Auditing Sampling

examination of LESS THAN 100% of a population & using the results as a basis for drawing a GENERAL (not definitive) conclusion on the entire population (auditor is limited by time --- reasonable assurance)

Non-sampling risk

### human error

- wrong test

- do not perform tests correctly

Sampling Risk

### risk of drawing the wrong conclusion (i.e. risk of projecting a bad sample that does not represent population)

- 2 types of Sampling risk: Efficiency Error & Less Effective

What are the 2 types of Sampling Risk?

### Type I – Efficiency Error: population is OK but sample indicates NOT to rely on I/C (incorrectly reject)

Type II – Less Effective: population is BAD but sample indicates to rely on I/C (incorrectly accept)

Explain the effects of Type I (Sampling Risk)

### Type I – Efficiency Error ("too conservative")

Sample indicates NOT to rely on I/C when population is actually OK

- Under-Rely on I/C (too little), Assess RMM too HIGH, DR too LOW, Sub. Testing too HIGH

Therefore, inefficient (incorrectly reject) but still arrive at a valid opinion

Explain the effects of Type II (Sampling Risk)

### Type II – Less Effective ("over-aggressive", wrong answer)

Sample indicates to RELY on I/C when population is actually BAD

- Over-Rely on I/C (too much), Assess RMM too LOW, DR too HIGH, Sub. Testing too LOW

Therefore, less effective, incorrectly accept, & arrive at the wrong opinion

When is sampling used?

### 1. Test of Controls – to determine the operating effectiveness of controls Auditor's plan to rely on (doesn't deviate more than tolerable rate)

2. Test of Details (sub. procedures) – obtain S.A audit evidence to support management’s assertions

*not during planning phase

If the sample is BAD, and the population is GOOD, what is the sampling risk?

TYPE I – Efficiency Error (UNDER-RELY I/C, RMM TOO HIGH)

If the sample is GOOD & the population is BAD, what is the sampling risk?

TYPE II – Less Effective (OVER-RELY I/C, RMM TOO LOW) ---- Wrong Conclusion

When will the auditor want to rely on the control

### True Deviation Rate (actual) < Tolerable Deviation Rate

(RMM reduced, DR increased, SUB reduced)

True Deviation Rate (actual) < Tolerable Deviation Rate

### Auditor will want to RELY on I/C

(RMM reduced, DR increased, SUB reduced)

When will the auditor NOT want to rely on the control

### True Deviation Rate (actual) > Tolerable Deviation Rate

(RMM increased, DR reduced, SUB increased)

True Deviation Rate (actual) > Tolerable Deviation Rate

### Auditor will NOT want to rely on the control

(RMM increased, DR reduced, SUB increased)

Which sampling technique is usually applied to test of controls?

Attribute Sampling

What are the 2 risks associated with attribute sampling?

### 1. Risk of Assessing RMM too low (ineffective)

– Sample Deviation Rate < Tolerable Rate.... (Population True Dev > Tolerable) (over-rely on I/C)

2. Risk of Assessing RMM too high (Inefficient)

– Sample Deviation Rate > Tolerable Rate.. (under-rely on I/C)... (Population True Dev < Tolerable)

Which sampling technique is usually applied to substantive test of details?

Variable Estimation Sampling

What are the 2 risks risks associated with variable sampling?

### 1. Risk of Incorrect Acceptance (Ineffective):

– Estimated Amount (Sample) is close enough to recorded amount so, the Auditor concludes "materially correct". Amount is actually materially misstated (therefore, inappropriate conclusion)

2. Risk of Incorrect Rejection (Inefficient):

– Sample Amount is different enough from recorded amount . Auditor concludes "materially misstated", when population is actually "materially correct", but auditor does unnecessary amount of additional sub. Testing to arrive at the same conclusion

Statistical Sampling

### use of quantitative measures of the risk the auditor is taking in the use of sampling (formulas)

- auditor will still have to use judgement to det. Acceptable risk level

Non-statistical Sampling

### Judgmental Sampling

- using audit judgement to decided comfort level that conclusions are correct (usually overestimate required sample size)

- effective, but not as efficient using statistical techniques to determine a sufficient sample size

Judgmental Sampling

Non-statistical sampling

Incorrect Acceptance

ineffective Audit with inappropriate conclusion

Incorrect Rejection

inefficient audit with correct conclusion

Assess RMM too LOW

ineffective Audit with inappropriate conclusion

Assess RMM too HIGH

inefficient audit with correct conclusion

In regards to audit sampling, what will auditor often allow when the costs of additional testing is low?

### Higher risks of Assessing RMM too HIGH & Incorrect Rejection

***aka higher risks of inefficiency (more sub. testing)

## What are the effects on sample size (attribute sampling)?

1. Tolerable Rate

2. Expected Rate

3. Acceptable Risk

### 1. Tolerable Rate – Inverse Effect

2. Expected Rate – Direct Effect

3. Acceptable Risk – Inverse Effect

What are the types of attribute sampling?

### 1. Fixed Sample-Size Attribute Sampling

2. Stop-or-Go Sampling (Sequential Sampling)

3. Discover Sampling

Fixed Sample-Size Attribute Sampling

used to estimate the rate of deviations in the populations

Stop or Go Sampling (Sequential Sampling)

### type of attribute sampling

- allows the auditor to stop when sufficient data is gather

- appropriate when the expected deviation rate is low

- may provide the most efficient sample size in an attribute sampling plan (each step relies on the previous step - "sequential")

- auditor may stop sampling if no deviations are found

Discovery sampling

### type of attribute sampling

- used when expected deviation rate is very low, near zero

- sample size is usually large enough to find at least one deviation (if it exists)

- if population error rate > the tolerable rate... designed to measure the probability of at least one error occurring in a sample