Audit Sampling

It's not practicable to test every single transaction

What is Audit Sampling?

Why do auditors use audit sampling to determine material misstatements in financial statements? Why not just test every single item and every transaction? Many people often think that auditing every single transaction is ideal, but that is actually not the case. Sampling can be defined as the process of examining only part of a set of data/population, sufficient to gain reasonable assurance regarding the entire data/population.


Audit Sampling


Auditors use sampling mainly because they are not seeking absolute certainty (they are looking for reasonable assurance), examining all data may still not provide absolute certainty (e.g., consider the completeness assertion), and finally, due to cost-benefit reasons. The argument regarding the completeness assertion is important because even if we audit everything, we don’t know if we actually are auditing everything, because there may be transactions that are missing from the general ledger.


Sampling Risk and Non-Sampling Risk

Auditors always try their best to pick a sample that is representative of the population. However, it is not always possible due to bad luck or pure errors in judgment. Let us clearly understand the difference between sampling risk and non-sampling risk.


Sampling RiskNon-Sampling Risk
The risk that the auditor reaches an incorrect conclusion because the sample chosen is not representative of the population from which it was drawnThe risk that the auditor reaches an incorrect conclusion for any reason not related to sampling risk
The proper sampling method was selected and applied but failed to uncover material misstatements (i.e. unlucky) Results from auditor failure (lack of due care)
Occurs because of the nature of sampling. Auditors can reduce sampling risk but cannot eliminate it entirelyFailure to apply effective or appropriate procedures (i.e. doing the wrong procedure)
Sampling risk can be reduced by giving every item an equal chance of selection and/or increasing sample sizeNon-sampling risk can be reduced by increasing auditor competence and enhancing supervision of staff.


Statistical vs. Non-Statistical Sampling

When auditors use sampling, auditors can choose one of two methods: the statistical approach or the judgmental (non-statistical) approach. The statistical approach uses computer-based technology to come up with sample size numbers and randomly select items from the population. The judgmental approach, on the other hand, employs the auditor’s judgment and experience to come up with a sample size. There are advantages and disadvantages to using each method:


Statistical MethodNon-Statistical Method
The results are objective and defensible because they are clear mathematical resultsAvoids the time-consuming and expensive preparatory work and population studies that are required for statistical sampling
The audit work is more consistent (less likely to decrease the sample size base on a time budget)
Sampling error, also known as further possible misstatements (FPM), can be quantified
Avoids over-auditing. Typically for the non-statistical method, there is a tendency to over-audit in case the sample size is too small.
Not auditor-specificAllows for the auditor’s experience and judgment (i.e. more flexible)


Sampling Methodologies

There are numerous kinds of sampling methodologies, two of which are variable sampling and attribute sampling. Variable sampling is typically used for substantive procedures, such as when performing tests of details of balances, while attribute sampling is typically used for tests of internal controls. Attribute sampling is used to estimate the proportion of items in a population that contain a specified attribute of interest.

For example, let’s say that one internal control that the client employs is that two signatures are required to approve a vendor payment. By choosing a sample of 20 items, it was identified that 3 out of 20 failed to follow the internal control because they either contained only one signature or included the wrong signatures. The sample exception rate is 3/20 = 15%, and let’s assume that the auditor’s tolerable exception rate is 6%. Because the sample rate is greater than the tolerable rate, the control risk is assessed to be higher than it was originally estimated to be.


Related Readings

We hope you have enjoyed reading CFI’s guide to audit sampling. CFI offers the global Certified Financial Analyst program. To learn more, see the following resources.

Free Accounting Courses

Learn accounting fundamentals and how to read financial statements with CFI's free online accounting classes. These courses will give the confidence you need to perform world-class financial analyst work. Start now!  

Building confidence in your accounting skills is easy with CFI courses! Enroll now for FREE to start advancing your career!