ANNEX 2

Guidelines on
AUDIT SAMPLING
Table of Contents

I. INTRODUCTION 1
II. GENERAL GUIDELINES 3
1. Sample Design, Size, and Selection of Items for Testing
2. Performing Audit Procedures
3. Nature and Cause of Deviations and Misstatements
4. Projecting Misstatements
5. Evaluating Results of Audit Sampling
6. Documentation and Review
7. Issuance of Memorandum on Random Numbers Start
III. SPECIFIC GUIDELINES for TEST OF CONTROLS 7
1. Use the Audit Sampling Working Paper - Test of Controls as documentation
2. Define specific risk control(s)
3. Define the objective in testing the specific risk control
4. Define what constitutes a deviation
5. Define the population to be tested
6. Determine the sample size
7. Choose a sample selection method
8. Perform the test on the sample and conclude on the operating effectiveness of the
control
IV. SPECIFIC GUIDELINES for TEST OF DETAILS 14
1. Use Audit Sampling Working Paper - Test of Details for documentation
2. Identify test objective
3. Define what constitutes an error/misstatement
4. Describe the population
5. Divide the total population
6. Compute the sample size
7. Choose a sample selection method
8. Identify errors on specific items
9. Identify errors on adjusted population
10. Identify an isolated or anomalous misstatement
11. Project misstatements on the adjusted population
12. Determine if the sampling provided a reasonable basis for conclusion
13. Aggregate the projected misstatements
V. SAMPLE SELECTION METHODS 21
1. Random Sampling
2. Systematic Sampling
3. Monetary Unit Sampling
4. Test Audit Day Scheme
VI. GLOSSARY of TERMS 26

Appendices
A. Audit Sampling Working Paper – Test of Controls
B1. Table on Statistical Sample Sizes for Test of Controls (95% Confidence Level)
B2. Table on Statistical Sample Sizes for Test of Controls (90% Confidence Level)
C. Audit Sampling Working Paper – Test of Details
D. Audit Sampling Working Paper – Monetary Unit Sampling Projection
E1a. Table of Random Numbers – Table I – Two Digits for Numbers 01-50
E1b. Table of Random Numbers – Table II – Two Digits for Numbers 01-99
E2. Table of Random Numbers – Table III – Three Digits for Numbers 001-999
E3a. Table of Random Numbers – Table IV– Four Digits for Numbers 0001-1999
E3b. Table of Random Numbers – Table V– Four Digits for Numbers 0001-9999
F. Template for Memorandum on Random Number Start (RNS)
G. Sample Case, Sampling in Test of Details
 Draft as of February 17, 2021

I. INTRODUCTION

This set of guidelines applies to COA audit units conducting financial audit. This shall be used in
conjunction with the Financial Audit Manual and Guidelines in Determining and Using Materiality
Thresholds in Financial Audit (hereafter referred to as Guidelines on Materiality) adopted through
COA Resolution Nos. 2019-004 dated March 22, 2019 and 2019-016 dated 25 June 2019,
respectively. This set of guidelines may also be used in the conduct of compliance audit, whenever
applicable.

To ensure that the auditor has reasonable basis on which to draw conclusions about a population
without examining each and every item/unit therein, the use of sampling is in place. The International
Standards of Supreme Audit Institutions (ISSAI) 2500, Audit Evidence, acknowledges audit sampling
as a means of selecting items for testing to meet the objective of the audit procedures. Audit sampling
is performed during the execution phase of audit, in test of controls and test of details (substantive
tests) when deemed as an appropriate means of selecting items for testing.

The auditor shall determine means of selecting items for testing that are effective in meeting the
purpose of the audit procedure (ISSAI 2500.10). There are three means available to the auditor for
selecting items for testing, as follows: selecting all items (100% examination); selecting specific
items; and audit sampling. The application of any one or combination of these means may be
appropriate depending on the particular circumstances, such as the risks of material misstatement
related to the assertion being tested, and the practicality and efficiency of the different means (ISSAI
2500.A52).

1. Selecting all items (100% examination). The auditor may decide that it will be most
appropriate to examine the entire population of items that make up a class of transactions
or account balance. One-hundred percent examination is unlikely in the case of tests of
controls; however, it is more common for tests of details.

Selecting all items may be appropriate when:

 The population constitutes a small number of large value items (ISSAI 2500.A53)
(i.e., all items in the population are few and material, thus it is feasible for the audit
team to examine them all)

 There is a significant risk and other means do not provide sufficient appropriate audit
evidence (ISSAI 2500.A53) (i.e., audit sampling may not be able to address a very
high audit risk, thus 100% examination is necessary to obtain sufficient evidence and
reduce such risk)

 The repetitive nature of calculation or other process performed automatically by an

information system makes 100% examination cost effective (i.e., through the use of
computer-assisted audit techniques) (ISSAI 2500.A53)

Guidelines on Audit Sampling | Page 1

 Draft as of February 17, 2021

2. Selecting specific items. The auditor may decide to select specific items from a
population.

 High value or key items. Specific items of high value (high value items) or items that
exhibit some other characteristic such as being suspicious, unusual, risk-prone or
having a history of error (key items) (ISSAI 2500.A54)

 All items over a certain amount. Items whose recorded values exceed a certain
amount so as to verify a large proportion of the total amount of a class of transactions
or account balance (ISSAI 2500.A54)

 Items to obtain information. Items to obtain information about matters such as the
nature of the entity or the nature of transactions (ISSAI 2500.A54)

 Selective examination of specific items does not provide audit evidence concerning
the remainder of the population (ISSAI 2500.A55). It is thus prescribed that audit
sampling be applied to the remainder of the population. However, if majority of the
population are high-value and key items resulting in smaller remaining population
subject to sampling, the evidence gained from testing the high-value and key items
may be sufficient to eliminate the need for sampling.

3. Audit Sampling. Audit sampling is the application of audit procedures to less than 100%
of items within a population of audit relevance such that all sampling units have a chance
of selection in order to provide that auditor with a reasonable basis on which to draw
conclusions about the entire population (ISSAI 2530.5(a)). The objective of the auditor,
when using audit sampling, is to provide a reasonable basis for the auditor to draw
conclusions about the population from which the sample is selected (ISSAI 2530.4).

 Audit sampling offers innumerable benefits to auditors which include, among others,
facilitating more expeditious review of working papers, reducing the audit costs and
minimizing the risk of over-auditing.

 The use of sampling is not applicable on the following:

o Inquiry and Observation (on controls which provide no documentary evidence of

performance, or on those which the auditor does not intend to estimate the rate of
deviation from the prescribed control)
o Analytical Procedures (in which the auditor does not intend to project the result
of the examination of a portion of the population to the total population)

Guidelines on Audit Sampling | Page 2

 Draft as of February 17, 2021

II. GENERAL GUIDELINES

Sample Design, Size, and Selection of Items for Testing

1. When designing an audit sample, the auditor shall consider the purpose of the audit procedure
and the characteristics of the population from which the sample will be drawn (ISSAI 2530.6).

2. The auditor shall determine a sample size sufficient to reduce sampling risk to an acceptably low
level (ISSAI 2530.7). Sampling risk is quantified in terms of confidence level. For the purposes
of these guidelines, 90% - 95% confidence levels are recommended. The choice of confidence
level may depend on the factors indicated in Table 1.

Table 1. Factors that may be considered in the choice of confidence level

Confidence Sampling
Considerations
Level Risk
Test of Controls: 90% 10%
 There are evidence obtained from other sources such as tests of
operational effectiveness of related controls
Test of Details:
 The class of transactions/account balance/disclosure being
tested is below performance materiality
 There are evidence obtained from other sources such as
analytical review and other substantive procedures
Test of Controls: 95% 5%
 There are no evidence obtained from other sources such as
tests of operational effectiveness of related controls
Test of Details:
 The class of transactions/account balance/disclosure being
tested is above performance materiality
 There are no evidence obtained from other sources such as
analytical review and other substantive procedures

3. The auditor shall select items for the sample in such a way that each sampling unit in the
population has a chance of selection (ISSAI 2530.8). For this purpose, the recommended
methods for sample selection are Random Sampling, Systematic Sampling, Monetary Unit
Sampling, and Test Audit Day Scheme (see Part V-Sample Selection Methods). The use of
Haphazard Selection (selection without following a structured technique) and Block Selection
(selection of block(s) of contiguous items) is highly discouraged as these methods are non-
random and prone to bias.

Performing Audit Procedures

4. The auditor shall perform audit procedures, appropriate to the purpose, on each item selected
(ISSAI 2530.9).

Guidelines on Audit Sampling | Page 3

 Draft as of February 17, 2021

5. If the audit procedure is not applicable to the selected item, the auditor shall perform the
procedure on a replacement item (ISSAI 2530.10).

5.1 For example, a voided check is selected while testing for evidence of payment
authorization. If the auditor is satisfied that the check has been properly voided such that it
does not constitute a deviation, an appropriately chosen replacement is examined (ISSAI
2530.A14).

5.2 The auditor may choose the item which immediately follows the voided item as a
replacement (e.g. check no. 021 following check no. 020 which was properly voided).

6. If the auditor is unable to apply the designed audit procedures (e.g., documentation relating to
that item has been lost), or suitable alternative procedures to a selected item, the auditor shall
treat that item as deviation from the prescribed control (in case of tests of controls) or a
misstatement (in case of tests of details) (ISSAI 2530.11).

Nature and Cause of Deviations and Misstatements

7. The auditor shall investigate the nature and cause of any deviations or misstatements identified,
and evaluate their possible effect on the purpose of the audit procedure and on other areas of the
audit (ISSAI 2530.12).

7.1 In analyzing the deviations and misstatements identified, the auditor may observe that many
have a common feature, for example, type of transaction, location, product line or period of
time. In such circumstances, the auditor may decide to identify all items in the population
that possess the common feature, and extend audit procedures to those items. In addition,
such deviations or misstatements may be intentional, and may indicate the possibility of
fraud (ISSAI 2530.A17).

7.2 When analyzing deviations and misstatements identified, auditors consider that they may
have extended audit and reporting responsibilities related to fraud (ISSAI 2530.P9).

8. In the extremely rare circumstances when the auditor considers a misstatement or deviation
discovered in a sample to be an anomaly, the auditor shall obtain a high degree of certainty that
such misstatement or deviation is not representative of the population. The auditor shall obtain
this degree of certainty by performing additional audit procedures to obtain sufficient appropriate
audit evidence that the misstatement or deviation does not affect the remainder of the population
(ISSAI 2530.13).

Projecting Misstatements

9. For tests of details, the auditor shall project misstatements found in the sample to the population
(ISSAI 2530.14) (see Item No. 11 of Part IV-Specific Guidelines for Test of Details).

Guidelines on Audit Sampling | Page 4

 Draft as of February 17, 2021

10. For tests of controls, no explicit projection of deviations is necessary since the sample deviation
rate is also the projected deviation rate for the population as a whole (ISSAI 2530.A20).

Evaluating Results of Audit Sampling

11. The auditor shall evaluate:

11.1 The results of the sample; and

11.2 Whether the use of audit sampling has provided a reasonable basis for conclusions about the
population that has been tested (ISSAI 2530.15) (see Item No. 8 of Part III-Specific
Guidelines for Test of Controls, and Item No. 12 of Part IV-Specific Guidelines for Test of
Details).

12. If the auditor concludes that audit sampling has not provided a reasonable basis for conclusions
about the population that has been tested, the auditor may:

12.1 Request management to investigate misstatements that have been identified and the
potential for further misstatements and to make any necessary adjustments; or

12.2 Tailor the nature, timing and extent of those further audit procedures to best achieve the
required assurance (ISSAI 2530.A23).

13. In addition to Item 11, auditors consider their responsibilities under their mandate when
management is unable to provide an adequate explanation for deviations and misstatements
(ISSAI 2530.P11).

Documentation and Review

14. Audit sampling procedures employed using these guidelines shall be documented using the
prescribed working papers herein attached as Appendices A and C.

15. The working papers pertaining to audit sampling shall be prepared by the audit team member and
reviewed by the audit team leader.

Issuance of Memorandum on Random Numbers Start

16. Directors in Clusters, Regional Offices and Special Services Sector shall issue a memorandum on
Random Numbers Start (RNS) for the audit teams under their jurisdiction, five working days
prior to the start of every quarter. The RNS serve as starting points in using the Random Number
Tables in Appendix E. The template for the memorandum on RNS is in Appendix F.

17. For random sampling, RNS are issued for Table III (100-999), Table IV (1000-1999), and Table
V (2000 & above). For systematic sampling, RNS are issued for Table I (1-50), Table II (51-99),

Guidelines on Audit Sampling | Page 5

 Draft as of February 17, 2021

and Table III (100-999). For Monetary Unit Sampling, RNS are issued for Table V (2000 &
above) only.

18. There should be different RNS for each month in which the sampling procedures are undertaken.

19. RNS may be determined by generating random numbers for the column and row where the RNS
is located.

20. The route followed in using the Random Number Tables may be either downwards to the next
right-hand column (Down L to R) or downwards to the next left-hand column (Down R to L).

Guidelines on Audit Sampling | Page 6

 Draft as of February 17, 2021

III. SPECIFIC GUIDELINES for TEST OF CONTROLS

1. Use the Audit Sampling Working Paper - Test of Controls as documentation. To document the
audit sampling procedures employed for the test of controls, the template for Audit Sampling
Working Paper - Test of Controls is prescribed, herein attached as Appendix A. A working paper
may be used in testing multiple specific risk controls.

2. Define specific risk control(s). Indicate the specific risk control(s) to be tested. In the Results of
Risk Assessment at the Assertion Level (RRAAL) Template of Financial Audit Manual (FAM),
the risk controls to be tested are the ones which have adequate control design. Multiple specific
risk controls may be tested using one sampling working paper.

Example:
1.3 Specific Risk a) Approval of Requisition and Issue Slips (RIS) supported with
Control valid doctor’s prescription
b) Signature of end-user in the RIS

3. Define the objective in testing the specific risk control. For test of controls, the objective is to
obtain evidence of the operating effectiveness of certain risk controls during the period covered
by the test. Operating effectiveness means that the controls are being applied as designed on a
sufficiently consistent basis.

Example:
1.4 Test To test the operating effectiveness of the control that the
Objective prescribed approval of RIS with valid doctor’s prescription is
obtained before issuance of drugs and medicines

4. Define what constitutes a deviation. Define the conditions that will represent deviations (non-
performance or failure). The auditor’s consideration of the purpose of the audit procedure
includes a clear understanding of what constitutes a deviation (ISSAI 2530.A6).

Example:
1.5 Definition of  Approval of RIS without valid doctor’s prescription
Deviation  Absence of signature of end-users in the RIS

5. Describe the population to be tested. The population is the entire set of data from which a
sample is selected and about which the auditor wishes to draw conclusion (ISSAI 2530.5(b)). It
is important that the population is appropriate to the objective of the audit procedure and
complete, that it shall include all relevant items throughout the entire period to be covered by the
test. State the period covered by the test and the approximate number of items in the population.
The period may be one month, one quarter, one semester, depending on the volume of
transactions in the auditee.

Guidelines on Audit Sampling | Page 7

 Draft as of February 17, 2021

Example:
1.6 Population RIS for drugs and 1.7 Period Covered January to June 2020
Description medicines
1.8 Population Size 300
(Approximate
No. of Items)

6. Determine the sample size. Determine the sample size based on the number of items in the
population.

6.1 Population of equal to or more than 300 items. In computing for the sample size for the
population of at least 300 items, confidence level, tolerable rate of deviation, and expected
rate of deviation are taken into account.

6.1.1 Confidence level. Determine the confidence level that the auditor wants to place in
the test (see Item No. 2, Part II-General Guidelines).
Example:

Suppose that we assume a risk of assessing control risk too low of 5%, meaning, we will choose a 95%
level of confidence.

1.9 Confidence Level (95% or 90%) 95 %

6.1.2 Tolerable rate of deviation. Determine the tolerable rate of deviation which is the
maximum rate of deviation in a prescribed control that the auditor is willing to
accept and still rely on that risk control. The lower the tolerable rate of deviation,
the larger the sample size needed (ISSAI 2530 Appendix 2).

6.1.2.1 To determine the tolerable rate of deviation, the auditor evaluates the (1)
likelihood of material misstatement arising from control failure and (2)
existence of compensating controls (or alternative controls) that reduce
impact or failure.

6.1.2.2 Table 2 indicates the prescribed tolerable rate of deviation (4, 6 or 8%)
based on the assessment of factors.

Guidelines on Audit Sampling | Page 8

 Draft as of February 17, 2021

Table 2. Prescribed Tolerable Rate of Deviation

misstatement arising from control

High
6% 4% 4%

Likelihood of material

Moderate
failure
8% 6% 4%

Low
8% 8% 6%

Strong Some None

Existence of compensating controls that
reduce impact or failure

Example:

We choose a tolerable rate of deviation of 6% due to the moderate likelihood of material

misstatement arising from control failure and existence of some compensating controls.

1.10 Tolerable Rate of Deviation (4%, 6% or 8%) 6%

6.1.3 Expected rate of deviation. Estimate the expected rate of deviation in a prescribed
control that the auditor expects to find in the population. The higher the expected
rate of deviation, the larger the sample size needed so that the auditor is in a
position to make a reasonable estimate of the actual rate of deviation. The auditor
makes an assessment of the expected rate of deviation based on either:

6.1.3.1 The auditor’s understanding of the relevant controls (ISSAI 2530.A7).

Such understanding may involve (1) the assessment of internal control, (2)
changes in personnel or internal control, and (3) the results of audit
procedures applied in prior periods or results of other procedures. The
assessment of the first two factors may be based on walkthroughs
performed in understanding the processes of the agency.

6.1.3.1.1 The corresponding categories of expected rate of deviation (low,

moderate or high) for the above factors are shown in Table 3. In
case the auditor considered more than one factor which suggested
different categories of expected rate of deviation, the auditor may
choose the highest category.

Guidelines on Audit Sampling | Page 9

 Draft as of February 17, 2021

Table 3. Categories of Expected Rate of Deviation

Expected Rate of Deviation
Factor Category
Low Moderate High
Assessment of quality of accounting and internal control systems
o Strong: No improvements are needed 
o Sound: Only minor improvements are needed 
o Adequate: Some improvements are needed 
Changes to accounting and internal control systems and personnel
o None or minor 
o Some 
o Substantial 
Results of prior or other current period audit procedures
o None or isolated deviations identified 
o Few deviations identified 
o Many deviations identified 

6.1.3.1.2 The corresponding expected rates of deviation for the prescribed

tolerable rate of deviation are shown in Table 4.

Table 4. Percentage of Expected Rate of Deviation

Tolerable Expected Rate of Deviation

Rate of Low Moderate High
Deviation
4% 0 - 0.5% 1% 1.5 - 2%
6% 0 - 1% 1.5 - 2% 2.5 - 3%
8% 0 - 1.5% 2 - 2.5% 3 - 4%

6.1.3.1.3 Zero expected deviation rate may be used when test is to be done
on computerized transactions since the auditor generally does not
expect a deviation from risk control unless there is an error in the
program or design of the system.

Example:
Internal control systems are assessed as strong so we came up with a low expected
rate of deviation. Earlier, we determined a 6% tolerable rate of deviation. Between
0 and 1%, we will choose 1% since we expect such rate of deviation to occur in the
population.
1.11 Expected Rate of Deviation 1%

6.1.3.2 Examination of a small number of items from the population (ISSAI

2530.A7). Alternatively, the auditor may examine a small number of items
from the population (without applying any method of computation). This
will give the auditor an idea on what rate of deviation to expect.

6.1.4 Refer to the Table on Statistical Sample Sizes for Test of Controls. Using the
identified confidence level, tolerable rate of deviation and expected rate of
deviation, determine the sample size by referring to the Tables on Statistical

Guidelines on Audit Sampling | Page 10

 Draft as of February 17, 2021

Sample Sizes for Test of Controls (see Appendices B.1 and B.2). Take note that the
said tables are applicable for population consisting of at least 300 items.

Example:

With a 6% tolerable rate of deviation and 1% expected rate of deviation, the Table on Statistical
Sample Sizes for Test of Controls (for 95% confidence level) gives us a sample size of 78.

1.12 Sample Size (Refer to Tables on Statistical Sample Size for Test 78
of Controls, Appendices B.1 & B.2)

6.2 Population of less than 300 items. When the population is less than 300 items, the auditor
may use the suggested sample sizes for control procedures that operate less than daily, or
may use a sample size of at least 30.

6.2.1 Control procedures that operate less than daily. In cases of control procedures
that operate less than daily, the following sample sizes are suggested:

Table 5. Sample sizes for control procedures that operate less than daily

Control Usual Suggested Minimum Expected Number

Operates population Sample Size of Deviation
Weekly 54 10 1
Semimonthly 24 8 1
Monthly 12 4 1
Quarterly 4 2 1
Yearly 1 1 1

6.2.2 Population of less than 300 but greater than 54. The auditor may use a sample
size of at least 30 for controls which have a population of less than 300 but greater
than the population in Table 5. The expected rate of deviation is determined the
same way it is determined in the case of population of at least 300 (see Item No.
6.1.3 of Part III-Specific Guidelines for Test of Controls)

6.3 Expected number of deviations. Indicate the expected number of deviations in the
sample. For population of at least 300, this is the number in parenthesis beside sample size
in the Tables on Statistical Sample Size for Test of Controls. For controls operating less
than daily, this is found in the last column of Table 5. If a fixed sample size of 30 is used,
this is obtained by multiplying the expected rate of deviation to the sample size, rounded up
to the nearest whole number.

Example:

In the table, the corresponding expected number of deviations (number in the parenthesis) for the
sample size of 78 is 1.

1.13 Expected number of deviations in the sample 1

Guidelines on Audit Sampling | Page 11

 Draft as of February 17, 2021

7. Choose a sample selection method. Indicate the sample selection method used which may be
either Random or Systematic Sampling. These methods are discussed in Part V–Sample
Selection Methods.

8. Perform the test on the sample and conclude on the operating effectiveness of the control.

8.1 The auditor compares the actual number of deviations in the sample (Item No. 2.1.2 of the
template) to the expected number of deviation (Item No. 1.13 of the template).

8.2 When the number/rate of deviations found in the sample does not exceed the expected
number/rate of deviations, the results are favorable. This indicates that the control technique
is operating effectively.

8.3 In case the auditor finds a number of deviations greater than the expected deviation in
testing the first items in the sample, the auditor shall first evaluate the deviations in order to
decide whether it is necessary to continue the test.

8.3.1 If the deviation is a random occurrence (non-repetitive), the auditor may either test
compensating controls (if any), or continue the test with an extended sample size.

8.3.2 If the deviation is a systematic control deficiency (repetitive), the auditor may test
compensating controls, if any.

8.3.3 In continuing with an extended sample size, the auditor may increase the sample
size by at least the number of original samples. The auditor may stop the test as
soon as a deviation is found and conclude that the control is operating ineffectively.

8.3.4 If there are no compensating controls to test, the auditor may stop the test and
conclude that the control is operating ineffectively. Likewise, if further deviations
are found in the compensating controls, the auditor may conclude that the control is
operating ineffectively.

8.4 If the nature of the deviation and the outcome of additional/other related work do not
suggest any unexpected problems, the auditor based on his/her judgment may still conclude
that the control is working effectively.

8.5 If the auditor is not comfortable because of high risk that the actual rate of deviation for the
population exceeds the tolerable deviation rate, the auditor should choose unfavorable,
meaning the controls are working ineffectively.

Guidelines on Audit Sampling | Page 12

 Draft as of February 17, 2021

Example:

In the three risk controls that we tested, suppose that we found the following number of deviations:

2.1.2 Number of deviations found

Risk Control/ Control No. Number of Deviations
Found
a) Approval of RIS with valid doctor’s prescription 1
b) Signature of end-user in the RIS 4

We may further recall that the expected number of deviations for a sample size of 78 is 1. Therefore,
only control (a) has favorable results. We can summarize our evaluation as follows:

2.2 Evaluation Results

Control No. Favorable/Unfavorable Summary/Conclusion
a Favorable The control of approving RIS with valid doctor’s
prescription was working effectively. On the other hand,
b Unfavorable the control of end-users signing the RIS was not working
effectively and therefore, there is a high risk of error
occurring in the recorded issuances of drugs and
medicines in the accounts.

Guidelines on Audit Sampling | Page 13

 Draft as of February 17, 2021

IV. SPECIFIC GUIDELINES for TEST OF DETAILS

1. Use Audit Sampling Working Paper - Test of Details as documentation. To document the audit
sampling procedures employed for the test of details, the template for Audit Sampling Working
Paper - Test of Details is prescribed, herein attached as Appendix C.

2. Identify test objective. For test of details, the objectives are: (1) to test the group of transactions
and account balances where risks have not been reduced to acceptable level, and (2) to test the
reasonableness of one or more assertions on the balance of an account in the financial statements.

Example:
1.3 Account Name Inventory and Expense Accounts
1.4 Test Objective To determine the completeness/accuracy of the recorded issuances of drugs
and medicines

3. Define what constitutes a misstatement. Specify the conditions by which items will be
considered misstated.

Example:
1.5 Definition of Error in the recording of issuances of drugs and medicines per stock card and
Misstatement monthly report

4. Describe the population. Define the population to be tested or all the items within a class of
transactions or account balance where the auditor wishes to draw conclusions. The population
should cover the transactions for the year under audit.

Example:
1.6 Population Issuances of Drugs and 1.7 Period Covered FY 2020
Description Medicines per Stock Cards / RIS 1.8 Population Size 634
(Approximate No.
of Items)

5. Divide the total population. The Total Population may be divided into High Value Items, Key
Items and Adjusted Population.

5.1 The auditor shall identify High Value and Key Items to be excluded from the total
population for separate evaluation. High value items are identified using the testing
threshold computed using the Guidelines on Materiality. Key items, on the other hand, are
identified as suspicious, unusual, risk-prone or having a history of error. For documentation
purposes, it is recommended for the auditor to indicate his/her reasons for selecting key
items on a separate working paper.

5.2 After high value and key items are excluded, the remaining population subject to sampling
is called the Adjusted Population.

Guidelines on Audit Sampling | Page 14

 Draft as of February 17, 2021

Example:
1.9 Total Population (P) 3,878,483.33
1.10 High Value Items (P) 0.00
1.11 Key Items (P) 0.00
1.12 Adjusted Population (P) 3,878,483.33
(Total Population less High Value and Key Items)

6. Compute the sample size. In computing for the sample size for test of details, three factors are
considered: tolerable misstatement, expected misstatement, and reliability factor.

6.1 Tolerable Misstatement. The auditor determines tolerable misstatement in order to

address the risk that the aggregate of individually immaterial misstatements may cause the
financial statements to be materially misstated and provide a margin for possible undetected
misstatements. The lower the tolerable misstatement, the greater the sample size will be
(ISSAI 2530 Appendix 3).

6.1.1 Tolerable misstatement is computed as a percentage of performance materiality (see

Table 6) (computed using the Guidelines on Materiality), depending upon the
assessed risk of material misstatement (RMM). The assessed RMM is found in the
RRAAL template of FAM.

Table 6. Percentage of performance materiality to be used as tolerable misstatement

Risk of Material Misstatement

Minimal Low Moderate High
For asset/income
76 - 100% 51 - 75% 26 - 50% 10 - 25%
accounts
For liability/expense/
26 - 50% 16 - 25% 11 - 15% 5 - 10%
equity accounts

6.1.2 The choice of whether to use the lower or higher end of the provided percentage
range depends on the auditor’s use of other substantive procedures directed at the
same assertion. If the auditor relies on other substantive procedures, the auditor
may choose higher percentage to determine the tolerable misstatement.

Example:
Suppose that the performance materiality the auditor has determined amounts to P7,137,460.00.
The assessed RMM for both accounts are high, so the prescribed percentage is 5-10%. The auditor
chooses to use 5% of performance materiality, thus tolerable misstatement is computed at
P356,873.00.

1.13 Tolerable Misstatement (P) 356,873.00

Guidelines on Audit Sampling | Page 15

 Draft as of February 17, 2021

6.2 Expected Misstatement. Identify the auditor’s expected misstatement, or the amount of
misstatement the auditor expects to find in the population (in terms of monetary value).

6.2.1 The assessment of expected misstatement is based on any of the following factors:

 Whether item values are determined subjectively

 The results of risk assessment procedures
 The results of tests of controls
 The results of audit procedures applied in prior periods
 The results of other substantive procedures (ISSAI 2530 Appendix 3)

6.2.2 If the expected misstatement exceeds 50% of the tolerable misstatement, the auditor
may consider 100% examination or proceed to sampling with a large sample size.

Example:
In relation to the sample test of controls on the (a) approval of Requisition and Issue Slips (RIS)
supported with valid doctor’s prescription, and (b) signature of end-user in the RIS, it may be recalled
that the results are favorable and unfavorable for these controls, respectively. Considering that one
control is concluded to be operating ineffectively, the auditor finds it proper to expect misstatements
to occur.
Assume that based on the results of previous year’s audit, the auditor expects to find misstatements
worth P150,000.00 in the Inventory and Expense Accounts. Since it does not exceed 50% of the
tolerable misstatement, the auditor proceeds with audit sampling.

1.14 Expected Misstatement (P) 150,000.00

6.3 Reliability Factor. Specify the Reliability Factor (herein referred to as R-Factor) that the
auditor is placing on the test with due consideration to other substantive procedures. The
R-Factor is based on the chosen confidence level (see Item No. 2 of II-General Guidelines).
An R-Factor of 2.3 or 3.0 is recommended for confidence levels of 90% and 95%,
respectively.

Table 7. Reliability Factor (R-Factor)

Confidence Level
R-Factor
(%)
95 3.0
90 2.3

Example:

Assume that we place a risk of incorrect acceptance of 5% (confidence level of 95%) in our test of
details. Based on the Table 7, this gives us a reliability factor of 3.0.

1.15 Reliability Factor (R Factor) 3.0

Guidelines on Audit Sampling | Page 16

 Draft as of February 17, 2021

6.4 Using the tolerable misstatement, expected misstatement and reliability factor, compute the
sample size using the following formula:

𝑅 𝐹𝑎𝑐𝑡𝑜𝑟 × 𝐴𝑑𝑗𝑢𝑠𝑡𝑒𝑑 𝑃𝑜𝑝𝑢𝑙𝑎𝑡𝑖𝑜𝑛

𝑆𝑎𝑚𝑝𝑙𝑒 𝑠𝑖𝑧𝑒 (𝑛) =
𝑇𝑜𝑙𝑒𝑟𝑎𝑏𝑙𝑒 𝑀𝑖𝑠𝑠𝑡𝑎𝑡𝑒𝑚𝑒𝑛𝑡 − 𝐸𝑥𝑝𝑒𝑐𝑡𝑒𝑑 𝑀𝑖𝑠𝑠𝑡𝑎𝑡𝑒𝑚𝑒𝑛𝑡

Example:

From the identified tolerable misstatement, expected misstatement and reliability factor earlier, we
compute the sample size as:

3.0 × 3,878,483.33
𝑆𝑎𝑚𝑝𝑙𝑒 𝑠𝑖𝑧𝑒 (𝑛) =
356,873.00 − 150,000.00

11,635,449.99
𝑆𝑎𝑚𝑝𝑙𝑒 𝑠𝑖𝑧𝑒 (𝑛) =
206,873.00

𝑆𝑎𝑚𝑝𝑙𝑒 𝑠𝑖𝑧𝑒 (𝑛) = 56.24 𝑜𝑟 𝑚𝑎𝑦 𝑏𝑒 𝑟𝑜𝑢𝑛𝑑𝑒𝑑 𝑢𝑝 𝑎𝑠 57

7. Choose a sample selection method. Indicate the sample selection method used which may
either be Random, Systematic or Monetary Unit Sampling. These methods are discussed in Part
V-Sample Selection Methods.

8. Identify errors on specific items. Indicate the errors found on High Value Items and on Key
Items, and the total of the two.

9. Identify errors on adjusted population. In item 2.3.1 of the WP, indicate the total amount of
samples (the sum of the amount of the samples selected using the preferred sample selection
method). In item 2.3.2, indicate the netted amount of errors found among the samples. Compute
for the percentage of the amount of errors to the amount of sample.

Example:

Suppose that the total amount of the 57 samples randomly selected is P161,460.19, and that the auditor has
identified errors at a net amount of P 5,483.61.

2.2 Error found on Adjusted Population 5,483.61

10. Identify an isolated or anomalous misstatement. An anomalous misstatement may be

identified by the auditor, or a misstatement that is demonstrably not representative of
misstatements in a population.

10.1 In the extremely rare circumstances when the auditor considers a misstatement discovered
in a sample to be an anomaly, the auditor shall obtain a high degree of certainty that such
misstatement is not representative of the population. The auditor shall obtain this degree of
certainty by performing additional audit procedures to obtain sufficient appropriate audit
evidence that the misstatement or deviation does not affect the remainder of the population
(ISSAI 2530.13).

Guidelines on Audit Sampling | Page 17

 Draft as of February 17, 2021

10.2 When a misstatement has been established as an anomaly, it may be excluded when
projecting misstatements to the population. However, the effect of any such misstatement,
if uncorrected, still needs to be considered in addition to the projection of the non-
anomalous misstatements (ISSAI 2530.A19)

11. Project misstatement on the adjusted population. For tests of details, the auditor shall project
misstatements found in the sample to the population (ISSAI 2530.14).

11.1 If Random or Systematic Sampling was used, project the misstatement on adjusted
population by multiplying the ratio of errors to sample, to the adjusted population.

𝑃𝑟𝑜𝑗𝑒𝑐𝑡𝑒𝑑 𝑚𝑖𝑠𝑠𝑡𝑎𝑡𝑒𝑚𝑒𝑛𝑡 = % 𝑜𝑓 𝑡ℎ𝑒 𝑎𝑚𝑜𝑢𝑛𝑡 𝑜𝑓 𝑒𝑟𝑟𝑜𝑟𝑠 𝑡𝑜 𝑠𝑎𝑚𝑝𝑙𝑒 × 𝐴𝑑𝑗𝑢𝑠𝑡𝑒𝑑 𝑃𝑜𝑝𝑢𝑙𝑎𝑡𝑖𝑜𝑛

Example:

P5,483.61
𝑃𝑟𝑜𝑗𝑒𝑐𝑡𝑒𝑑 𝑚𝑖𝑠𝑠𝑡𝑎𝑡𝑒𝑚𝑒𝑛𝑡 = ( ) × 3,878,483.33
P161,460.19

𝑃𝑟𝑜𝑗𝑒𝑐𝑡𝑒𝑑 𝑚𝑖𝑠𝑠𝑡𝑎𝑡𝑒𝑚𝑒𝑛𝑡 = 3.40 % × 3,878,483.33

𝑃𝑟𝑜𝑗𝑒𝑐𝑡𝑒𝑑 𝑚𝑖𝑠𝑠𝑡𝑎𝑡𝑒𝑚𝑒𝑛𝑡 = 131,723.43

11.2 If Monetary Unit Sampling was used, project the misstatement by using the Working Paper
on Monetary Unit Sampling Projection (Appendix D). List down the recorded amounts of
the samples and their corresponding audited amounts. Compute for misstatements
(difference between recorded and audited amounts) and divide each misstatement by the
recorded amount to get the tainting percentage. Multiply each tainting percentage to the
sampling interval used to get the projected misstatement for each item. Get the total of
projected misstatements. An example is provided in Appendix G.

11.3 In getting the total of misstatements (in case of random and systematic sampling) or
projected misstatements (in case of monetary unit sampling), determine whether offsetting
is appropriate.

11.3.1 The risk that further undetected misstatements may exist is considered before
concluding that offsetting even immaterial misstatements is appropriate.

11.3.2 Offsetting may not be appropriate in case of significant understatements

(understatements of more than 100% of the recorded value).

Guidelines on Audit Sampling | Page 18

 Draft as of February 17, 2021

12. Determine if the sampling provided a reasonable basis for conclusions about the population
that has been tested. Compare the sum of projected misstatement and anomalous misstatement
(absolute value) to the expected misstatement and tolerable misstatement.

12.1 If the sum (of projected misstatement and anomalous misstatement) does not exceed the
expected misstatement, the results are favorable (the sample provides a reasonable basis for
conclusions about the population that has been tested).

12.2 If the sum (of projected misstatement and anomalous misstatement) exceeds the expected
misstatement, there is a high sampling risk that the actual misstatement exceeds the
tolerable misstatement. In such case, the auditor may consider the results of other audit
procedures and obtain additional audit evidence to determine whether such high sampling
risk is acceptable or not (derived from ISSAI 2530.A22).

12.3 If the sum (of projected misstatement and anomalous misstatement) exceeds 50% of the
tolerable misstatement or the whole tolerable misstatement itself, the result is unfavorable
(the sample does not provide a reasonable basis for conclusions about the population that
has been tested). In such case, the auditor shall undertake the measures indicated in Item
No. 12 of Part II-General Guidelines.

Example:

Based on our previous example, we have a projected misstatement of P108,784.19. Suppose we have
identified no anomalous misstatements, so the sum of projected and anomalous misstatements will be
P108,784.19. Since it does not exceed the expected misstatement of P150,000.00 and does not exceed
50% of the tolerable misstatement of P356,873.00, we believe that the audit sampling we have employed
provided a reasonable basis for conclusions about the population that has been tested.
4.2 Attainment of the objective of the auditor in using audit sampling (check only one)
 The sampling provided a reasonable basis for conclusions about the population.
 There is a high sampling risk that the actual misstatement exceeds the tolerable
misstatement. To reduce this risk, the auditor (state what the auditor has done
in accordance with Item 12.2 of Part IV of the guidelines, and any corresponding
reference to other working papers)_______________.
 The sampling did not provide a reasonable basis for conclusions about the
population. The auditor (state what the auditor has done in accordance with Item
11 of Part II of the guidelines, and any corresponding reference to other working
papers)_____________.

12.4 If extending the sample size was found necessary:

12.4.1 If Random or Systematic Sampling was used, compute the new sample size by using
the same formula but use the sum of projected and anomalous misstatements as the
new expected misstatement. The difference between the new and original sample
size will be the number of additional samples to be selected and examined. Use the
new expected misstatement in evaluating the results.

12.4.2 If Monetary Unit Sampling was used, increase the sample size by the original
sample size which results in a new sampling interval equivalent to 50% of the

Guidelines on Audit Sampling | Page 19

 Draft as of February 17, 2021

original sampling interval. Use the new sampling interval to select additional
samples and to project misstatements (see Appendix G for example).

13. Aggregate the misstatements and compare with materiality. The aggregated projected
misstatements in all sampled populations, together with factual misstatements and judgmental
misstatements, comprise the accumulated misstatements. The auditor evaluates whether the
misstatements accumulated during the audit (excluding those which are identified as clearly
trivial) exceeds or approaches the materiality determined in accordance with the Guidelines in
Materiality.

A detailed sample case is provided in Appendix G.

Guidelines on Audit Sampling | Page 20

 Draft as of February 17, 2021

V. SAMPLE SELECTION METHODS

The auditor may choose among random, systematic, and monetary unit sample selection methods
(ISSAI 2530 Appendix 4). The test audit day scheme may be used by auditors in auditing daily
transactions of banks or daily collections of agencies.

1. Random Sampling

1.1 Random selection allows each item in the population an equal chance of being selected.

1.2 This technique is useful when there is a unique identification number for every sampling
unit in the population. Otherwise, the auditor must assign identification numbers to each
item.

1.3 To select random numbers, the use of random number tables is prescribed. A Table of
Random Numbers is herein attached as Appendices D.1-3 for two, three and four-digit
random numbers, respectively. In the table, the auditor will follow a trail of random
numbers starting from the Random Numbers Start (RNS) per the memorandum issued
quarterly by Audit Clusters/Regional Offices.

Example:

Recall that in our example for the test of controls, we needed a sample size of 78 RIS for a population of
300. To randomly choose numbers, we use the Table of Random Numbers for three digits up to 999 (Table
III). Suppose that based on the COA Memorandum on RNS issued, we have the following RNS:

Location
Month of Audit Table Number RNS Route
Column Row
October 2020 Table III (100-999) 2 8 220 Down L to R

The RNS is 220, which is located at Col. 2, Row 8 of Table III. The sampling unit (in this case, the RIS)
corresponding to number 220 (i.e., RIS 16-220) will be the first sample. We proceed from the starting
number along the same column down and then to the next column to the right. The next number which is
886 is rejected since the population total is only 300 contracts. The next random number of 850 is likewise
rejected. The 2nd random number that will be selected is 186, so RIS 16-0186 will be the second sample.
The selection goes on until the 78 th random number is obtained. The selection goes on until we obtain 78
random numbers to complete our sample size. In this case, the 78 th sample is RIS 16-0009.

Random No.
Sample No. Sample RIS
Selected
1 220 16-0220
2 186 16-0186
3 014 16-0014
4 219 16-0219
5 016 16-0016
… … …
78 009 16-0009

Guidelines on Audit Sampling | Page 21

 Draft as of February 17, 2021

2. Systematic Sampling

2.1 Systematic sampling involves selecting every nth item from a population of sequentially
ordered items. Systematic selection allows every sampling unit in the population equal
chance of being selected.

2.2 This technique is useful when:

2.2.1 Population items lack identification numbers.

2.2.2 There is no list of all items in the population.

2.3 On the other hand, this technique is not useful when there is a particular pattern in the
population (derived from ISSAI 2530 Appendix 4).

2.4 Systematic selection involves the use of the sampling interval, which is computed as the
number (or amount) of units in the population (adjusted population) divided by the sample
size (ISSAI 2530 Appendix 4).

2.5 The starting point is determined by use of random number tables. From the starting point,
each nth sampling unit (n is the sampling interval) thereafter is selected (ISSAI 2530
Appendix 4).

Example:

Suppose that we have a 630 population of RIS, and that we have determined a sample size of 30. To
calculate for the sampling interval:

630
𝑆𝑎𝑚𝑝𝑙𝑖𝑛𝑔 𝐼𝑛𝑡𝑒𝑟𝑣𝑎𝑙 =
30

𝑆𝑎𝑚𝑝𝑙𝑖𝑛𝑔 𝐼𝑛𝑡𝑒𝑟𝑣𝑎𝑙 = 21

Next, we have to select a random number within the sampling interval (1 to 21). Based on the
memorandum on number start, the RNS for Table 1 is 14 (Column 1, Row 7). Our first sample will be
the 14th item, the second will be the 35th item (14+21), the third will be the 56 th item (35+21), and so
on until we continue our set of 30 samples (the last item will be the 623 rd item). Take note that the
items need not be numbered as long as they are ordered.

3. Monetary Unit Sampling (MUS)

3.1 Monetary unit sampling is a systematic selection technique that uses the monetary unit
values, rather than the items, as the sampling population. This sample selection method
makes the probability of selecting a transaction for audit directly proportionate to its peso
value or also known as Probability Proportional to Size (PPS) sampling.

Guidelines on Audit Sampling | Page 22

 Draft as of February 17, 2021

3.2 This technique is useful when:

3.2.1 The auditor wanted items of high value to have greater chance of being selected.

3.2.2 The auditor wanted to focus on or expects overstatements in the population, not
understatements.

3.2.3 There is a complete list of all items in the population, together with their monetary
values.

3.3 On the other hand, this technique is not useful if:

3.3.1 There are transaction amounts or balances that are equal to zero (or rarely, negative
values) because these units have no chances of being selected as sample. The
auditor may choose to exclude such items first to be audited separately before
applying the sampling on the remaining population.

3.3.2 The auditor is more concerned on detecting understatements (in such case, random
or systematic sample selection methods are more appropriate than MUS).

3.4 In order to facilitate the sample selection, all population items are listed in a spreadsheet. A
column for cumulative amount is added which contains the value of the item plus the prior
items. An item is selected if the selected value is within the interval of its cumulative
amount.

3.5 The first target amount is the RNS determined by randomly generating a number within the
sampling interval (either by means of a software or table of random numbers). The second
target amount is computed as the RNS plus sampling interval. The succeeding target
amounts are computed by adding the sampling interval to the previous target amounts. The
process is continued until the sample size is satisfied.

3.6 In case there is an item with an amount much greater than the value of sampling interval,
that item is likely to be selected more than once (consecutive target amounts fall within its
cumulative amount), and the actual number of selected samples will be lower than the
computed sample size. The auditor, however, does not have to select additional samples to
complete the sample size. In case the misstatement is greater than the sampling interval, the
auditor uses the said value of misstatement in projection (last column of Appendix D-MUS
Projection Template) and no longer has to multiply tainting with sampling interval.

Example:

As an example, suppose that we are given the following information in a population of bills:

Adjusted Population (amount) 7,503,732.07

No. of bills 343
Sample size 50
Sampling interval 150,075.00
Random Number Start (RNS) 64,540.00

Note that the sampling interval is computed by dividing the adjusted population by the sample size.

Guidelines on Audit Sampling | Page 23

 Draft as of February 17, 2021

After having the list /schedule of bills as your population, add a column for cumulative amounts
(column 3) by accumulating the bill amounts. For the 1 st bill the corresponding cumulative amount is
simply its value; for the 2nd bill it is its value plus the value of the previous ones, and so on. The last
cumulative amount is equal to the total value of the population.

Select an item as a sample if the amount selected is equal to or less than its cumulative amount but
greater than the previous cumulative amount. In this example, the first amount selected is 64,540
which is the RNS and it falls within the cumulative amount of bill no. 01003. The second amount
selected is 214,615 (RNS + sampling interval, or 64,540 + 150,075) and it falls within the cumulative
amount of bill no. 01010. The third amount selected is 364,690 (previous amount selected + sampling
interval, or 214,615 + 150,075) and it falls within the cumulative amount of bill no. 01016. The
selection process continues until the 50th sample, in this case bill number 12341, is selected.

Bill No. Amount Cumulative Amount

Amount Selected

(1) (2) (3) (4)

01001 39,515.00 39,515.00
01002 23,039.00 62,554.00
01003 9,375.94 71,929.94 64,540 RNS and 1st sample
01004 15,883.06 87,813.00
01005 23,956.00 111,769.00
01006 12,538.54 124,307.54
01007 37,627.46 161,935.00
01008 19,918.28 181,853.28
01009 11,232.23 193,085.51
01010 38,577.00 231,662.51 214,615 2nd sample
01011 8,396.29 240,058.80
01012 4,948.20 245,007.00
01013 49,096.17 294,103.16
01014 28,593.34 322,696.50
01015 38,624.40 361,320.90
01016 47,108.10 408,429.00 364,690 3rd sample
01017 13,982.95 422,411.95
01018 9,998.00 432,409.95
01019 56,736.05 489,146.00
01020 11,342.06 500,488.06
01021 117.35 500,605.40
01022 12,473.24 513,078.65
02023 3,457.35 516,536.00 514,765 4th sample
02024 9,178.07 525,714.06
: : : : :
: : : : :
12328 35,259.53 7,094,810.95
12329 48,990.98 7,143,801.93 7,118,065 48th sample
12330 8,887.79 7,152,689.71
12331 47,774.85 7,200,464.56
12332 12,073.41 7,212,537.98
12333 30,955.68 7,243,493.65
12334 10,352.51 7,253,846.17

Guidelines on Audit Sampling | Page 24

 Draft as of February 17, 2021

12335 212.65 7,254,058.82

12336 27,554.97 7,281,613.79 7,268,140 49th sample
12337 8,629.00 7,290,242.78
12338 17,743.35 7,307,986.14
12339 75,574.23 7,383,560.36
12340 6,795.66 7,390,356.02
12341 32,074.57 7,422,430.59 7,418,215 50th sample
12342 3,600.10 7,426,030.69
12343 77,701.38 7,503,732.07
Total 7,503,732.07
===========

4. Test Audit Day Scheme

4.1 The Test Audit Day Scheme (TADS) uses days as sampling units (test days). In such scheme,
all transactions in selected test days will be audited for such purposes as whether the day’s
collection was deposited intact on the day following the date of collection, among others.

4.2 The TADS is useful in auditing daily transactions of banks or daily collections of agencies in
which the prior sample selection methods may not be appropriate.

4.3 The first and last working days of the year and the last working day of each month shall be
considered as mandatory test days to assure, among others, that the account balances carried
forward including reversing entries, if any, at the beginning of the year and the adjusting
entries at the end of the year are duly audited, as well as to establish the reliability of the
monthly trial balance/financial reports.

4.4 Transactions in the non-test days similar to or related to the transactions suspended, charged
or disallowed in the course of the audit of test days shall be audited.

4.5 The total number of test days in a year is 72 days which consist of: 13 mandatory test days
(first and last working day of January and last working day of each month) and 59 selected
test days.

4.6 The test days per month shall be selected using the Table of Random Numbers – Table 1
(Two Digits for Numbers 1-50, Appendix E1a) and the RNS issued. There shall be at least 6
test days per month, including the mandatory test days.

Guidelines on Audit Sampling | Page 25

 Draft as of February 17, 2021

VI. GLOSSARY of TERMS

1. Analytical Procedures. Analytical procedures consist of evaluations of financial information

through analysis of plausible relationships among both financial and non-financial data.
Analytical procedures also encompass such investigation as is necessary of identified fluctuations
or relationships that are inconsistent with other relevant information or that differ from expected
values by a significant amount (ISSAI 2520.4).

2. Audit Evidence. Information used by the auditor in arriving at the conclusions on which the
auditor’s opinion is based. Audit evidence includes both information contained in the accounting
records underlying the financial statements and information obtained from other sources (ISSAI
2500.5(c)).

3. Audit Risk. Audit risk is a function of the risks of material misstatement and detection risk.

a. The risks of material misstatement consist of inherent risk and control risk.

i. Inherent Risk. Inherent risk is the susceptibility of the subject matter information to
material misstatement, assuming that there are no related controls (ISSAI 200.51).

ii. Control Risk. Control risk is the risk that a material misstatement could occur and will
not be prevented, or detected and corrected, at the appropriate time by related controls
(ISSAI 200.51).

b. Detection Risk is the risk that the auditor will not detect a material misstatement (ISSAI
200.51). It relates to the nature, timing and extent of the auditor’s procedures that are
determined by the auditor to reduce audit risk to an acceptably low level (ISSAI 2200.A45).

c. Audit risk includes uncertainties due to sampling and non-sampling risk.

i. Sampling Risk. Sampling risk is the risk that the auditor’s conclusion based on a sample
may be different from the conclusion had the entire population were subjected to the same
audit procedure. Sampling risk can lead to two erroneous conclusions:

 In the case of a test of controls, that controls are less effective than they actually are
(risk of assessing control risk too high), or in the case of a test of details, that a
material misstatement exists when in fact it does not (risk of incorrect rejection). This
type of erroneous conclusion affects audit efficiency as it would usually lead to
additional work to establish that initial conclusions were incorrect.

 In the case of a test of controls, that controls are more effective than they actually are
(risk of assessing control risk too low), or in the case of a test of details, that a
material misstatement does not exist when in fact it does (risk of incorrect
acceptance). The auditor is primarily concerned with this type of erroneous

Guidelines on Audit Sampling | Page 26

 Draft as of February 17, 2021

conclusion because it affects audit effectiveness and is more likely to lead to an

inappropriate audit opinion.

 Said erroneous conclusions are also coined as alpha risk and beta risk and are
illustrated as follows:

Table 1. Alpha and beta risk

Audit Test Audit Efficiency Audit Effectiveness

Test of Controls Risk of Assessing Control Risk Risk of Assessing Control Risk
Too High (i.e., not depending Too Low (i.e., depending upon
upon effective controls) ineffective controls)
Test of Details Risk of Incorrect Rejection Risk of Incorrect Acceptance
(i.e., rejecting a materially (i.e., accepting a materially
correct balance) incorrect balance)
Statistical Term Alpha Risk ( α ) Beta Risk ( β )

 The auditor is more concerned with beta risk (risk of assessing control risk too low
and risk of incorrect acceptance).

ii. Non-Sampling Risk. Non-sampling risk is the risk that the auditor reaches an erroneous
conclusion for any reason not related to sampling risk (ISSAI 2530.5(d)). Examples of
non-sampling risk include use of inappropriate audit procedures, or misinterpretation of
audit evidence and failure to recognize a misstatement or deviation (ISSAI 2530.A1).

4. Confidence Level. In audit sampling, sampling risk is quantified in terms of confidence level.
Confidence is the level of acceptable risk that the test will not produce accurate results. For
example, in test of controls, if the auditor assumes a 5% risk of assessing control risk too low, it
means that the auditor assumes a 95% confidence level. Similarly, in test of details, if the auditor
assumes a 5% risk of incorrect acceptance, the auditor assumes a 95% confidence level. A 95%
level of confidence indicates that if a particular test was performed 100 times (by random
selection), the results would be accurate 95 times out of the 100 tests, with a risk that 5 tests will
produce inaccurate results.

5. Deviation. Deviation is the non-performance of a prescribed risk control.

6. Inquiry. Inquiry consists of seeking information of knowledgeable persons, both financial and
non-financial, within the entity or outside the entity. Inquiry is used extensively throughout the
audit in addition to other audit procedures (ISSAI 2500.A22).

7. Misstatement. A misstatement is a difference between the amount, classification, presentation,

or disclosure of a reported financial statement item and the amount, classification, presentation or
disclosure that is required for the item to be in accordance with the applicable financial reporting
framework. Misstatement can arise from error or fraud (ISSAI 2200.13(i)).

Guidelines on Audit Sampling | Page 27

 Draft as of February 17, 2021

8. Observation. Observation consists of looking at a process or procedure being performed by

others, for example, the auditor’s observation of inventory counting by the entity’s personnel, or
of the performance of control activities (ISSAI 2500.A17).

9. Performance Materiality. Performance materiality is the amount or amounts set at less than
planning materiality to reduce to an appropriately low level the probability that the aggregate of
uncorrected and undetected misstatements exceed the planning materiality (Guidelines in
Materiality).

10. Planning Materiality. Planning materiality is the materiality level set initially during the
planning stage and also used for evaluating the effect of identified misstatements on the financial
statements and determining the opinion to be expressed (Guidelines in Materiality).

11. Sampling Unit. Sampling units are the individual items constituting a population (ISSAI
2530.5(f)). The sampling units might be physical items (for example, checks listed on deposit
slips, credit entries on bank statements, sales invoices or debtors’ balances) or monetary units
(ISSAI 2530.A2).

12. Test of Controls. Test of controls is an audit procedure designed to evaluate the operating
effectiveness of controls in preventing, or detecting and correcting, material misstatements at the
assertion level (ISSAI 2330.4(b)).

13. Substantive Procedure. Substantive procedure is an audit procedure designed to detect material
misstatements at the assertion level. Substantive procedures comprise:

a. Test of details (of classes of transactions, account balances, and disclosures); and
b. Substantive analytical procedure (ISSAI 2330.4(a)).

14. Tolerable Misstatement. Tolerable misstatement is a monetary amount set by the auditor in
respect of which the auditor seeks to obtain an appropriate level of assurance that the monetary
amount set by the auditor is not exceeded by the actual misstatement in the population (ISSAI
2530.5(i)).

Guidelines on Audit Sampling | Page 28