Audit Sampling - AICPA Audit Guide

• Chapter - 1 Characteristics of Audit Sampling
• Audit Sampling Defined
• Procedures That May Not Involve Audit Sampling
• Inquiry and Observation
• Analytical Procedures
• Procedures Applied to Every Item in a Population
• Some Tests of Controls May Not Involve Audit Sampling
• Tests of Controls When Extrapolation is Not Intended
• Procedures That Do Not Evaluate Characteristics
• Untested Balances
• Tests of Automated IT Controls
• Sampling and Nonsampling Audit Procedures Distinguished
• Terminology Used in This Guide
• Reliability or Confidence Level
• Alpha and Beta Risks
• Precision
• Chapter 2 - The Audit Sampling Process
• Purpose and Nature of Audit Sampling
• How Audit Sampling Differs From Sampling in Other Professions
• Evaluation of Audit Samples
• Types of Audit Tests
• Tests of Controls
• Substantive Tests
• Dual-Purpose Tests
• Risk
• Sampling Risk
• Nonsampling Risk
• Nonstatistical and Statistical Sampling
• Planning the Audit Sampling Procedures
• Types of Statistical Sampling Plans
• Attributes Sampling
• Variables Sampling
• Relating Balance Sheet and Income Statement Sampling
• General Implementation Considerations
• Continuing Professional Education
• Sampling Guidelines
• Use of Specialists
• Supervision and Review
• Chapter 3 - Nonstatistical and Statistical Audit Sampling in Tests of Controls
• Determining the Test Objectives
• Defining the Deviation Conditions
• Defining the Population
• Defining the Period Covered by the Test
• Initial Testing
• Estimating Population Characteristics
• Considering the Completeness of the Population
• Defining the Sampling Unit
• The Role of Walkthroughs
• Determining the Method of Selecting the Sample
• Simple Random Sampling
• Systematic Sampling
• Haphazard Sampling
• Block Sampling
• Determining the Sample Size
• Considering the Acceptable Risk of Assessing Control Risk Too Low
• Considering Other Evidence in Determining Risk of Overreliance and Tolerable Rate
• Considering the Risk of Overreliance for Multiple Controls Addressing the Same Control Objective
• Determining the Tolerable Rate
• Considering the Expected Population Deviation Rate
• Considering the Effect of Population Size
• Small Populations and Infrequently Operating Controls
• Considering a Sequential or a Fixed Sample Size Approach
• Developing Sample Size Guidelines
• Performing the Sampling Plan
• Voided Documents
• Unused or Inapplicable Documents
• Mistakes in Estimating Population Sequences
• Stopping the Test Before Completion
• Inability to Examine Selected Items
• Evaluating the Sample Results
• Calculating the Deviation Rate
• Considering Sampling Risk
• Considering the Qualitative Aspects of the Deviations
• Extending the Sample When Control Deviations are Found
• Assessing the Potential Magnitude of a Control Deficiency
• Reaching an Overall Conclusion
• Documenting the Sampling Procedure
• Chapter 4 - Nonstatistical and Statistical Audit Sampling for Substantive Tests of Details
• Determining the Test Objectives
• Defining the Population
• Considering the Completeness of the Population
• Identifying Individually Significant Items
• Defining the Sampling Unit
• Choosing an Audit Sampling Technique
• Selecting the Sample
• Determining the Sample Size
• Considering Variation Within the Population
• Determining the Acceptable Level of Risk
• Considering Tolerable Misstatement
• Considering the Expected Amount of Misstatement
• Considering the Effect of Population Size
• Relating the Factors to Determine the Sample Size
• Performing the Sampling Plan
• Evaluating the Sample Results
• Projecting the Misstatement to the Population
• The Sufficiency of Sampling Evidence for Proposing Adjustments
• Negative Confirmations
• Interim Sample Results
• Considering Sampling Risk at the Test Level
• Documenting the Sampling Procedure
• Chapter 5 - Nonstatistical Sampling Case Study
• Determining the Sample Size
• Evaluating the Sample Results
• Chapter 6 - Monetary Unit Sampling
• Selecting a Statistical Approach
• Advantages
• Disadvantages
• Defining the Sampling Unit
• Selecting the Sample
• Determining the Sample Size
• Formula Method--No Misstatements Expected
• Formula Method--Some Misstatements Expected
• Evaluating the Sample Results
• Sample Evaluation With 100 Percent Misstatements
• Sample Evaluation With Less Than 100 Percent Misstatements
• Quantitative Considerations
• Qualitative Considerations
• MUS Sampling Case Study
• Selecting the Sample
• Evaluating the Sample Results
• Chapter 7 - Classical Variables Sampling
• Selecting a Statistical Approach
• AdvantagesDisadvantages
• Types of Classical Variables Sampling Techniques
• Mean-Per-Unit Approach
• Difference Approach
• Ratio Approach
• Choosing a Classical Variables Sampling Approach
• The Ability to Design a Stratified Sample
• The Expected Number of Differences Between the Audited and Recorded Amounts
• Required Information
• Determining the Sample Size
• Considering Variation Within the Population
• Calculating the Sample Size
• Evaluating the Sample Results
• Classical Variables Sampling Case Study
• Appendix A - Attributes Statistical Sampling Tables
• Appendix B - Sequential Sampling for Tests of Controls
• Appendix C - Monetary Unit Sampling Tables
• Appendix D - Ratio of Desired Allowance for Sampling Risk of Incorrect Rejection to Tolerable Misstatement
• Appendix E - Multilocation Sampling Considerations
• Appendix F - Glossary
• Appendix G - Major Existing Differences Between AICPA Standards and PCAOB Standards
• Appendix H - Comparison of Key Provisions of the Risk Assessment Standards to Previous Standards
• Appendix I - Schedule of Changes Made to the Text From the Previous Edition

012538

I.7 Two other SAPs included references to sampling applications in auditing. SAP No. 33, Auditing Standards and Procedures (a codification), issued in 1963, indicated that a practitioner might consider using statistical sampling in appropriate circumstances. SAP No. 36, Revision of "Extensions of Auditing Procedure" Relating to Inventories, issued in 1966, provided guidance on the auditor's responsibility when a client uses a sampling procedure, rather than a complete physical count, to determine inventory balances.

I.8 From 1967 to 1974, the AICPA published a series of volumes on statistical sampling, An Auditor's Approach to Statistical Sampling, for use in continuing professional education. In 1978, the AICPA published Statistical Auditing, by Donald M. Roberts, explaining the theory underlying statistical sampling in auditing.

I.9 In 1981, the AICPA's Auditing Standards Board (ASB) issued Statement on Auditing Standards (SAS) No. 39, Audit Sampling (AICPA, Professional Standards, vol. 1, AU sec. 350), which provides general guidance on both nonstatistical and statistical sampling in auditing and superseded appendixes A and B of SAS No. 1, Codification of Auditing Standards and Procedures (AICPA, Professional Standards, vol. 1). In 1983, the AICPA published the first edition of this Audit Guide Audit Sampling. In 2001, the AICPA published an updated version of the guide.

I.10 In 2006, the ASB issued a suite of eight risk assessment standards (SAS Nos. 104-111) to be used in the planning and performance of a financial statement audit. Several of these pronouncements also provide guidance on the use of audit sampling. SAS No. 107, Audit Risk and Materiality in Conducting an Audit (AICPA, Professional Standards, vol. 1, AU sec. 312), provides guidance on the auditor's consideration of audit risk and materiality when planning and performing an audit of financial statements in accordance with GAAS. Audit risk and materiality are important in determining the nature, timing, and extent of auditing procedures (including those that involve audit sampling) and evaluating the results of those procedures. SAS No. 109, Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement (AICPA, Professional Standards, vol. 1, AU sec. 314), and SAS No. 110, Performing Audit Procedures in Response to Assessed Risks and Evaluating the Audit Evidence Obtained (AICPA, Professional Standards, vol. 1, AU sec. 318), clarify the circumstances under which controls can be relied on and the importance of IT general controls and tests of controls as a basis for reliance. The AICPA also issued the Audit Guide Assessing and Responding to Audit Risk in a Financial Statement Audit to provide guidance on obtaining an understanding of the entity and its environment, including its internal control, assessing the risks of material misstatement, designing further audit procedures that respond to the assessed risks, and evaluating audit findings and evidence. In discussing the auditor's assessment of control risk, the preceding guidance describes the manner in which the auditor designs, performs, and evaluates tests of controls, including those that involve audit sampling.

I.11 Included in the suite of risk assessment standards is an amendment to AU section 350: SAS No. 111, Amendment to Statement on Auditing Standards No. 39, Audit Sampling (AICPA, Professional Standards, vol. 1). SAS No. 111 moved the discussion of the audit risk model from AU section 350 to AU section 312. In addition, the SAS indicated that nonstatistical sample sizes ordinarily would be comparable to statistically determined sample sizes for similar parameters.

012538