can occur due to:

-Non-sampling risk: Audit test do not uncover the exceptions in the sample due to failure to recognize them, or due to ineffective procedures

-Sampling risk: Results from testing less than the entire population

Statistical sampling
• Sampling that uses the laws of probability for selecting and evaluating a sample from a population for the purposes of reaching a conclusion about the population
• selected at random
• statistical calculations are used to measure and express the results
Similarities

Both require a structured process involving planning, selection, conducting, evaluating

Any type can be stratified

Differences

Sampling risk can be quantified in statistical sampling using mathematical formulae

Statistical vs. non-statistical
Non-probabilistic (judgmental) sample selection methods
• Directed sample selection, useful for:
• Items likely to contain errors
• Items containing selected characteristics (e.g. old amounts
• Large dollar item coverage
• Block sample selection (e.g. sequences)
• Haphazard sample selection
Probabilistic sample selection methods
• Simple random sample selection
• Systematic sample selection
• Probability proportionate-to-size sample selection (also known as MUS monetary unit sampling)
Statistical sampling

• for quantitative evaluation of the sample results.
• a more defensible expression of the test results.
• for more objective recommendations for management.
Statistical Sampling (cont’d)

• Requires random sample selection which may be more costly and time consuming.
• Might require additional training costs for staff members to use statistics or specialized software.
Non-statistical Sampling (Judgmental)

• Allows the auditor to inject his or her subjective judgment in determining the sample size and selection process to audit items of greatest value and highest risk.
• May be designed so that it is equally effective and efficient as statistical sampling while being less costly.
Non-statistical Sampling (Judgmental) (cont’d)

• Cannot draw objectively valid statistical inferences from the sample results.
• Cannot quantitatively measure and express sampling risk.
Practice problem 12-23 (p. 366)
• Does the implementation method matter?
Sampling process
• For both statistical and non-statistical methods, the four main parts are:

1. Planning the sample

2. Selecting the sample

• Performing the tests
• Evaluating the results
Sampling process
• We are going to look at the fourteen steps in the sampling process, comparing the process for tests of controls versus tests of details
Test of control:

Are the controls applied?

Are there monetary errors or fraud or other irregularities

Test of detail:

Auditor wants to determine the maximum amount of overstatement and understatement that could exist based on the sample

1. State the objectives of the test
Some controls can be sampled (e.g. is a shipping document attached?) while others cannot be (e.g. separation of duties)

Ability to sample for test of details depends on the nature of the population (e.g. capital assets may not be sampled, depending upon volume, while A/R confirmations will be

2. Decide if audit sampling applies
4. Define the population
• Population can be defined in a way to suit the audit tests
• Must sample from the entire population as defined
• In testing controls over sales population is likely recorded sales invoices
• In testing details in accounts receivable it is the recorded dollar population

Most populations can be stratified, if needed.

Tests of controls:

Usually a physical unit, e.g. invoice, shipping document, purchase order

Test of detail:

If MUS, would be the individual dollar

For non-statistical sampling, it is likely the unit making up the balance, e.g. an unpaid invoice

5. Define the sampling unit
Test of control

TER is the exception rate the auditor will permit in the population and still be willing to use the assessed control risk

As TER increases, the sample size decreases

Test of detail

Materiality is used to determine the tolerable misstatement amount for the audit of each account

These decisions require the use of professional judgment.

Test of control

Acceptable Risk of Assessing Control Risk Too Low (ARACR) is the risk that the auditor will take of accepting controls as effective when population error rates are actually greater

Test of detail

Acceptable Risk of Incorrect Acceptance (ARIA) is the risk the auditor will take of accepting a balance as correct when the true misstatement is greater than materiality

7. Specify ARACR or ARIA
Test of control

Assumes TER 6%, ARACR 10%, true error rate 8%

True error rate exceeds TER, so population is NOT acceptable, but auditor does not know!

Test of detail

If ARIA changes from 10% to 5%, sample size increases, since assurance required increases

When controls are good (control risk is low), ARIA can be increased

Specify ARACR or ARIA (cont’d) examplesARACR and ARIA are measures of sampling risk.
Test of control

Estimated population error rate (EPER) is an advance estimate of the percentage of exceptions in the population

The lower the EPER, the smaller the sample size

Test of detail

Provide an advance estimate of the total dollar error (misstatements) in the population

Use prior year data and professional judgment.

8. Estimate population exception rate or misstatements
9. Determine the initial sample size
• For non-statistical (also called judgmental) sampling, professional judgment is used to calculate the sample size
• For statistical sampling, mathematical formulae are used, either in specially prepared tables or using software designed for audit sampling
• For stratified sampling, the sample is allocated among the strata
10. Select the sample
• Using the number of items determined in Step #9, choose the items from the population using the sampling unit defined in Step #5
• Use probabilistic or non-probabilistic methods
• To enable quantification of sampling risk, probabilistic (statistical) methods must be used
11. Perform the audit procedures
• For test of controls, examine each item for the attribute defined in Step #3, recording all exceptions found (e.g. all sales approved for credit)
• For test of details, apply the audit procedures to each item to determine whether it is correct or contains a misstatement (e.g. send and reconcile confirmations, conduct alternative procedures)
12. Generalize from the sample to the population
• For test of controls sample error rate (SER) equals actual number of exceptions divided by actual sample size
• But that is not necessarily equal to the actual population rate: a potential range must be calculated
• In practice, auditors tend to test controls when they expect no exceptions

Method of generalization depends on the sampling methodology used

12. Generalize from the sample to the population (cont’d)
• When generalizing tests of details, auditors deal with dollar amounts rather than with exceptions
• Misstatements found are projected from the sample results to the population
• Need to consider sampling error and sampling risk (ARIA)
Test of control

What breakdown in internal controls caused the exceptions? (does it affect control risk?)

Should additional substantive testing be conducted because of these results?

Test of detail

Were the misstatements caused by control exceptions? (need to reassess control risk?

13. Analyze exceptions or misstatements
Test of control

If TER (Tolerable Error Rate) is sufficiently larger than SER (sample error rate) will normally accept the population

Test of detail

Compare the difference between the projection to the population and materiality

Use decision rule for statistical sampling

14. Decide the acceptability of the population
14. Decide the acceptability of the population (cont’d)
• What if the auditor decides the population is NOT acceptable? What to do?
• 1. Revise TER (tolerable error rate), ARACR, or ARIA (the risks of accepting incorrect populations) - not easily defensible
• 2. Expand the sample size. Will decrease the sampling error OR you could end up with the same result.
• 3. Revise assessed control risk. This will likely mean an increase in tests of detail.
• 4. Report weaknesses in management letter.