CHAPTER ONE

AUDIT SAMPLING
1.1. Understand the Nature and Methods of Audit Sampling
Audit sampling refers to the process of using auditing procedures to test less than 100 percent of
various items in a company’s account balance such that each unit may have an equal opportunity
of being selected. Thus audit sampling can be defined as the process of selecting a subset of a
population of items for the purpose of making inferences to whole population. In auditing,
sampling procedures are used because it is not practical to examine every single item in a
population.

Audit sampling is used to conduct tests of controls and substantive tests. Audit sampling helps
auditors on doing their audit work at a given period of time. Normally, it is possible for an
auditor to make detailed examination on all the items being examined. Besides, audit sampling
helps to detect error and any material misstatements.

 A representative sample is one in which the characteristics in the sample of audit interest are
approximately the same as those of the population.
 In practice, auditors never know whether a sample is representative, even after all testing is
complete. (The only way to know if a sample is representative is to subsequently audit the
entire population.) However, auditors can increase the likelihood of a sample being
representative by using care in designing the sampling process, sample selection, and
evaluation of sample results.
 A sample result can be non-representative due to non-sampling error or sampling error. The
risk of these two types of errors occurring is called non sampling risk and sampling risk,
respectively.
Non sampling risk is the risk that audit tests do not uncover existing exceptions in the sample.
The two causes of non-sampling risk are:
i. The auditor’s failure to recognize exception because of exhaustion, boredom, or lack of
understanding of what to look for.
ii. Inappropriate or ineffective audit procedures.
Sampling risk is the risk that an auditor reaches an incorrect conclusion because the sample is not
representative of the population. Sampling risk is an inherent part of sampling that result from
testing less than the entire population.
 Auditors have two ways to control sampling risk:
a. Adjust sample size.
b. Use an appropriate method of selecting sample items from the population.
Audit Sample selection approaches
The auditor may prefer to use either (A) all item selection or (B) specific selection, based on the
purpose of selection and other considerations. The following figure depicts when to apply each
selection approach.
Figure 1-1: Audit Sample selection approaches
Audit Sample Selection Methods
 Statistical Vs. Non-statistical Sampling
Audit sampling methods can be divided into two broad categories: statistical sampling and non-
statistical sampling. The following table summarizes the meaning, advantage and disadvantage
of each category.
Table 1-1 Statistical and Non-statistical sampling

 Probabilistic Vs. Non-probabilistic Sampling

Probabilistic sample selection is a method of selecting a sample such that each population item
has a known probability of being included in the sample. It is commonly associated with
statistical sampling.
Non-probabilistic sample selection is a method in which the auditor uses professional judgment
rather than probabilistic methods. It is commonly associated with non-statistical audit sampling.
Probabilistic sample selection methods include the following:
1) Simple Random sample selection
This method of sampling ensures that all items within a population stand an equal chance of
selection by the use of random number tables or computer generation of random numbers. The
sampling units could be physical items, such as sales invoices or monetary units.
2) Systematic sample selection
The method divides the number of sampling units within a population into the sample size to
generate a sampling interval. The auditor selects the items for the sample based on the size of the
interval. The first item in sample is selected at random.
3) Probability Proportionate to Size sample selection (PPS)
A sample is taken where the probability of selecting any individual population item is
proportional to its recorded amount. PPS is evaluated using monetary unit sampling (MUS).
Emphasis is on large dollar items!
4) Stratified sample selection
The population is divided into subpopulations by size and larger samples are taken of the larger
subpopulations. Stratified sample selection is evaluated using variables sampling. In many
auditing situations, it is advantageous to select samples that emphasize population items with
larger recorded amounts. Thus, this is done by probability Proportional to Size and Stratified
Sample Selection.
On the other hand, non-Probabilistic sample selection methods include the following:
1. Directed sample selection
In this method item selection is based on auditor judgmental criteria. The following issues should
be considered when using directed sample selection method:
 Items most likely to contain misstatements
 Items containing selected population characteristics
 Large dollar coverage
2. Block sample selection
This method of sampling involves selecting a block (blocks) of contiguous items from within a
population. Hence several items are selected in sequence forming ‘‘blocks’’ of items. For
example, assume the block sample will be a sequence of 100 sales transactions from the sales
journal for the third week of March. Auditors can select the total sample of 100 by taking 5
blocks of 20 items, 10 blocks of 10 items, 50 blocks of 2 items or 1 block of 100 items.
Block selection is rarely used in modern auditing because valid references cannot be made
beyond the period or block examined. In situations when the auditor uses block selection as a
sampling technique, many blocks should be selected to help minimize sampling risk.
3. Haphazard sample selection
This method assumes selection of sample without regard to size, source, or distinguishing
characteristics. When the auditor uses this method of sampling, he does so without following a
structured technique. This method of sampling is not appropriate when using statistical sampling.
Care must be taken by the auditor when adopting haphazard sampling to avoid any conscious
bias or predictability.
* Audit Sampling for Exception Rates
As an auditor, you need to estimate the proportion of items in a population containing a
characteristic or attribute of interest. The occurrence rate, or exception rate, is the ratio of the
items containing the specific attribute to the total number of population items. Or Exception rate
refers to the percent of items in a population that include exceptions in prescribed controls or
monetary correctness. Example: invoices are not properly verified 2 percent of the time.
Following are types of exceptions in populations of accounting data:
1) Deviations from client’s established controls
2) Monetary misstatements in populations of transaction data
3) Monetary misstatements in populations of account balance details (requires a dollar
estimate).
Note that the difference between sample exception rate and population exception rate is known
as Sampling Error and that the reliability of sampling error estimate is Sampling Risk.
See the next example:
Assume a 3% sample exception rate and sampling error of 1% with a sampling risk of 10%. We
conclude that the population exception rate is between 2% and 4% at a 10% risk of being wrong
(or 90% chance of being right).
1.2. Audit Sampling for Tests of Controls
Tests of controls are used to determine the client’s internal control systems comply with the
stated policies, plans, laws and regulations. Auditors evaluate the design of controls and
determine if the controls are in operation. They must also obtain evidence whether the controls
are operating effectively.
Tests of controls are established to detect material error and whether the controls are operating
effectively throughout the period being audited. Normally tests of control provide information as
to the rate of error in terms of control failure rather than to enable direct extrapolation in terms of
monetary errors in the financial statements.
Auditors are concerned with the risk of assessing control risk too high and risk of assessing
control risk too low.
 The risk of assessing control risk too high: this risk is the possibility that the sample
results will cause the auditor to assess control risk at higher level than is warranted.
 The risk of assessing control risk too low: this more important risk is the possibility that
the sample results will cause the auditor to assess control risk at lower level than is
warranted based on the actual operating effectiveness of control. Auditors will
inappropriately reduce the extent of substantive testing.
Figure 1-2: Sampling Risks- Tests of Controls
* Audit Sampling Steps
Auditors use 14 well-defined steps to apply audit sampling to tests of controls and substantive
tests of transactions. These steps are divided into three phases given below. Auditors should
follow these steps carefully to ensure proper application of both the auditing and sampling
requirements.
Phase 1: Plan the sample
Phase 2: Select the sample and perform the tests
Phase 3: Evaluate the results
I. PLAN THE SAMPLE
1. State the objectives of the audit test.
Specifying the audit objective needs combination of sampling and other audit procedures.
Sampling is used in two ways:
 To estimate account balance that is not recorded.\
 To test reasonableness of recorded account balance.
The objectives of the test must be stated in terms of the transaction cycle being tested. Typically,
auditors define the objectives of tests of controls and substantive tests of transactions:
 Test the operating effectiveness of controls
 Determine whether the transactions contain monetary misstatements
2. Decide whether audit sampling applies.
Audit sampling applies whenever the auditor plans to reach conclusions about a population based
on a sample. The auditor should examine the audit program and select those audit procedures
where audit sampling applies.
Audit sampling does not apply for some procedures in a given audit program. Example:
1. Review sales transactions for large and unusual amounts (analytical procedure).
2. Observe whether the duties of the accounts receivable clerk are separate from handling cash
(test of control).
3. Define attributes and exception conditions.
When audit sampling is used, auditors must carefully define the characteristics (attributes) being
tested and the exception conditions. Exception or Misstatement: a difference that affects the
correctness of the overall account balance.
  Unless auditors carefully define each attribute in advance, the staff person who performs
the audit procedures will have no guidelines to identify exceptions.
 Attributes of interest and exception conditions for audit sampling are taken directly from
the auditor’s audit procedures.
Example: ''Credit is approved'' is an attribute for tests of billing function of ABC Trading and
''Lack of initials indicating credit approval'' is the related exception condition.
4. Define the population.
Audit population refers to all items constituting an account balance or class of transactions
defined by auditor’s characteristic of interest. The population is those items about which the
auditor wishes to generalize. Auditors can define the population to include any items they want,
but when they select the sample, it must be selected from the entire population as it has been
defined. The auditor should test the population for completeness and detail tie-in before a sample
is selected to ensure that all population items are subjected to sample selection.
5. Define the sampling unit.
Sampling units are the individual auditable elements as defined by the auditor. Auditor needs
assurance that the list accurately represents the population. The sampling unit is the physical unit
that corresponds to the random numbers the auditor generates. It is often helpful to think of the
sampling unit as the starting point for doing the audit tests.
For the sales and collection cycle, the sampling unit is typically a sales invoice or shipping
document number. For example, if the auditor wants to test the occurrence of sales, the
appropriate sampling unit is sales invoices recorded in the sales journal. If the objective is to
determine whether the quantity of the goods described on the customer’s order is accurately
shipped and billed, the auditor can define the sampling unit as the customer’s order, the shipping
document, or the duplicate sales invoice, because the direction of the audit test doesn’t matter for
this audit procedure.
6. Specify the tolerable exception rate (TER).
Exception rate that the auditor will permit in the population and still be willing to conclude the
control is operating effectively and/or the amount of monetary misstatements in the transactions
established during planning is acceptable (tolerable materiality).
 TER is the result of auditor judgment and is affected by materiality.
 More controls operating for an audit objective result in higher TER.
  High TER => Low sample size; Low TER =>High sample size
7. Specify acceptable risk of assessing control risk too low (ARACR).
The risk that the auditor is willing to take of accepting a control as effective or a rate of monetary
misstatements as tolerable, when the true population exception rate is greater than TER.
 ARACR is a measure of sampling risk.
 The lower the assessed CR => The lower the ARACR => The fewer tests of detailed
balances.
The guidelines used for ARACR and TER Tests of controls are summarized in Table 1-2 below.
Table 1-2: Guidelines for ARACR and TER Tests of Controls

8. Estimate the population exception rate (EPER).

Estimated population exception or error rate is exception rate that the auditor expects to find in
the population before testing begins.
 EPER is a judgmental estimate based on knowledge of client
 Low EPER => Low sample size.
 As EPER approaches TER, more precision is needed and larger sample size is needed.
9. Determine the initial sample size.
Initial sample size refers to sample size decided after considering the above factors in planning.
II. SELECT THE SAMPLE AND PERFORM THE TESTS
10. Select the sample.
After auditors determine the initial sample size for the audit sampling application, they must
choose the items in the population to include in the sample. Auditors can choose the sample
using any of the probabilistic or non-probabilistic methods we discussed earlier in this chapter.

11. Perform the audit procedures.

The auditor performs the audit procedures by examining each item in the sample to determine
whether it is consistent with the definition of the attribute and by maintaining a record of all the
exceptions found.
III. EVALUATE THE RESULTS
12. Generalize from the sample to the population.
The sample exception rate (SER) can be easily calculated from the actual sample results. SER
equals the actual number of exceptions divided by the actual sample size. It is improper for the
auditor to conclude that the population exception rate is exactly the same as the sample exception
rate, as there is only a slight chance they are identical. For non-statistical methods, auditors use
two ways to generalize from the sample to the population:
1) Add an estimate of sampling error to SER to arrive at a computed upper exception rate
(CUER) for a given ARACR.
2) Subtract the sample exception rate from the tolerable exception rate to find the calculated
sampling error (TER – SER), and evaluate whether it is sufficiently large to conclude that
the true population exception rate is acceptable.
 When SER exceeds the EPER used in designing the sample, auditors usually conclude
that the sample results do not support the preliminary assessed control risk. In that case,
auditors are likely to conclude that there is an unacceptably high risk that the true
deviation rate in the population exceeds TER.
13. Analyze exceptions.
Auditors must analyze individual exceptions to determine the breakdown in the internal controls
that allowed them to happen. Exceptions can be caused by many factors, such as carelessness of
employees, misunderstood instructions, or intentional failure to perform procedures.
14. Decide the acceptability of the population
When generalizing from the sample to the population, most auditors using non-statistical
sampling subtract SER from TER and evaluate whether the difference (calculated sampling
error) is sufficiently large. If the auditor concludes the difference is sufficiently large, the control
being tested can be used to reduce assessed control risk as planned, assuming a careful analysis
of the exceptions does not indicate the possibility of other significant problems with internal
controls.
When the auditor concludes that TER – SER is too small to conclude that the population is
acceptable, or when SER exceeds TER, the auditor must follow one of four courses of action:
 Revise TER or ARACR
 Expand the sample size
 Revise assessed control risk
 Communicate with the audit committee or management
 Sensitivity of Sample Size to a Change in Factors (Tests of controls)
Four factors determine sample size for audit sampling (for tests of controls): population size,
TER, ARACR, and EPER. Population size is not a significant factor and typically can be
ignored, especially for large populations. To understand the concepts underlying sampling in
auditing, you need to understand the effect of increasing or decreasing any of the four factors
that determine sample size, while the other factors are held constant.
Table 1-3 shows the effect on sample size of independently increasing each factor. The opposite
effect will occur for decreasing each factor. A combination of two factors has the greatest effect
on sample size: TER minus EPER. The difference between the two factors is the precision of the
initial sample estimate. A smaller precision, which is called a more precise estimate, requires a
larger sample.
At one extreme, assume TER is 4% and EPER is 3%. In this case, precision is 1%, which will
result in a large sample size. Now assume TER is 8% and EPER is zero for an 8% precision. In
this case the sample size can be small and still give the auditor confidence that the actual
exception rate is less than 8%, assuming no exceptions are found when auditing the sample.
Table 1-3: Effect on Sample Size of Changing Factors
 1.3. Audit Sampling for Substantive Tests
Substantive tests are conducted to provide audit evidence to the completeness, accuracy and
validity of the information contained in the financial statements. Substantive tests are designed to
detect material misstatements that may exist in the financial statements. Hence the sampling
techniques should be designed in such a way that auditors are able to estimate the amount of
misstatement in a particular account balance. Based on the sample results therefore auditors are
able to conclude whether there is high risk of material misstatement in the account balance.
Sampling risk for substantive test includes:
 The risk of incorrect rejection (alpha risk):- this is the possibility that the sample results
will indicate that an account balance is materially misstated when in fact it is not
misstated.
 The risk of incorrect acceptance (beta risk):- this is the possibility that the sample results
will indicate that an account balance is not materially misstated when in fact it is
materially misstated.
Figure 1-3 illustrates the sampling risks associated with substantive tests.
Figure 1-3: Sampling Risks- Substantive Tests
* Sensitivity of Sample Size to a Change in Factors (Substantive tests)
 Six factors determine sample size for substantive procedures: Alpha risk, Beta risk,
Tolerable misstatement, Population size, Standard deviation, and Expected misstatement.
 To understand the concepts underlying sampling for substantive procedures, you need to
understand the effect of increasing or decreasing any of the six factors that determine
sample size, while the other factors are held constant. See Table 1-4 for details.

Table 1-4: Factors Affecting Sample Size for Substantive Procedures

 * Attributes Sampling and Variables Sampling

The statistical sampling method most commonly used for tests of controls and substantive tests
of transactions is attributes sampling. Attributes sampling enables the auditors to estimate the
rate of occurrence of certain characteristics in the population. It is frequently used in performing
tests of controls.

 For example, the auditor might use attributes sampling to estimate the percentage of the
cash disbursements processed during the year that were not approved.
Variables sampling on the other hand provides the auditors with an estimate of a numerical
quantity, such as the dollar balance of an account. It defines the sampling unit as each transaction
or account balance in the population. This technique is primarily used by auditors to perform
substantive tests.
 For example, variables sampling might be used to plan, perform, and evaluate a sample
of accounts receivable selected for confirmation.

Frequently used classical variable sampling plans for confirmation include mean per unit
estimation (MPU), ratio estimation and difference estimation.

Mean Per Unit (MPU) Illustration

Assume the following data for a hypothetical audit client.

  Population Size = 100,000 accounts
 Book value of accounts= $6,250,000

Other information:

 Tolerable misstatement = $364,000

 Estimated Standard Deviation= $15

Sampling risk:

 Incorrect Acceptance = 5%
 Incorrect Rejection = 4.6 %

MPU Risk Coefficients:

Required:

A. Determine sample size

B. Compute acceptance interval for substantive procedure

Solution:
 A. Determining Sample Size
First compute Planned Allowance for Sampling Risk (Planned ASR) using following formula:

Then determine Sample Size as follows:

B. Computing Acceptance Interval

To determine acceptance interval for substantive test, we first compute Adjusted Allowance for
Sampling Risk as follows: