The standard audit report describes auditor’s duties as planning and performing the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement. It also states that an audit includes, examining on a test basis, evidence supporting the amounts and disclosures in the financial statements. Also, the last sentence in scope paragraph states that “We believe that our audit provides a reasonable basis for out opinion.
Furthermore, the last paragraph of the auditor’s report states, “in our opinion,”. One of the reasons why the auditors do not use the words “we certify” is that reliance is placed on sampling procedures.
It is implied from above that 100% examination is not mandatory. The auditor may form his conclusions on the basis of tests performed on a sample of population. The sampling is therefore, an acceptable procedure.
However, even if 100% transactions are checked, the cost will be exorbitant and considering cost-benefit relationships, it would be a totally inappropriate approach.
Furthermore, if the objective is to verify completeness assertion of say accounts payable, even 100% verification may not give assurance that there are no unrecorded liabilities.
In practical auditing, therefore, sampling is not only an acceptable procedure, but in certain cases there is no choice except to perform test on less than 100% population.
2. WHAT SAMPLING IS NON
Examples of procedures which do not constitute sampling.
a) Verification of 100% inventories pricing.
b) Selections of all accounts over Rupees x for confirmation.
c) Walk through test.
e) Scrutiny of accounts payable ledger for investigating debit balances.
f) Inquiry from client’s staff to seek certain information discussed.
g) Obtaining management representations
3. DEVIATION I MISSTATEMENT
In the context of tests of controls deviation means departure from prescribed controls e.g., a departure from control procedures established to ensure validity and authorization, completeness and accuracy, safeguarding and subsequent accountability.
Company policy provides that supplier’s invoice will be paid only after it is matched with goods receiving note. The auditor found that out of 35 invoices tested goods receiving notes were not available in two cases. Payment to supplier without matching invoice with goods receiving note will constitute a departure.
Supporting documents to verify payment of an expense are not available. This item should be counted as misstatement.
Legitimately voided or unused sales invoice is not a deviation.
4. ANOMALOUS ERROR
Anomalous error arises from an isolated event and therefore cannot be considered as representative of similar errors in the population.
Error in computing depreciation at year end, relating to a particular asset.
Population refers to all items within a class of transactions or within an account balance. For example purchases for a specified period or all customers balances.
6. SAMPLING RISK
Sampling risk refers to the possibility that the sample which has been properly selected, may not be, by chance, representative of population. That is, the risk that sampling error will cause auditors to reach a different conclusion than they would have reached by examining entire population is referred to as sampling risk. That is, if 100% population is verified, the sampling risk will be zero (although non-sampling risks will still exist).
Two types of sample risks are:
a) Risk of assessing control risk too low and the risk that the sample supports the conclusion that the recorded account balance is not materially misstated when it is materially misstated. Erroneous conclusion as regards above risks may cause inability to detect material misstatement.
b) Risk of assessing control risk too high, and the risk that the sample supports the conclusion that the recorded account balance is materially misstated when in fact it is not misstated. Erroneous conclusion as regards above will result in an inefficient audit. However the audit will not be ineffective.
7. NON SAMPLING RISK
Non sampling risk can be described as all risks other than the sampling risk.
In earlier chapter we discussed following audit risk model
AR = IR x CR x DR
Detection risk has two components, sampling risk and non sampling risk
Non sampling risk may arise due to following reasons:
a) The auditor’s evaluation erroneously indicates that an account balance is not susceptible of material error while in fact it may be. Consequently the detection risk and audit risk will not be appropriately determined.
b) The auditor incorrectly assessed that the design and operation of control is.effective to prevent and detect misstatements.
c) Inappropriate procedures adopted by auditor.
In order to verify completeness assertion of sales, the auditor compared sales invoices with delivery notes, instead of testing the documents the other way round.
In order to verify valuation assertion of accounts receivable, the auditor relied on confirmation only.
d) Most audit evidence is persuasive rather than conclusive. In many cases it is difficult to obtain conclusive evidence.
8. SAMPLING UNIT
Sampling units may be described as individual items in the population.
Examples of sample units are:
– An account
– A transaction
– Document in support of transaction
STATISTICAL AND NON STATISTICAL SAMPLING
Statistical techniques involve the use of statistical and probability theories to determine sample size and quantitatively evaluate the sample results. The sampling risk can be objectively calculated in terms of percentage and controlled precisely by adjusting sample size.
Non statistical techniques refer to sampling techniques which involve auditor’s judgment in ascertaining (i) sample size (ii) evaluating sample results. It does not require knowledge of statistical methods.
Sampling risk is also considered in non-statistical sampling, however, non-statistical sampling techniques do not quantify sampling risk in determining sample size and evaluating sample results.
The basic difference between statistical and non-statistical sampling is that mathematical evaluation of a statistical sampling includes quantification of sampling risk whereas in non statistical sampling such quantification is not possible.
Generally, in case of tests of controls, non-statistical methods are more efficient than statistical methods. The reason is that in test of controls often the auditor is more interested in ascertaining qualitative aspects of an error and not merely the number of errors. For example errors which have pervasive effect on internal controls or intentional errors are much more serious than errors which do not have pervasive effect or which are unintentional. This exercise can be performed without consuming unnecessary time and effort in using statistical techniques.
Similarities and techniques. differences between statistical and non-statistical
Following are similarities and differences between statistical and non statistical sampling.
Both types of sampling:
a) involve judgment in planning and executing sample plan
b) represent acceptable audit practices
c) are subject to sampling risks
d) require that sample should be representative of population.
a) Statistical techniques involve use of statistical and probability theories to determine sample size and quantitatively evaluate the sample results; non statistical techniques refer to sampling techniques which involve auditor’s judgment in ascertaining (i) sample size (ii) evaluating sample results. It does not require knowledge of statistical methods.
b) Another major difference is that statistical sampling measures the risk as to what extent a sample is not representative of population. In statistical sampling the evaluation of sample results are expressed in a precise manner. For example, “the sample evaluation provides a 95% confidence that the amount of error is not more than Rs. 8,000”. Non statistical sampling techniques do not quantify sampling risk in determining sample size and evaluating sample results.
The choice between statistical and non statistical sampling is based primarily on (a) auditor’s knowledge of statistical techniques and (b) cost vs, benefits relationships (c) whether the auditor requires an estimation of sampling risk. (d) Whether audit evidence is obtained through tests of controls or substantive tests. Generally in tests of controls, non-statistical techniques are more appropriate.
11. STEPS FOR DESIGNING A SAMPLE
a) Define objective
b) Define misstatement and deviation
c) Define population
d) Select sample size
a) Define objective
Sampling may be performed both for tests of controls and substantive tests.
Objective of tests of controls
The objective of tests of controls is to provide evidence that compliance is made of control procedures and the control objectives of validity, completeness and accuracy, safeguarding and subsequent accountability are achieved.
Normally control objectives of safeguarding and subsequent accountability are extremely important in considering reliance on controls but are not usually tested by sampling. Accordingly, tests of controls for separation of duties are generally carried out by inquiry and observation.
Following example demonstrates the relationship between objective of tests of controls and related sample design.
All purchases should be authorized.
Select ———– suppliers invoices and check with purchase orders.
Objectives of substantive tests
A sampling plan applied to substantive tests of details is designed either (a) to estimate an account balance that is not recorded in the accounting records, or (b) test the reasonableness of a recorded amount, i.e., hypothesis testing.
While performing substantive tests the objective is to detect a material misstatement as regards financial statement assertions of existence, ownership occurrence, completeness, valuation, measurement, and presentation and disclosure. However, because of characteristics of errors that can be detected through sampling the more relevant audit
objectives are only about existence, valuation and completeness assertions.
Example of substantive test for accounts receivable existence assertion
Select a sample of X number of customer accounts for direct confirmation
b) Define misstatement and deviation
In the context of tests of controls the error is deemed to occur when there is a departure from control procedures.
As regards tests of controls for purchases and payables, the auditor may efine following conditions as error
i) Goods received but liability is not recorded.
ii) Liability is recorded but goods are not received.
the control objective is to ascertain that a liability is recognized for all goods received, the auditor will compare goods receiving note with suppliers invoices. Where a goods receiving note is available but there no corresponding supplier’s invoice a deviation has occurred.
If the control objective is to look whether creditors can be paid for goods received, the deviation will be missing goods receiving note. In such case the sample design will be structured as follows.
select ———- recorded suppliers’ invoices, compare to goods receiving notes and note cases where goods receiving notes are missing”
It will not be appropriate to design the sample like this:
select ——– recorded suppliers’ invoices and note errors if any.
In this case, it. has not be defined as to what conditions constitute an error.
In tests of controls, it will be difficult for the auditor to ascertain whether or not a deviation has occurred when the compliance of a procedure is not evidenced. For example, in testing the control that bank reconciliation are reviewed independently, it would be necessary that the person reviewing reconciliation should evidence such review by initializing the reconciliation. In case the auditor is advised that the appropriate official reviews the reconciliation but has not initiated, the auditor will have to use his judgment that the item in question is in fact an error.
In the context of sampling for existence assertion of accounts receivable, the auditor may define following conditions as misstatements:
i) Confirmations not received
ii) Amount not agreed by the customer
However, if the auditor has verified subsequent collections he would not treat non-receipt of confirmation as misstatement.
Tests of controls
Obviously, some errors are always expected in the population. Assume that in test of controls, the auditor found 2% deviation last year, the expected deviation rate may be 2% of current year’s population. If the expected deviation rate is in excess of tolerable rate, the auditor will not place reliance on client’s internal controls and resort to select
larger sample size for detailed test because the auditor expects to find more deviations than he is willing to tolerate. If the expected error close to tolerable error, a large sample size for test of controls will be required to conclude that the deviations do not exceed tolerable error. Thus, the sample size would directly vary with expected error.
Where the auditor comes across numerous deviations before completing the tests on the entire sample size and he estimates that it is likely that deviation rate would exceed tolerable rate, he may decide to discontinue the sampling plan and conclude that reliance cannot be placed on controls in designing substantive tests. Expected errors are generally based upon auditor’s experience of last year and general control environment.
Auditor’s preliminary assessment of expected amount of misstatement affect tolerable error. The more the preliminary assessment of misstatement the lower should be the tolerable error, and the larger should be the sample size.
(c) define population
Tests of controls
Population should be appropriate. The appropriateness is judged in the context of the control objective to be tested. For example if the objective is to test effectiveness of completeness objective of sales, the population will be defined as total number of delivery notes issued during the period rather than sales invoices. Population should also be complete. For example selecting two months in a year for testing effectiveness of a control objective is not adequate. The auditor has to consider that the controls operated throughout the year. Likewise, selection of a few branches or departments to test controls may not necessarily be the basis about effectiveness of same control about the remaining branches or departments.
Definition of population should be appropriate in relation to financial statement assertion to be checked. For example, if the objective is to test completeness assertion of accrued expenses, the population will not be e recorded accruals but the cheques issued in a subsequent period.
d) Select sample size
ample size may be selected either judgmentally or using statistical piing
Stratification involves dividing the population into homogeneous groups strata. A stratum has limited variability in the values of the items mprising the group. Population becomes more homogenous when ms of substantially high or low values are divided into sub population.
Sampling is performed separately on each group. Later, the results of each stratum are combined to evaluate the total sample.
When the population is highly variable and has a large variation between the amounts of individual items and the average value, sampling without stratification would require a substantially large sample size. Stratification reduces the variability within a population.
Stratification enables the auditor to relate sample selection to materiality. Often the auditors examine a large percentage of the stratum containing high value items.
The ideal number of strata is ascertained on the basis of pattern of variation in the population values.
Total inventory valuation Rs. 6,880,000 is composed of 1,620 items. Total population may be stratified, according to rupee value as follows.
Thus by selecting 100 items, 75% of inventory cost may be checked.
Stratification is not usually applicable to tests of transaction classes.
13. SAMPLE SIZE, AND SAMPLING RISK
The formula for determining sample size is:
P x RF
n = ———————–
P Value of population
RF Reliability factor
TE Tolerable error
The value of population has a direct impact on sample size
The greater the population value, the larger needs be the sample size.
Reliability factor is ascertained from statistical tables. Statistically, the reliability factors for zero misstatement are:
Assume that the total value of population is Rs. 800,000; reliability factor is 3.0 no errors expected, and the tolerable misstatement is 40,000, the sample size will be:
Rs. 800,000 x 3.0
————————= 60 items
If One is expected, the sample size will be:
Rs. 800,000 x 4.75
———————– = 95 items
.In planning a test of transactions, the formula to determine sample size may be expressed like this:
n = sample size
RF= Reliability factor (Risk of over reliance
TR = Tolerable rate
Assume that the auditor has specified a tolerable rate of 3% a risk of over reliance of 5% and expects to find one deviation, the sample size will be:
n = RF
0.03 = 158 items.
In order to evaluate the sampling risk, the formula for maximum deviation rate may be used:
The auditor performed test of controls on 158 items and found no deviations. The maximum deviation rate that could exist in the population at the specified risk level, can be determined as follows:
It means that there is 5% risk that the true deviation rate could be more than 1.9% and 95% confidence level that it is no greater thaN 1.9%, given a sample of 158 items with no deviations. Since the tolerable rate was specified at 3%, the sample results indicate the planned level of reliance is appropriate.
14. SELECTING THE SAMPLE
Methods often used to select a sample are:
a) Random selection
b) Systematic selection
c) Haphazard selection
d) Block selection
A sample is Treated as random if each unit in the population has an equal ng selected. Auditor’s bias in favor or against certain d make the sample non-representative.
Random number tables contain rows and columns of randomly generated auditor begins at any digit in the table, which is a purely He then proceeds along a column or row selecting digits to identification numbers on sampling units, for example, her numbers. Random numb digits. The a random start. corresponding payment voucher numbers
Random sampling may be used in non-statistical sampling however cannot be used with a non-random sample. Random sampling cannot be used with a non random sample.
Table of Random Digits
Note That Column number arrangement is meaningless and is presented only for case of reference.
Assume that the auditor intends to verify 40 payment vouchers for proper approval validity. Payment voucher number for the year starts from 18100. Last payment voucher number is 30100.
If second item in row 2 and column 3 is taken as random start, the first payment voucher selected will be voucher number 19506. Reading from top to bottom next will be 19322, then 20665 and so on.
They auditor may decide to make a selection right to left instead top to bottom.
Assume that sale invoice number issued during the year range form 0001 to 2150 .The auditor may choose to use only last four digits. In this case assuming the random start is from row 2, column number one, the selection will be be 0807, 0056, 0728,0045,1442,0648 and so on.
In systematic selection the population size and sample size have to be known.
The sampling intervals are computed by dividing the number of items in the population by sample size. For example, if 40 items are selected from a population of 800 items, the auditor will select every 20 item ..
Systematic selection involves selecting items using a constant interval between selections, the first interval having a random start. The interval might be based on certain number of items (for example every 20th voucher number) or on monetary totals (for example every Rs. 1,000.
Every nth voucher number
Population 1750 items
Sample size 35 items
Sampling interval 50
If the first item selected is 45, the second item to be selected will be 95, third item will be 145· and so on.
Value weighted selection
This method is a variation of systematic selection method. Here the population value (instead of units) is divided by the sample size to identify the item to be selected for testing.
Items selected on the basis of monetary totals population:
No of items : 125 Items
Value : Rs. 500,000
Samplesize : 40 items
The sampling interval is computed as follows:
Population value 1sample size
= Rs. 500,000/40 = Rs. 12, 500
The first item to be selected will be on a random basis.
Thus, items numbers 2, 4, 6, 11 and so on will be selected. The limitations of the systematic selection based on monetary values:
a) Items of high monetary values have greater chances to be selected.
b) Where a few items represent substantially high values, the auditor may not be able to select the number of items planned to be tested.
c) All items in excess of the sampling intervals are sure to be selected.
While using systematic selection method, care should be taken to ensure that the same item is not always selected. For example, the selection of every 20th” product item in a series of sales invoices which comprises 5 products A, B, C, D, and E will result in the same product being selected every time.
Such a selection refers to any non-systematic way of selecting sample unit.
It Involes for example, just closing the eyes and pick up number of documents to be tested or simply pull the suppliers’ invoices from filing.
Sampling units are selected without any bias. However it does not mean that the items are selected carelessly.
The use of such method is not advisable as it would be difficult for the auditor to justify the basis of selection of sample units and to prove that certain items were not intentionally excluded..
Block sampling is the practice of selecting contiguous transactions. The auditor selects all items of a specified time processed on a particular day, week, or month. For example, selecting random sales invoices issued on certain days during the year, say, March 27, June 30, August 16. .
15. PERFORMING AUDIT PROCEDURES
The auditor applies appropriate auditing procedures to determine an audit value for each unit included in the sample. However in some cases, selected sampling units. may be missing or adequate supporting documents may not be available. The treatment of lack of sufficient evidence for the sample unit selected will depend upon auditor’s judgment of overall sample evaluation. Generally, if the auditor concludes that the sample evaluation will not change even if supporting documents for a sampling unit are missing, he would not perform alternative procedures. If the missing evidence has material impact on sample evaluation, he would perform alternative procedures to verify the account balance.
16. NATURE AND CAUSE OF ERRORS
1. It is not enough to quantify the errors in a population. The auditor should also see the qualitative aspect of the error.
2. In certain cases, the deviation rate may not be as relevant as the nature of the error discovered. For example if an error is caused because of fraud or collusion, additional auditing procedures need be applied. The cause of error and its impact on financial statements should be evaluated.
3. Problem may be caused by inadequate definition as to what constitutes an error. For example, the control policy may require that payment to supplier will not be made unless purchase order and goods receiving notes are available. The item selected by the auditor related to purchase of services such as electricity bill. Here the availability of purchase order and receiving note is not applicable. Improper definition of error. Such definition needs be revised.
Qualitative evaluation involves error analysis. Such an analysis includes consideration of matters like:
– Is the error an isolated case or common to all transactions in a group?
– Is it Intentional or unintentional?
– Has the error resulted due to misunderstanding?
– Carelessness or override the control by management?
– Does the error affect only one account or has a pervasive effect?
17. PROJECTING ERRORS
Projecting of error is an estimate of the quantum of misstatement in the population had 100% items were examined.
If no errors are found in the sample, then the projected population error is zero, and the allowance for sampling risk is no more than tolerable error. If errors are found, the auditor calculates the projected error.
The error can be projected either using differential method of projection or ratio method of projection as follows:
Both the methods are acceptable to project the error.
When the population is divided into sub population, the error projection is performed for each stratum separately and the total is compared with tolerable error.
The auditor intends to carry out pricing test. In designing the audit plan the auditor has set a materiality level of Rs. 10,000.
The auditor selected all high value items and the pricing errors (overstatements) on such items was Rs. 9,200. Of the remaining inventory 30 items were selected on a random basis and an overstatement of Rs. 50 was noted.
The auditor can conclude that the projected error of Rs. 9,8,67 was within the tolerable error. He would however consider the projected error in inventory pricing while evaluating overall effect on financial statements as a result of errors found in other account balances.
Note that para 52 of ISA 530 requires that the error be projected for each stratum separately.
This should be stressed that it cannot be said that the above projected error of Rs. 9,867 is the exact amount which will be found if 100% units in the population were checked. The actual error may be more or less than Rs. 9,867 because of sampling errors.
Assume that in this case, the auditor has established Rs. 10,000 tolerable error, he should consider the risk of some more misstatement due sampling risk and the undetected misstatement may cause the financial statements to be materially misstated. As the projected error is too to tolerable error, the auditor should perform additional procedures, pursue the client to correct the errors, or modify the audit report.
In projecting error, those should be excluded which are the result of abnormal causes (anomalous error). Next, the projected error and the anomalous error should be added to check whether they exceed tolerable error.
The auditor should ask the client to pass journal entries rectifying the errors found in.the sample and agreed by the client. After calculating the projected misstatement the. agreed amount of adjustment should be deducted from projected misstatement.
The remaining part of projected misstatement will be compared with tolerable error.
18. EVALUATING THE SAMPLE RESULTS
After performing the tests, the auditor should evaluate the sample results. The objective of evaluation is to determine whether the preliminary assessment of the characteristics of population is confirmed or challenged.
In case of tests of controls, if the deviation rate is higher than tolerable rate, control risk is to be assessed at maximum. Control risk will also be accessed at maximum if deviation rate is quite close to tolerable rate. If e deviation rate is lower than tolerable rate, control risk can be assessed at low and accordingly substantive tests may be restricted.
However the auditor should be alert that there is a risk that actual deviation rate in the population may be higher than tolerable rate due to sampling risk.
In other words, if the sample deviation rate plus allowance for sampling risks does not exceed the tolerable rate, the auditor would conclude that controls are reliable and would restrict year – end substantive tests. If the sample results do not support reliance on controls, reliance will not be placed on controls and expanded substantive tests will be carried out.
In case of substantive tests, if the amount of projected error is less than but close to tolerable error, the auditor should still be alert of further misstatements due to sampling risk.
The auditor should also compare actual deviation rate with expected deviation rate in order to confirm or dispel his preliminary assessment of control risk. If the actual deviation rate is greater than the expected rate set at planning stage, the auditor will modify the control risk i.e., make a final assessment of control risk. If the auditor intends to evaluate control risk at low, he will have to perform test of control on extended sample size.
Alternatively, if the control risk is assessed at high, the auditor should modify the substantive tests.
If the projected errors are more than the expected errors, the auditor should (a) ask the client to correct the errors, or (b) modify the audit report.