Audit Sampling Guidelines and Reference Materials for Internal Auditors

Slide Note
Embed
Share

Review authoritative guidance for audit sampling and the potential for external auditor reliance on internal auditors. Understand and apply concepts related to audit sampling to project results with certainty. Available reference materials include AICPA Codification of Statements, AICPA Audit Guide, and The Institute of Internal Auditors International Professional Practices Framework. The IPPF standards emphasize the need for auditors to identify sufficient, reliable, relevant, and useful information. Implementation guidance requires internal auditors to select representative samples for generalization of results.

beryl
beryl Follow

Uploaded on Jul 12, 2024 | 5 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. AUDIT SAMPLING LOUISIANA ASSOCIATION OF COLLEGE AND UNIVERSITY AUDITORS (LACUA) OCTOBER 28, 2022

  2. OBJECTIVES To review authoritative guidance for audit sampling: Potential for external auditor reliance on internal auditors (AU-C 610). To project results of our work with a greater degree of certainty.

  3. OBJECTIVES Guidance on sampling related topics: Understand sampling Apply concepts To respond to questions related to audit sampling.

  4. AVAILABLE REFERENCE MATERIAL AICPA Codification of Statements on Auditing Standards, AU-C 530, Audit Sampling AICPA Codification of Statements on Auditing Standards, AU-C 935, Compliance Audits, .A21

  5. AVAILABLE REFERENCE MATERIAL AICPA Audit Guide, Audit Sampling AICPA Audit Guide, Government Auditing Standards and Single Audits

  6. AVAILABLE REFERENCE MATERIAL The Institute of Internal Auditors (IIA) International Professional Practices Framework (IPPF) IPPF Practice Guide, Assisting Small Internal Audit Activities in Implementing the Standards

  7. IIA SMALL INTERNAL AUDIT ACTIVITIES One to five auditors Productive hours less than 7,500/year Limited co-sourcing or out-sourcing

  8. IPPF STANDARDS 2310 Auditors must identify sufficient, reliable, relevant, and useful information to achieve the engagement s objectives.

  9. IPPF IMPLEMENTATION GUIDANCE If internal auditors choose to select a sample, they are responsible for applying methods to assure that the sample selected represents the whole population and/or time period to which the results will be generalized.

  10. IPPF PRACTICE GUIDE External audit requirements for sampling may not correspond to that of the internal audit activity.

  11. IPPF PRACTICE GUIDE The Standards encourage collaboration with external auditing and such collaboration may include discussion of external audit sampling and scoping parameters. Such discussions in advance of audit plan development and execution may allow for greater reliance on the work of internal auditing.

  12. AUDIT SAMPLING DEFINED (AU-C 530.05) The selection and evaluation of less than 100% of the population of audit relevance such that the auditor expects the items selected (the sample) to be representative of the population and, thus, likely to provide a reasonable basis for conclusions about the population.

  13. AUDIT SAMPLING DEFINED (AU-C 530.05) Representative Sample conclusions, subject to the limitations of sampling risk, are similar to those that would be drawn if the same procedures were applied to the entire population.

  14. SAMPLING RISK DEFINED (AU-C 530.05) The risk that the auditor s conclusion based on the sampling procedures may be different than a conclusion based on applying the same audit procedure to the entire population.

  15. SAMPLING RISK DEFINED (AU-C 530.05) Ineffective sample: Concluding controls are more effective than they actually are, or a material misstatement/material noncompliance does not exist when it does and is: Likely to lead to an inappropriate conclusion. Risk of overreliance Potential audit failure

  16. SAMPLING RISK DEFINED (AU-C 530.05) Inefficient sample: Concluding controls are less effective than they actually are or a material misstatement/material noncompliance exists when it does not. May result in additional work to determine initial conclusions were incorrect. Underreliance.

  17. AUDITOR JUDGMENT IN SAMPLING Auditor judgment is critical for determining/assessing: Risks (differs from the annual internal audit risk assessments)

  18. AUDITOR JUDGMENT IN SAMPLING Auditor judgment is critical for determining: Materiality Performance Materiality and Tolerable Misstatement/Deviation Immaterial Misstatements Trivial Misstatements

  19. AUDITOR JUDGMENT IN SAMPLING However We judgmentally selected a sample of . . . We judgmentally determined to use a sample size of . . . May not be appropriate.

  20. AUDITOR JUDGMENT IN SAMPLING Auditor understanding of population: Allows judgment when determining whether to stratify the population before sampling, or whether to use sampling at all. Determining if population consists primarily of significant transactions. Using substantive analytical procedures to provide sufficient appropriate audit evidence.

  21. AUDITOR JUDGMENT IN SAMPLING DATA ANALYTICS

  22. AUDITOR JUDGMENTIN SAMPLING Acceptable sampling methods: Random (statistical or nonstatistical) Systematic (starting point, then every nth item in the population) Haphazard

  23. AUDITOR JUDGMENTIN SAMPLING Acceptable sampling methods include: Monetary Unit Sampling (statistical) used to assess the amount of monetary misstatement that may exist in a population.

  24. RELEVANT ASSERTIONS (MANAGEMENT S ASSERTIONS)

  25. Account Balances Presentation and Disclosure Classes of Transactions Occurrence/Existence Transactions and events that have been recorded have occurred and pertain to the college/university Assets, liabilities, and equity interests exist Disclosed events and transactions have occurred and pertain to the college/university Rights and Obligations The college/university holds or controls the rights to assets, and liabilities are obligations of the college/university Completeness All transactions and events that should have been recorded have been recorded All assets, liabilities, and equity interests that should have been recorded have been recorded All disclosures that should have been included in the financial statements have been included Accuracy/Valuation and Allocation Amounts related to transactions have been recorded appropriately Assets, liabilities, and equity are included in the financial statements at appropriate amounts Information is disclosed fairly and at appropriate amounts Cut Off Transactions have been recorded in the correct accounting period Classification and Presentation Transactions have been recorded in proper amounts Financial information is appropriately presented and described

  26. AND COMPLIANCE (E.G., LAWSANDREGULATIONS, FEDERALPROGRAMREQUIREMENTS) PCARDS/TRAVEL CARDS? STUDENT FINANCIAL AID?

  27. IS SAMPLING APPROPRIATE Determine if sampling is most appropriate/ effective: Homogeneous population Control tests/substantive tests of details vs substantive analytical procedures? DATA ANALYTICS

  28. DETERMININGIF AUDIT SAMPLING IS APPROPRIATEFORTHE TESTS Homogeneous Population: College/university s tuition and fee revenues totaled $400 million for the fiscal year. Enrollment = 30,000 Full-time COA = $7,500 per semester Sample of 100 students = $750,000 (maximum) Will a substantive analytical procedure provide better, sufficient appropriate substantive evidence?

  29. DETERMININGIF AUDIT SAMPLING IS APPROPRIATEFORTHE TESTS Homogeneous Population: Testing controls (sampling) - effective or efficient? Test of controls with a limited number of transactions through/from the software application? Fewer students? More students? Substantive analytical procedure? Data analytics?

  30. DETERMININGIF AUDIT SAMPLING IS APPROPRIATEFORTHE TESTS Homogeneous Population: Substantive analytical procedure: Published tuition and fee costs per credit hour (A) Validate schedule - i.e., approved and agrees with the fee tables in the software application Student enrollment (B) Break down enrollment by credit hours Tolerable limit (C) Acceptable difference from reported amount

  31. DETERMININGIF AUDIT SAMPLING IS APPROPRIATEFORTHE TESTS Homogeneous Population: A x B Tuition and fees on income statement. Result within C (+ or -)?

  32. DETERMININGIF AUDIT SAMPLING IS APPROPRIATEFORTHE TESTS Homogeneous Population: Evaluate effectiveness: Does the calculation provide evidence that the fee schedule is applied to each student appropriately (provides evidence that controls are effective)? Is the calculated total within the expectation/ tolerable limit (substantive result)? Does the calculation provide assurance that the reported balance is materially correct?

  33. DETERMININGIF AUDIT SAMPLING IS APPROPRIATEFORTHE TESTS Homogeneous Population: If a fee is not correct in the IT system, is sampling individual students necessary? Conclude based on a substantive procedure (calculation)? A $10 fee charged per student is posted in the system as $9.50 maximum error = $15,000 (0.00375%). A $10 fee charged per credit hour (360,000 hours) is posted as $9.50. Maximum error = $180,000 (0.045%). Is either material?

  34. DETERMININGIF AUDIT SAMPLING IS APPROPRIATEFORTHE TESTS PCard/Travel Expenses: Not homogeneous Airfare, hotel, car rental, food, incidentals, etc. Sample? Stratify population? Combination of the two?

  35. DOCUMENTINGTHE SAMPLE

  36. DEFININGTHE OBJECTIVEOFTHE SAMPLE The control or amount (substantive) of the account balance, class of transactions, or disclosure component being tested.

  37. DEFININGTHE OBJECTIVEOFTHE SAMPLE Control To determine whether key controls relating to PCard/travel expenses are in place and operating effectively To support the preliminary risk assessment (identified for each key control), and To determine if the institution has complied with applicable, material purchasing laws/regulations

  38. DEFININGTHE OBJECTIVEOFTHE SAMPLE Substantive To determine if PCard/travel expenses are materially correct.

  39. DEFININGTHE POPULATIONFROM WHICHTHE SAMPLE IS TAKEN Control/Substantive or Both The population is all PCard/travel expenses recorded in the general ledger.

  40. DEFININGTHE POPULATIONFROM WHICHTHE SAMPLE IS TAKEN Control/Substantive or Both Transactions to be included in the population: All expenses coded to travel accounts (e.g., GL accounts 7451-7460). PCard transactions processed through the issuing bank.

  41. DEFININGTHE PERIOD COVEREDFOR THE POPULATION Control/Substantive or Both All expenses as defined above included in the period from July 1, 2021, through June 30, 2022.

  42. CONSIDERATIONOFTHE COMPLETENESSOFTHE POPULATION Control/Substantive or Both Reconcile detail expense transactions processed through AP to the GL accounts. Reconcile PCard transactions to bank statements.

  43. DEFININGTHE SAMPLING UNIT Control/Substantive or Both Any individual transaction from the population from which the sample will be taken.

  44. IDENTIFICATIONOF INDIVIDUALLY SIGNIFICANT ITEMS (STRATIFYING) Substantive (using the same population for control testing) PERCENTOF DOLLARS NUMBER OF UNITS PERCENTOF POPULATION DOLLAR AMOUNT 100% 100% Total population 1,000 $1,000,000 25% 0.375% Total of items excluded from the population (<=$100) 250 $3,750 1.5% 15% Total of items tested separately (i.e., at 100%) 15 $150,000 73.5% 84.625% Remaining population subject to sampling 735 $846,250

  45. IDENTIFICATIONOF INDIVIDUALLY SIGNIFICANT ITEMS (STRATIFYING) Substantive Justify the portion of the population not tested: All transactions <= $100 totaled $3,750, 0.375% of dollars and 25% of transactions Transactions in total are less than the level of immateriality and represent little to no risk of material misstatement for the population as a whole.

  46. DEFININGTHE ERROR Deviation condition (control) or error (substantive - i.e., misstatement/exception): An answer of X to any of the control/ substantive attributes listed at the test.

  47. DETERMINING SAMPLE SIZE Control test: Determine confidence level and risk of overreliance a 95% confidence level results in a 5% risk of overreliance ( 3.38-3.61). Determine the tolerable deviation rate (normally expressed as a percentage). Determine the expected deviation rate the higher the rate, the larger the sample.

  48. DETERMINING SAMPLE SIZE Control test: If practicable, use the Audit Guide Table A-1. Adjust the base sample size if the population is small or if operating controls are infrequent. See the Audit Guide, Tables 3-4 and 3-5 for sample sizes for small populations. Note that for populations of 4 - 52, Table 3-5 suggests sample sizes (requires sample to be documented).

  49. DETERMINING SAMPLE SIZE Substantive test of details: Determine the objective: To determine if PCard/travel expenses are materially correct.

  50. DETERMINING SAMPLE SIZE Substantive test of details: Determine the RMM. Determine analytical procedures risk: Will substantive analytical procedures provide sufficient appropriate audit evidence? Will substantive analytical procedures reduce sample sizes?

Related


Understanding Non-Probability Sampling Methods

Understanding Non-Probability Sampling Methods

novah
Understanding Internal Audit and Controls Process

Understanding Internal Audit and Controls Process

auden
Impact of Data Analytics and Consulting Activities on Internal Audit Quality

Impact of Data Analytics and Consulting Activities on Internal Audit Quality

ellierose
Internal Audit Department Overview

Internal Audit Department Overview

bellatrix
Internal Audit Planning and Practices for Effective Risk Management

Internal Audit Planning and Practices for Effective Risk Management

keir
Internal Audit Process & Audit Committees Overview

Internal Audit Process & Audit Committees Overview

mairead
Understanding Sampling Methods in Statistical Analysis

Understanding Sampling Methods in Statistical Analysis

darci
Understanding Sampling Methods and Errors in Research

Understanding Sampling Methods and Errors in Research

alfie-james
Systematic Analysis of Real Samples in Analytical Chemistry

Systematic Analysis of Real Samples in Analytical Chemistry

cayson
New Risk Management and Internal Audit Framework for Local Councils in NSW

New Risk Management and Internal Audit Framework for Local Councils in NSW

rico
Road Safety Audit Seminar Update - May 2018

Road Safety Audit Seminar Update - May 2018

adne
Technical Guide on Audit of Internal Finance Controls in Public Sector Banks

Technical Guide on Audit of Internal Finance Controls in Public Sector Banks

hart
Audit of Insurance Companies: Overview and Key Topics

Audit of Insurance Companies: Overview and Key Topics

olaf
Fundamentals of Food Sampling and Analysis

Fundamentals of Food Sampling and Analysis

sofija
Understanding Sampling Plans in Statistical Analysis

Understanding Sampling Plans in Statistical Analysis

karsyn
Understanding Sampling and Signal Processing Fundamentals

Understanding Sampling and Signal Processing Fundamentals

imani
Sampling Under the RRF - General Principles and Methods

Sampling Under the RRF - General Principles and Methods

blue
Implementation Guide on Reporting under Rule 11(g) of Companies (Audit and Auditors) Rules, 2014

Implementation Guide on Reporting under Rule 11(g) of Companies (Audit and Auditors) Rules, 2014

zayla
DPI Auditor Insights and State Audit Guidelines Overview

DPI Auditor Insights and State Audit Guidelines Overview

lowie
Understanding Random Sampling and RAT-Stats in Statistical Analysis

Understanding Random Sampling and RAT-Stats in Statistical Analysis

linnea
Exploring Hybrid Auditing Methods in Corporate Governance

Exploring Hybrid Auditing Methods in Corporate Governance

charley
Comparison of Financial Audit and Management Audit

Comparison of Financial Audit and Management Audit

april
Clinical Audit Results of Moderate to Acute Severe Asthma in EDs 2016/17

Clinical Audit Results of Moderate to Acute Severe Asthma in EDs 2016/17

aster
Compliance with Audit Documentation

Compliance with Audit Documentation

reine

More Related Content

Roles and Responsibilities of Auditors and Observers in the Audit Process
Roles and Responsibilities of Auditors and Observers in the Audit Process
Recap of Customized Audit Plan Activities
Recap of Customized Audit Plan Activities
Challenges and Strategies in Bank Audit: Shifting Role of the Auditor
Challenges and Strategies in Bank Audit: Shifting Role of the Auditor
Important Provisions of Companies Act Regarding Audit
Important Provisions of Companies Act Regarding Audit
Rising Auditor Resignations in Listed Entities: Shocking Trends Revealed
Rising Auditor Resignations in Listed Entities: Shocking Trends Revealed
Understanding Quality Assurance in Public Audit Systems
Understanding Quality Assurance in Public Audit Systems
Otay Mesa Enhanced Infrastructure Financing District Public Financing Authority Meeting Summary
Otay Mesa Enhanced Infrastructure Financing District Public Financing Authority Meeting Summary
Sampling Methods and Requirements for Water and Wastewater Analysis
Sampling Methods and Requirements for Water and Wastewater Analysis
Understanding Analog Data and Digital Signal Transmission
Understanding Analog Data and Digital Signal Transmission
Understanding Sampling Methods in Social Research
Understanding Sampling Methods in Social Research
Department of Basic Education Audit Committee Presentation Portfolio
Department of Basic Education Audit Committee Presentation Portfolio
Introduction to Sampling in Statistics
Introduction to Sampling in Statistics
FRSC Corps Internal Audit Overview
FRSC Corps Internal Audit Overview
Navigating Regulatory Compliance in Today's World - Internal Audit Insights
Navigating Regulatory Compliance in Today's World - Internal Audit Insights
Understanding Internal Financial Controls and Regulatory Mandates
Understanding Internal Financial Controls and Regulatory Mandates
National Audit Results for Severe Sepsis and Septic Shock 2016/17
National Audit Results for Severe Sepsis and Septic Shock 2016/17
Understanding the Single Audit Process for Federal Grants
Understanding the Single Audit Process for Federal Grants
National Clinical Audit 2016/17: Consultant Sign-Off Summary
National Clinical Audit 2016/17: Consultant Sign-Off Summary
Understanding Departmental Audits in GST
Understanding Departmental Audits in GST
Weatherization Energy Auditor Single Family - Energy Audit Software
Weatherization Energy Auditor Single Family - Energy Audit Software
Audit Practices for SDGs Implementation Evaluation in Turkey
Audit Practices for SDGs Implementation Evaluation in Turkey
Guidelines for Post-Clearance Audit (PCA) - Implementation Steps
Guidelines for Post-Clearance Audit (PCA) - Implementation Steps
Audit of Ward-based IT Infrastructure at University Hospital of Limerick
Audit of Ward-based IT Infrastructure at University Hospital of Limerick
Bank Audit Using Ms-Excel: A Comprehensive Guide by CA Saran Kumar
Bank Audit Using Ms-Excel: A Comprehensive Guide by CA Saran Kumar