Chapter Objectives

 To explain why auditors use audit sampling

 To Explain statistical and non-statistical sampling, describe the advantages
of each method, and explain when each method should be used.
 To Distinguish between probabilistic and non-probabilistic sample
selection.
 To explain the concept of representative sampling.
 To explain the effects of changes in various population characteristics and
changes in sampling risk on required sample size
 To describe the 14 steps used in the application of non-statistical sampling
and attribute sampling in tests of controls and substantive tests of
transactions.

1
Definition of Audit Sampling
 GAAS define audit sampling as the application of
an audit procedure to less than 100% of the items
within an account balance or class of transactions
for the purpose of evaluating some characteristics
of the balance or class (SAS 39, AU 350).

 Why don’t auditors test 100% of transactions

or account balances ?
2
 Auditors usually do not test 100% of transactions or
items in account balances because :
1. The cost of doing so would be high.
2.Auditors seek only reasonable assurance.
3.The nature and materiality of the items (balance
or classes of transaction may not demand a
100% audit)
4. Auditors take sample when the audit objective is
to reach a conclusion about a balance or class of
transactions.

3
Why do auditors use sampling?
Auditors use sampling
1. Auditing control compliance (Tests of Controls) and
substantive tests of transactions (to checks whether
transaction amounts are materially misstated/not)
2. Auditing account balances: It is a substantive test
whose purpose is to check whether balances are materially
misstated or not. (to draw conclusion about the fairness of
the amounts stated in financial statement )
Audit sampling occurs whenever auditors draw a
conclusion about an entire class of transactions or account
balance based on the results of a (representative) sample
from the class or the balance.
..\Links\L1 Comparison of audit sampling tests.docx

4
Which aspect of auditing (nature, timing,
extent) is addressed by audit sampling?
 Audit sampling addresses the sufficiency
aspect of evidence as required under GAAS,
since it relates to the extent (the amount of
work done when the procedures are
performed) of audit procedures used.

5
Sampling Design
The two sampling designs used by auditors are
1. Statistical
2. Non statistical (judgmental)
 GAAS permit auditors to use either statistical or non-
statistical sampling methods.
 However, it is essential that either method be applied
with due care. All steps of the process must be followed
carefully.
 The auditor is not required by GAAS to base
evaluations on statistically-based tests, but only to
apply professional judgment.
6
STATISTICAL NON STATISTICAL
 Based on the laws of  Based on auditors judgment
probability  Samples may or may not be
 Samples must be random random
 Used when an objectively  Used when the auditor has
defensible result is desired. additional knowledge of
 Sampling risk can be the population.
specified/quantified in  Sampling risk can not be
advance specified/quantified in
advance
 Inference is made based on
 Inference is made based on
statistical result judgment

7
Procedures are common for both categories of
sampling (statistical/non-statistical)
1. Planning the sample –eg. involves the decision
that sample size eg. 100
2. Selecting the sample and performing the tests –
involves which 100 to take and deciding for eg.
3 exceptions/deviations exist
3. Evaluating the results –involves reaching to a
conclusion that the 3 exception/deviation rate
estimated from sample are equals to the
exception/deviation rate from population

8
 Eg. Out of 1,000 sales invoices, an auditor
selected 100 sales invoices for an audit and no
errors and irregularities were found on them.
 Does this mean that the entire population of
sales invoices is free from error and
irregularities?
 The answer is No, because, the sample might
not reflect the actual condition of the
population, due to sampling or non sampling
risk (it may not be representative).
9
The Concept of a representative sample
 A representative sample is a sample that mirrors
the characteristics of the population
 A representative sample has all the important
characteristics of the population from which it is
drawn; this means that the sampled items are
similar to the items not sampled.
 A representative sample will reduce sampling risk
that lead auditors to incorrect conclusion.
 What helps auditors obtain a representative
sample?
10
 Auditors can increase the likelihood of the
representativeness of a sample if they are
careful in:
 Designing the sampling process,
 Selecting sample and
 Evaluating sample results
 Auditors try to avoid biasness and maintain
representativeness of the sample by applying
random selection method, which give equal
chance to each item being included in the
sample
11
 Auditors cannot guarantee
representativeness; this is what sampling
risk is all about, „the probability that the
sample may not mirror the
characteristics of the population‟.
 Thus, even under random sample, a risk
exists that the sample may not be
representative, eg it could be when the
sampling frame is not complete (AR eg)

12
Sampling and non-sampling error
 Whenever a sample is selected from a
population, it may or may not be
representative.
 The risk of the sample not being
representative is called sampling risk.
 The error that results from sampling risk is
called sampling error.

13
SAMPLING RISK SAMPLING ERROR

 It is the probability that an  It is the difference between the

auditor‟s conclusion based on actual rate of deviation in the
a sample may differ from the population and that of the
conclusion that may be sample.
reached if an entire population
was audited (since sample is Eg. The actual but unknown
not representative). deviation rate in the
population is 3%
 Sampling risk is an inherent - deviation rate in the sample is
part of sampling that result 2%. This difference of 1% is
from testing less than the known as sampling error.
entire population -It results from sampling risk
14
TYPES OF SAMPLING RISK TYPES OF SAMPLING ERROR
1.Sampling risk for tests of control (risks
related to control procedures):
▪ Risk of over reliance on client‟s  Type I error
internal control
▪ Risk of under reliance on client‟s Incorrect rejection (alpha
internal control
2. Sampling risk of substantive tests (risks
risk)-
related to transactions and balances:
▪ Risk of incorrect rejection (alpha risk)-
this is the possibility that sample result  Type II error
will indicate that population is
materially misstated when in fact it is Incorrect acceptance (beta
not materially misstated
▪ Risk of incorrect acceptance (beta risk)- risk)-..\Links\L3 Activity
this is the possibility that sample result
will indicate that population is not type I and type II errors.doc
materially misstated when in fact it is
materially misstated

15
How do sampling risks affect efficiency and effectiveness of audit?
 Risk of under reliance on client‟s internal control and risk of
incorrect rejection (alpha risk) affects audit efficiency since both
make the auditor to perform additional audit procedures that will
finally reveal that no material weakness in control procedure (in the
case of test of control) and the account is not materially misstated
(in the case of substantive test)
 Risk of over reliance on client‟s internal control and risk of
incorrect acceptance (beta risk) affects audit effectiveness in
detecting material errors. If audit is ineffective there is a failure of
detecting material weakness in control procedure (in the case of test
of control) and materially misstated account balances will not be
detected (in the case of substantive test)
16
Which one is more risky/significant?
 Risk of over reliance and risk of incorrect
acceptance (beta risk) have significant effect
on the fairness of the financial statement, so
they are of primary concern to auditors.
 If not reduced, these risks will expose
auditors to negligence that will lead to legal
liability.
 Auditors should use a representative sample to
reduce such risks..\Links\L3 Activity type I
and type II errors.doc
17
How to reduce sampling risk?

 Sampling risk can be reduced by increasing

sample size
 Use of appropriate method of sample selection

18
 Non Sampling error
 ..\Links\Non sampling risk and non sampling
error.doc

Similarities and differences between sampling and

non sampling risks..\Links\Similarities and
Differences between Sampling risk and Non.doc

19
Random and Non Random Sample
A random sample is a set of sampling units
chosen so that each population item has an
equal likelihood of being selected in the
sample
 A random sample can also be used in “non
statistical sampling” design
 There is a common misconception of equating
statistical sampling with random selection
20
 Regardless of the sampling design used,
(statistical/non statistical), when selecting a
sample from a population, the auditor strives to
obtain a representative sample by applying
different procedures.
 Auditors may use probabilistic or non-
probabilistic sample selection procedures to
achieve this purpose

21
 PROBABILISTIC SAMPLE NONPROBABILISTIC (JUDGMENTAL)
SELECTION SAMPLE SELECTION METHODS
 It is based on statistical rules  Here, the auditor selects sample
 Every individual (element) in the
defined source of population may be items using professional
selected into the sample with a known
(non-zero) probability. judgment
 If sampling frame = N and sample  The procedure is used with non
size = n, every individual has a
known chance of n/N being statistical plans since it is not
selected. based upon the statistical
 Involves random selection principles which govern
procedures
 So, the auditor randomly selects probability sampling.
items such that each population  Usually used when a sampling
item has a known probability of frame does not exist/not
being included in the sample.
complete
22
 PROBABILISTIC SAMPLE SELECTION
NONPROBABILISTIC (JUDGMENTAL) METHODS INCLUDE THE FOLLOWING:
SAMPLE SELECTION METHODS

1. Directed sample selection 1. Simple random sample

2. Block sample selection selection
3. Haphazard sample selection 2. Systematic sample selection
3. Probability proportional to
 These methods are used with
size sample selection
non-statistical sampling plan
4. Stratified sample selection
 With these methods it is difficult
to evaluate the randomness and
representativeness of a sample

23
1. Directed sample selection
 Under these methods, auditors deliberately select each
item in the sample based on their own judgmental criteria
 Random selection is not used
Commonly used approaches include:
1. Selection of items Most Likely to Contain Misstatements
▪ Eg. - accounts receivable outstanding for a long time,
- purchases from and sales to officers and affiliated companies,
- unusually large or complex transactions.
Conclusion: if these items are not materially misstated, the F/S will not
be materially misstated
24
….Nonprobabilistic (judgmental) sample selection
methods
…Directed sample selection
…Commonly used approaches include:
2. Selection of items Containing Selected Population
Characteristics
Eg. Selecting a sample of cash disbursements that includes
some from each month, each bank account or location, and
each major type of acquisition.
3. Selection of items with Large Dollar value (Large Dollar
Coverage -)

25
….Nonprobabilistic (judgmental) sample selection methods
2. Block sample selection
 It is a practice of choosing segments of continuous transactions.
 Block or cluster sampling occurs when the auditor selects a number
of blocks of consecutive transactions rather than selecting
transactions individually
 A block sample consists of all items in the selected time period,
numerical sequence, or alphabetical sequence

 Block sample with a transaction date used as sampling unit

 Eg. Choosing sales invoices processed on randomly chosen
days, say, February 3, July 17, and September 29. Thus all sales
invoices processed on the randomly selected dates are included in
the sample.
26
….Nonprobabilistic (judgmental)
sample selection methods
…2. Block sample selection
Block sample with months used as sampling unit
 Eg auditors want to test internal control over cash disbursement
and decide to check all cash disbursement vouchers of April
and December.
 Sampling unit: the sampling unit is month rather than individual
transaction.
 No. of blocks: The sample consists two blocks selected from a
population of 12 months When sampling unit is individual
transaction, auditors select the first item in a block, and the remainder
of the block is chosen in sequence
27
….Nonprobabilistic (judgmental) sample selection methods
……. 2. Block sample selection
 Issues related to the number of blocks
 Eg. assume the block sample will be a sequence of 100 sales
transactions from the sales journal for the third week of March.
 Auditors can select the total sample of 100 by taking 5 blocks of 20
items,
 10 blocks of 10,
 50 blocks of 2 or
 one block of 100.

28
 Advantages and Limitations:
 Block samples cannot be representative unless a reasonable number/large
number of blocks is used. If few blocks are used, the probability of
obtaining a non-representative sample is too great
 Eg. sampling 10 blocks of 10 from the third week of March is far less
appropriate than selecting 10 blocks of 10 from 10 different months.
 This method can be used to supplement other samples when there is a high
likelihood of misstatement for a known period.
 Eg. the auditor might select all 100 cash receipts from the third week of
March if that is the period when the accounting clerk was on vacation and
an inexperienced temporary employee processed the cash receipt
transactions.

29
….Nonprobabilistic (judgmental) sample selection methods
3. Haphazard sample selection
 It refers to any unsystematic way of selecting sample units
eg. Closing eyes and putting hands in drawers to pick
sales invoices
The problem is:
 only those that are suitable for picking may be picked
 It is very difficult to describe the method, to replicate the
method and get the same sample units
 The method is also stated as a method for selecting items
without any conscious bias by the auditor; without any
special reason for including/excluding items
 i.e. the auditor selects population items without regard to
their size, source, or other distinguishing characteristics.
30
….Non-probabilistic (judgmental) sample selection methods
….3. Haphazard sample selection
 Avoiding biasness is the most difficult task in haphazard
sampling method
 Haphazard sample selection should be considered only as a last
resort since it is hard to document and impossible to replicate
 Haphazard and block sample selection appear to be less logical
than directed sample selection,
 However, they are simpler and much less costly than other
selection methods, they are usually used based on cost-benefit
criteria
 For many non-statistical sampling applications involving tests of
controls and substantive tests of transactions, auditors prefer to
use a probabilistic sample selection method to increase the
likelihood of selecting a representative sample.
31
Probabilistic sample selection methods
 Probabilistic sample selection methods are used with statistical
sampling plans
 Statistical sampling plans apply probabilistic sample selection
method to measure sampling risk.
 For probabilistic samples, the auditor uses no judgment about
which sample items are selected, except in choosing which of the
selection methods to use.
 For probabilistic method the following four methods can be used:
1. Simple random sample selection
2. Systematic sample selection
3. Probability proportional to size sample selection
4. Stratified sample selection

32
…Probabilistic sample selection methods
1. Simple random sample selection
 Auditors try to maintain representativeness of the sample by selecting
samples randomly
 A sample is random if each unit in the population has an equal
probability/chance of being included in the sample.
When do auditors use this method?
 Auditors use simple random sampling to sample populations when there
is no need to emphasize one or more types of population items.
Eg. auditors want to sample a client‟s cash disbursements for the year.
Assume they select 60 cash disbursements by a simple random
sample
Finally they will draw conclusions about all recorded cash
disbursement transactions based on this 60 cash disbursements.
 How do auditors apply simple random method?

33
…Probabilistic sample selection methods
…1. Simple random sample selection
 Auditors use random numbers in applying simple random selection
method
 Random numbers are a series of digits having no identifiable pattern and
equal probabilities of occurring over long runs
 Auditors usually generate random numbers by using the following
techniques:
1. electronic spreadsheets,
2. random number generators, and
3. generalized audit software.
 Since computer programs offer advantages such as time savings, reduced
likelihood of auditor error in selecting the numbers, and automatic
documentation, auditors usually prefer to use computer generation of
random numbers..\Links\Chapter 1 Computer generator rndom
numbers.doc
34
…Probabilistic sample selection methods
2. Systematic sample selection
 Here auditors are required to know the population size and a
predetermined sample size
 The process involves the following steps:
1. Obtain a random starting place in the physical representation (eg.
List of sales invoices recorded in sales journal) and select the unit
2. Count through the file and select every kth unit, where k is the
sampling interval (standard distance between individuals), which is
obtained by dividing the number in the frame by the desired sample
size
k, the interval = population size/sample size
. ..\Links\ch 2 examples of Systematic sample selection.docx

35
…Probabilistic sample selection methods
….2. Systematic sample selection
Advantages:
 Easier to use,
 Sample can be drawn quickly,
 It automatically puts the numbers in sequence, making it easy to develop the
appropriate documentation
 Very good when the population from which sample is to be drawn is
homogeneous
Limitations
 Systematic sampling involves a danger if the list of individuals has some periodicity
or some pattern, thus there is a possibility of bias
 Eg. if a control deviation occurred at a certain time of the month or only with
certain types of documents due to turnover etc, a systematic sample can fail to
select a representative sample.
Generalized audit software include facilities for using systematic sample selection
from computer-based files
36
…Probabilistic sample selection methods
3. Probability proportional to size (PPS) sample selection
Under this method, a sample is taken where the probability of selecting any
individual population item is proportional to its recorded amount.
 This method is evaluated using non statistical sampling or monetary unit
statistical sampling.
4. Stratified sample selection
 Stratification is a technique of dividing the population into relatively
homogenous subgroups called strata
 Auditors stratify the population before computing the sample size and selecting
the sample
 Auditors usually use dollar size to stratify the population
 Sample is taken from each strata separately; larger sample is taken from the
subpopulations with larger sizes.
 Sample results may be evaluated separately or combined to provide an estimate
of the characteristics of the population
 This method is evaluated using non-statistical sampling or variables
statistical sampling.
37
 The application of sampling in test of controls
auditing (both in non-statistical and
statistical/attribute sampling) is a structured,
formal approach involving the following 14
steps categorized in 3 phases:
 Links\Application of sampling method.doc

 Basic concepts

38
1. Attribute: An attribute is a characteristic in which the
auditor is interested
In testing controls, the attribute is whether or not a
deviation from the specified controls has occurred.
 For occurrence/existence-the attribute is eg the
existence of a matching shipping document for each
sales invoice.
 For authorization- the attributes include the
department supervisor‟s initials on each invoice
payable
 For classification- the attributes include checking
correct account coding on each invoice

39
2. Deviation rate/exception rate- rate of failure
from prescribed procedure.
The three types of exceptions/deviations in
accounting data in which auditors are
interested in and evaluate are:
1. Deviations from client‟s established control
2. Monetary misstatements in populations of
transaction data
3. Monetary misstatements in populations of
account balance details
40
How deviation rate relates to control risk?
 There is a direct relationship between deviation rate
and the level of control risk.
 Low deviation rate is associated with low control risk;
 high deviation rate is associated with high control risk.
 A clear understanding of what constitutes a deviation
is important.
 Deviations need to be defined in advance so that they
can be recognized and treated consistently, and so that
they relate to the objectives of the test of control.

41
Source from which auditors refer about attributes and
conditions for deviations/exceptions
 Attributes of interest and exception conditions for audit
sampling are taken directly from the auditor‟s audit
procedures. Eg Eight attributes are used for tests of
control of the billing function of HH Co. Samples of
sales invoices will be used to verify these attributes.
 Eg. Attribute 1: Existence of sales invoice No. in sales
journal
 Attribute 2: Details on sales invoice are
correct…………….Attribute 8: Credit
approved..\Links\HH Co.doc
42
How to evaluate the attributes
 Eg. For an audit question that asks “Is credit
approved?” the answer can be yes or no. Auditors will
count the number of deviations and use the count in
evaluating the evidence. ..\Links\HH Co.doc
Issues regarding missing documents/attributes
 The absence of the attribute for any sample item will
be an exception for that attribute, which means, if the
document selected for testing cannot be located, the
auditors will not be able to apply alternative audit
procedures to determine whether the control procedure
is applied.
43
3. Population-
 The auditor must ensure that the population
that he/she selected has attributes consistent
with the assertions he/she wishes to test.
 In some cases, it may be necessary to define
separate populations for different audit
procedures.

44
Factors considered in defining population:
1. The timing of the audit work
2. Physical Representation (Physical proximity
and Physical characteristics) of the population
The timing of the audit work
 Ideally, tests of control audit procedure
should be applied to transactions executed
throughout the period under audit because
auditors want to reach a conclusion about
control risk during the entire period.

45
 Sometimes auditors perform tests of control
procedures at interim period (some
weeks/months before the end of the client‟s
year end date); during these times the entire
population, eg. recorded sales invoice, will
not be available.
 Auditors can perform the work during the
interim period, but they should not ignore the
remaining period.
46
2.Physical Representation (Physical proximity
and Physical characteristics) of the population
 Physical representation of the population
/sampling frame/ is the auditor‟s frame of
reference for selecting a sample.
 Eg. It can be a journal list of recorded sales invoice, a
drawer full of invoices, etc
 The physical representation should be easily to
visualizable such as journal listings, and it must be
complete, accurately recorded.
47
Activity:
 What is the auditor‟s concern when
documentation defined as the intended population
is kept in a remote off-site location?
 What if the identified population exists in the
form of data stored in machine-readable form
only?
 The auditor must ensure that a sample can
actually be drawn from the population and that
the chosen population must have physical
characteristics that allow an auditor to sample
from it.
48
In general, the auditor should select sample
 From the entire population;
 The auditor should test the population for
completeness and detail tie-in before a sample is
selected
 For example, when performing tests of controls
and substantive tests of sales transactions, if
auditors samples from only one month‟s
transactions, it is invalid to draw conclusions
about the invoices for the entire year.
49
4. Tolerable Exception Rate (TER)- Tolerable
exception/deviation rate represents the
maximum population rate of deviations from a
prescribed control procedure that the auditor
will tolerate without modifying the planned
reliance on internal control assessment of
control risk OR
It represents the highest exception rate the
auditor will permit
50
 Establishing the tolerable exception rate (TER)
for each attribute requires an auditor‟s
professional judgment.
 Eg. assume that the auditor decides that TER for
attribute 8 “Credit sales Approved” is 9%. That
means that the auditor has decided that even if
9% of the duplicate sales invoices are not
approved for credit, the credit approval control is
still effective in terms of the assessed control risk
included in the audit plan.

51
 Auditors should ask questions such as what rate
of deviation in the population signals control risk
of 10%? 20%/ 30%? etc up to 100%?
 Eg $90,000 of sales invoices could be exposed to
control deviations without causing a minimum
material misstatement in the sales and accounts
receivable balance. If total gross sales is
$9,000,000, the judgment implies a tolerable
exception/deviation rate of $90,000/9,000,000 =
1%

52
Impact of TER on sample size (how the two
relate?)
 Low tolerable rate requires higher accuracy so
relatively larger sample size is needed;
 when the tolerable rate is larger (relaxed)
relatively smaller sample size can satisfy the
requirement
Thus, The tolerable exception/deviation rate
(TER) is inversely related to sample size.
53
Eg. Auditor A wants to assess control risk at
10%, with tolerable rate 1%
Auditor B wants to assess control risk at 40%,
with tolerable rate 6%
Who is required to use larger sample, A or B?
 The suitable TER is a question of materiality
 Eg. Lower TER is used for significant account
balances

54
5. Estimated population exception rate (EPER)
EPER is an estimate of the ratio of the number
of expected deviations to population size.
Auditors should make an advance estimate of
the population exception rate to plan the
appropriate sample size.
What information can help auditors to
estimate EPER?

55
The following will help the auditor to obtain
information helpful to determine EPER
 Information about client‟s personnel,
 working condition, and
 the general control environment collected
from sources such as last year audit
experience with the client, and
 information from the predecessor auditor will
help auditors to know or suspect some control
performance conditions
56
 Auditors usually use the preceding year‟s
audit results to estimate EPER.
 If they are not reliable, the auditor can take a
small preliminary sample of the current year‟s
population for this purpose.
What does EPER imply?
Eg. Zero % EPER (no expected deviation means
no need to take larger sample since the
control is effective)
57
 IF EPER is larger than TER, (If auditors have
reason to expect more deviation than they could
tolerate), there would be no reason to perform
any test of controls audit procedure. Thus, the
expected rate must be less than the tolerable rate.
 The closer the EPER is to the TER, the larger will
be the sample that is needed to reach a conclusion
that deviations do not exceed the tolerable size.
 Thus sample size varies directly with the
expected deviation rate

58
 6. Sample Exception Rate (SER)- Sample
Exception Rate (SER) is actual sample
deviations ÷ sample size.
 The following table shows how tests of
controls are documented and SER is
computed.
 (Note: 7 attributes are tested, x represents
deviation; sample size is not uniform, it
varies) ..\Links\HH Co.doc
59
Two possible results that auditors may obtain:
 The SER, which is the actual deviation rate is equal to or
less than the EPER
 The SER, which is the actual deviation rate is more than the
expected rate
Interpretations: The above two conditions are interpreted as
follows:
(1) If SER is equal to or less than the expected rate
 It shows the sample results supports auditors‟
preliminary assessed control risk and their planned reliance
on control. Auditors are likely to conclude that the risk of
reliance on client’s control system is acceptable (the true
population deviation rate doesn’t exceed the tolerable rate,
so it is acceptable).

60
(2) If SER is greater than the expected rate
 auditors usually conclude that the sample
results do not support the preliminary
assessed control risk i.e, auditors are likely to
conclude that there is an unacceptably high
risk that the true deviation rate in the
population exceeds TER.

61
7. Acceptable Risk of Assessing Control Risk too low
(ARACR)-
 Whenever auditors use sample to measure deviations, the
sample results may not exactly represent the deviation in the
population.
 As a result auditors may wrongly conclude that the control
system is effective (over reliance on control system), and
wrongly accept a misstated balance (risk of incorrect
acceptance).
 Unless 100 percent of the population is tested, sampling risk
cannot be avoided in both non-statistical and statistical
sampling.
 For audit sampling in tests of controls and substantive tests
of transactions, that risk is called the acceptable risk of
assessing control risk too low (ARACR).
62
 ARACR represents the auditor‟s measure of sampling
risk in tests of controls and substantive tests of
transactions; it represents auditor‟s risk of incorrectly
accepting the control as effective.
Two aspects of sampling risk in tests of control
1. The risk of under reliance on internal control: This is a
possibility that sample results will lead the auditor to
inefficient audit
2. The risk of over reliance on internal control: This is a
possibility that sample results will lead the auditor to
ineffective audit
 Though both are risks, auditors are more concerned
about the risk that lead them to ineffective audit
 ARACR measures this risk (overreliance risk)
63
 How do auditors state ARACR? In non-
statistical sampling, auditors commonly use
qualitative expressions such as ARACR of
high, medium, or low instead of a
percentage.
 In statistical sampling, auditors use a percent,
such as 5% or 10%.

64
 What does low/high ARACR imply?
 A low ARACR implies that the tests of controls
have important implication on the financial
statement, so higher accuracy is needed. (low
error is allowed)
 The ARACR of high means that the tests of
controls are not that much important (have less
impact on the fairness of the financial statement)
the auditor is willing to take a fairly substantial
risk of concluding that the control is effective
after all testing is completed, even when it is
ineffective. (larger error can be tolerated)
65
How do auditors choose appropriate ARACR
for each attribute?
 In choosing the appropriate ARACR for each
attribute, auditors must use their best
judgment.
 The auditor can establish different TER and
ARACR levels for different attributes of an
audit test, depending on the importance of the
attribute and related control.
66
 For example, auditors commonly use higher TER and ARACR
levels for tests of credit approval than for tests of the occurrence
of duplicate sales invoices and bills of lading. This makes sense
because the exceptions for the latter are likely to have a more
direct impact on the correctness of the financial statements than
the former.
 Eg which of the following attributes/conditions have more
important implication on the fairness of financial statement?
A. Sales invoice is not approved but the amount is correctly stated
B. Sales invoice is approved but the amount is materially misstated
 ARACR can be higher/relaxed for A; but should be lower for B,
because of its significance for the fairness of the F/S. (B needs
higher accuracy )

67
How does ARACR relate to internal control?
 When client‟s internal control is effective, assessed
control risk is low, sampling error (ARACR) is
assumed to be low and substantive tests of details of
balances will also reduce.
 Low ARACR can be related to low assessed control
risk
 When client‟s internal control is not effective, assessed
control risk is high, sampling error (ARACR) is
assumed to be higher and substantive tests of details of
balances will also increase. Thus higher ARACR can
also be related to high assessed control risk
68
 Generally, for audits where there is extensive
reliance on internal control, control risk will
be assessed at low and therefore ARACR will
also be as low.
 Conversely, if the auditor plans to rely on
internal controls only to a limited extent,
control risk will be assessed as high and so
will ARACR.

69
 Eg. Assume that TER is 6%, ARACR is high,
and the true population exception rate is 8%.
The control in this case is not acceptable
because the true exception rate of 8 % exceeds
TER.
 If the control were said to be effective in this
case, the auditor would have over relied on the
system of internal control (used a lower
assessed control risk than was justified).
70
 How does ARACR relates to sample size? Low
ARACR relates to higher accuracy so larger
sample size is needed.
 Like for TER, there is an inverse relationship
between ARACR and planned sample size.
 If the auditor reduces ARACR from high to low,
planned sample size must be increased.
 ARACR represents the auditor‟s risk of
incorrectly accepting the control as effective, and
a larger sample size is required to lower this risk.
..\Links\Factors affecting ARACR.doc

71
8. Sensitivity of Sample Size to a Change in the Factors
 The difference between two factors, ie. TER minus EPER affects
sample size
 TER minus EPER is the precision of the initial sample estimate.
 A smaller precision, which is called a more precise estimate, requires
a larger sample.
 Assume TER is 4% and EPER is 3%. In this case, precision is 1%,
higher accuracy is needed, which will result in a large sample size.
 Assume TER is 8% and EPER is zero. In this case, precision is 8%,
so the sample size can be small and still give the auditor confidence
that the actual exception rate is less than 8%.

72
 Different sample sizes can be used to test
different attributes.
 For those attributes, the difference between
TER and EPER is smallest, a larger sample
size is required.
 Although the difference between TER and
EPER (the precision) is the same for two
attributes, the sample size may be lower for
the attribute for which the estimated
population exception rate is zero.
73
9. Attribute sampling: Attribute sampling is another name for
tests of control audit sampling that uses statistical
measures.
 Attribute sampling is a statistical audit sampling applied to
attributes to look for the presence or absence of a control
deviation.
 Attribute sampling enable auditors to estimate the
frequency with which specified characteristics occur within
a population.
 For example, for questions like „is sales invoice approved?‟, the
yes or no answers will be counted and used for evaluation.
Attribute sampling does not provide dollar value information, ie it
doesn‟t indicate the dollar amount of the deviations; it provides
information such as failures to comply with certain procedure.

74
10. Computed Upper Exception Rate (CUER) for a given ARACR.
This is used with statistical/attribute sampling in tests of controls.
 The Computed Upper Exception Rate (CUER) is a statistical
calculation that is used to estimate the population deviation rate.
 The sample deviation rate (actual sample deviations † sample size)
may be lower or higher than the actual population deviation rate.
 Because auditors are mainly concerned with the risk of assessing
CR too low, the higher/upper limit is calculated to estimate how
high the estimated population deviation rate might be.
 CUER is used to evaluate the results of the test in a statistical
context; table 15-9 is used.
 Table 15-9 computes the Computed Upper Exception Rate (CUER)
or upper deviation or error limit for a given ARACR, sample size,
and number of deviations found in tests of controls.

75