Escolar Documentos
Profissional Documentos
Cultura Documentos
In this module, you learn about the methods that can be used to gather evidence by
obtaining representative samples of transactions and balances. Attributes sampling is
presented in the context of tests of controls, while dollar-unit sampling (DUS) is explained
as it is used in performing substantive tests. (You may need to review statistical sampling
from earlier accounting courses to ensure that you understand the statistical concepts
underlying the material in this module.)
As you work through each topic, you build your understanding of audit sampling. You also
apply what you have learned by using a spreadsheet to perform dollar-unit sampling, and
evaluate the merits and limitations of this type of sampling.
Assignment reminder: Assignment 2 in Module 7 is due at the end of week 7 (see Course
schedule in the course navigation). You may wish to take a look at the assignment before
working on Module 6 to familiarize yourself with the requirements and to prepare for any
work that may be required in advance.
Begin your work on this module with a set of test-your-knowledge questions designed to
help you gauge the depth of study required.
Learning objectives
6.1 Explain why auditors use sampling, and describe the two applications of audit
sampling. (Level 2)
6.2 Explain statistical and nonstatistical sampling, describe the advantages of each
method, and explain when each method should be used. (Level 2)
6.3 Explain sampling error, including errors arising from alpha risk (Type 1 error), beta
risk (Type II error), and nonsampling error. (Level 2)
6.4 Outline the seven-step framework for conducting attribute sampling for tests of
control. (Level 2)
6.5 Describe the factors that influence sample size determination in attribute sampling,
and determine the sample size for a test of controls using statistical sampling.
(Level 2)
6.6 Describe how the auditor evaluates the results of a test in the context of
nonstatistical and statistical sampling. (Level 2)
6.7 Describe the nature of audit risk, sampling risk, and materiality in the context of
substantive testing. (Level 2)
6.8 Outline the seven-step framework for audit sampling in substantive testing, and
explain how an auditor can use stratification to reduce sample sizes in audit
sampling. (Level 2)
6.9 Describe the factors that influence sample size determination in substantive testing.
(Level 2)
6.10 Explain how the auditor evaluates the results of a test in substantive testing. (Level
2)
6.11 Describe and demonstrate the dollar-unit sampling process to test an account
balance. (Level 2)
Learning objective
● Explain why auditors use sampling, and describe the two applications of audit
sampling. (Level 2)
Required readings
Note: This module uses a variety of acronyms. Here is a table that summarizes
some of these terms. The definitions and terms on page 371 of the text are also
important for understanding this module.
LEVEL 2
Auditors usually do not test 100% of transactions or items in account balances because the
cost of doing so would be prohibitive. Also, auditors seek only reasonable assurance. Audit
sampling occurs whenever an auditor draws a conclusion about an entire class of
transactions or account balance based on the results of a (representative) sample from the
class or the balance.
Audit sampling addresses the sufficiency aspect of evidence as required under GAAS,
insofar as it relates to the extent of audit procedures used.
● to test balances (substantive tests) for determining whether balances are materially
misstated.
Exhibit 6.1-1 summarizes how the type of test performed relates to the focus of the audit
sampling. You can print out this table for later reference.
Method of The auditor would obtain The auditor would support existence
testing supporting documentation for by choosing a sample from the
each cheque and test for customers with outstanding
appropriate controls, such as the balances and obtain confirmations
existence of an approved directly from those customers.
purchase order matched to the
invoice, a supervisor’s initials on
the invoice to authorize payment,
and so on.
Learning objective
Required reading
LEVEL 2
The auditor is not required by generally accepted auditing standards to base evaluations on
statistically-based tests, but only to apply professional judgment. As a result, both
statistical and nonstatistical sampling are used in public practice. The boxes on pages 375
and 377 list when and why each method may be used.
The following exhibit highlights the key differences between statistical and nonstatistical
sampling.
Statistical Nonstatistical
Exhibit 6.2-2 illustrates the additional information obtainable from the use of statistical
sampling, which is determining sampling risk and the achieved (computed) upper error limit
(LM + sampling risk adjustment). The upper error limit, in turn, would be used for
comparing with tolerable misstatement or materiality. Note the illustration still does not
include nonsampling risk; the auditor needs to consider the possibility of nonsampling risk
when evaluating the account balance or financial statements.
Exhibit 6.2-2: Estimating upper error limit for comparison with tolerable misstatement
Learning objective
● Explain sampling error, including errors arising from alpha risk (Type I error), beta
risk (Type II error), and nonsampling error. (Level 2)
Required reading
● Chapter 10, pages 376-379 (to Test of Controls for Assessing Control Risk)
LEVEL 2
Whenever auditors make inferences about a population based on a sample drawn from that
population, they hope the sample will be truly representative of that population. However,
whenever a sample is selected from a population, it may or may not be representative. The
risk of the sample not being representative is called sampling risk. The error that ensues
from sampling risk is called sampling error.
The following exhibit summarizes the concepts of sampling risk and sampling error. Read
the table now and print it out for review later.
Sampling What is sampling risk? Can sampling risk be Can sampling risk be
risk reduced? quantified?
The risk of the sample not
being representative is Sampling risk can be When statistical
called sampling risk. reduced by increasing the sampling methods are
sample size (which means used, sampling risk can
that more of the be quantified — it is
population is being the probability that the
examined). sample is not an
accurate reflection of
the population.
Type I error
Suppose Dean chooses a sample of 20 units from this population, and that sample turns out
to contain all four population units with the missing control. What population deviation rate
do you think Dean would estimate based on the sample results? What would Dean be likely
to conclude?
Solution
Type II error
Suppose that in Dean’s situation, the true deviation is 20%; that is, the population of 5,000
transactions contains 1,000 population units with the missing control. What if Dean’s
sample of 20 contains none of the units with the missing control? What do you think Dean’s
conclusion will be based on the sample results?
Solution 1
The sampling risk associated with a Type I error is usually referred to as alpha risk, while
the risk associated with a Type II error is called beta risk. Alpha risk is not as much of a
concern to the auditor as beta risk.
Solution 2
Nonsampling error
The auditor is also concerned about nonsampling error. Nonsampling error arises from
nonsampling risk, which occurs when
● the auditor is not careful in examining the sample and fails to identify an exception
or error in a selected sample item
● the audit test is not appropriate (for example, the sample was selected from an
inappropriate population for the purposes of the assertion being tested)
● the auditor has misjudged the relevant risks (that is, the inherent risk and/or control
risk)
● the auditor has made an error in the evaluation of the sampling results
Any or all of the above audit or auditor weaknesses could lead the auditor to perform less
work than is required to adequately support a conclusion.
Lina, an auditor, forgets to look at the signatures on a sample of cheques to test for
controls over disbursements, and as a result, she fails to reassess control risk if there were
incorrect signatures in the sample. Is this an example of a sampling error?
Solution
Learning objective
● Outline the seven-step framework for conducting attribute sampling for tests of
control. (Level 2)
Required reading
● Chapter 10, pages 379-384 and 387-392 (to Substantive Procedures for Auditing
Account Balances)
LEVEL 2
In the next three topics, you learn to use statistical sampling for tests of controls using
attribute sampling. Statistical sampling helps quantify sampling risk and evaluate the
results of testing. For tests of controls, sampling risk consists of the probability that the
auditor will incorrectly assess control risk because the sample is not representative of the
population.
What is an attribute?
The text describes the tests of control steps (beginning on page 380) relevant to attribute
sampling as a seven-step framework using the sales and collection cycle to illustrate this.
Step 1 (Specifying the objectives of the test) and Step 6 (Performing the test of controls
audit procedures) from the seven-step framework relate mainly to the performance of tests
themselves; these are explained in more detail in Modules 8 and 9, which deal with specific
transaction cycles. This topic describes steps 2 and 3 (steps 4, 5, and 7 are covered in
following topics).
Lee is auditing the acquisitions and payments cycle and he is selecting a sample of
payments to test the controls. One of the procedures may be to check that for each invoice,
there is a corresponding purchase order (PO) properly approved. If Lee finds that one of the
invoices in the sample is missing a purchase order, is this a deviation?
Solution
When conducting a test of controls, the auditor aims to support control risk assessments
assertion by assertion. This means that the population from which the sample is drawn
must lend itself to testing the controls that will support a given assertion, either directly or
indirectly through a control objective relevant to the assertion. When studying the direction
of a test, you saw that sources of evidence would be used in different ways (different
directions) to test for different assertions. You must ensure that the population that you
select from has attributes consistent with the assertions you wish to test.
If you are verifying that paid invoices are supported by purchase orders, would you select
the sample from the purchase order issued or from the paid invoices?
Solution
Padma is performing an audit for a client whose year-end is December 31. She is planning
to conduct tests of controls at an interim date, commencing October 1. What are the
implications for Padma and on her audit work?
Solution
When defining the population from which to draw a sample, there are two more factors
auditors should be aware of:
● physical proximity
● physical characteristics of the population
What is the auditor's concern when documentation defined as the intended population is
kept in a remote off-site location? What if the identified population exists in the form of data
stored in machine-readable form only?
Solution
Learning objective
● Describe the factors that influence sample size determination in attribute sampling,
and determine the sample size for a test of controls using statistical sampling. (Level
2)
Required readings
LEVEL 2
This topic examines steps 4 and 5 of the seven-step framework: determining the sample
size for tests of controls and selecting the sample.
The relationships between the factors and sample size are the same regardless of whether
you are using nonstatistical or statistical sampling. When auditors use statistical sampling,
they must quantify sampling risk (ARACR) to enable them to use statistical tables for
determining sample size.
The text correctly points out that sampling risk includes the risk that the control risk
assessment will be too low, as well as the risk that the control risk assessment will be too
high. However, the relationship between sample size and sampling risk as previously
described assumes that the auditor is concerned with the former, not the latter. This is
consistent with the auditor focusing on beta risk (see Topic 6.3).
The following exhibit shows a statistical sample size that you can use to see how these
factors interact in a statistical sampling approach.
Source: Lemon, Arens, and Loebbecke, Auditing: An Integrated Approach, Canadian Fifth
Edition (Scarborough, ON: Prentice Hall, 1993), page 409
The table in Exhibit 6.5-1 is developed using sampling (probability) distributions and allows
auditors to estimate the probability of representativeness (sampling risk) of a sample. It
depicts the sample sizes for a sampling risk set at 5%. The percentage figures down the left
side of the table represent EPDR, while those across the top represent TDR. The numbers in
the table are the sample sizes required for each combination of TDR and EPDR.
Work through this activity to test your understanding of how to determine the sample size.
Suppose an auditor chooses a sampling risk of 5% and has assessed preliminary control risk
at medium (about 35%). On the basis of this preliminary control risk assessment, the
auditor feels comfortable with a TDR of 7% (see the table in the text on page 383). Based
on the prior year's experience, the auditor also determines that EPDR is about 2%. (In
other words, the auditor is willing to take a 5% risk of concluding that the control is
effective when it is not. The auditor will tolerate deviations of up to 7% and still assess CR
at 35%, even though the auditor only expects 2% deviations in the population.)
Using these figures and the table in Exhibit 6.5-1, what sample size would the auditor
choose?
Hint: Look at the intersection of the row for EPDR of 2% and a tolerable deviation rate of
7% in Exhibit 6.5-1.
Solution
Once the auditor has determined the sample size, the next step when conducting attribute
sampling is to select the sample. Sampling risk is reduced by increasing sample size and
increasing the "randomness" of the selection process (in nonstatistical sampling where
selection need not be random or systematic).
Non-random sampling includes both haphazard selection and block (or cluster) sampling. A
non-random sample can contain biases; the auditor is naturally attracted to non-routine
transactions and, therefore, might be biased in choosing only unusual items. Even though a
randomly selected sample may not be representative, at least the probability of this
happening (sampling risk) is measured and controlled. Block or cluster sampling occurs
when the auditor selects a number of blocks of consecutive transactions rather than
selecting transactions individually. Although this is sometimes mandated by difficulties in
locating selected items, such selection should be avoided where possible, even for non-
statistical samples.
The text describes various methods used to select a random sample. They include selection
based on assigning random numbers to a population (from a random number table or from
computer-generated random numbers), as well as by using systematic random selection.
Another way to select a random sample is to use audit software where the program chooses
the sample based on population characteristics, such as cheque numbers, invoice numbers,
and account numbers, keyed in by the auditor. (In Advanced External Auditing [AU2], you
will learn to use a software package called Audit Command Language [ACL] to select
samples.)
The text also describes nonstatistical sampling methods and explains some of the problems
associated with them.
Learning objective
● Describe how the auditor evaluates the results of a test in the contexts of
nonstatistical and statistical sampling. (Level 2)
Required reading
LEVEL 2
The final step of the seven-step framework for attribute sampling is evaluation of the test
results.
The results of the test will either support or refute the auditor's preliminary assessment of
control risk. The number of deviations found in the sample will help the auditor decide
whether the controls are reliable by inferring the proportion of the population that contains
deviations.
Remember that the auditor is concerned about sampling risk insofar as it relates to the risk
of assessing control risk too low. (On pages 390 and 391, the section on "Sample
Evaluation" is not required reading.)
One way to evaluate the results of your test in a statistical context is to use a table like the
one shown in Exhibit 6.6-1. This table computes the upper deviation or error limit (UEL) for
a given ARACR, sample size, and number of deviations found in tests of controls. The
computed UEL is a statistical calculation that factors in sampling error, and is used to
estimate the population deviation rate. The sample deviation rate (actual sample deviations
÷ sample size) may be lower or higher than the actual population deviation rate. Because
auditors are mainly concerned with the risk of assessing CR too low, the higher/upper limit
is calculated to estimate how high the estimated population deviation rate might be.
Exhibit 6.6-1: Statistical sampling results evaluation — computed upper deviation rates at
5% sampling risk
Note: This table presents computed upper deviation rates (CUDR) as percentages. This
table assumes a large population.
* Over 20%.
Source: Lemon et al, page 412
Using a sampling risk of 5%, TDR of 7%, and EPDR of 2%, it was determined earlier that
the sample size would be 88. If the auditor found one deviation in the sample, what would
be the UEL?
Using Exhibit 6.6-1, at a sample size of 90 (which is the closest to 88 in the table), one
deviation gives a UEL of 5.2%. When comparing UEL to TDR, the UEL must be less than or
equal to TDR for the population (the CR assessment) to be considered acceptable. Because
this UEL is less than the auditor's TDR of 7%, the auditor would conclude that the results of
the test do support the preliminary control risk assessment.
Suppose the auditor encounters three deviations instead of one. What would be the UEL in
this case? What would the auditor conclude?
Solution
When using nonstatistical sampling for the evaluation of tests of controls, the auditor does
not quantify the calculation of UEL using statistical tables. The auditor uses professional
judgment to consider sample error and generalize from the sample deviation rate to the
population deviation rate.
By contrast, using statistical sampling for the evaluation of tests of controls enables the
auditor to compute UEL (and sampling risk), given the sample size and number of
deviations found. Using a sample size of 90:
Sampling risk
(UEL – sample deviation 3.3 – 0 = 3.3% 5.2 – 1.1 = 4.1% 8.4 – 3.3 = 5.1%
rate)
Learning objective
● Describe the nature of audit risk, sampling risk, and materiality in the context of
substantive testing. (Level 2)
Required reading
● Chapter 10, pages 392-394 (to Sampling Steps For Account Balance Audit)
LEVEL 2
As mentioned in the text, substantive procedures include both analysis and tests of
details of balances. (Topic 3.4 describes how analysis is used to provide audit
evidence.) Analysis is not subject to sampling because analytical procedures are
applied to overall balances and financial relationships. Therefore, this topic on audit
sampling for substantive testing will focus only on tests of details of account balances.
Details of an account balance are the items and transactions that make up the account
balance.
For example, three customers, Mr. A, Ms. B, and Mrs. C owe the company $500, $800,
and $1,500 respectively, and make up the total accounts receivable balance of $2,800.
A test of details for accounts receivable could consist of verifying (testing) the
individual customer balances (details making up the total balance). (Note, however,
that testing 100% of the accounts does not constitute audit sampling.)
Audit sampling for substantive procedures is much more related to audit risk (that is,
the risk that the auditor will issue an unqualified opinion when the financial statements
are materially misstated) than is audit sampling for tests of controls. This is because
substantive testing provides direct evidence about the financial statement assertions,
and it is on those assertions that the audit opinion is based.
In substantive testing, sampling risk refers to the probability that the auditor will form
an incorrect conclusion about an account balance based on the results of a sample from
the population of items that make up the account balance. In other words, it is the
probability that the auditor accepts an account balance based on the results of the
sample, when in fact, the account balance is materially misstated. This would occur
because the sample selected was not representative of the population.
Sampling error will still be Type I or Type II and arise from alpha risk and beta risk
respectively, as was the case for attribute sampling for tests of controls. This is why
the expanded audit risk model on page 393 only considers RIA, not RIR. Also note that
in this model, detection risk consists of the risk that a material misstatement will not
be detected by either analysis (analytical procedures risk = APR) or tests of details;
that is, DR = APR × RIA. Because this topic focuses on tests of details, for the
remainder of this module, assume that no substantive tests other than tests of details
are performed, and hence APR = 1 (that is, DR = RIA).
In substantive testing, the auditor tests whether or not an account balance is materially
misstated. But how many dollars constitute an error? This is where materiality enters
into the audit sampling process. More specifically, the auditor considers tolerable
misstatement, which is usually the same as overall materiality.
However, in many cases, such a systematic approach will not be appropriate, and the
auditor will have to rely more on qualitative factors to arrive at tolerable misstatement
for each balance. The primary basis for materiality decisions is always the auditor's
judgment.
Learning objective
● Outline the seven-step framework for audit sampling in substantive testing, and
explain how an auditor can use stratification to reduce sample sizes in audit
sampling. (Level 2)
Required reading
● Chapter 10, pages 394-406 (excluding the paragraphs starting from "When the
population is stratified…" on page 403 to "…take the sampling risks into account" on
page 404)
LEVEL 2
This framework, described on pages 394 to 405, differs from that for tests of controls in two
ways:
For tests of controls, the population in substantive testing must be consistent with the
objective of the test. The population must also be complete and have physical
characteristics that will allow the auditor to select a sample from it.
Pat, an auditor, designs a substantive test to provide evidence that accounts payable are
not understated; that is, to test the completeness assertion. She uses a population
consisting of an accounts payable listing made up of vendors with recorded balances,
especially large ones. Is Pat’s choice of population appropriate in this case?
Solution 1
What type of population would be more appropriate to test the completeness assertion?
Solution 2
The main difference between defining a population for tests of controls and for substantive
testing relates to the issue of materiality. In substantive testing, the auditor focuses on
amounts, because substantive procedures are designed and performed to support the
account balances as stated in the financial statements. Because of materiality, the auditor
will often segregate individually material amounts from other population units and test
these amounts to a greater extent. This is known as stratification, and it is explained on
pages 395 to 396.
The degree of stratification will have an impact on evaluating the results of the evidence
because each stratum becomes a sub-population that may be significantly different from
the others. This implies that extrapolating the results of a large stratum to all the
population (all strata) may be misleading, because the sample from that stratum is not
representative of the whole population.
Several other factors, aside from size, can be considered in stratification, such as location,
risk, and the length of time an item such as a receivable or payable has been outstanding.
The auditor has to exercise considerable judgment in stratifying a population, but the
ultimate criteria are always to efficiently and effectively meet the audit objectives.
The auditor can use statistical or nonstatistical sampling for substantive testing because the
base concepts apply to both. If statistical sampling is chosen, however, the auditor must
choose between a number of sampling methods such as variables or dollar-unit sampling.
The most popular approach is dollar-unit sampling (DUS). Simply stated, DUS considers
each individual dollar in a population as a separate unit making up the account balance.
If the auditor chooses a nonstatistical sampling approach, then the sampling method is
based on judgment and does not require that all population units (physical items) have an
equal chance of being selected. In fact, in judgmental sampling, the auditor usually targets
larger dollar amounts and/or unusual transactions. Statistical tables are not used to project
the sample misstatements to the population. Therefore, nonstatistical sampling may not
always provide a good defensible basis for projecting a likely misstatement when evaluating
the evidence.
Learning objective
● Describe the factors that influence sample size determination in substantive testing.
(Level 2)
Required readings
LEVEL 2
This topic explains steps 4 and 5 of the seven-step framework for substantive testing.
Similar to choosing the sample size in tests of controls, determining the sample size for
substantive testing is affected by a number of factors that apply to both statistical and
nonstatistical sampling. Sampling risk refers to both RIA and RIR, and as for tests of
controls, the auditor focuses on beta risk (RIA). In substantive testing, the sampling risk is
chosen by the auditor based on the relationship described by the audit risk model. In other
words, the auditor's choice of RIA is a function of AR, IR, and CR.
The auditor also chooses the level of tolerable misstatement for a given account based on
professional judgment (with reference to the amount of misstatement considered material
for that audit). After choosing sampling risk and tolerable misstatement, the auditor will
determine sample size based on the relationships outlined. (You have an opportunity to
work through an example of sample size selection in the context of dollar-unit sampling in
Computer activity 6.11-1.)
When using nonstatistical sampling, the auditor may select a random or non-random
sample. Judgmentally selecting the sample has similar drawbacks for tests of details as for
tests of controls. If the auditor uses statistical sampling, then the sample must be selected
so that it is truly random. Inferences about achieved RIA or likely misstatement based on
statistical methods will be valid only if the sample is randomly selected.
The methods used to select a random sample in substantive testing are similar to those
described for tests of controls. In addition, it is acceptable to use systematic sampling to
select the sample when using statistical sampling.
Learning objective
● Describe how the auditor evaluates the results of a test in substantive testing. (Level
2)
Required reading
● Chapter 10, pages 401-405 (excluding the paragraphs starting from "When the
population is stratified…" on page 403 and ending before the section, Consider
Sampling Risks, on page 404)
LEVEL 2
In Topic 4.5 you learned that identified misstatements are extrapolated to determine the
likely misstatement in the population. Whenever a misstatement is found in a
representative sample, its likely effects on the population must be evaluated. There are
several methods, both statistical and nonstatistical, that can be used to make these
inferences. This is step 7 in the seven-step framework for substantive testing.
Pages 402 to 403 explain the average difference method for calculating likely
misstatements in a stratified and non-stratified population. This method is relatively simple
and can be applied in both statistical and nonstatistical sampling.
You should be aware that the evaluation of sample results also requires a consideration of
qualitative factors (see page 405). The best example, as described in the text, is that of
finding missing controls during a substantive test. Auditors cannot ignore finding control
deviations simply because they are performing a substantive test as opposed to a test of
control. Deviations would affect the control risk assessment, which, in turn, affects the
amount of substantive work required to support the assertions.
Learning objective
Required readings
Note: Page 5 of Reading 6-1 refers to "Table 12-2 on page 396." This table has been
reproduced as Reading 6-2. Also, Reading 6-1 sometimes refers to an "attributes
sampling table on page 412." This table has been reproduced as Exhibit 6.6-1 in
Topic 6.6.
LEVEL 2
The population in DUS is a pool of dollars — not a pool of transactions, a pool of individual
accounts receivable balances, or a pool of inventory items. Imagine that the dollars
represented by a single account receivable are laid out end-to-end and that the dollars in
each account are laid out sequentially so that the general ledger account "accounts
receivable" is represented by a long line of dollars.
Sam, the auditor for Fine Music Ltd., finds that the accounts receivable balance in the
general ledger is $239,800 and that it represents 42 individual accounts receivable. The
dollars are numbered from 1 (the first dollar of the first account receivable) to 239,800 (the
last dollar of the 42nd account receivable).
To select a sample, Sam selects dollars from the line on a random basis and uses a random
number table to do this. If the dollar in a particular account receivable is selected, then that
account is selected. Using this method, could Sam select a particular account more than
once?
Solution
Lisa, one of your co-workers, insists that dollar-unit sampling is both reliable and efficient in
sampling for tests of detail of balances, works well with any population type, and has no
known limitations. Do you agree with her statement?
Solution
The methodology and the steps for using dollar-unit sampling are described in Reading 6-1.
Now click on the icon and work through the "Dollar-unit sampling" auditing activity to see
how to compute the upper and lower error bounds when performing statistical tests of
details of balances.
Computer activity
Also work through Computer activity 6.11-1 to see how a worksheet can be designed to
assist the auditor in performing dollar-unit sampling.
Assignment reminder
Assignment 2 in Module 7 is due at the end of week 7 (see Course schedule in the course
navigation). Be sure to read it through now to familiarize yourself with the requirements
and to prepare for any work that may be required in advance.
Lemon, Arens, and Loebbecke, Auditing: An Integrated Approach, Canadian Fifth Edition, © 1993, pages 474-490.
Reprinted by permission of Prentice-Hall Canada, Inc., Scarborough, Ontario.
2 Reading 6-1 External Auditing
External Auditing Reading 6-1 3
4 Reading 6-1 External Auditing
External Auditing Reading 6-1 5
6 Reading 6-1 External Auditing
External Auditing Reading 6-1 7
8 Reading 6-1 External Auditing
External Auditing Reading 6-1 9
10 Reading 6-1 External Auditing
External Auditing Reading 6-1 11
12 Reading 6-1 External Auditing
External Auditing Reading 6-1 13
14 Reading 6-1 External Auditing
External Auditing Reading 6-1 15
16 Reading 6-1 External Auditing
External Auditing Reading 6-1 17
READING 6-2
Lemon, Arens, and Loebbecke, Auditing: An Integrated Approach, Canadian Fifth Edition, © 1993, page 396. Reprinted by
permission of Prentice-Hall Canada, Inc., Scarborough, Ontario.
Module 6 summary
Module 6 summary
Explain why auditors use sampling, and describe the two applications of
audit sampling
● Audit sampling can be applied when testing controls to assess control risk. It can also
be used during substantive testing of the balances appearing in financial statements.
● Statistical sampling uses the laws of probability when selecting the sample and
extrapolates the sample result to the population. Nonstatistical sampling is audit
sampling not based on statistical calculations.
● The advantage of statistical sampling is that the sampling risk is known. It requires a
precise and definite approach to the audit problem. The advantage of nonstatistical
sampling is that it permits the auditor to use greater judgment.
Explain sampling error, including errors arising from alpha risk (Type I
error), beta risk (Type II error), and nonsampling error
● Sampling error arises because there is always a risk that the sample will not be
representative of the population.
● The risk of incorrect rejection of the population is referred to as alpha risk (or the
risk of a Type I error); the risk of incorrect acceptance is referred to as beta risk (or
the risk of a Type II error).
● The auditor is mainly concerned about beta risk, which could lead to accepting a
population that contains material misstatements.
● Nonsampling risk arises because the auditor fails to detect an error when verifying
selected items or because the test is inappropriately designed for the purpose for
which it is conducted (for example, selecting from the wrong population).
● Sample size varies directly with the expected population deviation rate and the
population size. Sample size varies inversely with the acceptable risk of overreliance
and the tolerable deviation rate. The influence of the population size is minimal,
except for relatively small populations.
● The sample size is determined using a table for the appropriate acceptable risk of
overreliance and selecting the value on that table corresponding to the tolerable
deviation rate and the expected population deviation rate.
Describe how the auditor evaluates the results of a test in the context of
nonstatistical and statistical sampling
● If using statistical sampling, the auditor can look up the computed upper deviation
rates on the table corresponding to the predetermined acceptable risk of
overreliance. The auditor finds the value for the sample size used and the number of
deviations found. The auditor can accept or reject the population by comparing the
upper deviation rate from the table with the tolerable deviation rate used in
determining the sample size.
● If using nonstatistical sampling, the auditor must use judgment to decide whether to
accept or reject the population based on the sample results.
Describe the nature of audit risk, sampling risk, and materiality in the
context of substantive testing
● Sampling risk in substantive testing is related to audit risk as both denote the risk
that the auditor will accept a population containing a material misstatement.
● The tolerable misstatement for such sampling is usually set as the overall financial
statement materiality determined by the auditor at the planning stage of the audit.
● Through stratification, the auditor selects for specific examination items considered
to represent the greatest risk by separating them from other sample items.
● Stratification can be based on the size of the item or on its risk characteristics. An
example of the latter would be selecting and separating older accounts receivable
from current accounts. This would usually result in a smaller sample size and
potentially a lower estimate of likely error in the population.
● The first three factors affect the sample size inversely; the last three affect the
sample size directly.
● The auditor first determines the known misstatement from the sample and then
extrapolates the misstatement to the general population to determine the likely
misstatement in the population.
● The auditor then considers sampling risks to attempt to assess further possible
misstatement and compares the total of all known misstatements extrapolated to the
population to the amount of misstatement considered material for the audit.
● The auditor uses attribute sampling tables to calculate the results. The attribute
results must be converted to dollars. This requires the auditor to make an
assumption about the percentage of error for each population item that is in error.
● This information is used to calculate both an upper and lower error bound. The
sample will usually be rejected if either of the error bounds is greater than the
tolerable error in the population. The tolerable error in the population will usually be
the amount considered material for the audit.
Module 6 self-test
Question 1
What are the primary distinctions between statistical and nonstatistical sampling?
Solution
Question 2
What are the two specific purposes for which audit sampling is used?
Solution
Question 3
Sheila Mackenzie, CGA, tested sales transactions for the month of June in the audit of the
financial statements of Coast Co. for the year ended December 31, 20X0. Based on her
assessment of control risk below maximum and the excellent results of tests of controls,
she decided to significantly reduce her direct tests of details of the financial balances at the
year end. Evaluate this decision.
Solution
Question 4
Solution
Question 5
Solution
Question 6
When auditing account balances, why is an incorrect acceptance decision considered more
serious than an incorrect rejection decision?
Solution
Question 7
What major difference between tests of controls and tests of details of balances makes
physical (or population) unit attributes sampling inappropriate for tests of details of
balances?
Solution
Acronyms
Dean would estimate that the population deviation rate is 20% (4/20) and conclude that the
control is not effective, when, in fact, it is. In this case, Dean would conclude that the
population is not valid when, in fact, it is. This is called Type I error.
Dean would likely conclude that the control is effective, when, in fact, it is not. In this
situation, Dean would conclude that a population is valid when, in fact, it is not. This is
called Type II error.
a. In the case of a Type I error (alpha risk) when using sampling for test of controls,
the greatest risk is of performing an inefficient audit. For example, if an auditor
concludes that controls are ineffective when they are effective, the auditor might
decide to reassess control risk at maximum and perform additional substantive
procedures.
For the risk of a Type II error (beta risk), however, the auditor would not be
motivated to do additional work beyond what has already been planned. Unless other
planned procedures or analysis reveal a deviation or misstatement that was not
detected in sampling, the deviation or misstatement will go uncorrected, and wrong
decisions will be made regarding adjustments and the audit opinion.
Consequently, the auditor is very concerned about beta risk; therefore, when
deciding on an acceptable sampling risk for audit purposes, the focus is on beta risk,
not alpha risk.
b. An auditor can reduce sampling risk by increasing sample size and increasing the
"randomness" of the selection process (in nonstatistical sampling where selection
need not be random or systematic).
This is an example of nonsampling error. The incorrect control risk assessment would lead
the auditor to perform less audit procedures than is required by the circumstances.
Through proper instructions and supervision and by careful design of audit procedures, the
auditor can reduce the chance of nonsampling error. The general standard of GAAS requires
adequate technical training and proficiency in auditing, while the first examination standard
requires proper supervision and adequate planning. In short, nonsampling risk should be of
relatively little concern to a competent auditor.
It depends. The invoice for which the PO is missing may have a standing order, in which
case a regular PO is not required. An example of this would be an electricity bill; Lee would
not have a purchase order for each electricity invoice received during the period. In this
situation, the missing PO does not constitute a deviation. Of course, Lee would have to
document this situation and specify the compensating audit procedure to be used.
You would select the sample from the population of paid invoices; it would not be
appropriate to select from the purchase orders issued.
Depending on the type and volume of transactions that occur between October 1 and
December 31, Padma must consider that a significant portion of the population may not yet
exist.
For a control to be relied on, it must be consistently applied throughout the period under
audit. Thus, Padma may need to perform additional tests at year-end to determine if the
control assessment made during the interim audit continues to be valid for the balance of
the year. As a summary, an auditor must also be aware of the completeness of the
population at the time the samples are selected.
If the population is kept in a remote off-site location, it could be difficult or may be even
impossible to select a sample from this population. The same holds true for a population
that lacks physical characteristics (that is, in a computerized environment) that allow the
auditor to sample from it. Thus, the auditor must ensure that a sample can actually be
drawn from the population and that the chosen population must have physical
characteristics that allow an auditor to sample from it.
The UEL would be 8.4%, which is greater than the 7% TDR. In this case, the auditor could
decide to increase the sample size and do more testing to see if the deviations persist, or
the auditor would conclude that the test does not support the preliminary control risk
assessment, and therefore would reassess control risk as high or very high and design
substantive audit procedures accordingly.
A more appropriate population type would be a list of regular vendors showing small or zero
balances in the year-end accounts payable.
Sam discovers that the random selection process does result in a particular account being
selected more than once if more than one dollar from that account receivable is selected.
When that occurs, Sam counts each dollar as a separate sample unit and examines fewer
accounts receivable than if each dollar had come from a separate account.
One of the advantages of DUS is that the larger items in the population have a
correspondingly greater probability of being selected. Why is this so?
Learning objectives
● Explain how a worksheet can be designed to assist the auditor to perform dollar-unit
sampling. (Level 2)
● Evaluate the merits and limitations of worksheets for this type of sampling. (Level 2)
LEVEL 2
The manual selection of the sample for dollar-unit sampling can be a tedious task. In this
computer activity, you will find examples of how a spreadsheet program can be used to
perform dollar-unit sampling. It uses spreadsheet commands to assist in sample selection
for a batch of invoices in a continuous sequence.
Material provided
Description
The auditor has exported all the accounts receivable information from an accounts
receivable system to a worksheet, in file AU1M6P1. The auditor wants to select a random
sample of the invoices for confirmation, using dollar-unit sampling technique.
3. Sample size. Using the technique described in Reading 6.11-1, pages 15 to 16, the
auditor determined the appropriate sample size from the following information:
Required
Retrieve the file AU1M6P1. Using the RAND function, construct formulas to select a random
sample using dollar-unit sampling techniques. Work through the steps provided in the next
section to perform random sampling for a population of invoices that are in a continuous
sequence.
Procedure
1. Open the file AU1M6P. (Before you begin working on the data files in this course, you
must first download them and save them to your hard drive. Click the data files link
in the navigation pane, then follow the instructions for downloading and saving the
files.) Click the sheet tab M6P1.
Caution: In this activity, it is critical to save the file under a different filename
because the activity includes a sorting procedure; you must keep the original data
file intact in case of error in the sorting procedure.
1. Check column A and observe that the invoices are in no specific order. If you
manually perform the dollar-unit sampling, this data set will work well without any
sorting. However, to do the sampling in a worksheet, you must first sort the data in
ascending order by invoice number (column A).
Caution: The command functions provide below may vary depending on the version
of the Excel software being used by each individual student.
2. To sort the data by invoice number, perform the following steps:
a. With the range A6 to C55 highlighted, select Data Sort and the Sort dialog box
will appear.
b. In the "My list has" or “My data has headers” box, make sure that Header Row
has been chosen. In the Sort by box, the header of column A "invoice" should
be displayed. Click Ascending (or Smallest to Largest) and OK.
With this command, you specify that you want to sort the complete data based on column A
(invoice number). Notice that the data range contains the invoice numbers, customer
names, and invoice amounts. When you specify the data range for sorting, be careful not to
include the heading of each column. You also need to specify that the invoice number is to
be sorted in ascending order.
● Columns A6 to C55 should now be sorted in ascending order by invoice number. Move the
cell pointer and examine the first and last invoices. The first record (in row 6) should be:
If your results do not correspond, you may have sorted the data incorrectly. Erase the
current worksheet without saving it. Then retrieve the worksheet and repeat steps 1 and 2
carefully.
= ABS (C6)
The resulting value should be 5,000.00, the same as the value in cell C6, because
the absolute value of a positive amount is the same as the amount.
2. To obtain the absolute values of cells C7 to C55, copy the formula from cell D6 to
cells D7 to D55. Column D should be filled with the corresponding absolute values of
column C. Note that cell D11 shows positive 2,300.00, which is the absolute value of
(2,300.00) in cell C11. Compare the cells in columns C and D and correct any errors
before proceeding to the next step.
1. One of the key components of dollar-unit sampling is the creation of the cumulative
column, which contains a running cumulative total. The SUM function is used to
compute this amount in each row.
Move the cell pointer to cell E6 to create the formula for the cumulative amount.
Type the formula:
This formula creates a cumulative total, rounded to dollars, of the amount in column
D, starting with cell D6. For example, if this formula is copied to cell E8, it calculates
the cumulative total of invoice amounts in cells D6 to D8, resulting in the value of
63,081.
2. Copy the formula in cell E6 to cells E7 to E55. To confirm that you have set up the
formulas correctly, move the cell pointer to cell E55 and check that the cumulative
amount is 887,746. If your answer is not the same, carefully repeat the previous
steps and correct the errors before continuing.
3. Once the cumulative amounts are set up, you must copy the invoice numbers in
4. Move the cell pointer to column F and review the sorted invoice numbers. They
should be the same as those in column A. The first five records in columns E and F
should be as follows:
5. Notice that the first amount in column E is 5,000. To manage the situation in which
the random number selected is between 1 and 5,000, you must insert a row between
rows 5 and 6. After inserting the new row 6, in cell E6, type the start dollar value of
0, and in cell F6, type the invoice number of 120100. (This invoice will never be
selected since it corresponds to the dollar amount of zero.) After you have completed
the change, the first six records in columns E and F should be as follows:
1. Now, you need to generate 42 random numbers to select the sample of invoices for
confirmation. The RAND function generates a random number between 0 and 1. The
population of dollars in this activity is between 1 and 887,746 (in cell E56). To
generate a set of 42 random numbers from this population, type the following
formula in cell G6:
= ROUND(RAND()*($E$56 - 1),0)+1
2. Copy the formula to the next 41 cells below cell G6 to make up the required sample
size of 42.
3. After entering the formulas, press F9 several times to recalculate the worksheet and
to achieve a randomized selection.
4. Suppose one of the random numbers generated is 43,207. In this case, cell E8
contains the exact cumulative amount of 43,207, and the corresponding invoice to be
sampled is 120102. Now suppose that a random number generated is 51,205. This
amount cannot be exactly matched to entries in column E. Instead, this amount falls
between the two values in cells E8 and E9. In this case, the invoice to be sampled is
120103. That is, the 51,205th dollar belongs to invoice number 120103.
In the next section, you will work through these two examples, starting with the simple
(unusual) case of an exact match (using the number 43,207), then the more usual case of
no match (using the number 51,205).
= VLOOKUP(G6,$E$6:$F$56,2)
This formula looks up the value in cell G6 from the lookup table in E6 to F56. That is,
the value in cell G6 (43,207) is compared with each of the cells in column E, starting
with cell E6. If an exact match is found, the VLOOKUP function returns the
corresponding value in column F. In other words, it "looks" to the right of the column
where the match was found; this is the meaning of the 2 at the end of the VLOOKUP
formula. (For Excel, the data column E is considered column 1 and F is column 2.)
Thus, the invoice number of 120102 from cell F8 is returned as the result of the
VLOOKUP function in cell H6.
2. What happens when there is no exact match? Replace the formula in cell G7 with the
number 51,205. Copy the formula from cell H6 to H7. Notice the use of absolute cell
references so E6 and F56 are not adjusted. After copying, the formula in cell H7
should be:
= VLOOKUP(G7,$E$6:$F$56,2)
3. By visual inspection of the worksheet, you can see that the correct result in cell H7
should be 120103. However, the VLOOKUP function yields the invoice number of
120102. Clearly, the VLOOKUP function does not work where no exact match exists
between the value to be looked up (in column G) and the values in column E. Thus, it
is necessary to modify the formula so that it can cope with either an exact match (as
in step 1 of this section) or a "no-exact-match" situation (as in step 2). Type this
formula in cell H7:
=IF(G7=VLOOKUP(G7,$E$6:$F$56,1),
VLOOKUP(G7,$E$6:$F$56,2),
VLOOKUP(G7,$E$6:$F$56,2)+1)
This formula is not as overwhelming as it may appear! It actually has three parts.
The first part of the formula compares the random number in cell G7 with the result
of VLOOKUP of column E to determine whether these two values are identical. (The 1
at the end of the first line of the formula means "look in column E.") If they are
identical, the IF function returns the second part of the formula, which looks up the
invoice number in column F. If, however, the random number does not exactly match
any of the values in column E, the formula returns the third part, which looks up the
invoice number in column F and adds one to it (in this case, correctly yielding the
value of 120103). Note that this formula will only work when the invoice number
sequence is unbroken, that is, exactly one number apart.
4. Copy the VLOOKUP formula from cell H7 to cell H6 and to cells H8 to H47.
5. Replace the random numbers entered in cells G6 and G7 in steps 1 and 2 with the
correct random number formula (the simplest way is to copy the formula in cell G8 to
cells G6 to G7).
The random numbers generated by the formulas in cells G6 to G47 change each time the
worksheet is modified, or if F9 is pressed. However, once you have generated a set of
random numbers, you wish to "freeze" them so they can be used for sample selection. To
freeze the random numbers in cells G6 to G47, use the following procedure:
4. In the Paste Special box, click Values in the Paste box. Then Click OK. The formulas
in cells G6 to G47 will now be replaced with the calculated values. Press F9 to
confirm that these values are frozen.
5. After the random numbers are frozen, and the formulas in cells G6 to G47 are
replaced by values, save a copy of your worksheet.
Commentary
Self-test 6
Solution 1
● Nonstatistical sampling does not utilize statistical calculations to express the results.
● Statistical samples must be random.
● Statistical sampling involves using mathematical calculations to express the results.
● Statistical sampling enables the measurement/computation of sampling risk and the
calculation of the upper error limit.
Self-test 6
Solution 2
● Audit sampling is used to assess control risk, for example, in tests of control to audit
compliance with internal control procedures.
● Audit sampling can also be used to obtain direct evidence about financial statement
assertions. For instance, in substantive tests (tests of balances), sampling can be
used to audit the dollar amounts and therefore determine if they are materially
misstated.
Self-test 6
Solution 3
Generally, assessment of control risk at below maximum and a successful test of controls
allow for a reduction of tests of details of balances at year end. However, Sheila chose the
month of June, which only represents one-twelfth of the year, for her test period. With such
a short test period, Sheila cannot conclude that she has selected a representative sample
from the total population; therefore, without testing additional months (the consensus of
public accounting firms is nine months, but no specific standard exists), Sheila cannot
change the scope of her tests of details of financial balances at year-end.
Self-test 6
Solution 4
Objective Example
Self-test 6
Solution 5
A sample is considered random if each unit in the population has an equal likelihood
(probability) of being included in the sample.
Self-test 6
Solution 6
Self-test 6
Solution 7
The most important difference between tests of controls and tests of details of balances
is in what the auditor wants to measure.