AUDIT SAMPLING FOR TESTS OF

CONTROLS AND SUBSTANTIVE TESTS OF

TRANSACTION
by Group 2
GROUP 2
• FANISA ALIA FITRI 1310531026
• MICHELA LARASATI 1410532047
Representative Samples

• Representative Sample
One in which the characteristics in the sample is
approximately the same as those of the population
• Non-sampling Risk
The risk that the audit test do not uncover existing
exceptions in the sample
The causes :
- Auditor’s failure to recognize exceptions
- Inappropriate or ineffective audit procedure
• Sampling Risk
Risk of reaching an incorrect conclusion inherent in
tests of less than the entire population because the
sample is not representative of the population
Ways to control sampling risk:
- Adjust sample size
- Use an appropriate method of selecting sample
items from the population
 Statistical vs Non-statistical Sampling
and
Non-probabilistic vs Probabilistic sample
selection

Statistical and Non-statistical sampling are similar in

that they both involve three phases:
1. Plan the sample
2. Select the sample and perform the tests
3. Evaluate the results
• Statistical Sampling
The use of mathematical measurement techniques to
calculate formal statistical results and quantify
sampling risk

• Non-statistical sampling
The auditor’s use of professional judgment to select
sample items, estimate the population values, and
estimate sampling risk
• Probabilistic Versus Non-probabilistic Sample
Selection
Both probabilistic and non-probabilistic sample
selection fall under step of select the sample perform
the test.
When using probabilistic sample selection, the
auditor randomly selects items such that each
population item has a known probability of being
included in the sample.
In non-probabilistic sample selection, the auditor
selects sample items using professional judgment
rather than probabilistic methods
• Applying Statistical and Non-statistical Sampling in
Practice and Sample Selection Methods
Auditors may make non-statistical evaluations when
using probabilistic selection, but it is never
acceptable to evaluate a non-probabilistic sample
using statistical methods.
• Non-probabilistic (judgmental) sample selection
methods include the following:
1. Directed sample selection
2. Block sample selection
3. Haphazard sample selection

• Probabilistic sample selection methods include the

following:
1. Simple random sample selection
2. Systematic sample selection
3. Probability proportional to size sample selection
4. Stratified sample selection
Non-probabilistic Sample Selection
Methods
• Directed Sample Selection
Auditors deliberately select each item in the sample
based on their own judgmental criteria instead of
using random selection.
Commonly used approaches include:
- Items Most Likely to Contain Misstatements
- Items Containing Selected Population
Characteristics
- Large Dollar Coverage
• Block Sample Selection
Auditors select the first item in a block, and the
remainder of the block is chosen in sequence.
• Haphazard Sample Selection
The selection of items without any conscious bias by
the auditor. In such cases, the auditor selects
population items without regard to their size, source,
or other distinguishing characteristics.
Probabilistic Sample Selection Methods

• Simple Random Sample Selection

A sample in which every possible combination of
elements in the population has an equal chance of
constituting the sample
• Systematic Sample Selection
A probabilistic method of sampling in which the
auditor calculates an interval (the population size
divided by the number of sample items desired) and
selects the items for the sample based on the size of
the interval and a randomly selected starting point
between zero and the length of the interval
Sampling for Exception Rates
• Exception rate
The percent of items in a population that include
exceptions in prescribed controls or monetary
correctness

• Types of exceptions in populations of accounting data:

1. Deviations from client’s established controls
2. Monetary misstatements in populations of
transaction data
3. Monetary misstatements in populations of
account balance details
• Because the exception rate is based on a sample,
there is a significant likelihood that the sample
exception rate differs from the actual population
exception rate. This difference is called the sampling
error.
• When the auditor is concerned with both the
estimate of the sampling error and the reliability of
that estimate, called sampling risk.
APPLICATION OF NONSTATISTICAL AUDIT
SAMPLING
1. State the Objectives of the Audit Test
Auditors define the objectives of tests of controls and
substantive tests of transactions:
- Test the operating effectiveness of controls
- Determine whether the sales and cash receipt
transactions contain monetary misstatements
2. Decide Whether Audit Sampling Applies
• Audit sampling applies whenever the auditor plans
to reach conclusions about a population based on a
sample
• The auditor should examine the audit program and
select those audit procedures where audit sampling
applies
3. Define Attributes and Exception
Conditions
• Auditors must carefully define the characteristics
(attributes) being tested and the exception
conditions
• Attributes of interest and exception conditions for
audit sampling are taken directly from the auditor’s
audit procedures.
4. Define the Population
• Auditor define the population to include any items they
want, but when they select the sample, it must be
selected from the entire population as it has been defined
• The auditor should test the population for completeness
before a sample is selected to ensure that all population
items are subjected to sample selection.
• The auditor may generalize only about that population
that has been sampled
• The auditor must carefully define the population in
advance, consistent with the objectives of the audit tests
5. Define the Sampling Unit
• The sampling unit is defined by the auditor based on
the definition of the population and objective of the
audit test. The sampling unit is the physical unit that
corresponds to the random numbers the auditor
generates.
• The sampling unit as the starting point for doing the
audit tests. For the sales and collection cycle, the
sampling unit is typically a sales invoice or shipping
document number.
 6. Specify the Tolerable Exception Rate
• Establishing the tolerable exception rate (TER)
for each attribute requires an auditor’s professional
judgment. TER represents the highest exception rate
the auditor will permit in the control being tested
and still be willing to conclude the control is
operating effectively
• TER can have a significant impact on sample size. A
larger sample size is needed for a low TER than for a
high TER.
 7. Specify Acceptable Risk of Assessing
Control Risk Too Low
• Acceptable risk of assessing control risk too low (ARACR) measures the
risk the auditor is willing to take of accepting a control as effective (or a rate of
misstatements as tolerable) when the true population exception rate is greater
than TER. ARACR represents the auditor’s measure of sampling risk.
• Auditors must use their best judgment in choosing the appropriate ARACR for
each attributes. Their main consideration is to reduce assessed control risk as a
basis for the extent of tests of details of balances. Auditors normally assess ARACR
at a lower level when auditing an accelerated filer public company because the
auditor needs to be confident that the internal controls are effective to support the
opinion on internal control over financial reporting.
• For non statistical sampling, it is common for auditors to use ARACR of high,
medium, or low instead of a percentage.
• The auditor can establish different TER and ARACR levels for different attributes
of an audit test, depending on the importance of the attribute and related control.
8. Estimate the Population Exception Rate
• Auditors should make an advance estimate of the
population exception rate to plan the appropriate
sample size. If the estimated population
exception rate (EPER) is low, a relatively small
sample size will satisfy the auditor’s tolerable
exception rate, because a less precise estimate is
required.
9. Determine the Initial Sample Size
• Four factors determine the initial sample size for audit
sampling: population size, TER, ARACR, and EPER. Auditors
using non statistical sampling decide the sample size using
professional judgment rather than using a statistical formula.
• The three major factors affecting sample size have been
determined, the auditor can decide an initial sample size. It is
called an initial sample size because the exceptions in the
actual sample must be evaluated before auditors can decide
whether the sample is sufficiently large to achieve the
objectives of the tests.
• Sensitivity of Sample Size to a Change in the
Factors To understand the concepts underlying
sampling in auditing, you need to understand the
effect of increasing or decreasing any of the four
factors that determine sample size, while the other
factors are held constant.
10. Select the Sample
• Auditors can choose the sample using any of the
probabilistic or nonprobabilistic methods. To
minimize the possibility of the client altering the
sample items, the auditor should not inform the
client too far in advance of the sample items
selected. The auditor should also control the sample
after the client provides the documents.
11. Perform the Audit Procedures
• The auditor performs the audit procedures by
examining each item in the sample to determine
whether it is consistent with the definition of the
attribute and by maintaining a record of all the
exceptions found. When audit procedures have been
completed for a sampling application, the auditor
will have a sample size and number of exceptions for
each attribute.
 12. Generalize from the Sample to the
Population
• The sample exception rate (SER) calculated from the
actual sample results. SER equals the actual number of
exceptions divided by the actual sample size.

For non statistical methods, auditors use two ways to generalize

from the sample to the population.
1. Add an estimate of sampling error to SER to arrive at a
computed upper exception rate (CUER) for a given ARACR
2. Subtract the sample exception rate from the tolerable
exception rate to find the calculated sampling error (TER –
SER), and evaluate whether it is sufficiently large to
conclude that the true population exception rate is
acceptable.
13. Analyze Exceptions
• Exception rate is likely to exceed the tolerable exception
rate, auditors must analyze individual exceptions to
determine the breakdown in the internal controls that
allowed them to happen

• Exceptions can be caused by many factors, such as

carelessness of employees, misunderstood instructions,
or intentional failure to perform procedures. The nature
of an exception and its causes have a significant effect on
the qualitative evaluation of the system.
 14. Decide the Acceptability of the
Population
• When generalizing from the sample to the population,
most auditors using non statistical sampling subtract
SER from TER and evaluate whether the difference
(calculated sampling error) is sufficiently large

• If the auditor concludes the difference is sufficiently

large, the control being tested can be used to reduce
assessed control risk as planned, assuming a careful
analysis of the exceptions does not indicate the
possibility of other significant problems with internal
controls.
When the auditor concludes that TER – SER is too small to conclude that the population is
acceptable, or when SER exceeds TER, the auditor must follow one of four courses of action:
1. Revise TER or ARACR , when the auditor has concluded that the original specifications
were too conservative.
2. Expand the Sample Size An increase in the sample size has the effect of decreasing the
sampling error if the actual sample exception rate does not increase
3. Revise Assessed Control Risk If the results of the tests of controls and substantive tests
of transactions do not support the preliminary assessed control risk, the auditor should
revise assessed control risk upward.
4. Communicate with the Audit Committee or Management The auditor is required
to communicate in writing to those charged with governance, such as the audit committee,
regarding significant deficiencies and material weaknesses in internal control.
5. Adequate Documentation The auditor needs to retain adequate records of the
procedures performed, the methods used to select the sample and perform the tests, the
results found in the tests, and the conclusions reached.
STATISTICAL AUDIT SAMPLING
• The statistical sampling method that used for tests of
controls and substantive tests of transactions is
attributes sampling. Non statistical sampling also has
attributes, which are the characteristics being tested for
in the population, but attributes sampling is a statistical
method

• The same 14 steps are used for both approaches, and the
terminology is essentially the same. The main differences
are the calculation of initial sample sizes using tables
developed from statistical probability distributions and
the calculation of estimated upper exception rates using
tables similar to those for calculating sample sizes.
SAMPLING DISTRIBUTION
• A sampling distribution is a frequency distribution of
the results of all possible samples of a specified size that
could be obtained from a population containing some
specific characteristics. Sampling distributions allow the
auditor to make probability statements about the
representativeness of any sample

• Attributes sampling is based on the binomial

distribution, in which each possible sample in the
population has one of two possible values, such as
yes/no, black/white, or control deviation/no control
deviation.
APPLICATION OF ATTRIBUTES SAMPLING
Plan the Sample
1. State the objectives of the audit test. Same for attributes and nonstatistical sampling.
2. Decide whether audit sampling applies. Same for attributes and nonstatistical sampling.
3. Define attributes and exception conditions. Same for attributes and nonstatistical
sampling.
4. Define the population. Same for attributes and nonstatistical sampling.
5. Define the sampling unit. Same for attributes and nonstatistical sampling.
6. Specify the tolerable exception rate. Same for attributes and nonstatistical sampling.
7. Specify acceptable risk of assessing control risk too low. The concepts of specifying this
risk are the same for both statistical and nonstatistical sampling, but the method of
quantification is usually different.
8. Estimate the population exception rate. Same for attributes and nonstatistical sampling.
9. Determine the initial sample size. Four factors determine the initial sample size for both
statistical and nonstatistical sampling: population size, TER, ARACR, and EPER.
• Effect of Population Size Population size is a minor
consideration in determining sample size. Because most auditors
use attributes sampling for reasonably large populations, the
reduction of sample size for smaller populations is ignored here

Select the Sample and Perform the Audit

Procedures
10. Select the sample. The only difference in sample
selection for statistical and nonstatistical sampling is the
requirement that probabilistic methods must be used for
statistical sampling
11. Perform the audit procedures. Same for attributes and
nonstatistical sampling.
 Evaluate the Results
12. Generalize from the sample to the population. For attributes
sampling, the auditor calculates an upper precision limit (CUER) at a
specified ARACR, using special computer programs or tables
developed from statistical formulas

13. Analyze exceptions. Same for attributes and nonstatistical

sampling

14. Decide the acceptability of the population. The methodology for

deciding the acceptability of the population is essentially the same for
attributes and nonstatistical sampling. For attributes sampling, the
auditor compares CUER with TER for each attribute. Before the
population can be considered acceptable, the CUER determined on the
basis of the actual sample results must be less than or equal to TER
when both are based on the same ARACR
 Need for Professional Judgment
• A criticism of statistical sampling is that it reduces the
auditor’ use of professional judgment. A comparison of the 14
steps for nonstatistical and attributes sampling shows that
this criticism is unwarranted. Attributes sampling requires
auditors to use professional judgment in most of the steps

• To select the initial sample size, auditors depend on TER and

ARACR, which require a high level of professional judgment,
as well as EPER, which requires a careful estimate. The final
evaluation of the adequacy of the entire application of
attributes sampling, including the adequacy of the sample
size, must also be based on high-level professional judgment.