Walkthrough of the classical audit samplingworkflow

Koen Derks

Source:vignettes/articles/sampling-workflow.Rmd

sampling-workflow.Rmd

Introduction

Welcome to the ‘Walkthrough of the classical audit sampling workflow’vignette of thejfa package. This page aims todemonstrate how the package can assist auditors in the standard auditsampling workflow (hereafter referred to as “audit workflow”).

In this audit workflow example, we will be looking at a hypotheticalscenario involving BuildIt, a fictitious construction company based inthe United States. BuildIt is undergoing an audit by an external auditorfrom a fictional audit firm. At the end of the fiscal year, BuildIt haspresented a summary of its financial status in its financial statements.The objective of the auditor is to form an opinion on the fairness ofBuildIt’s financial statements. The auditor’s opinion should becompliant with professional auditing standards(American Institute of Certified Public Accountants(AICPA), 2021; International Auditing and Assurance Standards Board(IAASB), 2018; Public Company Accounting Oversight Board (PCAOB),2020).

The auditor is required to gather appropriate and sufficient evidenceto support the hypothesis that the misstatement in the financialstatements is less than a specified amount, known as the materiality. Ifthe financial statements contain material misstatements, this means thatthe inaccuracies in the financial statements are substantial enough toinfluence the decisions of stakeholders who depend on these financialstatements. For this example, the overall materiality of the financialstatements is set to ten percent. This implies that for the auditor toendorse the financial statements, inaccuracies in the financialstatements should not exceed ten percent.

During an audit, the auditor examines the populations that underpinthe line items in the financial statement. In this vignette, weconcentrate on theBuildIt data set that is included in thepackage, which contains $N N$ = 3500 invoices from the BuildIt’s rental account. The data can beloaded in R viadata("BuildIt").

data("BuildIt")head(BuildIt)

##      ID bookValue auditValue## 1 82884    242.61     242.61## 2 25064    642.99     642.99## 3 81235    628.53     628.53## 4 71769    431.87     431.87## 5 55080    620.88     620.88## 6 93224    501.76     501.76

For this population, the auditor determines the performancemateriality, which is the degree of materiality that applies to thisspecific population. In this case, the performance materiality isestablished at fifty percent of the overall materiality, or fivepercent. This implies that for the auditor to endorse the population,the misstatement in the population should not exceed five percent.

To form an opinion about the misstatement in the population, theauditor typically divides their audit workflow into four stages.Initially, they need to plan the minimum sample size they need toexamine to make inferences about the population. Next, they have toselect the required sample from the population. Subsequently, they needto inspect the selected sample and determine the audit (i.e., true)value of the items it comprises. Finally, they must use the informationfrom the audited sample to make inferences about the misstatement in thepopulation.

workflow

Setting up the audit

The auditor aims to assert that, with 95 percent confidence, themisstatement in the population is less than the performance materialityof five percent. Drawing from last year’s audit at BuildIt, where theupper limit of the misstatement was found to be 2.5 percent, they arewilling to accept a maximum of 2.5 percent misstatements in the intendedsample. Consequently, the auditor can rephrase their statisticalstatement as wanting to conclude that, if 2.5 percent misstatements aredetected in the sample, they can determine with 95 percent confidencethat the misstatement in the population is less than the performancemateriality of five percent.

confidence<-0.95# Confidence level = 95%materiality<-0.05# Performance materiality = 5%expected<-0.025# Tolerable sample errors = 2.5%

Many audits are conducted according to the audit risk model (ARM),which posits that the overall uncertainty about the auditor’s statement(1 - confidence) is a product of three components: inherent risk,control risk, and detection risk.

$Audit risk = Inherent risk \times Control risk \times Detection risk \begin{equation} \text{Audit risk} = \text{Inherent risk} \,\times\, \text{Control risk} \,\times\, \text{Detection risk}\end{equation}$

Inherent risk refers to the risk of a material error occurring inBuildIt’s financial statement before considering any related controlsystems (e.g., computer systems).
Control risk is the risk that BuildIt’s internal control systemsfail to prevent or detect a material misstatement.
Detection risk is the risk that the auditor will not discovermaterial misstatements that exist in BuildIt’s financialstatements.

The ARM is practically useful because for a given level of auditrisk, the tolerable detection risk is inversely proportional to theother two risks. Hence, the ARM can be beneficial for the auditor as itallows them to reduce the amount of audit evidence required from thesample in the presence of risk-reducing information.

Typically, auditors assess inherent risk and control risk on athree-point scale: low, medium, or high. Different audit firms mayassign different standard percentages to these categories. In theauditor’s firm, the probabilities for low, medium, and high are definedas 50 percent, 60 percent, and 100 percent, respectively. Afterevaluating BuildIt’s internal control systems, the auditor hasclassified the internal control risk as medium (60 percent), while theyhave determined the inherent risk to be high (100 percent).

ir<-1# Inherent risk = 100%cr<-0.6# Control risk = 60%

Stage 1: Planning an audit sample

planning

In a frequentist analysis applying the audit risk model, the auditortreats the increased detection risk as their level of uncertainty. Thisimplies that the auditor promptly uses the adjusted confidence levelc.adj to compute the sample size via theplanning() function.

c.adj<-1-((1-confidence)/(ir*cr))stage1<-planning(materiality=materiality, expected=expected, conf.level=c.adj)

The auditor can review the outcome of their planning procedure usingthesummary() function. The results indicate that theauditor needs to select a sample of $n n$ = 178 items. This ensures that if a maximum of $k k$ = 4.45 misstatements are found, they can assert with 91.66 percentconfidence that the misstatement in BuildIt’s population is less thanthe performance materiality of five percent.

summary(stage1)

####  Classical Audit Sample Planning Summary#### Options:##   Confidence level:              0.91667##   Materiality:                   0.05##   Hypotheses:                    H₀: Θ >= 0.05 vs. H₁: Θ < 0.05##   Expected:                      0.025##   Likelihood:                    poisson#### Results:##   Minimum sample size:           178##   Tolerable errors:              4.45##   Expected most likely error:    0.025##   Expected upper bound:          0.049986##   Expected precision:            0.024986##   Expected p-value:              0.083211

Stage 2: Selecting a sample

selection

The auditor is now prepared to select the required $n n$ = 178 items from the population. They have two statistical methods tochoose from for this task. In record sampling(units = "items"), inclusion probabilities are assigned atthe item level, treating items of high and low value equally. This meansan item of $5,000 is just as likely to be selected as an item of $1,000.In monetary unit sampling (units = "values"), inclusionprobabilities are assigned at the level of individual monetary units(e.g., a dollar). When a dollar is selected to be in the sample, theitem that includes that dollar is selected. This method favors itemswith a higher value, as an item with a value of $5,000 is now five timesmore likely to be selected than an item with a value of $1,000.

The auditor opts to use monetary unit sampling, as they want toinclude more high-valued items. Theselection() functionenables them to select the sample from the population using thissampling scheme. They use thestage1 object as input forthesize argument in theselection() function,as this passes the calculated sample size from the planning stagedirectly to the function.

stage2<-selection(  data=BuildIt, size=stage1,  units="values", values="bookValue", method="interval")

Like before, the auditor can examine the results of their samplingprocedure using thesummary() function.

summary(stage2)

####  Audit Sample Selection Summary#### Options:##   Requested sample size:         178##   Sampling units:                monetary units##   Method:                        fixed interval sampling##   Starting point:                1#### Data:##   Population size:               3500##   Population value:              1403221##   Selection interval:            7883.3#### Results:##   Selected sampling units:       178##   Proportion of value:           0.062843##   Selected items:                178##   Proportion of size:            0.050857

Stage 3: Executing the audit

The selected sample can be singled out by indexing the$sample object from the sampling result.

sample<-stage2$sample

Next, the auditor can carry out the audit by annotating the items inthe sample with their audit values. This can be done, for example, bywriting the sample to a csv file usingwrite.csv(). Theannotated sample can then be loaded back into the R session for furtherevaluation.

# Write the sample to a .csv file:write.csv(x=sample, file="auditSample.csv", row.names=FALSE)# Load annotated sample back into R:sample<-read.csv(file="auditSample.csv")

In the case of theBuildIt data set, the audit values ofthe sample items are already provided in theauditValuecolumn of the data set.

Stage 4: Evaluating the sample

evaluation

With the annotated sample, the auditor can perform inference aboutthe misstatement in the population using theevaluation()function.

stage4<-evaluation(  materiality=materiality, conf.level=c.adj, data=sample,  values="bookValue", values.audit="auditValue")

The auditor can review the results of their inference using thesummary() function. The resulting upper bound is 1.396percent with a confidence level of 91.66 percent, which is below theperformance materiality of five percent.

summary(stage4)

####  Classical Audit Sample Evaluation Summary#### Options:##   Confidence level:               0.91667##   Materiality:                    0.05##   Hypotheses:                     H₀: Θ >= 0.05 vs. H₁: Θ < 0.05##   Method:                         poisson#### Data:##   Sample size:                    178##   Number of errors:               0##   Sum of taints:                  0#### Results:##   Most likely error:              0##   91.66667 percent confidence interval: [0, 0.01396]##   Precision:                      0.01396##   p-value:                        0.00013639

Conclusion

Given that the 91.66 percent upper confidence bound on themisstatement in the population is below the performance materiality, theauditor has gathered sufficient evidence to conclude that the populationdoes not contain material misstatement.

References

American Institute of Certified Public Accountants (AICPA). (2021).Clarified statements on auditing standards.AmericanInstitute of Certified Public Accountants (AICPA).

International Auditing and Assurance Standards Board (IAASB). (2018).Handbook of international quality control, auditing review, otherassurance, and related services pronouncements (vol. i).International Federation of Accountants.

Public Company Accounting Oversight Board (PCAOB). (2020).Auditingstandards.Public Company Accounting Oversight Board(PCAOB).

Movatterモバイル変換