Module 06

Module 6: Audit sampling

Overview
In this module, you learn about the methods that can be used to gather evidence by
obtaining representative samples of transactions and balances. Attributes sampling is
presented in the context of tests of controls, while dollar-unit sampling (DUS) is explained
as it is used in performing substantive tests. (You may need to review statistical sampling
from earlier accounting courses to ensure that you understand the statistical concepts
underlying the material in this module.)
As you work through each topic, you build your understanding of audit sampling. You also
apply what you have learned by using a spreadsheet to perform dollar-unit sampling, and
evaluate the merits and limitations of this type of sampling.
Assignment reminder: Assignment 2 in Module 7 is due at the end of week 7 (see Course
schedule in the course navigation). You may wish to take a look at the assignment before
working on Module 6 to familiarize yourself with the requirements and to prepare for any
work that may be required in advance.
Test your knowledge
Begin your work on this module with a set of test-your-knowledge questions designed to
help you gauge the depth of study required.
Learning objectives
6.1 Explain why auditors use sampling, and describe the two applications of audit
sampling. (Level 2)
6.2 Explain statistical and nonstatistical sampling, describe the advantages of each
method, and explain when each method should be used. (Level 2)
6.3 Explain sampling error, including errors arising from alpha risk (Type 1 error), beta
risk (Type II error), and nonsampling error. (Level 2)
6.4 Outline the seven-step framework for conducting attribute sampling for tests of
control. (Level 2)
6.5 Describe the factors that influence sample size determination in attribute sampling,
and determine the sample size for a test of controls using statistical sampling.
(Level 2)
6.6 Describe how the auditor evaluates the results of a test in the context of
nonstatistical and statistical sampling. (Level 2)
6.7 Describe the nature of audit risk, sampling risk, and materiality in the context of
substantive testing. (Level 2)
file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/m06intro.htm (1 of 2) [31/08/2009 10:10:49 AM]

6.8 Outline the seven-step framework for audit sampling in substantive testing, and
explain how an auditor can use stratification to reduce sample sizes in audit
sampling. (Level 2)
6.9 Describe the factors that influence sample size determination in substantive testing.
(Level 2)
6.10 Explain how the auditor evaluates the results of a test in substantive testing. (Level
2)
6.11 Describe and demonstrate the dollar-unit sampling process to test an account
balance. (Level 2)
file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/m06intro.htm (2 of 2) [31/08/2009 10:10:49 AM]

6.1 Audit sampling: Introduction
Learning objective
● Explain why auditors use sampling, and describe the two applications of audit
sampling. (Level 2)
Required readings
● Chapter 10, pages 371-374 (to Statistical Sampling)

● CAS 530 Audit Sampling (provides an overview of the role of sampling in the audit of
financial statements. There is no equivalent section in the CICA Handbook)
Note: This module uses a variety of acronyms. Here is a table that summarizes
some of these terms. The definitions and terms on page 371 of the text are also
important for understanding this module.
LEVEL 2
Auditors usually do not test 100% of transactions or items in account balances because the
cost of doing so would be prohibitive. Also, auditors seek only reasonable assurance. Audit
sampling occurs whenever an auditor draws a conclusion about an entire class of
transactions or account balance based on the results of a (representative) sample from the
class or the balance.
Audit sampling addresses the sufficiency aspect of evidence as required under GAAS,
insofar as it relates to the extent of audit procedures used.
Why do auditors use sampling?
Auditors use sampling
● to test controls (compliance tests) for assessing control risk, and
● to test balances (substantive tests) for determining whether balances are materially
misstated.
Exhibit 6.1-1 summarizes how the type of test performed relates to the focus of the audit
sampling. You can print out this table for later reference.
Exhibit 6.1-1: Comparison of audit sampling tests
Compliance tests Substantive tests
file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/m06t01.htm (1 of 2) [31/08/2009 10:10:50 AM]

Focus To obtain evidence that the client To obtain evidence to support

complies with the internal control management’s assertions regarding
procedures designed and account balances
implemented to achieve specific
control objectives
Population Class of transactions Items in an account balance

from
which a
sample is
drawn
Example Testing control procedures Auditing the existence of

relating to the acquisition and
payment cycle for
● accounts receivable
● valuation of inventory
● authorization for purchasing (expressed at cost)
● proper classification of
asset expenditure
● evidence that the
extensions on invoices were
checked and that the
payment was authorized
Sample Sample of payments from the Sample from customers with

cheque register or cash outstanding accounts receivable
disbursement journal (random balances
sample of cheque numbers)
Method of The auditor would obtain The auditor would support existence
testing supporting documentation for by choosing a sample from the
each cheque and test for customers with outstanding
appropriate controls, such as the balances and obtain confirmations
existence of an approved directly from those customers.
purchase order matched to the
invoice, a supervisor’s initials on
the invoice to authorize payment,
and so on.

6.2 Statistical and nonstatistical sampling
Learning objective
● Explain statistical and nonstatistical sampling, describe the advantages of each

method, and explain when each method should be used. (Level 2)
Required reading
● Chapter 10, pages 374-376 (to Sampling and Nonsampling Risk)
LEVEL 2
The auditor is not required by generally accepted auditing standards to base evaluations on
statistically-based tests, but only to apply professional judgment. As a result, both
statistical and nonstatistical sampling are used in public practice. The boxes on pages 375
and 377 list when and why each method may be used.
The following exhibit highlights the key differences between statistical and nonstatistical
sampling.
Exhibit 6.2-1: Statistical and nonstatistical sampling
Statistical Nonstatistical
Sample Sample must be randomly No requirement for random

selection selected. selection.
Documentation More extensive documentation Auditors would be wise to fully

of decision process because of document the audit work to
the greater rigour of statistical provide background for review,
sampling. Auditors provide a planning, and evidence.
better source for review, (The importance of
planning, and evidence should documentation cannot be too
the audit work be called into strongly emphasized; if the audit
question. work is called into question when
nonstatistical sampling is used,
only good documentation can
provide proof of the soundness of
the auditor's judgment.)
Quantification Requires the auditor to quantify No quantification of sampling risk.

of sampling the sampling risk that influences
risk the testing decision in
determining the sample size.

Inference of The measurement of the sample With a nonstatistical sample, the

results results must be based on inference must be made
statistical methods (permits informally (that is, the auditor
statistical evaluation). With a must use judgment to estimate
(Whether using statistical sample, the inference the population balance or error).
statistical or is formalized mathematically
nonstatistical (that is, a point estimate is
sampling, the calculated and the confidence
auditor infers interval is constructed).
the results of
the sample to
the population.)
Exhibit 6.2-2 illustrates the additional information obtainable from the use of statistical
sampling, which is determining sampling risk and the achieved (computed) upper error limit
(LM + sampling risk adjustment). The upper error limit, in turn, would be used for
comparing with tolerable misstatement or materiality. Note the illustration still does not
include nonsampling risk; the auditor needs to consider the possibility of nonsampling risk
when evaluating the account balance or financial statements.
Exhibit 6.2-2: Estimating upper error limit for comparison with tolerable misstatement
Nonstatistical sampling Statistical sampling

6.3 Sampling and nonsampling error
Learning objective
● Explain sampling error, including errors arising from alpha risk (Type I error), beta
risk (Type II error), and nonsampling error. (Level 2)
Required reading
● Chapter 10, pages 376-379 (to Test of Controls for Assessing Control Risk)
LEVEL 2
Sampling risk and sampling error
Whenever auditors make inferences about a population based on a sample drawn from that
population, they hope the sample will be truly representative of that population. However,
whenever a sample is selected from a population, it may or may not be representative. The
risk of the sample not being representative is called sampling risk. The error that ensues
from sampling risk is called sampling error.
The following exhibit summarizes the concepts of sampling risk and sampling error. Read
the table now and print it out for review later.
Exhibit 6.3-1: Sampling risk and sampling error
Sampling What is sampling risk? Can sampling risk be Can sampling risk be
risk reduced? quantified?
The risk of the sample not
being representative is Sampling risk can be When statistical
called sampling risk. reduced by increasing the sampling methods are
sample size (which means used, sampling risk can
that more of the be quantified — it is
population is being the probability that the
examined). sample is not an
accurate reflection of
the population.

Sampling What is sampling Why does sampling How many types of

error error? How does it error occur? sampling errors are
occur? there?
Sampling error occurs
The error that ensues because the auditor has Sampling risk can lead
from sampling risk is examined less than 100% to two types of
called sampling error. A of the population. sampling error: Type I
sampling error occurs error and Type II
when an auditor forms an error.
incorrect conclusion about
a population based on the
results of examining a
sample drawn from it
because the sample was
not representative of the
population.
Type I error
Scenario 6.3-1: Testing for a specific control procedure
Dean, an auditor, is interested in testing transactions for a specific control procedure. He

finds that out of a population of 5,000 transactions, only four population units are missing
the control; that is, the deviation rate for the population is 0.08% (4/5,000).
Suppose Dean chooses a sample of 20 units from this population, and that sample turns out
to contain all four population units with the missing control. What population deviation rate
do you think Dean would estimate based on the sample results? What would Dean be likely
to conclude?
Solution
Type II error
Scenario 6.3-2: True deviation rate
Suppose that in Dean’s situation, the true deviation is 20%; that is, the population of 5,000
transactions contains 1,000 population units with the missing control. What if Dean’s
sample of 20 contains none of the units with the missing control? What do you think Dean’s
conclusion will be based on the sample results?
Solution 1
The sampling risk associated with a Type I error is usually referred to as alpha risk, while
the risk associated with a Type II error is called beta risk. Alpha risk is not as much of a
concern to the auditor as beta risk.
a. Why is beta risk more of a concern than alpha risk?

b. How can an auditor reduce sampling risk?
Solution 2
Nonsampling error

The auditor is also concerned about nonsampling error. Nonsampling error arises from
nonsampling risk, which occurs when
● the auditor is not careful in examining the sample and fails to identify an exception
or error in a selected sample item
● the audit test is not appropriate (for example, the sample was selected from an
inappropriate population for the purposes of the assertion being tested)
● the auditor has misjudged the relevant risks (that is, the inherent risk and/or control
risk)
● the auditor has made an error in the evaluation of the sampling results
Any or all of the above audit or auditor weaknesses could lead the auditor to perform less
work than is required to adequately support a conclusion.
Scenario 6.3-3: Testing for controls over disbursements
Lina, an auditor, forgets to look at the signatures on a sample of cheques to test for
controls over disbursements, and as a result, she fails to reassess control risk if there were
incorrect signatures in the sample. Is this an example of a sampling error?
Solution

6.4 Attribute sampling and tests of controls
Learning objective
● Outline the seven-step framework for conducting attribute sampling for tests of
control. (Level 2)
Required reading
● Chapter 10, pages 379-384 and 387-392 (to Substantive Procedures for Auditing
Account Balances)
LEVEL 2
In the next three topics, you learn to use statistical sampling for tests of controls using
attribute sampling. Statistical sampling helps quantify sampling risk and evaluate the
results of testing. For tests of controls, sampling risk consists of the probability that the
auditor will incorrectly assess control risk because the sample is not representative of the
population.
What is an attribute?
An attribute is a characteristic in which the auditor is interested, and the attribute of

interest in testing controls is whether or not a deviation from the specified controls has
occurred. An attribute supporting the control objective of validity, for example, is the
existence of a matching shipping document for each invoice. Other examples of attributes
include the department supervisor's initials on each invoice payable (authorization) and
correct account coding on each invoice (classification).
The text describes the tests of control steps (beginning on page 380) relevant to attribute
sampling as a seven-step framework using the sales and collection cycle to illustrate this.
Step 1 (Specifying the objectives of the test) and Step 6 (Performing the test of controls
audit procedures) from the seven-step framework relate mainly to the performance of tests
themselves; these are explained in more detail in Modules 8 and 9, which deal with specific
transaction cycles. This topic describes steps 2 and 3 (steps 4, 5, and 7 are covered in
following topics).
Step 2: Defining the conditions for deviations
A clear understanding of what constitutes a deviation is important. Deviations need to be

defined in advance so that they can be recognized and treated consistently, and so that
they relate to the objectives of the test of control. Auditors must also fully understand the
attributes being tested in order to know when a deviation occurs. Normally, the absence of
an attribute constitutes a deviation, but that is not always the case. In certain situations,
there will be justifiable reasons for the absence of an attribute.
Scenario 6.4-1: Audit of the acquisitions and payments cycle

Lee is auditing the acquisitions and payments cycle and he is selecting a sample of
payments to test the controls. One of the procedures may be to check that for each invoice,
there is a corresponding purchase order (PO) properly approved. If Lee finds that one of the
invoices in the sample is missing a purchase order, is this a deviation?
Solution
Step 3: Defining the population
When conducting a test of controls, the auditor aims to support control risk assessments
assertion by assertion. This means that the population from which the sample is drawn
must lend itself to testing the controls that will support a given assertion, either directly or
indirectly through a control objective relevant to the assertion. When studying the direction
of a test, you saw that sources of evidence would be used in different ways (different
directions) to test for different assertions. You must ensure that the population that you
select from has attributes consistent with the assertions you wish to test.
Scenario 6.4-2: Verifying invoices
If you are verifying that paid invoices are supported by purchase orders, would you select
the sample from the purchase order issued or from the paid invoices?
Solution
Scenario 6.4-3: Year-end and tests of controls
Padma is performing an audit for a client whose year-end is December 31. She is planning
to conduct tests of controls at an interim date, commencing October 1. What are the
implications for Padma and on her audit work?
Solution
Scenario 6.4-4: Concerns for the population to be sampled
When defining the population from which to draw a sample, there are two more factors
auditors should be aware of:
● physical proximity
● physical characteristics of the population
What is the auditor's concern when documentation defined as the intended population is
kept in a remote off-site location? What if the identified population exists in the form of data
stored in machine-readable form only?
Solution

6.5 Determining sample size and selecting the sample
Learning objective
● Describe the factors that influence sample size determination in attribute sampling,
and determine the sample size for a test of controls using statistical sampling. (Level
2)
Required readings
● Chapter 10, pages 383-384 and 387-388

● CAS 530, Appendix 2 and Appendix 4
LEVEL 2
This topic examines steps 4 and 5 of the seven-step framework: determining the sample
size for tests of controls and selecting the sample.
Step 4: Determining the sample size
The relationships between the factors and sample size are the same regardless of whether
you are using nonstatistical or statistical sampling. When auditors use statistical sampling,
they must quantify sampling risk (ARACR) to enable them to use statistical tables for
determining sample size.
The text correctly points out that sampling risk includes the risk that the control risk
assessment will be too low, as well as the risk that the control risk assessment will be too
high. However, the relationship between sample size and sampling risk as previously
described assumes that the auditor is concerned with the former, not the latter. This is
consistent with the auditor focusing on beta risk (see Topic 6.3).
The following exhibit shows a statistical sample size that you can use to see how these
factors interact in a statistical sampling approach.
Exhibit 6.5-1: Statistical sample size table — 5% sampling risk (RIA/ARACR/ARO)

Note: This table assumes a large population.

* Sample size is too large to be cost-effective for most audit applications.
Source: Lemon, Arens, and Loebbecke, Auditing: An Integrated Approach, Canadian Fifth
Edition (Scarborough, ON: Prentice Hall, 1993), page 409
The table in Exhibit 6.5-1 is developed using sampling (probability) distributions and allows
auditors to estimate the probability of representativeness (sampling risk) of a sample. It
depicts the sample sizes for a sampling risk set at 5%. The percentage figures down the left
side of the table represent EPDR, while those across the top represent TDR. The numbers in
the table are the sample sizes required for each combination of TDR and EPDR.
Auditing activity 6.5-1: Determining the sample size
Work through this activity to test your understanding of how to determine the sample size.
Suppose an auditor chooses a sampling risk of 5% and has assessed preliminary control risk

at medium (about 35%). On the basis of this preliminary control risk assessment, the
auditor feels comfortable with a TDR of 7% (see the table in the text on page 383). Based
on the prior year's experience, the auditor also determines that EPDR is about 2%. (In
other words, the auditor is willing to take a 5% risk of concluding that the control is
effective when it is not. The auditor will tolerate deviations of up to 7% and still assess CR
at 35%, even though the auditor only expects 2% deviations in the population.)
Using these figures and the table in Exhibit 6.5-1, what sample size would the auditor
choose?
Hint: Look at the intersection of the row for EPDR of 2% and a tolerable deviation rate of
7% in Exhibit 6.5-1.
Solution
Step 5: Selecting the sample
Once the auditor has determined the sample size, the next step when conducting attribute
sampling is to select the sample. Sampling risk is reduced by increasing sample size and
increasing the "randomness" of the selection process (in nonstatistical sampling where
selection need not be random or systematic).
What are the risks in selecting a non-random sample?
Non-random sampling includes both haphazard selection and block (or cluster) sampling. A
non-random sample can contain biases; the auditor is naturally attracted to non-routine
transactions and, therefore, might be biased in choosing only unusual items. Even though a
randomly selected sample may not be representative, at least the probability of this
happening (sampling risk) is measured and controlled. Block or cluster sampling occurs
when the auditor selects a number of blocks of consecutive transactions rather than
selecting transactions individually. Although this is sometimes mandated by difficulties in
locating selected items, such selection should be avoided where possible, even for non-
statistical samples.
The text describes various methods used to select a random sample. They include selection
based on assigning random numbers to a population (from a random number table or from
computer-generated random numbers), as well as by using systematic random selection.
Another way to select a random sample is to use audit software where the program chooses
the sample based on population characteristics, such as cheque numbers, invoice numbers,
and account numbers, keyed in by the auditor. (In Advanced External Auditing [AU2], you
will learn to use a software package called Audit Command Language [ACL] to select
samples.)
The text also describes nonstatistical sampling methods and explains some of the problems
associated with them.

6.6 Evaluating test results
Learning objective
● Describe how the auditor evaluates the results of a test in the contexts of
nonstatistical and statistical sampling. (Level 2)
Required reading
● Chapter 10, pages 389-392 (except section on Sample Evaluation)
LEVEL 2
The final step of the seven-step framework for attribute sampling is evaluation of the test
results.
Step 7: Evaluating the test results
The results of the test will either support or refute the auditor's preliminary assessment of
control risk. The number of deviations found in the sample will help the auditor decide
whether the controls are reliable by inferring the proportion of the population that contains
deviations.
Remember that the auditor is concerned about sampling risk insofar as it relates to the risk
of assessing control risk too low. (On pages 390 and 391, the section on "Sample
Evaluation" is not required reading.)
One way to evaluate the results of your test in a statistical context is to use a table like the
one shown in Exhibit 6.6-1. This table computes the upper deviation or error limit (UEL) for
a given ARACR, sample size, and number of deviations found in tests of controls. The
computed UEL is a statistical calculation that factors in sampling error, and is used to
estimate the population deviation rate. The sample deviation rate (actual sample deviations
÷ sample size) may be lower or higher than the actual population deviation rate. Because
auditors are mainly concerned with the risk of assessing CR too low, the higher/upper limit
is calculated to estimate how high the estimated population deviation rate might be.
Exhibit 6.6-1: Statistical sampling results evaluation — computed upper deviation rates at
5% sampling risk

Note: This table presents computed upper deviation rates (CUDR) as percentages. This
table assumes a large population.
* Over 20%.
Source: Lemon et al, page 412
Auditing activity 6.6-1: Determining the upper error limit (UEL)
Using a sampling risk of 5%, TDR of 7%, and EPDR of 2%, it was determined earlier that
the sample size would be 88. If the auditor found one deviation in the sample, what would
be the UEL?
Using Exhibit 6.6-1, at a sample size of 90 (which is the closest to 88 in the table), one
deviation gives a UEL of 5.2%. When comparing UEL to TDR, the UEL must be less than or
equal to TDR for the population (the CR assessment) to be considered acceptable. Because
this UEL is less than the auditor's TDR of 7%, the auditor would conclude that the results of
the test do support the preliminary control risk assessment.
Suppose the auditor encounters three deviations instead of one. What would be the UEL in
this case? What would the auditor conclude?
Solution
When using nonstatistical sampling for the evaluation of tests of controls, the auditor does
not quantify the calculation of UEL using statistical tables. The auditor uses professional

judgment to consider sample error and generalize from the sample deviation rate to the
population deviation rate.
By contrast, using statistical sampling for the evaluation of tests of controls enables the
auditor to compute UEL (and sampling risk), given the sample size and number of
deviations found. Using a sample size of 90:
Number of deviations found

0 1 3
Sample deviation rate
0/90 = 0% 1/90 = 1.1% 3/90 = 3.3%
UEL (per Exhibit 6.6-1) 3.3 5.2 8.4
Sampling risk
(UEL – sample deviation 3.3 – 0 = 3.3% 5.2 – 1.1 = 4.1% 8.4 – 3.3 = 5.1%
rate)

6.7 Audit sampling for substantive testing
Learning objective
● Describe the nature of audit risk, sampling risk, and materiality in the context of
substantive testing. (Level 2)
Required reading
● Chapter 10, pages 392-394 (to Sampling Steps For Account Balance Audit)
LEVEL 2
As mentioned in the text, substantive procedures include both analysis and tests of
details of balances. (Topic 3.4 describes how analysis is used to provide audit
evidence.) Analysis is not subject to sampling because analytical procedures are
applied to overall balances and financial relationships. Therefore, this topic on audit
sampling for substantive testing will focus only on tests of details of account balances.
Details of an account balance are the items and transactions that make up the account
balance.
For example, three customers, Mr. A, Ms. B, and Mrs. C owe the company $500, $800,
and $1,500 respectively, and make up the total accounts receivable balance of $2,800.
A test of details for accounts receivable could consist of verifying (testing) the
individual customer balances (details making up the total balance). (Note, however,
that testing 100% of the accounts does not constitute audit sampling.)
Audit sampling for substantive procedures is much more related to audit risk (that is,
the risk that the auditor will issue an unqualified opinion when the financial statements
are materially misstated) than is audit sampling for tests of controls. This is because
substantive testing provides direct evidence about the financial statement assertions,
and it is on those assertions that the audit opinion is based.
In substantive testing, sampling risk refers to the probability that the auditor will form
an incorrect conclusion about an account balance based on the results of a sample from
the population of items that make up the account balance. In other words, it is the
probability that the auditor accepts an account balance based on the results of the
sample, when in fact, the account balance is materially misstated. This would occur
because the sample selected was not representative of the population.
Sampling error will still be Type I or Type II and arise from alpha risk and beta risk
respectively, as was the case for attribute sampling for tests of controls. This is why
the expanded audit risk model on page 393 only considers RIA, not RIR. Also note that
in this model, detection risk consists of the risk that a material misstatement will not
be detected by either analysis (analytical procedures risk = APR) or tests of details;
that is, DR = APR × RIA. Because this topic focuses on tests of details, for the
remainder of this module, assume that no substantive tests other than tests of details
are performed, and hence APR = 1 (that is, DR = RIA).
In substantive testing, the auditor tests whether or not an account balance is materially
misstated. But how many dollars constitute an error? This is where materiality enters

into the audit sampling process. More specifically, the auditor considers tolerable
misstatement, which is usually the same as overall materiality.
Determining tolerable misstatement is subject to the auditor's professional judgment,

but in some cases, the auditor may choose to systematically allocate materiality among
balance sheet accounts. For example, suppose overall materiality has been estimated
at $177,000 based on estimated after-tax income, and also assume the auditor wishes
to test accounts receivable, which amount to $235,000. If total assets are $3,550,000,
then the auditor could calculate tolerable misstatement for accounts receivable as
follows:
However, in many cases, such a systematic approach will not be appropriate, and the
auditor will have to rely more on qualitative factors to arrive at tolerable misstatement
for each balance. The primary basis for materiality decisions is always the auditor's
judgment.

6.8 Sampling procedures for substantive testing
Learning objective
● Outline the seven-step framework for audit sampling in substantive testing, and
explain how an auditor can use stratification to reduce sample sizes in audit
sampling. (Level 2)
Required reading
● Chapter 10, pages 394-406 (excluding the paragraphs starting from "When the
population is stratified…" on page 403 to "…take the sampling risks into account" on
page 404)
LEVEL 2
The main objective of substantive testing is to detect a material misstatement in an account

balance. To achieve this objective, the auditor performs audit sampling within a seven-step
framework similar to the one described in the topics for tests of controls. This topic explains
steps 2 and 3 of the framework: defining the population and choosing an audit sampling
method. (Steps 4, 5, and 7 are covered in the following two topics. Steps 1 and 2:
specifying the objectives of the test and performing the substantive audit procedures, relate
mainly to the performance of tests themselves; these are explained in more detail in
Modules 8 and 9, which deal with specific transaction cycles.)
This framework, described on pages 394 to 405, differs from that for tests of controls in two
ways:
● First, there is no need to identify conditions for deviations. An error condition in

substantive testing is fairly obvious — it is whenever the recorded dollar amount
differs from the audited amount.
● Second, in substantive testing, the auditor needs to choose a sampling method,
which was not the case for tests of controls. For tests of controls, the sampling
method is attribute sampling, whereas the sampling method for substantive testing
can be dollar-unit sampling which is a form of attribute sampling, or variables
sampling (not covered in this course).
Step 2: Defining the population
For tests of controls, the population in substantive testing must be consistent with the
objective of the test. The population must also be complete and have physical
characteristics that will allow the auditor to select a sample from it.
Scenario 6.8-1: Testing the completeness assertion
Pat, an auditor, designs a substantive test to provide evidence that accounts payable are
not understated; that is, to test the completeness assertion. She uses a population
consisting of an accounts payable listing made up of vendors with recorded balances,
especially large ones. Is Pat’s choice of population appropriate in this case?

Solution 1
What type of population would be more appropriate to test the completeness assertion?
Solution 2
The main difference between defining a population for tests of controls and for substantive
testing relates to the issue of materiality. In substantive testing, the auditor focuses on
amounts, because substantive procedures are designed and performed to support the
account balances as stated in the financial statements. Because of materiality, the auditor
will often segregate individually material amounts from other population units and test
these amounts to a greater extent. This is known as stratification, and it is explained on
pages 395 to 396.
The degree of stratification will have an impact on evaluating the results of the evidence
because each stratum becomes a sub-population that may be significantly different from
the others. This implies that extrapolating the results of a large stratum to all the
population (all strata) may be misleading, because the sample from that stratum is not
representative of the whole population.
Several other factors, aside from size, can be considered in stratification, such as location,
risk, and the length of time an item such as a receivable or payable has been outstanding.
The auditor has to exercise considerable judgment in stratifying a population, but the
ultimate criteria are always to efficiently and effectively meet the audit objectives.
Step 3: Choosing an audit sampling method
The auditor can use statistical or nonstatistical sampling for substantive testing because the
base concepts apply to both. If statistical sampling is chosen, however, the auditor must
choose between a number of sampling methods such as variables or dollar-unit sampling.
The most popular approach is dollar-unit sampling (DUS). Simply stated, DUS considers
each individual dollar in a population as a separate unit making up the account balance.
If the auditor chooses a nonstatistical sampling approach, then the sampling method is
based on judgment and does not require that all population units (physical items) have an
equal chance of being selected. In fact, in judgmental sampling, the auditor usually targets
larger dollar amounts and/or unusual transactions. Statistical tables are not used to project
the sample misstatements to the population. Therefore, nonstatistical sampling may not
always provide a good defensible basis for projecting a likely misstatement when evaluating
the evidence.

6.9 Determining sample size in substantive testing
6.9 Determining sample size in substantive testing
Learning objective
● Describe the factors that influence sample size determination in substantive testing.
(Level 2)
Required readings
● Chapter 10, pages 397-399

● CAS 530 Appendix 3
LEVEL 2
This topic explains steps 4 and 5 of the seven-step framework for substantive testing.
Step 4: Determining the sample size
Similar to choosing the sample size in tests of controls, determining the sample size for
substantive testing is affected by a number of factors that apply to both statistical and
nonstatistical sampling. Sampling risk refers to both RIA and RIR, and as for tests of
controls, the auditor focuses on beta risk (RIA). In substantive testing, the sampling risk is
chosen by the auditor based on the relationship described by the audit risk model. In other
words, the auditor's choice of RIA is a function of AR, IR, and CR.
The auditor also chooses the level of tolerable misstatement for a given account based on
professional judgment (with reference to the amount of misstatement considered material
for that audit). After choosing sampling risk and tolerable misstatement, the auditor will
determine sample size based on the relationships outlined. (You have an opportunity to
work through an example of sample size selection in the context of dollar-unit sampling in
Computer activity 6.11-1.)
Step 5: Selecting the sample
When using nonstatistical sampling, the auditor may select a random or non-random
sample. Judgmentally selecting the sample has similar drawbacks for tests of details as for
tests of controls. If the auditor uses statistical sampling, then the sample must be selected
so that it is truly random. Inferences about achieved RIA or likely misstatement based on
statistical methods will be valid only if the sample is randomly selected.
The methods used to select a random sample in substantive testing are similar to those
described for tests of controls. In addition, it is acceptable to use systematic sampling to
select the sample when using statistical sampling.
file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/m06t09.htm [31/08/2009 10:10:57 AM]

6.10 Evaluating test results for substantive testing
6.10 Evaluating test results for substantive testing
Learning objective
● Describe how the auditor evaluates the results of a test in substantive testing. (Level
2)
Required reading
● Chapter 10, pages 401-405 (excluding the paragraphs starting from "When the
population is stratified…" on page 403 and ending before the section, Consider
Sampling Risks, on page 404)
LEVEL 2
Step 7: Evaluating the results of the evidence obtained
In Topic 4.5 you learned that identified misstatements are extrapolated to determine the
likely misstatement in the population. Whenever a misstatement is found in a
representative sample, its likely effects on the population must be evaluated. There are
several methods, both statistical and nonstatistical, that can be used to make these
inferences. This is step 7 in the seven-step framework for substantive testing.
Pages 402 to 403 explain the average difference method for calculating likely
misstatements in a stratified and non-stratified population. This method is relatively simple
and can be applied in both statistical and nonstatistical sampling.
You should be aware that the evaluation of sample results also requires a consideration of
qualitative factors (see page 405). The best example, as described in the text, is that of
finding missing controls during a substantive test. Auditors cannot ignore finding control
deviations simply because they are performing a substantive test as opposed to a test of
control. Deviations would affect the control risk assessment, which, in turn, affects the
amount of substantive work required to support the assertions.
file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/m06t10.htm [31/08/2009 10:10:57 AM]

6.11 Dollar-unit sampling
Learning objective
● Describe and demonstrate the dollar-unit sampling process to test an account

balance. (Level 2)
Required readings
● Reading 6.-1: Dollar-unit sampling

● Reading 6.-2: Random number table
Note: Page 5 of Reading 6-1 refers to "Table 12-2 on page 396." This table has been
reproduced as Reading 6-2. Also, Reading 6-1 sometimes refers to an "attributes
sampling table on page 412." This table has been reproduced as Exhibit 6.6-1 in
Topic 6.6.
LEVEL 2
Dollar-unit sampling (or sampling with probability proportionate to size) is an attribute

sampling method that can be used for sampling for tests of controls and for sampling for
tests of details of balances. On pages 1 and 2 of Reading 6-1, the steps in attributes
sampling are compared with DUS. To better outline the sequence of events in substantive
testing, read the steps in Reading 6-1, which are more detailed than the seven-step
framework presented in the navigation pane.
The population in DUS is a pool of dollars — not a pool of transactions, a pool of individual
accounts receivable balances, or a pool of inventory items. Imagine that the dollars
represented by a single account receivable are laid out end-to-end and that the dollars in
each account are laid out sequentially so that the general ledger account "accounts
receivable" is represented by a long line of dollars.
Scenario 6.11-1: Dollar-unit sampling
Sam, the auditor for Fine Music Ltd., finds that the accounts receivable balance in the
general ledger is $239,800 and that it represents 42 individual accounts receivable. The
dollars are numbered from 1 (the first dollar of the first account receivable) to 239,800 (the
last dollar of the 42nd account receivable).
To select a sample, Sam selects dollars from the line on a random basis and uses a random
number table to do this. If the dollar in a particular account receivable is selected, then that
account is selected. Using this method, could Sam select a particular account more than
once?
Solution
Scenario 6.11-2: Reliability of dollar-unit sampling
Lisa, one of your co-workers, insists that dollar-unit sampling is both reliable and efficient in

sampling for tests of detail of balances, works well with any population type, and has no
known limitations. Do you agree with her statement?
Solution
Auditing activity 6.11-1 — Dollar-unit sampling
The methodology and the steps for using dollar-unit sampling are described in Reading 6-1.
Now click on the icon and work through the "Dollar-unit sampling" auditing activity to see
how to compute the upper and lower error bounds when performing statistical tests of
details of balances.
Computer activity
Also work through Computer activity 6.11-1 to see how a worksheet can be designed to
assist the auditor in performing dollar-unit sampling.
Assignment reminder
Assignment 2 in Module 7 is due at the end of week 7 (see Course schedule in the course
navigation). Be sure to read it through now to familiarize yourself with the requirements
and to prepare for any work that may be required in advance.

Seven-step framework for attribute sampling
Attribute sampling: Seven-step framework
1. Specifying the objectives of the test

2. Defining the conditions for deviation
3. Defining the population from which a sample can be drawn
4. Determining the sample size
5. Selecting the sample
6. Performing the tests of control audit procedures
7. Evaluating the evidence of the test
file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/Attribute_sampling.htm [31/08/2009 10:10:58 AM]

Seven-step framework for substantive testing
Substantive testing: Seven-step framework
1. Specifying the objectives of the test

2. Defining the population from which a sample can be drawn
3. Choosing an audit sampling method
4. Determining the sample size
5. Selecting the sample
6. Performing the substantive audit procedures
7. Evaluating the results of the evidence obtained
file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/Substantive_testing.htm [31/08/2009 10:10:58 AM]

READING 6-1
Lemon, Arens, and Loebbecke, Auditing: An Integrated Approach, Canadian Fifth Edition, © 1993, pages 474-490.
Reprinted by permission of Prentice-Hall Canada, Inc., Scarborough, Ontario.
2 Reading 6-1 External Auditing
External Auditing Reading 6-1 3
READING 6-2
Lemon, Arens, and Loebbecke, Auditing: An Integrated Approach, Canadian Fifth Edition, © 1993, page 396. Reprinted by
permission of Prentice-Hall Canada, Inc., Scarborough, Ontario.
Module 6 summary
Module 6 summary
Explain why auditors use sampling, and describe the two applications of
audit sampling
● Auditors use sampling because it is seldom possible to obtain absolute assurance

about an audit population and, in any case, it is not economical to examine every
transaction or item making up an account balance.
● Audit sampling can be applied when testing controls to assess control risk. It can also
be used during substantive testing of the balances appearing in financial statements.
Explain statistical and nonstatistical sampling, describe the advantages of

each method, and explain when each method should be used
● Statistical sampling uses the laws of probability when selecting the sample and
extrapolates the sample result to the population. Nonstatistical sampling is audit
sampling not based on statistical calculations.
● The advantage of statistical sampling is that the sampling risk is known. It requires a
precise and definite approach to the audit problem. The advantage of nonstatistical
sampling is that it permits the auditor to use greater judgment.
● Statistical sampling is used when random numbers can be assigned to population

items and an objectively defensible result is desired. Nonstatistical samples can be
used when the auditor has additional knowledge about the population, when strictly
defensible results are not required, and when assignment of random numbers to
population items is difficult or impossible.
Explain sampling error, including errors arising from alpha risk (Type I
error), beta risk (Type II error), and nonsampling error
● Sampling error arises because there is always a risk that the sample will not be
representative of the population.
● The risk of incorrect rejection of the population is referred to as alpha risk (or the
risk of a Type I error); the risk of incorrect acceptance is referred to as beta risk (or
the risk of a Type II error).
● The auditor is mainly concerned about beta risk, which could lead to accepting a
population that contains material misstatements.
● Nonsampling risk arises because the auditor fails to detect an error when verifying
selected items or because the test is inappropriately designed for the purpose for
which it is conducted (for example, selecting from the wrong population).
Outline the seven-step framework for conducting attribute sampling for

tests of control
The seven steps in attribute sampling are
1. Specify the audit objectives.

2. Define the deviation conditions.
file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/m06summary.htm (1 of 4) [31/08/2009 10:11:18 AM]

Module 6 summary
3. Define the population.

4. Determine the sample size.
5. Select the sample.
6. Perform the test of controls procedures.
7. Evaluate the evidence.
Describe the factors that influence sample size determination in attribute

sampling, and determine the sample size for a test of controls using
statistical sampling
● The factors that influence sample size in attribute sampling are

❍ acceptable risk of overreliance
❍ tolerable deviation rate
❍ expected population deviation rate
❍ population size
● Sample size varies directly with the expected population deviation rate and the
population size. Sample size varies inversely with the acceptable risk of overreliance
and the tolerable deviation rate. The influence of the population size is minimal,
except for relatively small populations.
● The sample size is determined using a table for the appropriate acceptable risk of
overreliance and selecting the value on that table corresponding to the tolerable
deviation rate and the expected population deviation rate.
● The table corresponding to an acceptable risk of overreliance of 5% is found in

Exhibit 6-5 of Topic 6.5.
Describe how the auditor evaluates the results of a test in the context of
nonstatistical and statistical sampling
● If using statistical sampling, the auditor can look up the computed upper deviation
rates on the table corresponding to the predetermined acceptable risk of
overreliance. The auditor finds the value for the sample size used and the number of
deviations found. The auditor can accept or reject the population by comparing the
upper deviation rate from the table with the tolerable deviation rate used in
determining the sample size.
● If using nonstatistical sampling, the auditor must use judgment to decide whether to
accept or reject the population based on the sample results.
Describe the nature of audit risk, sampling risk, and materiality in the
context of substantive testing
● Sampling risk in substantive testing is related to audit risk as both denote the risk
that the auditor will accept a population containing a material misstatement.
● The tolerable misstatement for such sampling is usually set as the overall financial
statement materiality determined by the auditor at the planning stage of the audit.
Outline the seven-step framework for audit sampling in substantive

testing, and explain how an auditor can use stratification to reduce sample
sizes in audit sampling

Module 6 summary
The seven steps in audit sampling for substantive testing are
1. Specify the objectives of the test.

2. Determine the population from which the sample is to be drawn.
3. Choose the audit sample method.
4. Determine the sample size.
5. Select the sample.
6. Perform the substantive audit procedures.
7. Evaluate the evidence.
● Through stratification, the auditor selects for specific examination items considered
to represent the greatest risk by separating them from other sample items.
● Stratification can be based on the size of the item or on its risk characteristics. An
example of the latter would be selecting and separating older accounts receivable
from current accounts. This would usually result in a smaller sample size and
potentially a lower estimate of likely error in the population.
Describe the factors that influence sample size determination in

substantive testing
● The factors influencing the sample size in substantive testing are

❍ risk of incorrect acceptance
❍ risk of incorrect rejection
❍ tolerable misstatement
❍ expected dollar misstatement
❍ variability within the population
❍ population size
● The first three factors affect the sample size inversely; the last three affect the
sample size directly.
Explain how the auditor evaluates the results of a test in substantive

testing
● The auditor first determines the known misstatement from the sample and then
extrapolates the misstatement to the general population to determine the likely
misstatement in the population.
● The auditor then considers sampling risks to attempt to assess further possible
misstatement and compares the total of all known misstatements extrapolated to the
population to the amount of misstatement considered material for the audit.
Describe and demonstrate the dollar-unit sampling process to test an

account balance
● The following are the steps in dollar-unit sampling:

1. State the objectives of the audit test.
2. Define the error conditions.
3. Define the population.
4. Define the sampling unit.
5. Specify tolerable misstatement.
6. Specify acceptable risk of incorrect acceptance.
7. Estimate the population error rate.
8. Determine the initial sample size.
9. Randomly select the sample (using random or systematic selection).

Module 6 summary
10. Perform the audit procedures.

11. Generalize from the sample to the population.
12. Analyze the errors.
13. Decide the acceptability of the population.
● The auditor uses attribute sampling tables to calculate the results. The attribute
results must be converted to dollars. This requires the auditor to make an
assumption about the percentage of error for each population item that is in error.
● This information is used to calculate both an upper and lower error bound. The
sample will usually be rejected if either of the error bounds is greater than the
tolerable error in the population. The tolerable error in the population will usually be
the amount considered material for the audit.
See the computer illustration for more information.

Module 6: Self-test
Module 6 self-test
Question 1
What are the primary distinctions between statistical and nonstatistical sampling?
Solution
Question 2
What are the two specific purposes for which audit sampling is used?
Solution
Question 3
Sheila Mackenzie, CGA, tested sales transactions for the month of June in the audit of the
financial statements of Coast Co. for the year ended December 31, 20X0. Based on her
assessment of control risk below maximum and the excellent results of tests of controls,
she decided to significantly reduce her direct tests of details of the financial balances at the
year end. Evaluate this decision.
Solution
Question 4
In applying tests of controls, why is it necessary to define a compliance deviation in

advance? Give an example of a compliance deviation for sales for each of the seven internal
control objectives.
Solution
Question 5
What criterion must be met if a sample is to be considered random?
Solution
Question 6
When auditing account balances, why is an incorrect acceptance decision considered more
serious than an incorrect rejection decision?
Solution
Question 7
file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/m06selftest.htm (1 of 2) [31/08/2009 10:11:18 AM]

Module 6: Self-test
What major difference between tests of controls and tests of details of balances makes
physical (or population) unit attributes sampling inappropriate for tests of details of
balances?
Solution
file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/m06selftest.htm (2 of 2) [31/08/2009 10:11:18 AM]

Acronyms
Acronyms
Substantive test sampling:

Attribute sampling dollar-unit sampling (DUS)
ARO = acceptable risk of over-reliance ARIA = acceptable risk of incorrect
acceptance
ARACR = acceptable risk of assessing RIA = risk of incorrect acceptance

control risk too low
ARO = ARACR = sampling risk ARIA = RIA = sampling risk
Note: Sampling risk refers to both RIA

and RIR or risk of incorrect rejection (the
decision to accept a balance as being
materially misstated when it is not). The
auditor, however, will focus on RIA.
TDR = tolerable deviation rate Tolerable misstatement (TM)/

Recorded population value
(Tolerable misstatement can be expressed

either as a dollar amount or as a
percentage of the book or recorded value
of the population from which the sample is
selected.)
EPDR = estimated population deviation rate EE = estimated error rate in population
(The estimated error can be expressed

either as a dollar amount or as a
percentage of the book, or recorded, value
of the population from which the sample is
selected.)
file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/acronyms.htm [31/08/2009 10:11:18 AM]

Scenario 6.3-1 solution
Dean would estimate that the population deviation rate is 20% (4/20) and conclude that the
control is not effective, when, in fact, it is. In this case, Dean would conclude that the
population is not valid when, in fact, it is. This is called Type I error.
file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/m06t03sol1.htm [31/08/2009 10:11:19 AM]

Scenario 6.3-2 solution 1
Dean would likely conclude that the control is effective, when, in fact, it is not. In this
situation, Dean would conclude that a population is valid when, in fact, it is not. This is
called Type II error.

a. In the case of a Type I error (alpha risk) when using sampling for test of controls,
the greatest risk is of performing an inefficient audit. For example, if an auditor
concludes that controls are ineffective when they are effective, the auditor might
decide to reassess control risk at maximum and perform additional substantive
procedures.
For the risk of a Type II error (beta risk), however, the auditor would not be
motivated to do additional work beyond what has already been planned. Unless other
planned procedures or analysis reveal a deviation or misstatement that was not
detected in sampling, the deviation or misstatement will go uncorrected, and wrong
decisions will be made regarding adjustments and the audit opinion.
Consequently, the auditor is very concerned about beta risk; therefore, when
deciding on an acceptable sampling risk for audit purposes, the focus is on beta risk,
not alpha risk.
b. An auditor can reduce sampling risk by increasing sample size and increasing the
"randomness" of the selection process (in nonstatistical sampling where selection
need not be random or systematic).

This is an example of nonsampling error. The incorrect control risk assessment would lead
the auditor to perform less audit procedures than is required by the circumstances.
Through proper instructions and supervision and by careful design of audit procedures, the
auditor can reduce the chance of nonsampling error. The general standard of GAAS requires
adequate technical training and proficiency in auditing, while the first examination standard
requires proper supervision and adequate planning. In short, nonsampling risk should be of
relatively little concern to a competent auditor.

It depends. The invoice for which the PO is missing may have a standing order, in which
case a regular PO is not required. An example of this would be an electricity bill; Lee would
not have a purchase order for each electricity invoice received during the period. In this
situation, the missing PO does not constitute a deviation. Of course, Lee would have to
document this situation and specify the compensating audit procedure to be used.

You would select the sample from the population of paid invoices; it would not be
appropriate to select from the purchase orders issued.

Depending on the type and volume of transactions that occur between October 1 and
December 31, Padma must consider that a significant portion of the population may not yet
exist.
For a control to be relied on, it must be consistently applied throughout the period under
audit. Thus, Padma may need to perform additional tests at year-end to determine if the
control assessment made during the interim audit continues to be valid for the balance of
the year. As a summary, an auditor must also be aware of the completeness of the
population at the time the samples are selected.

If the population is kept in a remote off-site location, it could be difficult or may be even
impossible to select a sample from this population. The same holds true for a population
that lacks physical characteristics (that is, in a computerized environment) that allow the
auditor to sample from it. Thus, the auditor must ensure that a sample can actually be
drawn from the population and that the chosen population must have physical
characteristics that allow an auditor to sample from it.

Activity 6.5-1 solution
The auditor would choose a sample size of 88.
file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/m06t05sol.htm [31/08/2009 10:11:21 AM]

The UEL would be 8.4%, which is greater than the 7% TDR. In this case, the auditor could
decide to increase the sample size and do more testing to see if the deviations persist, or
the auditor would conclude that the test does not support the preliminary control risk
assessment, and therefore would reassess control risk as high or very high and design
substantive audit procedures accordingly.

In Pat’s case, the chosen population is not appropriate, because understatement of

accounts payable implies that there may be vendors with no recorded balance, and these
vendors will not be in the population.

A more appropriate population type would be a list of regular vendors showing small or zero
balances in the year-end accounts payable.

Sam discovers that the random selection process does result in a particular account being
selected more than once if more than one dollar from that account receivable is selected.
When that occurs, Sam counts each dollar as a separate sample unit and examines fewer
accounts receivable than if each dollar had come from a separate account.
One of the advantages of DUS is that the larger items in the population have a
correspondingly greater probability of being selected. Why is this so?
In Sam’s situation, an account with a balance of $72,900 has a likelihood of

72,900/239,800 of being selected, whereas an account with a balance of $1,500 has a
likelihood of 1,500/239,800 of being selected. Under classical sampling, where the
sampling unit would be the individual account receivable, each of the two accounts would
have a 1/42 chance of selection.

Dollar-unit sampling is reliable. However, it does have certain limitations:
● It is not as efficient as some of the variables sampling techniques (such as difference

estimation and ratio estimation) in that it requires selection of larger sample sizes in
populations with a large number of misstatements.
● Selecting a sample is difficult if the system is not computerized.
● Adjustments have to be made to include zero and negative balances.

● Accounts that are understated are less likely to be selected than if they were stated
at their correct balances.

Computer activity 6.11-1: Dollar-unit sampling with the computer
Learning objectives
● Explain how a worksheet can be designed to assist the auditor to perform dollar-unit
sampling. (Level 2)
● Evaluate the merits and limitations of worksheets for this type of sampling. (Level 2)
LEVEL 2
The manual selection of the sample for dollar-unit sampling can be a tedious task. In this
computer activity, you will find examples of how a spreadsheet program can be used to
perform dollar-unit sampling. It uses spreadsheet commands to assist in sample selection
for a batch of invoices in a continuous sequence.
Material provided
The file AU1M6P1 contains two worksheets:
● M6P1 — the summarized accounts receivable data

● M6P1S — the solution worksheet for M6P1
Description
The auditor has exported all the accounts receivable information from an accounts
receivable system to a worksheet, in file AU1M6P1. The auditor wants to select a random
sample of the invoices for confirmation, using dollar-unit sampling technique.
The auditor has determined the following:
1. Population. The population is made up of the total dollars recorded on all

outstanding invoices and credit notes drawn from the last four months of the fiscal
year.
2. Sampling unit. The sampling unit will be an individual dollar.
3. Sample size. Using the technique described in Reading 6.11-1, pages 15 to 16, the
auditor determined the appropriate sample size from the following information:
file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/m06t11ca.htm (1 of 7) [31/08/2009 10:11:25 AM]

Required
Retrieve the file AU1M6P1. Using the RAND function, construct formulas to select a random
sample using dollar-unit sampling techniques. Work through the steps provided in the next
section to perform random sampling for a population of invoices that are in a continuous
sequence.
Procedure
1. Open the file AU1M6P. (Before you begin working on the data files in this course, you
must first download them and save them to your hard drive. Click the data files link
in the navigation pane, then follow the instructions for downloading and saving the
files.) Click the sheet tab M6P1.
Caution: In this activity, it is critical to save the file under a different filename
because the activity includes a sorting procedure; you must keep the original data
file intact in case of error in the sorting procedure.
2. Examine columns A to H of the worksheet. Columns A to C are the accounts

receivable data exported to the worksheet by the auditor; columns D to H will be
used by the auditor to perform dollar-unit sampling. The following describes the
content of each column:

Sorting the data by invoice number
1. Check column A and observe that the invoices are in no specific order. If you
manually perform the dollar-unit sampling, this data set will work well without any
sorting. However, to do the sampling in a worksheet, you must first sort the data in
ascending order by invoice number (column A).
Caution: The command functions provide below may vary depending on the version
of the Excel software being used by each individual student.
2. To sort the data by invoice number, perform the following steps:
a. With the range A6 to C55 highlighted, select Data Sort and the Sort dialog box
will appear.
b. In the "My list has" or “My data has headers” box, make sure that Header Row
has been chosen. In the Sort by box, the header of column A "invoice" should
be displayed. Click Ascending (or Smallest to Largest) and OK.
With this command, you specify that you want to sort the complete data based on column A
(invoice number). Notice that the data range contains the invoice numbers, customer
names, and invoice amounts. When you specify the data range for sorting, be careful not to
include the heading of each column. You also need to specify that the invoice number is to
be sorted in ascending order.
● Columns A6 to C55 should now be sorted in ascending order by invoice number. Move the
cell pointer and examine the first and last invoices. The first record (in row 6) should be:

and the last record in row 55 should be:
If your results do not correspond, you may have sorted the data incorrectly. Erase the
current worksheet without saving it. Then retrieve the worksheet and repeat steps 1 and 2
carefully.
Converting the amounts to absolute values
1. In performing dollar-unit sampling, you will normally construct a column containing

the cumulative amount for the invoices. However, due to the negative values of the
credit notes, simply adding all the invoice amounts in column C will not provide
correct cumulative amounts. To obtain the proper amount, you must convert credit
amounts in column C to positive values. There are several ways to do this, the
simplest being to create a new column (column D) which contains absolute values,
using the ABS function, corresponding to the values in column C.
Move the cell pointer to cell D6. Type the formula:
= ABS (C6)
The resulting value should be 5,000.00, the same as the value in cell C6, because
the absolute value of a positive amount is the same as the amount.
2. To obtain the absolute values of cells C7 to C55, copy the formula from cell D6 to
cells D7 to D55. Column D should be filled with the corresponding absolute values of
column C. Note that cell D11 shows positive 2,300.00, which is the absolute value of
(2,300.00) in cell C11. Compare the cells in columns C and D and correct any errors
before proceeding to the next step.
Setting up columns for cumulative amount and invoice number
1. One of the key components of dollar-unit sampling is the creation of the cumulative
column, which contains a running cumulative total. The SUM function is used to
compute this amount in each row.
Move the cell pointer to cell E6 to create the formula for the cumulative amount.
Type the formula:
= ROUND (SUM ($D$6:D6), 0)
This formula creates a cumulative total, rounded to dollars, of the amount in column
D, starting with cell D6. For example, if this formula is copied to cell E8, it calculates
the cumulative total of invoice amounts in cells D6 to D8, resulting in the value of
63,081.
2. Copy the formula in cell E6 to cells E7 to E55. To confirm that you have set up the
formulas correctly, move the cell pointer to cell E55 and check that the cumulative
amount is 887,746. If your answer is not the same, carefully repeat the previous
steps and correct the errors before continuing.
3. Once the cumulative amounts are set up, you must copy the invoice numbers in

column A to column F. This is to make it possible to use the VLOOKUP function.

Column F will be used by the VLOOKUP function to perform the lookup of the invoice
number corresponding to random numbers you will generate in column G. Copy the
invoice numbers from column A to column F.
4. Move the cell pointer to column F and review the sorted invoice numbers. They
should be the same as those in column A. The first five records in columns E and F
should be as follows:
5. Notice that the first amount in column E is 5,000. To manage the situation in which
the random number selected is between 1 and 5,000, you must insert a row between
rows 5 and 6. After inserting the new row 6, in cell E6, type the start dollar value of
0, and in cell F6, type the invoice number of 120100. (This invoice will never be
selected since it corresponds to the dollar amount of zero.) After you have completed
the change, the first six records in columns E and F should be as follows:
Generating the set of random numbers
1. Now, you need to generate 42 random numbers to select the sample of invoices for
confirmation. The RAND function generates a random number between 0 and 1. The
population of dollars in this activity is between 1 and 887,746 (in cell E56). To
generate a set of 42 random numbers from this population, type the following
formula in cell G6:
= ROUND(RAND()*($E$56 - 1),0)+1
2. Copy the formula to the next 41 cells below cell G6 to make up the required sample
size of 42.
3. After entering the formulas, press F9 several times to recalculate the worksheet and
to achieve a randomized selection.

4. Suppose one of the random numbers generated is 43,207. In this case, cell E8
contains the exact cumulative amount of 43,207, and the corresponding invoice to be
sampled is 120102. Now suppose that a random number generated is 51,205. This
amount cannot be exactly matched to entries in column E. Instead, this amount falls
between the two values in cells E8 and E9. In this case, the invoice to be sampled is
120103. That is, the 51,205th dollar belongs to invoice number 120103.
In the next section, you will work through these two examples, starting with the simple
(unusual) case of an exact match (using the number 43,207), then the more usual case of
no match (using the number 51,205).
Selecting the required invoices
1. The function VLOOKUP may be used to automatically select the invoices

corresponding to the random numbers generated. To see how a VLOOKUP formula
can be constructed, replace the random number formula in cell G6 with the number
43207. Then, in cell H6, type the formula:
= VLOOKUP(G6,$E$6:$F$56,2)
This formula looks up the value in cell G6 from the lookup table in E6 to F56. That is,
the value in cell G6 (43,207) is compared with each of the cells in column E, starting
with cell E6. If an exact match is found, the VLOOKUP function returns the
corresponding value in column F. In other words, it "looks" to the right of the column
where the match was found; this is the meaning of the 2 at the end of the VLOOKUP
formula. (For Excel, the data column E is considered column 1 and F is column 2.)
Thus, the invoice number of 120102 from cell F8 is returned as the result of the
VLOOKUP function in cell H6.
2. What happens when there is no exact match? Replace the formula in cell G7 with the
number 51,205. Copy the formula from cell H6 to H7. Notice the use of absolute cell
references so E6 and F56 are not adjusted. After copying, the formula in cell H7
should be:
= VLOOKUP(G7,$E$6:$F$56,2)
3. By visual inspection of the worksheet, you can see that the correct result in cell H7
should be 120103. However, the VLOOKUP function yields the invoice number of
120102. Clearly, the VLOOKUP function does not work where no exact match exists
between the value to be looked up (in column G) and the values in column E. Thus, it
is necessary to modify the formula so that it can cope with either an exact match (as
in step 1 of this section) or a "no-exact-match" situation (as in step 2). Type this
formula in cell H7:
=IF(G7=VLOOKUP(G7,$E$6:$F$56,1),
VLOOKUP(G7,$E$6:$F$56,2),
VLOOKUP(G7,$E$6:$F$56,2)+1)
This formula is not as overwhelming as it may appear! It actually has three parts.
The first part of the formula compares the random number in cell G7 with the result
of VLOOKUP of column E to determine whether these two values are identical. (The 1
at the end of the first line of the formula means "look in column E.") If they are
identical, the IF function returns the second part of the formula, which looks up the
invoice number in column F. If, however, the random number does not exactly match
any of the values in column E, the formula returns the third part, which looks up the
invoice number in column F and adds one to it (in this case, correctly yielding the

value of 120103). Note that this formula will only work when the invoice number
sequence is unbroken, that is, exactly one number apart.
4. Copy the VLOOKUP formula from cell H7 to cell H6 and to cells H8 to H47.
5. Replace the random numbers entered in cells G6 and G7 in steps 1 and 2 with the
correct random number formula (the simplest way is to copy the formula in cell G8 to
cells G6 to G7).
"Freezing" the random numbers and printing the results
The random numbers generated by the formulas in cells G6 to G47 change each time the
worksheet is modified, or if F9 is pressed. However, once you have generated a set of
random numbers, you wish to "freeze" them so they can be used for sample selection. To
freeze the random numbers in cells G6 to G47, use the following procedure:
1. Select the range you want to freeze — G6 to G47.

2. After the range G6 to G47 has been highlighted, select Edit Copy.
3. Click cell G6 and select Edit Paste Special.
4. In the Paste Special box, click Values in the Paste box. Then Click OK. The formulas
in cells G6 to G47 will now be replaced with the calculated values. Press F9 to
confirm that these values are frozen.
5. After the random numbers are frozen, and the formulas in cells G6 to G47 are
replaced by values, save a copy of your worksheet.
6. Print a copy of the worksheet.

7. If you notice that your worksheet contains errors, repeat the previous steps to make
any necessary corrections. The solution is provided for your comparison on sheet tab
M6P1S. However, notice that the random numbers in the solution may not be the
same as on your own worksheet. Print a copy of the formulas in the solution
worksheet and compare it with your worksheet. Reconcile and correct any
discrepancies in the formulas.
Commentary
Because Excel performs random number generation with replacement, it is possible to

generate duplicate invoice numbers in the sample. For example, the invoice number 120130
shows up twice in column H. In dollar-unit sampling, duplicated sample items are permitted,
but they will be treated as two sample items statistically, and if this sample is found to be
misstated, it will be counted as two errors (see bottom of page 5 and top of page 6 of
Reading 6-1).

Solution 1
Self-test 6
Solution 1
The primary distinctions between statistical and nonstatistical sampling are:
● Nonstatistical sampling does not utilize statistical calculations to express the results.
● Statistical samples must be random.
● Statistical sampling involves using mathematical calculations to express the results.
● Statistical sampling enables the measurement/computation of sampling risk and the
calculation of the upper error limit.
file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/m06selftestsol1.htm [31/08/2009 10:11:25 AM]

Solution 2
Self-test 6
Solution 2
● Audit sampling is used to assess control risk, for example, in tests of control to audit
compliance with internal control procedures.
● Audit sampling can also be used to obtain direct evidence about financial statement
assertions. For instance, in substantive tests (tests of balances), sampling can be
used to audit the dollar amounts and therefore determine if they are materially
misstated.

Solution 3
Self-test 6
Solution 3
Generally, assessment of control risk at below maximum and a successful test of controls
allow for a reduction of tests of details of balances at year end. However, Sheila chose the
month of June, which only represents one-twelfth of the year, for her test period. With such
a short test period, Sheila cannot conclude that she has selected a representative sample
from the total population; therefore, without testing additional months (the consensus of
public accounting firms is nine months, but no specific standard exists), Sheila cannot
change the scope of her tests of details of financial balances at year-end.

Solution 4
Self-test 6
Solution 4
● Compliance deviations should be defined in advance so auditors will know what to

look for and will know one when they see it.
● Seven examples based on seven internal control objectives:
Objective Example
1. Validity 1. Sales recorded without supporting shipping orders

2. Authorization 2. Lack of credit manager approval for a credit sale
3. Accuracy 3. Mathematical errors in sales invoice calculations
4. Classification 4. Sales classified in wrong product line revenue account
5. Proper period 5. Sales recorded in month (quarter, year) before the actual
shipment
6. Accounting 6. Sales charges fail to be posted to a customer's account
7. Completeness 7. Sales charges fail to be billed to customers and recorded
as sales and receivables

Solution 5
Self-test 6
Solution 5
A sample is considered random if each unit in the population has an equal likelihood
(probability) of being included in the sample.

Solution 6
Self-test 6
Solution 6
● An incorrect acceptance decision directly impairs the effectiveness of an audit.

Auditors decide that account balances are materially accurate and the material
misstatement appears in the financial statements.
● An incorrect rejection decision impairs the efficiency of an audit by causing

unnecessary work. Further investigation of the cause and amount of misstatement
provides a chance to reverse the initial decision error.

Solution 7
Self-test 6
Solution 7
The most important difference between tests of controls and tests of details of balances
is in what the auditor wants to measure.
● In tests of controls, the primary concern is testing the effectiveness of internal

controls. When statistical sampling is used for tests of controls, physical
attributes sampling is ideal because it measures the maximum deviation rate for
a population of physical units such as individual transactions or items. The
deviation rate is the frequency of occurrence or the error rate in these physical
units.
● In tests of details of balances, the concern is determining whether the monetary

amount of an account balance is materially misstated. Physical unit attributes
sampling, which measures the error rate in population units, therefore will not
likely be useful for tests of details of balances. Dollar-unit or monetary-
attributes sampling is more appropriate because it measures the deviation in
dollar amounts directly since the population is the recorded dollar value of the
population (for example, the monetary amount of the account balance).

Module 06

Enviado por

Dados do documento

Descrição original:

Título original

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

Module 06

Enviado por

Direitos autorais:

Formatos disponíveis

Module 6: Audit sampling

Module 6: Audit sampling

Test your knowledge

file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/m06intro.htm (1 of 2) [31/08/2009 10:10:49 AM]

file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/m06intro.htm (2 of 2) [31/08/2009 10:10:49 AM]

6.1 Audit sampling: Introduction

● Chapter 10, pages 371-374 (to Statistical Sampling)

Why do auditors use sampling?

Auditors use sampling

● to test controls (compliance tests) for assessing control risk, and

Exhibit 6.1-1: Comparison of audit sampling tests

Compliance tests Substantive tests

file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/m06t01.htm (1 of 2) [31/08/2009 10:10:50 AM]

Focus To obtain evidence that the client To obtain evidence to support

Population Class of transactions Items in an account balance

Example Testing control procedures Auditing the existence of

Sample Sample of payments from the Sample from customers with

file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/m06t01.htm (2 of 2) [31/08/2009 10:10:50 AM]

6.2 Statistical and nonstatistical sampling

● Explain statistical and nonstatistical sampling, describe the advantages of each

● Chapter 10, pages 374-376 (to Sampling and Nonsampling Risk)

Exhibit 6.2-1: Statistical and nonstatistical sampling

Sample Sample must be randomly No requirement for random

Documentation More extensive documentation Auditors would be wise to fully

Quantification Requires the auditor to quantify No quantification of sampling risk.

file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/m06t02.htm (1 of 2) [31/08/2009 10:10:51 AM]

Inference of The measurement of the sample With a nonstatistical sample, the

Nonstatistical sampling Statistical sampling

file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/m06t02.htm (2 of 2) [31/08/2009 10:10:51 AM]

6.3 Sampling and nonsampling error

Sampling risk and sampling error

Exhibit 6.3-1: Sampling risk and sampling error

file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/m06t03.htm (1 of 3) [31/08/2009 10:10:52 AM]

Sampling What is sampling Why does sampling How many types of

Scenario 6.3-1: Testing for a specific control procedure

Dean, an auditor, is interested in testing transactions for a specific control procedure. He

Scenario 6.3-2: True deviation rate

a. Why is beta risk more of a concern than alpha risk?

file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/m06t03.htm (2 of 3) [31/08/2009 10:10:52 AM]

Scenario 6.3-3: Testing for controls over disbursements

file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/m06t03.htm (3 of 3) [31/08/2009 10:10:52 AM]

6.4 Attribute sampling and tests of controls

An attribute is a characteristic in which the auditor is interested, and the attribute of

Step 2: Defining the conditions for deviations

A clear understanding of what constitutes a deviation is important. Deviations need to be

Scenario 6.4-1: Audit of the acquisitions and payments cycle

file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/m06t04.htm (1 of 2) [31/08/2009 10:10:52 AM]

Step 3: Defining the population

Scenario 6.4-2: Verifying invoices

Scenario 6.4-3: Year-end and tests of controls

Scenario 6.4-4: Concerns for the population to be sampled

file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/m06t04.htm (2 of 2) [31/08/2009 10:10:52 AM]

6.5 Determining sample size and selecting the sample

● Chapter 10, pages 383-384 and 387-388

Step 4: Determining the sample size

Exhibit 6.5-1: Statistical sample size table — 5% sampling risk (RIA/ARACR/ARO)

file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/m06t05.htm (1 of 3) [31/08/2009 10:10:54 AM]

Note: This table assumes a large population.

Auditing activity 6.5-1: Determining the sample size

file:///F|/Courses/2009-10/CGALU/AU1/06course/01mod/au10910/module06/m06t05.htm (2 of 3) [31/08/2009 10:10:54 AM]

Step 5: Selecting the sample

What are the risks in selecting a non-random sample?