Attribute Sampling: Module E

Definitions and Key Concepts

  • Audit Sampling: The selection and evaluation of less than 100 percent of the items in a population of audit relevance selected in such a way that the auditor expects the sample to be representative of the population and thus likely to provide a reasonable basis for conclusions about the population.

  • Sampling Risk: The possibility the sample drawn is not representative of the population. There are two types:

  • Risk of Incorrect Rejection (Type 1 Error): in a test of internal controls, it is the risk that the sample supports a conclusion that the control is not operating effectively when, in fact, it is operating effectively.

    In substantive testing, it is the risk that the sample indicates that the recorded balance is materially misstated when, in fact, it is not.

  • Risk of Incorrect Acceptance (Type 2 Error): in a test of internal controls, it is the risk that the sample supports a conclusion that the control is operating effectively when, in fact, it is not operating effectively.

    In substantive testing, it is the risk that the sample supports the recorded balance when it is, in fact, materially misstated.

The Three Important Factors in Determining Sample Size

1. Sampling Risk (risk of overreliance)

2. Tolerable rate of deviation (or tolerable error)

3. Expected population deviation rate (or historical defect rate)

1. Confidence Level (Reliability)

Relationship between the (acceptable) sampling risk and the confidence we draw from the test

1 - Sampling Risk = Confidence Level

Precision Interval (Confidence Interval): a range around the sample estimate that has a certain likelihood (equal to reliability) of including the true population value

Low = Sample Estimate - Confidence; High = Sample Estimate + Confidence

In Class Practice Questions:

For which of the following audit tests would an auditor most likely use attributes sampling?

(A) Making an independent estimate of the amount of a LIFO inventory. <- Substantive T.

(B)Examining invoices in support of the valuation of fixed asset additions. <- Substantive T.

(C) Selecting accounts receivable for confirmation of account balances. <- Substantive T.

(D) Inspecting employee time cards for proper approval by supervisors. (Correct)

Attribute Sampling (Controls Testing)

  • Attribute Sampling: used to estimate the proportion of a population that possesses a specific characteristic. The most common use of attribute sampling is for tests of controls. (Ex. the entity’s controls require that all checks have two independent signatures)

  • Planning

1. Determine the test objectives

The objective of attribute sampling when used for tests of controls is to evaluate the operating effectiveness of the internal control.

Ex. Assuming a sales invoice should not be prepared unless there is a related shipping document. (Assertion = Occurrence)

2. Define the population characteristics

Sampling Population: all of the items that constitute the class of transactions make up the sampling population (ex. All sales invoices)

Sampling Unit: each sampling unit makes up one item in the population. The sampling unit should be defined in relation to the specific control being tested. (ex. Sales invoice)

Control Deviation Conditions: departures from adequate performance of internal control. (ex. If the shipping doc is not present and it cannot be explained, a control deviation exists)

3. Determine the sample size, using the following inputs:

The Desired Confidence Level: the desired level of assurance that the sample results will support a conclusion that the control is functioning effectively. The confidence level is generally set at 90% or 95%. This means the auditor is willing to accept a 10% or 5% risk of accepting the control as effective when it is not.

Direct relationship to sample size

The Tolerable Deviation Rate: the maximum deviation rate from a prescribed control that the auditor is willing to accept and still consider the control effective.

Inverse relationship to sample size

The Expected Population Deviation: the rate the auditor expects to exist in the population. The larger the expected population deviation rate, the larger the sample size must be, all else equal.

Direct relationship to sample size

*Population size has little or no effect on the sample size, unless the population is small, less than 500 items, then it decreases sample size!

  • Performing

4. Select the sample items

Random number selection: Every item in the population has the same probability of being selected as every other sampling unit in the population.

Systematic Selection: The auditor determines the sampling interval by dividing the population by the sample size. A starting number is randomly selected in the first interval and every nth item is selected thereafter.

5. Perform the auditing procedures:

Voided documents & Unused/Inapplicable documents: Unless the auditor finds something unusual about either of these items, they should be replaced with a new sample item.

Inability to examine a sample item or to use an alternative procedure to test the control: the sample item is a deviation

Stopping the test before completion: If a large number of deviations are detected early in the tests of controls, the auditor should consider stopping the test, as soon as it is clear that the results of the test will not support the planned assessed level of control risk.

6. Calculate the sample deviation and upper deviation rates

Sample Deviation Rate = # of deviations / sample size

Upper Deviation Rate = Sample Dev Rate + Allowance for Sampling Risk (precision)

7. Draw Final Conclusions

If Upper Dev Rate > Tolerable Dev Rate = Fail

It should be within the tolerable range to pass