- Planning the sample
When planning how to carry out the sampling the auditor should consider the following:
- The objective of the test and the combination of audit procedures which are likely to achieve these objectives;
- The population and sampling units. The population should be appropriate to the objective of the sampling procedure. E.g. if the auditor’s objective is to test for overstatement of debtors an appropriate population would be the debtors listing;
- Definition of errors in substantive testing and deviations in compliance testing. Before performing tests on the chosen sample, the auditor should define clearly those test results and conditions that will be considered errors or deviations by reference to the audit objective. For substantive testing the auditor should project monetary errors found in the sample to the population and should consider the effect of the projected error on the particular test objectives.
- Determination of the sample size
The auditor needs to determine an appropriate size of the sample on which the audit procedures will be applied. The size is determined by:
- The tolerable error or deviation rate- the larger the tolerable error or deviation rate, the smaller the sample size.
- Auditor’s assessment of inherent risk. The higher the auditor’s assessment of inherent risk, the larger the sample size. Higher inherent risk implies that there is a greater risk that the financial balance will be misstated. To reduce this risk the auditor will need to extend the level of testing. This is achieved by testing a larger sample.
- Auditor’s assessment of control risk. The higher the auditor’s assessment of control risk, the larger the sample size. A high control risk implies that little reliance can be placed on effective operation of internal controls. To reduce the audit risk the auditor will need to extend the level of testing, this is achieved by increasing the size of the sample.
- Expected error. This refers to the total error that the auditor expects to find in the population. The greater the amount of error the auditor expects to find in the population, the larger the size of the sample needed in order to make a reasonable estimate of the actual amount of error in the population.
- Auditor’s required confidence level. The greater the degree of confidence that the auditor requires that the results of the sample are in fact representative of the actual amount of error in the population, the larger the sample needs to be.
- Selecting the items to be tested
The sample selected should be representative of the population so that the auditor can draw conclusions about the entire population. All sampling units should have an equal chance of being selected. Common methods of selecting samples include:
- Random sampling by use of random number tables or use of computers to select sampling units
- Systematic selection
- Haphazard selection
- Testing the items
After selecting the sample units, the auditor should carry out the pre- determined audit tests on each item.
- Evaluating the results of the tests
The following procedures should be followed in evaluating the results of the tests:
- All errors identified and deviations should be evaluated;
- Projection of error. The auditor should estimate the expected error or deviation rate in the whole population by projecting the results of the sample to the population so as to obtain a broad view of possible error or deviation rates in the entire population. This will then be compared with the established tolerable error or deviation rate;
- Assessing the risk of incorrect conclusion. In general the expected error or deviation is rarely a precise measure of the actual error or deviation rate present in the population. Actual error rate may be greater or smaller than projected error. The auditor must therefore consider on the basis of his sample results and relevant evidence obtained from other audit procedures, the possible levels which the actual error or deviation rate might take and particularly the likelihood that the actual error or deviation rate may exceed tolerable error or deviation rate.