Chapter 9 - Audit Sampling

Question 1

What is audit sampling?

Answer 1

Applying a procedure to less than 100% of a population.
To estimate some characteristic of the population.

Question 2

What is Sampling risk?

Answer 2

Risk that the auditors’ conclusion based on a sample may be different from the conclusion they would reach if they examined every item in the population.

Question 3

What are the two types of Sampling?

Answer 3

Nonstatistical sampling—Using judgment to plan, perform, and/or evaluate the sample.

Statistical sampling—Using mathematics and statistics plan, perform, and evaluate the sample.

Question 4

What are the benefits of a random sample?

Answer 4

Random sample results in a statistically unbiased sample that may or may not be a representative sample.

Question 5

What are the primary random sampling techniques?

Answer 5

Random number generator (for example, use I D E A or Excel).

Random number tables.

Systematic selection—selecting every nth item.

Haphazard Selection

Block Selection:
Consists of all items in a selected time period, numerical sequence, or alphabetical sequence.

Stratification:
Technique of dividing population into relatively homogeneous subgroups.

Question 6

What is a dual-purpose Test?

Answer 6

A test used both as a test of control and to substantiate the dollar amount of an account balance.

Question 7

What are the three key steps in determining the sample size to test (Control and Substantive Testing)?

Answer 7

1- Determine the objective that you are testing for
2- Determine the population
3- Choose a sampling technique
4- Determine the sample size
and tolerable deviation rate (or Tolerable Misstatement for Substantive testing)
5- Evaluate the Sample results
6- Document the results.

Question 8

Does every deficiency identified from a control sample testing need to be evaluated for significance?

Answer 8

Yes, every deficiency in sample testing for SOX needs to be evaluated for significance. This evaluation is crucial to determine the severity of the control failure and its potential impact on the financial statements. The evaluation process involves classifying the severity of any control failure based on the potential impact on the financial statements. This classification helps in addressing the deficiencies appropriately as to whether they are just a deficiency, a significant deficiency or a material weakness in financial controls this process ensures that the controls are effective and maintain the integrity of financial reporting.

Question 9

Does the evaluation of deficiencies apply for both control and substantive testing?

Answer 9

Yes, the principles used to evaluate the significance of deficiencies in SOX sample testing for internal controls are applicable to both control testing and substantive testing, but the application differs in focus due to the nature of each testing type.
1. Control Testing Context:
Control testing assesses whether internal controls are designed effectively and operating as intended to prevent or detect material misstatements.
When a deficiency is identified in control testing (e.g., a control failure or design gap), auditors evaluate its likelihood (probability that a misstatement would occur) and magnitude (potential impact on financial statements) to classify it as:
Control deficiency
Significant deficiency
Material weakness
This severity assessment guides remediation priorities and reporting to management and the audit committee (Sources

2. Substantive Testing Context:
   Substantive testing examines the completeness, accuracy, and validity of recorded financial data through procedures like analytical testing, transaction testing, and balance verification.
   While substantive testing primarily detects misstatements rather than evaluating control operations, the evaluation of deficiencies still relies on materiality and impact considerations:
   If the sample testing uncovers errors or misstatements, auditors consider whether these individual deficiencies, or their combined effect, indicate issues with internal controls, potentially signaling a material weakness in ICFR.
   Quantitative and qualitative assessments, similar to control testing, guide decisions on extending testing or reporting to management.