Attribute sampling is a statistical sampling technique often used to test internal controls; it evaluates the individual attributes of a record to be either true or false. Examples include:

- Having two required signatures for check authorizations over certain amounts.

- Whether account receivables are overdue.

- If travel expense claims are valid or not.

Attribute sampling should be used when:

- There is a need for a statistical sampling solution and judgmental sampling will not suffice.

- The objective of the review is to test compliance to internal controls.

- The compliance testing should evaluate to a true or false result.

- A random selection process will meet the objectives of your review.

Performing attribute sampling involves the following steps.

Planning

- Determine the objectives of the exercise.

- Define the population.

- Define what a misstatement means.

- Determine sample size, using the following:

- Confidence level. A percentage-value comfort level that the sample will be representative and that you have the capabilities to interpret the results correctly.

- Tolerable error. The point of no return past which you would no longer have faith in the process audited, nor the validity of the sample.

- Expected error. The amount of errors or misstatements that are reasonably expected in a population.

Performing Attribute Sampling Procedures

- Select the sample.

- Perform the audit procedures.

- Record and analyze any errors observed.

Evaluation

- Create a projected misstatement by summarizing errors and extrapolating these across the population.

i Compare ranges of the projected misstatements against the tolerable error limit.

- Draw fi nal conclusions.

Similar to MUS sampling, attribute sampling requires a user to set certain boundaries and tolerances for the calculations to be performed.

- Tolerable deviation rate as a percentage. Also known as tolerable error rate, this is the absolute maximum percentage of transactions in error (i.e., not in compliance) that is acceptable as a cost of doing business. If you have more errors than the tolerable error rate, this internal control is not working and must be redesigned. The higher the tolerable error, the more errors you can tolerate, and the lower the sample size needs to be.

- Expected deviation rate as a percentage. Also known as expected error rate, this is the percentage of errors (i.e., noncompliance) you would reasonably expect to see, based on experience. As a rule, the lower the expected error, the lower the sample size.

- Confidence level as a percentage. This is the likelihood that the sample records chosen are indeed representative of the population at large, and that you will correctly interpret the results. The more confident you need to be, the more samples you require.

In the example in Figure 4.14, management decided that the maximum percentage tolerable deviation rate is 10 percent. Anything above 10 percent would suggest that the control is not working and may need to be redesigned. Based on previous history, management expects a deviation rate of 3 percent. Management is happy to accept a confidence level of 90 percent that the sample is representative of the population or data set.

The population size or number of records is 89,979.

The population size, percentage tolerable deviation rate, percentage expected deviation rate, and the confidence level must be entered into the Planning tab of the Attribute Sampling box.

FIGURE 4.14 Planning for Attribute Sampling

Once the Compute button is clicked, based on the information entered, IDEA informs you that you would need a sample size of 52 and that there must not be more than two deviations or errors in the sample to achieve a 90 percent confidence level that deviation level of the population is not more than 10 percent. Refer to Figure 4.15.

FIGURE 4.15 Conclusion to Achieve the Attribute Sampling Objective

The random record sampling feature in Figure 4.16 can be used to randomly select the 52 required records. A detailed audit of the 52 selected records determines whether the control was met. The number of deviations is noted.

FIGURE 4.16 Obtaining the Samples for Attribute Sampling

In the Sample Evaluation tab of the Attribute Sampling box, entries for the population size, sample size, and percentage of desired confidence level are made again. The number of deviations (five) discovered during the audit of the 52 samples must also be included, as noted in Figure 4.17.

Since five deviations are more than the critical number of deviations (two) in the sample calculated in the planning stage, the conclusion is that there is 90 percent certainty that the number of deviations could be significantly higher in the overall population than the 10 percent tolerable percentage. It is 90 percent certain that there could be as many as 17.11 percent of errors if the entire population was audited. As such, this sample cannot be considered as representative and it is likely the control must be redesigned.

FIGURE 4.17 Conclusion from the Audit Results of Attribute Sampling

Found a mistake? Please highlight the word and press Shift + Enter