To Explain statistical and non-statistical sampling, describe the advantages of each method, and explain when each method should be used. To Distinguish between probabilistic and non-probabilistic sample selection. To explain the concept of representative sampling. To explain the effects of changes in various population characteristics and changes in sampling risk on required sample size To describe the 14 steps used in the application of non-statistical sampling and attribute sampling in tests of controls and substantive tests of transactions.
Auditing part II For class of 2018 1
Definition of Audit Sampling GAAS define audit sampling as the application of an audit procedure to less than 100% of the items within an account balance or class of transactions for the purpose of evaluating some characteristics of the balance or class (SAS 39, AU 350).
Why don’t auditors test 100% of transactions
or account balances ? Auditing part II For class of 2018 2 Auditors usually do not test 100% of transactions or items in account balances because : 1. The cost of doing so would be high. 2.Auditors seek only reasonable assurance. 3.The nature and materiality of the items (balance or classes of transaction may not demand a 100% audit) 4. Auditors take sample when the audit objective is to reach a conclusion about a balance or class of transactions.
Auditing part II For class of 2018 3
Why do auditors use sampling? Auditors use sampling 1. Auditing control compliance (Tests of Controls) and substantive tests of transactions (to checks whether transaction amounts are materially misstated/not) 2. Auditing account balances: It is a substantive test whose purpose is to check whether balances are materially misstated or not. (to draw conclusion about the fairness of the amounts stated in financial statement ) Audit sampling occurs whenever auditors draw a conclusion about an entire class of transactions or account balance based on the results of a (representative) sample from the class or the balance. Link\L1 Comparison of audit sampling tests.docx
Auditing part II For class of 2018 4
Which aspect of auditing (nature, timing, extent) is addressed by audit sampling? Audit sampling addresses the sufficiency aspect of evidence as required under GAAS, since it relates to the extent (the amount of work done when the procedures are performed) of audit procedures used.
Auditing part II For class of 2018 5
Sampling Design The two sampling designs used by auditors are 1. Statistical 2. Non statistical (judgmental) GAAS permit auditors to use either statistical or non- statistical sampling methods. However, it is essential that either method be applied with due care. All steps of the process must be followed carefully. The auditor is not required by GAAS to base evaluations on statistically-based tests, but only to apply professional judgment. Auditing part II For class of 2018 6 STATISTICAL NON STATISTICAL Based on the laws of Based on auditors judgment probability Samples may or may not be Samples must be random random Used when an objectively Used when the auditor has defensible result is desired. additional knowledge of Sampling risk can be the population. specified/quantified in Sampling risk can not be advance specified/quantified in advance Inference is made based on Inference is made based on statistical result judgment
Auditing part II For class of 2018 7
Procedures are common for both categories of sampling (statistical/non-statistical) 1. Planning the sample –eg. involves the decision that sample size eg. 100 2. Selecting the sample and performing the tests – involves which 100 to take and deciding for eg. 3 exceptions/deviations exist 3. Evaluating the results –involves reaching to a conclusion that the 3 exception/deviation rate estimated from sample are equals to the exception/deviation rate from population
Auditing part II For class of 2018 8
Eg. Out of 1,000 sales invoices, an auditor selected 100 sales invoices for an audit and no errors and irregularities were found on them. Does this mean that the entire population of sales invoices is free from error and irregularities? The answer is No, because, the sample might not reflect the actual condition of the population, due to sampling or non sampling risk (it may not be representative). Auditing part II For class of 2018 9 The Concept of a representative sample A representative sample is a sample that mirrors the characteristics of the population A representative sample has all the important characteristics of the population from which it is drawn; this means that the sampled items are similar to the items not sampled. A representative sample will reduce sampling risk that lead auditors to incorrect conclusion. What helps auditors obtain a representative sample? Auditing part II For class of 2018 10 Auditors can increase the likelihood of the representativeness of a sample if they are careful in: Designing the sampling process, Selecting sample and Evaluating sample results Auditors try to avoid biasness and maintain representativeness of the sample by applying random selection method, which give equal chance to each item being included in the sample Auditing part II For class of 2018 11 Auditors cannot guarantee representativeness; this is what sampling risk is all about, ‘the probability that the sample may not mirror the characteristics of the population’. Thus, even under random sample, a risk exists that the sample may not be representative, eg it could be when the sampling frame is not complete (AR eg)
Auditing part II For class of 2018 12
Sampling and non-sampling error Whenever a sample is selected from a population, it may or may not be representative. The risk of the sample not being representative is called sampling risk. The error that results from sampling risk is called sampling error.
Auditing part II For class of 2018 13
SAMPLING RISK SAMPLING ERROR
It is the probability that an It is the difference between the
auditor’s conclusion based on actual rate of deviation in the a sample may differ from the population and that of the conclusion that may be sample. reached if an entire population was audited (since sample is Eg. The actual but unknown not representative). deviation rate in the population is 3% Sampling risk is an inherent - deviation rate in the sample is part of sampling that result 2%. This difference of 1% is from testing less than the known as sampling error. entire population -It results from sampling risk Auditing part II For class of 2018 14 TYPES OF SAMPLING RISK TYPES OF SAMPLING ERROR 1.Sampling risk for tests of control (risks related to control procedures): ▪ Risk of over reliance on client’s Type I error internal control ▪ Risk of under reliance on client’s Incorrect rejection (alpha internal control 2. Sampling risk of substantive tests (risks risk)- related to transactions and balances: ▪ Risk of incorrect rejection (alpha risk)- this is the possibility that sample result Type II error will indicate that population is materially misstated when in fact it is Incorrect acceptance (beta not materially misstated ▪ Risk of incorrect acceptance (beta risk)- risk)-Link\L3 Activity type this is the possibility that sample result will indicate that population is not I and type II errors.doc materially misstated when in fact it is materially misstated
Auditing part II For class of 2018 15
How do sampling risks affect efficiency and effectiveness of audit? Risk of under reliance on client’s internal control and risk of incorrect rejection (alpha risk) affects audit efficiency since both make the auditor to perform additional audit procedures that will finally reveal that no material weakness in control procedure (in the case of test of control) and the account is not materially misstated (in the case of substantive test) Risk of over reliance on client’s internal control and risk of incorrect acceptance (beta risk) affects audit effectiveness in detecting material errors. If audit is ineffective there is a failure of detecting material weakness in control procedure (in the case of test of control) and materially misstated account balances will not be detected (in the case of substantive test) Auditing part II For class of 2018 16 Which one is more risky/significant? Risk of over reliance and risk of incorrect acceptance (beta risk) have significant effect on the fairness of the financial statement, so they are of primary concern to auditors. If not reduced, these risks will expose auditors to negligence that will lead to legal liability. Auditors should use a representative sample to reduce such risks Auditing part II For class of 2018 17 How to reduce sampling risk?
Sampling risk can be reduced by increasing
sample size Use of appropriate method of sample selection
Auditing part II For class of 2018 18
Non Sampling risk & error
Link\Non sampling risk and non sampling error.doc
Similarities and differences between sampling and
non sampling risks. Link\Similarities and Differences between Sampling risk and Non.doc
Auditing part II For class of 2018 19
Random and Non Random Sample A random sample is a set of sampling units chosen so that each population item has an equal likelihood of being selected in the sample A random sample can also be used in “non statistical sampling” design There is a common misconception of equating statistical sampling with random selection Auditing part II For class of 2018 20 Regardless of the sampling design used, (statistical/non statistical), when selecting a sample from a population, the auditor strives to obtain a representative sample by applying different procedures. Auditors may use probabilistic or non- probabilistic sample selection procedures to achieve this purpose
Auditing part II For class of 2018 21
PROBABILISTIC SAMPLE NONPROBABILISTIC (JUDGMENTAL) SELECTION SAMPLE SELECTION METHODS It is based on statistical rules Here, the auditor selects sample Every individual (element) in the defined source of population may be items using professional selected into the sample with a known (non-zero) probability. judgment If sampling frame = N and sample The procedure is used with non size = n, every individual has a known chance of n/N being statistical plans since it is not selected. based upon the statistical Involves random selection principles which govern procedures So, the auditor randomly selects probability sampling. items such that each population Usually used when a sampling item has a known probability of frame does not exist/not being included in the sample. complete Auditing part II For class of 2018 22 PROBABILISTIC SAMPLE SELECTION NONPROBABILISTIC (JUDGMENTAL) METHODS INCLUDE THE FOLLOWING: SAMPLE SELECTION METHODS
1. Directed sample selection 1. Simple random sample
2. Block sample selection selection 3. Haphazard sample selection 2. Systematic sample selection 3. Probability proportional to These methods are used with size sample selection non-statistical sampling plan 4. Stratified sample selection With these methods it is difficult to evaluate the randomness and representativeness of a sample
Auditing part II For class of 2018 23
1. Directed sample selection Under these methods, auditors deliberately select each item in the sample based on their own judgmental criteria Random selection is not used Commonly used approaches include: 1. Selection of items Most Likely to Contain Misstatements ▪ Eg. - accounts receivable outstanding for a long time, - purchases from and sales to officers and affiliated companies, - unusually large or complex transactions. Conclusion: if these items are not materially misstated, the F/S will not be materially misstated Auditing part II For class of 2018 24 ….Nonprobabilistic (judgmental) sample selection methods …Directed sample selection …Commonly used approaches include: 2. Selection of items Containing Selected Population Characteristics Eg. Selecting a sample of cash disbursements that includes some from each month, each bank account or location, and each major type of acquisition. 3. Selection of items with Large Dollar value (Large Dollar Coverage -)
Auditing part II For class of 2018 25
….Nonprobabilistic (judgmental) sample selection methods 2. Block sample selection It is a practice of choosing segments of continuous transactions. Block or cluster sampling occurs when the auditor selects a number of blocks of consecutive transactions rather than selecting transactions individually A block sample consists of all items in the selected time period, numerical sequence, or alphabetical sequence
Block sample with a transaction date used as sampling unit
Eg. Choosing sales invoices processed on randomly chosen days, say, February 3, July 17, and September 29. Thus all sales invoices processed on the randomly selected dates are included in the sample. Auditing part II For class of 2018 26 ….Nonprobabilistic (judgmental) sample selection methods …2. Block sample selection Block sample with months used as sampling unit Eg auditors want to test internal control over cash disbursement and decide to check all cash disbursement vouchers of April and December. Sampling unit: the sampling unit is month rather than individual transaction. No. of blocks: The sample consists two blocks selected from a population of 12 months When sampling unit is individual transaction, auditors select the first item in a block, and the remainder of the block is chosen in sequence Auditing part II For class of 2018 27 ….Nonprobabilistic (judgmental) sample selection methods ……. 2. Block sample selection Issues related to the number of blocks Eg. assume the block sample will be a sequence of 100 sales transactions from the sales journal for the third week of March. Auditors can select the total sample of 100 by taking 5 blocks of 20 items, 10 blocks of 10, 50 blocks of 2 or one block of 100.
Auditing part II For class of 2018 28
Advantages and Limitations: Block samples cannot be representative unless a reasonable number/large number of blocks is used. If few blocks are used, the probability of obtaining a non-representative sample is too great Eg. sampling 10 blocks of 10 from the third week of March is far less appropriate than selecting 10 blocks of 10 from 10 different months. This method can be used to supplement other samples when there is a high likelihood of misstatement for a known period. Eg. the auditor might select all 100 cash receipts from the third week of March if that is the period when the accounting clerk was on vacation and an inexperienced temporary employee processed the cash receipt transactions.
Auditing part II For class of 2018 29
….Nonprobabilistic (judgmental) sample selection methods 3. Haphazard sample selection It refers to any unsystematic way of selecting sample units eg. Closing eyes and putting hands in drawers to pick sales invoices The problem is: only those that are suitable for picking may be picked It is very difficult to describe the method, to replicate the method and get the same sample units The method is also stated as a method for selecting items without any conscious bias by the auditor; without any special reason for including/excluding items i.e. the auditor selects population items without regard to their size, source, or other distinguishing characteristics. Auditing part II For class of 2018 30 ….Nonprobabilistic (judgmental) sample selection methods ….3. Haphazard sample selection Avoiding biasness is the most difficult task in haphazard sampling method Haphazard sample selection should be considered only as a last resort since it is hard to document and impossible to replicate Haphazard and block sample selection appear to be less logical than directed sample selection, However, they are simpler and much less costly than other selection methods, they are usually used based on cost-benefit criteria For many non-statistical sampling applications involving tests of controls and substantive tests of transactions, auditors prefer to use a probabilistic sample selection method to increase the likelihood of selecting a representative sample. Auditing part II For class of 2018 31 Probabilistic sample selection methods Probabilistic sample selection methods are used with statistical sampling plans Statistical sampling plans apply probabilistic sample selection method to measure sampling risk. For probabilistic samples, the auditor uses no judgment about which sample items are selected, except in choosing which of the selection methods to use. For probabilistic method the following four methods can be used: 1. Simple random sample selection 2. Systematic sample selection 3. Probability proportional to size sample selection 4. Stratified sample selection
Auditing part II For class of 2018 32
…Probabilistic sample selection methods 1. Simple random sample selection Auditors try to maintain representativeness of the sample by selecting samples randomly A sample is random if each unit in the population has an equal probability/chance of being included in the sample. When do auditors use this method? Auditors use simple random sampling to sample populations when there is no need to emphasize one or more types of population items. Eg. auditors want to sample a client’s cash disbursements for the year. Assume they select 60 cash disbursements by a simple random sample Finally they will draw conclusions about all recorded cash disbursement transactions based on this 60 cash disbursements. How do auditors apply simple random method?
Auditing part II For class of 2018 33
…Probabilistic sample selection methods …1. Simple random sample selection Auditors use random numbers in applying simple random selection method Random numbers are a series of digits having no identifiable pattern and equal probabilities of occurring over long runs Auditors usually generate random numbers by using the following techniques: 1. electronic spreadsheets, 2. random number generators, and 3. generalized audit software. Since computer programs offer advantages such as time savings, reduced likelihood of auditor error in selecting the numbers, and automatic documentation, auditors usually prefer to use computer generation of random numbersLink\Chapter 2 Computer generator rndom numbers.doc
Auditing part II For class of 2018 34
…Probabilistic sample selection methods 2. Systematic sample selection Here auditors are required to know the population size and a predetermined sample size The process involves the following steps: 1. Obtain a random starting place in the physical representation (eg. List of sales invoices recorded in sales journal) and select the unit 2. Count through the file and select every kth unit, where k is the sampling interval (standard distance between individuals), which is obtained by dividing the number in the frame by the desired sample size k, the interval = population size/sample size . ..\Links\ch 2 examples of Systematic sample selection.docx
Auditing part II For class of 2018 35
…Probabilistic sample selection methods ….2. Systematic sample selection Advantages: Easier to use, Sample can be drawn quickly, It automatically puts the numbers in sequence, making it easy to develop the appropriate documentation Very good when the population from which sample is to be drawn is homogeneous Limitations Systematic sampling involves a danger if the list of individuals has some periodicity or some pattern, thus there is a possibility of bias Eg. if a control deviation occurred at a certain time of the month or only with certain types of documents due to turnover etc, a systematic sample can fail to select a representative sample. Generalized audit software include facilities for using systematic sample selection from computer-based files Auditing part II For class of 2018 36 …Probabilistic sample selection methods 3. Probability proportional to size (PPS) sample selection Under this method, a sample is taken where the probability of selecting any individual population item is proportional to its recorded amount. This method is evaluated using non statistical sampling or monetary unit statistical sampling. 4. Stratified sample selection Stratification is a technique of dividing the population into relatively homogenous subgroups called strata Auditors stratify the population before computing the sample size and selecting the sample Auditors usually use dollar size to stratify the population Sample is taken from each strata separately; larger sample is taken from the subpopulations with larger sizes. Sample results may be evaluated separately or combined to provide an estimate of the characteristics of the population This method is evaluated using nonstatistical sampling or variables statistical sampling. Auditing part II For class of 2018 37 The application of sampling in test of controls auditing (both in non-statistical and statistical/attribute sampling) is a structured, formal approach involving the following 14 steps categorized in 3 phases: Links\Application of sampling method.doc
Basic concepts
Auditing part II For class of 2018 38
1. Attribute: An attribute is a characteristic in which the auditor is interested In testing controls, the attribute is whether or not a deviation from the specified controls has occurred. For occurrence/existence-the attribute is eg the existence of a matching shipping document for each sales invoice. For authorization- the attributes include the department supervisor’s initials on each invoice payable For classification- the attributes include checking correct account coding on each invoice
Auditing part II For class of 2018 39
2. Deviation rate/exception rate- rate of failure from prescribed procedure. The three types of exceptions/deviations in accounting data in which auditors are interested in and evaluate are: 1. Deviations from client’s established control 2. Monetary misstatements in populations of transaction data 3. Monetary misstatements in populations of account balance details Auditing part II For class of 2018 40 How deviation rate relates to control risk? There is a direct relationship between deviation rate and the level of control risk. Low deviation rate is associated with low control risk; high deviation rate is associated with high control risk. A clear understanding of what constitutes a deviation is important. Deviations need to be defined in advance so that they can be recognized and treated consistently, and so that they relate to the objectives of the test of control.
Auditing part II For class of 2018 41
Source from which auditors refer about attributes and conditions for deviations/exceptions Attributes of interest and exception conditions for audit sampling are taken directly from the auditor’s audit procedures. Eg Eight attributes are used for tests of control of the billing function of HH Co. Samples of sales invoices will be used to verify these attributes. Eg. Attribute 1: Existence of sales invoice No. in sales journal Attribute 2: Details on sales invoice are correct…………….Attribute 8: Credit approvedLink\HH Co.doc Auditing part II For class of 2018 42 How to evaluate the attributes Eg. For an audit question that asks “Is credit approved?” the answer can be yes or no. Auditors will count the number of deviations and use the count in evaluating the evidence. Link\HH Co.doc Issues regarding missing documents/attributes The absence of the attribute for any sample item will be an exception for that attribute, which means, if the document selected for testing cannot be located, the auditors will not be able to apply alternative audit procedures to determine whether the control procedure is applied. Auditing part II For class of 2018 43 3. Population- The auditor must ensure that the population that he/she selected has attributes consistent with the assertions he/she wishes to test. In some cases, it may be necessary to define separate populations for different audit procedures.
Auditing part II For class of 2018 44
Factors considered in defining population: 1. The timing of the audit work 2. Physical Representation (Physical proximity and Physical characteristics) of the population The timing of the audit work Ideally, tests of control audit procedure should be applied to transactions executed throughout the period under audit because auditors want to reach a conclusion about control risk during the entire period.
Auditing part II For class of 2018 45
Sometimes auditors perform tests of control procedures at interim period (some weeks/months before the end of the client’s year end date); during these times the entire population, eg. recorded sales invoice, will not be available. Auditors can perform the work during the interim period, but they should not ignore the remaining period. Auditing part II For class of 2018 46 2.Physical Representation (Physical proximity and Physical characteristics) of the population Physical representation of the population /sampling frame/ is the auditor’s frame of reference for selecting a sample. Eg. It can be a journal list of recorded sales invoice, a drawer full of invoices, etc The physical representation should be easily to visualizable such as journal listings, and it must be complete, accurately recorded. Auditing part II For class of 2018 47 Activity: What is the auditor’s concern when documentation defined as the intended population is kept in a remote off-site location? What if the identified population exists in the form of data stored in machine-readable form only? The auditor must ensure that a sample can actually be drawn from the population and that the chosen population must have physical characteristics that allow an auditor to sample from it. Auditing part II For class of 2018 48 In general, the auditor should select sample From the entire population; The auditor should test the population for completeness and detail tie-in before a sample is selected For example, when performing tests of controls and substantive tests of sales transactions, if auditors samples from only one month’s transactions, it is invalid to draw conclusions about the invoices for the entire year. Auditing part II For class of 2018 49 4. Tolerable Exception Rate (TER)- Tolerable exception/deviation rate represents the maximum population rate of deviations from a prescribed control procedure that the auditor will tolerate without modifying the planned reliance on internal control assessment of control risk OR It represents the highest exception rate the auditor will permit Auditing part II For class of 2018 50 Establishing the tolerable exception rate (TER) for each attribute requires an auditor’s professional judgment. Eg. assume that the auditor decides that TER for attribute 8 “Credit sales Approved” is 9%. That means that the auditor has decided that even if 9% of the duplicate sales invoices are not approved for credit, the credit approval control is still effective in terms of the assessed control risk included in the audit plan.
Auditing part II For class of 2018 51
Auditors should ask questions such as what rate of deviation in the population signals control risk of 10%? 20%/ 30%? etc up to 100%? Eg $90,000 of sales invoices could be exposed to control deviations without causing a minimum material misstatement in the sales and accounts receivable balance. If total gross sales is $9,000,000, the judgment implies a tolerable exception/deviation rate of $90,000/9,000,000 = 1%
Auditing part II For class of 2018 52
Impact of TER on sample size (how the two relate?) Low tolerable rate requires higher accuracy so relatively larger sample size is needed; when the tolerable rate is larger (relaxed) relatively smaller sample size can satisfy the requirement Thus, The tolerable exception/deviation rate (TER) is inversely related to sample size. Auditing part II For class of 2018 53 Eg. Auditor A wants to assess control risk at 10%, with tolerable rate 1% Auditor B wants to assess control risk at 40%, with tolerable rate 6% Who is required to use larger sample, A or B? The suitable TER is a question of materiality Eg. Lower TER is used for significant account balances
Auditing part II For class of 2018 54
5. Estimated population exception rate (EPER) EPER is an estimate of the ratio of the number of expected deviations to population size. Auditors should make an advance estimate of the population exception rate to plan the appropriate sample size. What information can help auditors to estimate EPER?
Auditing part II For class of 2018 55
The following will help the auditor to obtain information helpful to determine EPER Information about client’s personnel, working condition, and the general control environment collected from sources such as last year audit experience with the client, and information from the predecessor auditor will help auditors to know or suspect some control performance conditions Auditing part II For class of 2018 56 Auditors usually use the preceding year’s audit results to estimate EPER. If they are not reliable, the auditor can take a small preliminary sample of the current year’s population for this purpose. What does EPER imply? Eg. Zero % EPER (no expected deviation means no need to take larger sample since the control is effective) Auditing part II For class of 2018 57 IF EPER is larger than TER, (If auditors have reason to expect more deviation than they could tolerate), there would be no reason to perform any test of controls audit procedure. Thus, the expected rate must be less than the tolerable rate. The closer the EPER is to the TER, the larger will be the sample that is needed to reach a conclusion that deviations do not exceed the tolerable size. Thus sample size varies directly with the expected deviation rate
Auditing part II For class of 2018 58
6. Sample Exception Rate (SER)- Sample Exception Rate (SER) is actual sample deviations ÷ sample size. The following table shows how tests of controls are documented and SER is computed. (Note: 7 attributes are tested, x represents deviation; sample size is not uniform, it varies) Link\HH Co.doc Auditing part II For class of 2018 59 Two possible results that auditors may obtain: The SER, which is the actual deviation rate is equal to or less than the EPER The SER, which is the actual deviation rate is more than the expected rate Interpretations: The above two conditions are interpreted as follows: (1) If SER is equal to or less than the expected rate It shows the sample results supports auditors’ preliminary assessed control risk and their planned reliance on control. Auditors are likely to conclude that the risk of reliance on client’s control system is acceptable (the true population deviation rate doesn’t exceed the tolerable rate, so it is acceptable).
Auditing part II For class of 2018 60
(2) If SER is greater than the expected rate auditors usually conclude that the sample results do not support the preliminary assessed control risk i.e, auditors are likely to conclude that there is an unacceptably high risk that the true deviation rate in the population exceeds TER.
Auditing part II For class of 2018 61
7. Acceptable Risk of Assessing Control Risk too low (ARACR)- Whenever auditors use sample to measure deviations, the sample results may not exactly represent the deviation in the population. As a result auditors may wrongly conclude that the control system is effective (over reliance on control system), and wrongly accept a misstated balance (risk of incorrect acceptance). Unless 100 percent of the population is tested, sampling risk cannot be avoided in both non-statistical and statistical sampling. For audit sampling in tests of controls and substantive tests of transactions, that risk is called the acceptable risk of assessing control risk too low (ARACR). Auditing part II For class of 2018 62 ARACR represents the auditor’s measure of sampling risk in tests of controls and substantive tests of transactions; it represents auditor’s risk of incorrectly accepting the control as effective. Two aspects of sampling risk in tests of control 1. The risk of under reliance on internal control: This is a possibility that sample results will lead the auditor to inefficient audit 2. The risk of over reliance on internal control: This is a possibility that sample results will lead the auditor to ineffective audit Though both are risks, auditors are more concerned about the risk that lead them to ineffective audit ARACR measures this risk (overreliance risk) Auditing part II For class of 2018 63 How do auditors state ARACR? In non- statistical sampling, auditors commonly use qualitative expressions such as ARACR of high, medium, or low instead of a percentage. In statistical sampling, auditors use a percent, such as 5% or 10%.
Auditing part II For class of 2018 64
What does low/high ARACR imply? A low ARACR implies that the tests of controls have important implication on the financial statement, so higher accuracy is needed. (low error is allowed) The ARACR of high means that the tests of controls are not that much important (have less impact on the fairness of the financial statement) the auditor is willing to take a fairly substantial risk of concluding that the control is effective after all testing is completed, even when it is ineffective. (larger error can be tolerated) Auditing part II For class of 2018 65 How do auditors choose appropriate ARACR for each attribute? In choosing the appropriate ARACR for each attribute, auditors must use their best judgment. The auditor can establish different TER and ARACR levels for different attributes of an audit test, depending on the importance of the attribute and related control. Auditing part II For class of 2018 66 For example, auditors commonly use higher TER and ARACR levels for tests of credit approval than for tests of the occurrence of duplicate sales invoices and bills of lading. This makes sense because the exceptions for the latter are likely to have a more direct impact on the correctness of the financial statements than the former. Eg which of the following attributes/conditions have more important implication on the fairness of financial statement? A. Sales invoice is not approved but the amount is correctly stated B. Sales invoice is approved but the amount is materially misstated ARACR can be higher/relaxed for A; but should be lower for B, because of its significance for the fairness of the F/S. (B needs higher accuracy )
Auditing part II For class of 2018 67
How does ARACR relate to internal control? When client’s internal control is effective, assessed control risk is low, sampling error (ARACR) is assumed to be low and substantive tests of details of balances will also reduce. Low ARACR can be related to low assessed control risk When client’s internal control is not effective, assessed control risk is high, sampling error (ARACR) is assumed to be higher and substantive tests of details of balances will also increase. Thus higher ARACR can also be related to high assessed control risk Auditing part II For class of 2018 68 Generally, for audits where there is extensive reliance on internal control, control risk will be assessed at low and therefore ARACR will also be as low. Conversely, if the auditor plans to rely on internal controls only to a limited extent, control risk will be assessed as high and so will ARACR.
Auditing part II For class of 2018 69
Eg. Assume that TER is 6%, ARACR is high, and the true population exception rate is 8%. The control in this case is not acceptable because the true exception rate of 8 % exceeds TER. If the control were said to be effective in this case, the auditor would have over relied on the system of internal control (used a lower assessed control risk than was justified). Auditing part II For class of 2018 70 How does ARACR relates to sample size? Low ARACR relates to higher accuracy so larger sample size is needed. Like for TER, there is an inverse relationship between ARACR and planned sample size. If the auditor reduces ARACR from high to low, planned sample size must be increased. ARACR represents the auditor’s risk of incorrectly accepting the control as effective, and a larger sample size is required to lower this risk. Link\Factors affecting ARACR.doc
Auditing part II For class of 2018 71
8. Sensitivity of Sample Size to a Change in the Factors The difference between two factors, ie. TER minus EPER affects sample size TER minus EPER is the precision of the initial sample estimate. A smaller precision, which is called a more precise estimate, requires a larger sample. Assume TER is 4% and EPER is 3%. In this case, precision is 1%, higher accuracy is needed, which will result in a large sample size. Assume TER is 8% and EPER is zero. In this case, precision is 8%, so the sample size can be small and still give the auditor confidence that the actual exception rate is less than 8%.
Auditing part II For class of 2018 72
Different sample sizes can be used to test different attributes. For those attributes, the difference between TER and EPER is smallest, a larger sample size is required. Although the difference between TER and EPER (the precision) is the same for two attributes, the sample size may be lower for the attribute for which the estimated population exception rate is zero. Auditing part II For class of 2018 73 9. Attribute sampling: Attribute sampling is another name for tests of control audit sampling that uses statistical measures. Attribute sampling is a statistical audit sampling applied to attributes to look for the presence or absence of a control deviation. Attribute sampling enable auditors to estimate the frequency with which specified characteristics occur within a population. For example, for questions like ‘is sales invoice approved?’, the yes or no answers will be counted and used for evaluation. Attribute sampling does not provide dollar value information, ie it doesn’t indicate the dollar amount of the deviations; it provides information such as failures to comply with certain procedure.
Auditing part II For class of 2018 74
10. Computed Upper Exception Rate (CUER) for a given ARACR. This is used with statistical/attribute sampling in tests of controls. The Computed Upper Exception Rate (CUER) is a statistical calculation that is used to estimate the population deviation rate. The sample deviation rate (actual sample deviations ÷ sample size) may be lower or higher than the actual population deviation rate. Because auditors are mainly concerned with the risk of assessing CR too low, the higher/upper limit is calculated to estimate how high the estimated population deviation rate might be. CUER is used to evaluate the results of the test in a statistical context; table 15-9 is used. Table 15-9 computes the Computed Upper Exception Rate (CUER) or upper deviation or error limit for a given ARACR, sample size, and number of deviations found in tests of controls.
Auditing part II For class of 2018 75
The following steps are involved to evaluate the acceptability of the population/the control risk assessment: Locate CUER from table 15-9, for the given ARACR, TER, EPER, sample size and deviation in the sample. Compare CUER with TER If CUER is less than or equal to TER, the population (the Control risk assessment) is considered acceptable. The auditor will conclude that the results of the test supports the preliminary control risk assessment. If CUER is greater than TER, the auditor could decide to increase the sample size and do more testing to see if the deviations persist, or the auditor would conclude that the test does not support the preliminary control risk assessment, and therefore would reassess control risk as high or very high and design substantive audit procedures accordingly.
Auditing part II For class of 2018 76
14 steps in applying non statistical and statistical or attribute sampling to tests of controlLink\14 steps in applications non statistical and statistical or attribute sampling to tests of control.doc