Before giving the green light on your financial statements, auditors have to prove the effectiveness of internal controls. However, because of time and budget constraints, trying to analyze every transaction posted to the general ledger is impractical and not remotely possible. Preferably, auditors pick out and analyze a representative sample of transactions in order to form assertions about the whole population. What follows is additional information on how sampling works — plus the pros and cons of putting it to use during internal control testing.
Picking a sample
When preparing a sample of transactions to test, auditors may apply statistical techniques. To illustrate, the auditor could select sufficient transactions to represent a specific percentage of 1) the total transactions in an account, or 2) the total assets or revenue of the company. Of course, the auditor could also pull a random transaction sample through statistical sampling software instead.
Auditors have the option of employing nonstatistical sampling techniques, as well. These are based on professional judgment or a dollar threshold but are more likely to be effective when the CPA has many years of audit experience. This guarantees that the selected sample is representative of the transaction population.
Your auditor makes certain expectations, even before analyzing a sample, regarding the number of “exceptions” (such as errors and omissions) that the sample contains. Should the actual expectations surpass the auditor’s expectation, he or she might carry out additional procedures. For example, your auditor could increase the sample and perform more testing to assess the degree of noncompliance.
In the end, your auditor may determine that your internal controls are ineffective. In that case, he or she will carry out additional tasks that will help estimate the extent of the control failure.
Pros vs. cons
Sampling curbs audit costs by streamlining the internal control testing process. It cuts down on disruptions to business operation during audit fieldwork, as well. When applied correctly, the results of sampling are theoretically as accurate as if the audit team had analyzed every transaction posted to the general ledger. Unfortunately, in practice, sampling can occasionally generate problems during internal controls testing.
For instance, sampling presumes that controls function consistently across the entire transaction population. If an exception doesn’t arise in the sample taken — because the sample was too small or otherwise unrepresentative of the whole population — your audit team may come to an incorrect determination regarding the effectiveness of your internal controls.
Another risk would be that your audit team may rely too heavily on nonstatistical sampling. Placing more trust and confidence in judgment than statistical methods may end in miscalculations, particularly with an auditor lacking in professional experience.
A collaborative process
To help magnify the benefits of sampling, you can promptly deliver the requested documents to the audit team while also following up on your auditor’s management points at the end of each year’s audit. Both business owners and auditors become discouraged when internal control weaknesses persist year after year. Our auditors have extensive experience testing internal controls. Please call us at 818-334-8623 or click here to contact us for answers to any questions you may have on testing and sampling techniques.