Scribd
Upload
265 views2 pages

Audit Sampling Risks Explained

Auditor D is testing a control procedure on a population of 5,000 transactions, of which only 4 are missing the control. D takes a sample of 20 transactions. If all 4 missing controls are in the sample, D would estimate the deviation rate is 20% and conclude the control is ineffective, when it is actually 0.08% - this is a Type I error. If the sample of 20 contains none of the 1,000 actual missing controls, D would estimate 0% deviation and conclude the control is effective when it is not - a Type II error. Type II error, where a control is deemed effective when it is not, poses more risk than Type I error because errors or misstatements would go uncorrected.

Uploaded by

Bethelhem
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
265 views2 pages

Audit Sampling Risks Explained

Auditor D is testing a control procedure on a population of 5,000 transactions, of which only 4 are missing the control. D takes a sample of 20 transactions. If all 4 missing controls are in the sample, D would estimate the deviation rate is 20% and conclude the control is ineffective, when it is actually 0.08% - this is a Type I error. If the sample of 20 contains none of the 1,000 actual missing controls, D would estimate 0% deviation and conclude the control is effective when it is not - a Type II error. Type II error, where a control is deemed effective when it is not, poses more risk than Type I error because errors or misstatements would go uncorrected.

Uploaded by

Bethelhem
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
You are on page 1/ 2

Activity:

Testing for a specific control procedure


Auditor D, is interested in testing transactions for a specific control procedure. He finds that out
of a population of 5,000 transactions, only four population units are missing the control; that is,
the deviation rate for the population is 0.08% (4/5,000).

Type I error (alpha risk)


Suppose D chooses a sample of 20 units from this population, and that sample turns out to
contain all four population units with the missing control. What population deviation rate do you
think D would estimate based on the sample results? What would D be likely to conclude?

Solution: D would estimate that the population deviation rate is 20% (4/20) and conclude that
the control is not effective , when, in fact, it is. In this case, D would conclude that the population
is not valid when, in fact, it is. This is called Type I error.

Type II error (Beta risk)


Suppose that in D’s situation, the true deviation is 20%; that is, the population of 5,000
transactions contains 1,000 population units with the missing control. What if D’s sample of 20
contains none of the units with the missing control? What do you think D’s conclusion will be
based on the sample results?
 Solution: D would estimate that the population deviation rate is 0% (0/20). D would
likely conclude that the control is effective, when, in fact, it is not. In this situation, D
would conclude that a population is valid when, in fact, it is not. This is called Type II
error

Which one is more risky for auditor D, Type I error, the risk of under reliance or Type II
error, the risk of over reliance?

In the case of a Type I error (alpha risk) when using sampling for test of controls, the greatest
risk is of performing an inefficient audit. For example, if an auditor concludes that controls are
ineffective when they are effective, the auditor might decide to reassess control risk at maximum
and perform additional substantive procedures.

For the risk of a Type II error (beta risk), however, the auditor would not be motivated to do
additional work beyond what has already been planned. Unless other planned procedures or
analysis reveal a deviation or misstatement that was not detected in sampling, the deviation or
misstatement will go uncorrected, and wrong decisions will be made regarding adjustments and
the audit opinion.

Consequently, the auditor is very concerned about beta risk; therefore, when deciding on an
acceptable sampling risk for audit purposes, the focus is on beta risk, not alpha risk.

You might also like