AUD CH 5 - Audit Sampling Flashcards
Auditing Sampling
examination of LESS THAN 100% of a population & using the results as a basis for drawing a GENERAL (not definitive) conclusion on the entire population (auditor is limited by time — reasonable assurance)
Non-sampling risk
human error
- wrong test
- do not perform tests correctly
Sampling Risk
risk of drawing the wrong conclusion (i.e. risk of projecting a bad sample that does not represent population)
- 2 types of Sampling risk: Efficiency Error & Less Effective
What are the 2 types of Sampling Risk?
Type I – Efficiency Error: population is OK but sample indicates NOT to rely on I/C (incorrectly reject)
Type II – Less Effective: population is BAD but sample indicates to rely on I/C (incorrectly accept)
Explain the effects of Type I (Sampling Risk)
Type I – Efficiency Error (“too conservative”)
Sample indicates NOT to rely on I/C when population is actually OK
- Under-Rely on I/C (too little), Assess RMM too HIGH, DR too LOW, Sub. Testing too HIGH
Therefore, inefficient (incorrectly reject) but still arrive at a valid opinion
Explain the effects of Type II (Sampling Risk)
Type II – Less Effective (“over-aggressive”, wrong answer)
Sample indicates to RELY on I/C when population is actually BAD
- Over-Rely on I/C (too much), Assess RMM too LOW, DR too HIGH, Sub. Testing too LOW
Therefore, less effective, incorrectly accept, & arrive at the wrong opinion
When is sampling used?
- Test of Controls – to determine the operating effectiveness of controls Auditor’s plan to rely on (doesn’t deviate more than tolerable rate)
- Test of Details (sub. procedures) – obtain S.A audit evidence to support management’s assertions
*not during planning phase
If the sample is BAD, and the population is GOOD, what is the sampling risk?
TYPE I – Efficiency Error (UNDER-RELY I/C, RMM TOO HIGH)
If the sample is GOOD & the population is BAD, what is the sampling risk?
TYPE II – Less Effective (OVER-RELY I/C, RMM TOO LOW) —- Wrong Conclusion
When will the auditor want to rely on the control
True Deviation Rate (actual) < Tolerable Deviation Rate
(RMM reduced, DR increased, SUB reduced)
True Deviation Rate (actual) < Tolerable Deviation Rate
Auditor will want to RELY on I/C
(RMM reduced, DR increased, SUB reduced)
When will the auditor NOT want to rely on the control
True Deviation Rate (actual) > Tolerable Deviation Rate
(RMM increased, DR reduced, SUB increased)
True Deviation Rate (actual) > Tolerable Deviation Rate
Auditor will NOT want to rely on the control
(RMM increased, DR reduced, SUB increased)
Which sampling technique is usually applied to test of controls?
Attribute Sampling
What are the 2 risks associated with attribute sampling?
- Risk of Assessing RMM too low (ineffective)
– Sample Deviation Rate < Tolerable Rate…. (Population True Dev > Tolerable) (over-rely on I/C)
- Risk of Assessing RMM too high (Inefficient)
– Sample Deviation Rate > Tolerable Rate.. (under-rely on I/C)… (Population True Dev < Tolerable)
Which sampling technique is usually applied to substantive test of details?
Variable Estimation Sampling
What are the 2 risks risks associated with variable sampling?
- Risk of Incorrect Acceptance (Ineffective):
– Estimated Amount (Sample) is close enough to recorded amount so, the Auditor concludes “materially correct”. Amount is actually materially misstated (therefore, inappropriate conclusion)
- Risk of Incorrect Rejection (Inefficient):
– Sample Amount is different enough from recorded amount . Auditor concludes “materially misstated”, when population is actually “materially correct”, but auditor does unnecessary amount of additional sub. Testing to arrive at the same conclusion
Statistical Sampling
use of quantitative measures of the risk the auditor is taking in the use of sampling (formulas)
- auditor will still have to use judgement to det. Acceptable risk level
Non-statistical Sampling
Judgmental Sampling
- using audit judgement to decided comfort level that conclusions are correct (usually overestimate required sample size)
- effective, but not as efficient using statistical techniques to determine a sufficient sample size
Judgmental Sampling
Non-statistical sampling
Incorrect Acceptance
ineffective Audit with inappropriate conclusion
Incorrect Rejection
inefficient audit with correct conclusion
Assess RMM too LOW
ineffective Audit with inappropriate conclusion
Assess RMM too HIGH
inefficient audit with correct conclusion
In regards to audit sampling, what will auditor often allow when the costs of additional testing is low?
Higher risks of Assessing RMM too HIGH & Incorrect Rejection
***aka higher risks of inefficiency (more sub. testing)
What are the effects on sample size (attribute sampling)?
- Tolerable Rate
- Expected Rate
- Acceptable Risk
- Tolerable Rate – Inverse Effect
- Expected Rate – Direct Effect
- Acceptable Risk – Inverse Effect
What are the types of attribute sampling?
- Fixed Sample-Size Attribute Sampling
- Stop-or-Go Sampling (Sequential Sampling)
- Discover Sampling
Fixed Sample-Size Attribute Sampling
used to estimate the rate of deviations in the populations
Stop or Go Sampling (Sequential Sampling)
type of attribute sampling
- allows the auditor to stop when sufficient data is gather
- appropriate when the expected deviation rate is low
- may provide the most efficient sample size in an attribute sampling plan (each step relies on the previous step - “sequential”)
- auditor may stop sampling if no deviations are found
Discovery sampling
type of attribute sampling
- used when expected deviation rate is very low, near zero
- sample size is usually large enough to find at least one deviation (if it exists)
- if population error rate > the tolerable rate… designed to measure the probability of at least one error occurring in a sample
Attribute Sampling
examining sample of items from a population to determine what percentage of them contain a specific characteristic (deviation “attribute” - test of controls)
*cannot be used to verify a qty or dollar amount
What shouldn’t an Auditor use attribute sampling?
to verify a quantity or dollar amount (substantive testing)
Which part of testing shouldn’t sampling be used for?
Risk assessment procedures to understand I/C – AIIO
(Step 3 in Audit Process)
Which test of controls should sampling normally not apply to?
*not normally for inquiry or observation (RIIO)
- Tests of automated application
- Analyses of controls for determining appropriate Seg. Of Duties
- Other analyses that do not examine documentary evidence of performance
- Tests of certain documented controls
- Analyses of effectiveness of security and access controls
- Tests directed toward obtaining audit evidence about the operation of the control environment or accounting system
What is the Auditor look for in attribute sampling?
Deviations from the proper application of the I/C activity being tested (“Failures” of demonstration or to provide documents)
What is considered a deviation in attribute sampling?
- failure to provide the document the auditor wishes to examine (might not be a true violation of control, just a misplacement but still a “deviation”)
Or
- document fails to demonstrate proper application of controls being tested
Which issues should an Auditor consider for each deviation that is identified?
- Qualitative & Quantitative issues
What should an Auditor consider if fraud is discovered while testing controls?
if fraud is discovered, consider broader implications of the impact on operations & fin. information as a whole(not only specific control being tested)
What is the relationship between deviations and misstatements?
- deviations do not mean there is misstatements
- therefore, there are usually more deviations than misstatements
Which test of controls should sampling normally apply to?
tests involving Re-performance or Inspection (RIIO)
- There is an identifiable population of documents or records which the auditor can select a sample
TEA
Auditor using attribute sampling will consider 3 different key factors to determine sample size
T – Tolerable Deviation Rate (inverse)
E – Expected Deviation Rate (direct) – [aka: “deviation rate”]
A – Allowable Risk of Assessing RMM too LOW (inverse)
Define Tolerable Deviation Rate & its effect on Sample Size
the percentage of time a control can be violated but still lead the auditor to believe its operating effectively
- inverse effect on sample size (high acceptable T rate, then a smaller sample will satisfy a true deviation rate)
What is tolerable rate based on?
Auditor’s judgement of:
- The importance of the control being tested
&
- The impact each deviation could have on the accuracy of the F/S assertions
Define Expected Deviation Rate & its effect on Sample Size
the percentage of time the auditor expects the control to have been violated (aka “expected population deviation rate”)
- based on Auditor’s prior experience & knowledge
- Direct effect on sample size: closer EDR gets to tolerable rate, the larger the sample size the auditor will need to be satisfied
Define Allowable risk for assessing RMM too LOW & its effect on sample size
risk of drawing the wrong conclusion — because sample inaccurately represents population (over-reliance on I/C)
- Inverse effect on sample size: if auditor is willing to accept a high Risk of Over-relying, they can reduce the sample size
Does an auditor need to know the size of the population when determining sample size?
No. the auditor does NOT need to know the population size to determine an adequate sample size
What is the purpose for an “allowance for sampling risk”?
Aka: Precision Risk or Margin of sampling error (focus only “plus” for allowance) or
- the fact that the sample results (“expected deviation rate”) are not precise requires the addition of an allowance for sampling risk to the sample results
*always provided in CPA exam problems
What are the steps to evaluate the results of a Sample
- Sample Deviation rate: (# of Deviations Found / Sample Size)
- Allowance for Sampling Risk (based solely on the sample size)
- Maximum Deviation Rate (Upper Precision Limit): (Step 1 + Step 2)
- Compare: Maximum Deviation Rate to Tolerable Deviation Rate
- If MDR > TDR, modify reliance because control appears to be operating ineffectively (Rely decreases, CR increases)
- If MDR < TDR, accept results (maintain increased Reliance & decreased CR)
Sample Deviations Rate (formula)
Number of Deviations Found / Sample Size
Maximum Deviation Rate (formula)
Sample Deviation Rate + Allowance for Sampling Risk
*aka: Upper Precision Limit
What is the overall picture for attribute sampling?
looking for whether:
- we can rely on the control
Or
- Are there too many deviations
Upper Precision Limit (formula)
Sample Deviation Rate + Allowance for Sampling Risk
*aka: Maximum Deviation Rate
Precision
Allowance for Sample Risk
- margin of sampling risk (focus on plus only)
- lower precision allowance, need a larger sample size
What is the relationship between confidence level (reliability) & sample size?
Direct relationship
Confidence level (reliability) increases with increases in sample size
What is the relationship between precision (accuracy) & sample size?
Direct Relationship
- accuracy increases with increases in sample size
Steps to develop an Attribute Sampling Plan
- Determine Audit Objective (control being tested?)
- Determine the Tolerable Rate
- Determine Reliability (confidence level)
- Determine the Expected Population Deviation Rate (aka Expected Deviation Rate)
- Determine Method for selecting the sample (random, systematic, block/cluster)
- Calculate Sample Size (Based on TEA)
- Select & Test the Sample
- Calculate Sample Deviation Rate (# of Dev’s / S.S.)
- COMPARE Upper Precision Limit & Tolerable Rate
- Reach conclusions & Document Results
Define Level of confidence (reliability) in regards to Attribute Sampling
- probability the sample will draw the correct conclusion (& represents the degree of sampling risk the auditor is willing to accept)
- i.e. 98% reliability indicates the auditor is willing to accept the risk that there is a 2% risk of drawing an incorrect conclusion based on the sample
What is the connection between reliability/confidence level & an ineffective audit in regards to attribute sampling?
If there is a X% risk of incorrect acceptance, then there is a (1-X%) level of confidence of correct acceptance (vice-versa)
Sample Size (formula)
(Std. Deviation x Reliability Factor x BV Population) / Precision
* for SS to increase: numerator increases OR denominator decrease
What is important when working with a ratio in exam problems?
Manipulation
To increase a Ratio:
Numerator factors increase OR Denominator factors decrease
(opposite for decreasing a ratio)
What are Sampling Methodologies?
methods for selecting a sample. All items should have an equal opportunity to be selected
Random Sampling:
- Random-Number Sampling (simple R.S.)
- Systematic Sampling (systematic RS)
- Haphazard Sampling (systematic RS)
- Block Sampling (or Cluster Sampling) (systematic RS)
Random Number Sampling
Method for selecting a sample in which numbered documents or transactions are selected through the **use of random number tables or computer software**
Systemic Sampling
Method for selecting a sample in which every “Nth” item is selected from a randomly-distributed population from a randomly-selected starting point
Haphazard Sampling
Method for selecting a sample in which each unit is selected without any conscious bias from a randomly distributed of the population
Block Sampling (Or Cluster Sampling)
method for selecting a sample in which a sample consists of grouped/adjacent/contiguous units (i.e. selecting 3 blocks of 10 invoice each)
* least desirable method because samples selected may not be representative
Which sample methodology is least desirable (or most likely to not be used)?
Block /Cluster Sampling
Highest possibility of samples selected not being representative of the population
Variable Sampling
sampling to estimate the numerical value of the $$ account balance (focusing on misstatements, not deviations)
When is stratified sampling appropriate?
Variable Sampling or PPS Sampling
- when the dollar values on the various documents are WIDELY different from each other. Otherwise, a $5 invoice would have the same chance to be selected as a $20,000 invoice.
How is stratified sampling performed?
- dividing the documents into different groups quantitatively or qualitatively (larger sample sizes for the more important larger documents)
- sample is drawn from each group resulting in a smaller total sample size
* usually more efficient
What are the effects on sample size (variable sampling)?
- Tolerable Misstatement
- Expected Misstatement
- Allowable Risk of Incorrect Acceptance (RMM too Low)
**4. Standard Deviation
TEAS (IDID)
- Tolerable Misstatement – Inverse
- Expected Misstatement - Direct
- Allowable Risk – Inverse
**4. Standard Deviation – Direct
What is the relationship between Tolerable Misstatement & F/S Materiality?
Tolerable Misstatement < F/S Materiality
* on all audit tests combined & generally for any specific audit procedure (variable sampling)
Expected Misstatement
Amount by which the auditor expects the account to be misstated (variable sampling)
*based on previous audits & info. Gathered while obtaining an understanding of I/C
What is allowable risk of incorrect acceptance based on (variable sampling)?
- Auditor’s overall willingness to accept Audit Risk
&
- Assessed level of RMM (when RMM is TOO LOW, acceptable DR is greater)
Standard Deviation (Variable Sampling)
variability of the dollar values of the individual items in the population
- usually based on previous audits or a tiny sample of the items in the current population
What is the difference between TEA & TEAS?
TEA – Attribute Sampling (Percentages)
TEAS – Variable Sampling (TEA + S.d. In Amounts)
Mean-Per-Unit Estimation
- type of classical variable sampling (MPU x Total Units)
($ average dollar value in the sample) x (# of Items in the Population)
Difference Estimation
type of classical variable sampling
($ Avg of Excess x Total Pop Units) +/- Total Account Book Balance
Ratio Estimation
type of classical variable sampling (Avg Ratio) X (Total Balance)
(Audited Amount / Book Amount) x (Total Account Book Balance)
What increases “likely misstatements”?
Use of Estimates
Define Misstatement (defined by AICPA)
- Difference reported between F/S & GAAP (includes amount, classification, & presentation at the element, account, or item level)
- Omission of F/S element, account, or item
- Disclosure not presented in accordance with GAAP
- Omission of information required to be disclosed in accordance with GAAP
How can misstatements be evaluated qualitatively?
- affect profitability trends
- change losses into income
- affect segment information
- affect compliance with legal & contractual requirements
Probability Proportional to size (PPS)
form of variable sampling in which the sampling unit is each dollar in a population (as opposed to each document as unit)
Aka: DUS (Dollar-Unit Sampling) or CMA (Cumulative Monetary Amount Sampling)
CMA
Cumulative Monetary Amount Sampling
AKA PPS (Probability Proportional to Size)
Under PPS, what is the sample size equivalent to?
Approx. ($ Total Population Amount in Dollars / Sampling Interval)
Under PPS, how many documents are examined?
One document for each sampling interval
“pick one document every $XXX”
Sampling Interval (formula)
Tolerable Misstatement / Reliability Factor
Or
Population Amount / Sample Size
Tainting Factor (formula)
Misstatement / Book Amount
Misstatement (formula)
Book Amount – Audited Amount
Projected Misstatement (aka Projected Error)
[Formula & Evaluation]
1A. If SI > Book Amount
PM = (Misstatement / Book Amt)** x (SI)
1B. If SI < Book Amount
PM = Misstatement
- Total all PM’s vs. Tolerable Misstatement (if PM
** (Misstatement / Book Amount) = Tainting Factor
What are the advantages of PPS over classical variable sampling?
- automatically stratifies the population (greater chance of larger accounts selected & individual accounts always > SI)
- Standard deviation not needed
- Smaller sample usually results if few errors expected
- Sample can be designed more easily
- Sample selection can begin without having entire population available
When is standard deviation not necessary?
When using PPS sampling
What are the disadvantages of PPS over classical variable sampling?
- not useful in detecting UNDERSTATED accounts (smaller accounts have lesser chance of selection)
- Zero or Negative Balances require special handling (never selected under PPS)
- Large Sample results if many errors expected (less efficient)
- Identified understatements require special considerations
- Large understatements may lead to invalid projections/conclusions
When is PPS sampling best in regards to populations?
when the population are NOT expected to contain a large number of misstatements
*PPS sampling is more conservative than Variable Sampling
*PPS is more likely to reject an account balance
Which tests is PPS more useful for?
- Confirming AR or Loans Receivable (except when there is a large number of unapplied credits)
- Tests of pricing of investments securities or inventory
- Tests of fixed-assets additions where existence is the primary risk
Which tests is PPS NOT appropriate for?
* when there is a significant number of misstatements
- converting inventory from FIFO to LIFO
- Populations without individual recorded amounts
- Any application in which the primary objective is to ESTIMATE an amount
