ISA 530 441
A
U
D
IT
IN
G
INTERNATIONAL STANDARD ON AUDITING 530
AUDIT SAMPLING
(Effective for audits of financial statements for periods
beginning on or after December 15, 2009)
CONTENTS
Paragraph
Introduction
Scope of this ISA ........................................................................................ 1−2
Effective Date ............................................................................................. 3
Objective .................................................................................................... 4
Definitions .................................................................................................. 5
Requirements
Sample Design, Size and Selection of Items for Testing ............................ 6−8
Performing Audit Procedures ..................................................................... 9−11
Nature and Cause of Deviations and Misstatements ................................... 12−13
Projecting Misstatements ............................................................................ 14
Evaluating Results of Audit Sampling ........................................................ 15
Application and Other Explanatory Material
Definitions .................................................................................................. A1−A3
Sample Design, Size and Selection of Items for Testing ............................ A4−A13
Performing Audit Procedures ..................................................................... A14−A16
Nature and Cause of Deviations and Misstatements ................................... A17
Projecting Misstatements ............................................................................ A18−A20
Evaluating Results of Audit Sampling ........................................................ A21−A23
Appendix 1: Stratification and Value-Weighted Selection
Appendix 2: Examples of Factors Influencing Sample Size for Tests
of Controls
Appendix 3: Examples of Factors Influencing Sample Size for Tests
of Details
Appendix 4: Sample Selection Methods
AUDIT SAMPLING
ISA 530 442
International Standard on Auditing (ISA) 530, “Audit Sampling” should be read in
conjunction with ISA 200, “Overall Objectives of the Independent Auditor and the
Conduct of an Audit in Accordance with International Standards on Auditing.”
AUDIT SAMPLING
ISA 530 443
A
U
D
IT
IN
G
Introduction
Scope of this ISA
1. This International Standard on Auditing (ISA) applies when the auditor has
decided to use audit sampling in performing audit procedures. It deals with
the auditor’s use of statistical and non-statistical sampling when designing
and selecting the audit sample, performing tests of controls and tests of
details, and evaluating the results from the sample.
2. This ISA complements ISA 500,1 which deals with the auditor’s responsibility
to design and perform audit procedures to obtain sufficient appropriate audit
evidence to be able to draw reasonable conclusions on which to base the
auditor’s opinion. ISA 500 provides guidance on the means available to the
auditor for selecting items for testing, of which audit sampling is one means.
Effective Date
3. This ISA is effective for audits of financial statements for periods beginning
on or after December 15, 2009.
Objective
4. The objective of the auditor, when using audit sampling, is to provide a
reasonable basis for the auditor to draw conclusions about the population
from which the sample is selected.
Definitions
5. For purposes of the ISAs, the following terms have the meanings attributed
below:
(a) Audit sampling (sampling) – The application of audit procedures to
less than 100% of items within a population of audit relevance such
that all sampling units have a chance of selection in order to provide
the auditor with a reasonable basis on which to draw conclusions
about the entire population.
(b) Population – The entire set of data from which a sample is selected
and about which the auditor wishes to draw conclusions.
(c) Sampling risk – The risk that the auditor’s conclusion based on a
sample may be different from the conclusion if the entire population
were subjected to the same audit procedure. Sampling risk can lead
to two types of erroneous conclusions:
(i) In the case of a test of controls, that controls are more
effective than they actually are, or in the case of a test of
1 ISA 500, “Audit Evidence.”
AUDIT SAMPLING
ISA 530 444
details, that a material misstatement does not exist when in
fact it does. The auditor is primarily concerned with this type
of erroneous conclusion because it affects audit effectiveness
and is more likely to lead to an inappropriate audit opinion.
(ii) In the case of a test of controls, that controls are less effective
than they actually are, or in the case of a test of details, that a
material misstatement exists when in fact it does not. This
type of erroneous conclusion affects audit efficiency as it
would usually lead to additional work to establish that initial
conclusions were incorrect.
(d) Non-sampling risk – The risk that the auditor reaches an erroneous
conclusion for any reason not related to sampling risk. (Ref: Para.
A1)
(e) Anomaly – A misstatement or deviation that is demonstrably not
representative of misstatements or deviations in a population.
(f) Sampling unit – The individual items constituting a population. (Ref:
Para. A2)
(g) Statistical sampling – An approach to sampling that has the following
characteristics:
(i) Random selection of the sample items; and
(ii) The use of probability theory to evaluate sample results,
including measurement of sampling risk.
A sampling approach that does not have characteristics (i) and (ii) is
considered non-statistical sampling.
(h) Stratification – The process of dividing a population into sub-
populations, each of which is a group of sampling units which have
similar characteristics (often monetary value).
(i) Tolerable misstatement – A monetary amount set by the auditor in
respect of which the auditor seeks to obtain an appropriate level of
assurance that the monetary amount set by the auditor is not
exceeded by the actual misstatement in the population. (Ref: Para.
A3)
(j) Tolerable rate of deviation – A rate of deviation from prescribed
internal control procedures set by the auditor in respect of which the
auditor seeks to obtain an appropriate level of assurance that the rate
of deviation set by the auditor is not exceeded by the actual rate of
deviation in the population.
AUDIT SAMPLING
ISA 530 445
A
U
D
IT
IN
G
Requirements
Sample Design, Size, and Selection of Items for Testing
6. When designing an audit sample, the auditor shall consider the purpose of
the audit procedure and the characteristics of the population from which the
sample will be drawn. (Ref: Para. A4–A9)
7. The auditor shall determine a sample size sufficient to reduce sampling risk
to an acceptably low level. (Ref: Para. A10–A11)
8. The auditor shall select items for the sample in such a way that each sampling
unit in the population has a chance of selection. (Ref: Para. A12–A13)
Performing Audit Procedures
9. The auditor shall perform audit procedures, appropriate to the purpose, on
each item selected.
10. If the audit procedure is not applicable to the selected item, the auditor shall
perform the procedure on a replacement item. (Ref: Para. A14)
11. If the auditor is unable to apply the designed audit procedures, or suitable
alternative procedures, to a selected item, the auditor shall treat that item as
a deviation from the prescribed control, in the case of tests of controls, or a
misstatement, in the case of tests of details. (Ref: Para. A15–A16)
Nature and Cause of Deviations and Misstatements
12. The auditor shall investigate the nature and cause of any deviations or
misstatements identified, and evaluate their possible effect on the purpose of
the audit procedure and on other areas of the audit. (Ref: Para. A17)
13. In the extremely rare circumstances when the auditor considers a
misstatement or deviation discovered in a sample to be an anomaly, the
auditor shall obtain a high degree of certainty that such misstatement or
deviation is not representative of the population. The auditor shall obtain
this degree of certainty by performing additional audit procedures to obtain
sufficient appropriate audit evidence that the misstatement or deviation does
not affect the remainder of the population.
Projecting Misstatements
14. For tests of details, the auditor shall project misstatements found in the
sample to the population. (Ref: Para. A18–A20)
Evaluating Results of Audit Sampling
15. The auditor shall evaluate:
(a) The results of the sample; and (Ref: Para. A21–A22)
AUDIT SAMPLING
ISA 530 446
(b) Whether the use of audit sampling has provided a reasonable basis for
conclusions about the population that has been tested. (Ref: Para. A23)
***
Application and Other Explanatory Material
Definitions
Non-Sampling Risk (Ref: Para. 5(d))
A1. Examples of non-sampling risk include use of inappropriate audit procedures, or
misinterpretation of audit evidence and failure to recognize a misstatement or
deviation.
Sampling Unit (Ref: Para. 5(f))
A2. The sampling units might be physical items (for example, checks listed on
deposit slips, credit entries on bank statements, sales invoices or debtors’
balances) or monetary units.
Tolerable Misstatement (Ref: Para. 5(i))
A3. When designing a sample, the auditor determines tolerable misstatement in
order to address the risk that the aggregate of individually immaterial
misstatements may cause the financial statements to be materially misstated
and provide a margin for possible undetected misstatements. Tolerable
misstatement is the application of performance materiality, as defined in
ISA 320,2 to a particular sampling procedure. Tolerable misstatement may
be the same amount or an amount lower than performance materiality.
Sample Design, Size, and Selection of Items for Testing
Sample Design (Ref: Para. 6)
A4. Audit sampling enables the auditor to obtain and evaluate audit evidence
about some characteristic of the items selected in order to form or assist in
forming a conclusion concerning the population from which the sample is
drawn. Audit sampling can be applied using either non-statistical or
statistical sampling approaches.
A5. When designing an audit sample, the auditor’s consideration includes the
specific purpose to be achieved and the combination of audit procedures that is
likely to best achieve that purpose. Consideration of the nature of the audit
evidence sought and possible deviation or misstatement conditions or other
characteristics relating to that audit evidence will assist the auditor in defining
what constitutes a deviation or misstatement and what population to use for
2 ISA 320, “Materiality in Planning and Performing an Audit,” paragraph 9.
AUDIT SAMPLING
ISA 530 447
A
U
D
IT
IN
G
sampling. In fulfilling the requirement of paragraph 10 of ISA 500, when
performing audit sampling, the auditor performs audit procedures to obtain
evidence that the population from which the audit sample is drawn is complete.
A6. The auditor’s consideration of the purpose of the audit procedure, as required by
paragraph 6, includes a clear understanding of what constitutes a deviation or
misstatement so that all, and only those, conditions that are relevant to the
purpose of the audit procedure are included in the evaluation of deviations or
projection of misstatements. For example, in a test of details relating to the
existence of accounts receivable, such as confirmation, payments made by the
customer before the confirmation date but received shortly after that date by the
client, are not considered a misstatement. Also, a misposting between customer
accounts does not affect the total accounts receivable balance. Therefore, it may
not be appropriate to consider this a misstatement in evaluating the sample
results of this particular audit procedure, even though it may have an important
effect on other areas of the audit, such as the assessment of the risk of fraud or
the adequacy of the allowance for doubtful accounts.
A7. In considering the characteristics of a population, for tests of controls, the
auditor makes an assessment of the expected rate of deviation based on the
auditor’s understanding of the relevant controls or on the examination of a
small number of items from the population. This assessment is made in
order to design an audit sample and to determine sample size. For example,
if the expected rate of deviation is unacceptably high, the auditor will
normally decide not to perform tests of controls. Similarly, for tests of
details, the auditor makes an assessment of the expected misstatement in the
population. If the expected misstatement is high, 100% examination or use
of a large sample size may be appropriate when performing tests of details.
A8. In considering the characteristics of the population from which the sample
will be drawn, the auditor may determine that stratification or value-
weighted selection is appropriate. Appendix 1 provides further discussion on
stratification and value-weighted selection.
A9. The decision whether to use a statistical or non-statistical sampling approach
is a matter for the auditor’s judgment; however, sample size is not a valid
criterion to distinguish between statistical and non-statistical approaches.
Sample Size (Ref: Para. 7)
A10. The level of sampling risk that the auditor is willing to accept affects the
sample size required. The lower the risk the auditor is willing to accept, the
greater the sample size will need to be.
A11. The sample size can be determined by the application of a statistically-based
formula or through the exercise of professional judgment. Appendices 2 and 3
indicate the influences that various factors typically have on the determination
of sample size. When circumstances are similar, the effect on sample size of
AUDIT SAMPLING
ISA 530 448
factors such as those identified in Appendices 2 and 3 will be similar
regardless of whether a statistical or non-statistical approach is chosen.
Selection of Items for Testing (Ref: Para. 8)
A12. With statistical sampling, sample items are selected in a way that each
sampling unit has a known probability of being selected. With non-statistical
sampling, judgment is used to select sample items. Because the purpose of
sampling is to provide a reasonable basis for the auditor to draw conclusions
about the population from which the sample is selected, it is important that
the auditor selects a representative sample, so that bias is avoided, by
choosing sample items which have characteristics typical of the population.
A13. The principal methods of selecting samples are the use of random selection,
systematic selection and haphazard selection. Each of these methods is
discussed in Appendix 4.
Performing Audit Procedures (Ref: Para. 10–11)
A14. An example of when it is necessary to perform the procedure on a replacement
item is when a voided check is selected while testing for evidence of payment
authorization. If the auditor is satisfied that the check has been properly voided
such that it does not constitute a deviation, an appropriately chosen replacement
is examined.
A15. An example of when the auditor is unable to apply the designed audit
procedures to a selected item is when documentation relating to that item has
been lost.
A16. An example of a suitable alternative procedure might be the examination of
subsequent cash receipts together with evidence of their source and the
items they are intended to settle when no reply has been received in
response to a positive confirmation request.
Nature and Cause of Deviations and Misstatements (Ref: Para. 12)
A17. In analyzing the deviations and misstatements identified, the auditor may
observe that many have a common feature, for example, type of transaction,
location, product line or period of time. In such circumstances, the auditor may
decide to identify all items in the population that possess the common feature,
and extend audit procedures to those items. In addition, such deviations or
misstatements may be intentional, and may indicate the possibility of fraud.
Projecting Misstatements (Ref: Para. 14)
A18. The auditor is required to project misstatements for the population to obtain
a broad view of the scale of misstatement but this projection may not be
sufficient to determine an amount to be recorded.
AUDIT SAMPLING
ISA 530 449
A
U
D
IT
IN
G
A19. When a misstatement has been established as an anomaly, it may be
excluded when projecting misstatements to the population. However, the
effect of any such misstatement, if uncorrected, still needs to be considered
in addition to the projection of the non-anomalous misstatements.
A20. For tests of controls, no explicit projection of deviations is necessary since
the sample deviation rate is also the projected deviation rate for the
population as a whole. ISA 3303 provides guidance when deviations from
controls upon which the auditor intends to rely are detected.
Evaluating Results of Audit Sampling (Ref: Para. 15)
A21. For tests of controls, an unexpectedly high sample deviation rate may lead to an
increase in the assessed risk of material misstatement, unless further audit
evidence substantiating the initial assessment is obtained. For tests of details, an
unexpectedly high misstatement amount in a sample may cause the auditor to
believe that a class of transactions or account balance is materially misstated, in
the absence of further audit evidence that no material misstatement exists.
A22. In the case of tests of details, the projected misstatement plus anomalous
misstatement, if any, is the auditor’s best estimate of misstatement in the
population. When the projected misstatement plus anomalous misstatement,
if any, exceeds tolerable misstatement, the sample does not provide a
reasonable basis for conclusions about the population that has been tested.
The closer the projected misstatement plus anomalous misstatement is to
tolerable misstatement, the more likely that actual misstatement in the
population may exceed tolerable misstatement. Also if the projected
misstatement is greater than the auditor’s expectations of misstatement used
to determine the sample size, the auditor may conclude that there is an
unacceptable sampling risk that the actual misstatement in the population
exceeds the tolerable misstatement. Considering the results of other audit
procedures helps the auditor to assess the risk that actual misstatement in the
population exceeds tolerable misstatement, and the risk may be reduced if
additional audit evidence is obtained.
A23. If the auditor concludes that audit sampling has not provided a reasonable basis
for conclusions about the population that has been tested, the auditor may:
• Request management to investigate misstatements that have been
identified and the potential for further misstatements and to make any
necessary adjustments; or
• Tailor the nature, timing and extent of those further audit procedures
to best achieve the required assurance. For example, in the case of
tests of controls, the auditor might extend the sample size, test an
alternative control or modify related substantive procedures.