Let's break this down step by step as a tutor would! ### 1. Understanding Attribute Sampling **Attribute sampling** is a statistical method auditors use to estimate the rate of occurrence of a specific attribute (i.e., a control deviation) in a population (e.g., all vouchers processed in a month). Here, you are evaluating two controls (attributes): 1. **Agreement of voucher amounts with invoice amounts** 2. **Voucher canceled after payment** For each, you have: - **Expected deviation rate:** What you expect to find based on experience. - **Tolerable deviation rate:** The maximum rate you are willing to accept and still consider the control effective. - **Risk of assessing control risk too low:** The risk that you will mistakenly conclude that controls are more effective than they actually are (set at 5%). ### 2. Attribute Sampling Table We need to fill in the following table: | Attribute | 1 | 2 | |--------------------|------------|------------| | Risk of assessing control risk too low | 5% | 5% | | Tolerable deviation rate | 7% | 6% | | Expected population deviation rate | 2% | 1% | | Sample size per table | ? | ? | | Sample size used | ? | ? | | Number of deviations identified | 2 | 2 | | Sample deviation rate | ? | ? | | Achieved upper deviation limit | ? | ? | #### Step 1: Find Sample Size Per Table Auditors use tables (like those in the AICPA Audit Guide or textbooks) to determine sample size, given: - Risk of assessing control risk too low (5%) - Tolerable deviation rate (7% and 6%) - Expected deviation rate (2% and 1%) I'll use **typical attribute sampling tables** (e.g., ACL, AICPA, or textbooks) for these values. The actual numbers may vary slightly depending on your textbook, but here's a typical approach: --- #### Attribute 1: (Tolerable = 7%, Expected = 2%, Risk = 5%) Sample size per tables: **68** (rounded up to nearest 10 → **70**) #### Attribute 2: (Tolerable = 6%, Expected = 1%, Risk = 5%) Sample size per tables: **85** (rounded up to nearest 10 → **90**) --- **(Numbers may vary slightly depending on your source, but these are representative.)** **Fill in:** | Attribute | 1 | 2 | |--------------------|------|------| | Sample size per table | 68 | 85 | | Sample size used | 70 | 90 | --- #### Step 2: Compute Sample Deviation Rate Sample deviation rate = (Number of deviations identified) / (Sample size used) - **Attribute 1:** 2/70 = **2.86%** - **Attribute 2:** 2/90 = **2.22%** --- #### Step 3: Achieved Upper Deviation Limit This is the statistical upper bound for the population deviation rate, given the observed deviations and the sample size (using statistical tables or software). Let’s use a shortcut from attribute sampling tables for 2 deviations: - For **70 sample size, 2 deviations, 95% confidence**: Upper deviation limit ≈ **8.6%** - For **90 sample size, 2 deviations, 95% confidence**: Upper deviation limit ≈ **7.0%** *(If you have a table, look up: "Number of deviations = 2", "Sample size = 70/90", "Risk = 5%")* --- | Attribute | 1 | 2 | |--------------------|------|------| | Sample size used | 70 | 90 | | Number of deviations identified | 2 | 2 | | Sample deviation rate | 2.9% | 2.2% | | Achieved upper deviation limit | 8.6% | 7.0% | --- ### 3. Statistical Conclusion for Each Attribute Now, compare the **achieved upper deviation limit** to the **tolerable deviation rate**. - **Attribute 1:** Upper deviation limit (8.6%) > Tolerable rate (7%) - **Conclusion:** The sample results indicate that the control may not be effective at the tolerable deviation rate. You cannot rely on this control as much as planned. - **Attribute 2:** Upper deviation limit (7.0%) > Tolerable rate (6%) - **Conclusion:** Similarly, the sample results suggest that the control may not be effective at the tolerable deviation rate. --- ### 4. Audit Decisions - **Attribute 1:** Since upper deviation limit exceeds tolerable rate, you would **not rely** on this control as planned; you may need to increase substantive testing or consider other audit responses. - **Attribute 2:** Same conclusion; you would **not rely** on this control as planned. --- ### 5. Final Table (Completed): | Attribute | 1 | 2 | |--------------------|------|------| | Risk of assessing control risk too low | 5% | 5% | | Tolerable deviation rate | 7% | 6% | | Expected population deviation rate | 2% | 1% | | Sample size per table | 68 | 85 | | Sample size used | 70 | 90 | | Number of deviations identified | 2 | 2 | | Sample deviation rate | 2.9% | 2.2% | | Achieved upper deviation limit | 8.6% | 7.0% | --- ### 6. Summary Explanation - **Statistical conclusion for each attribute:** For both controls, the achieved upper deviation limit exceeds the tolerable deviation rate. Therefore, there is a risk that the true deviation rate in the population exceeds what the auditor is willing to accept. - **Audit decision:** Controls are **not effective at the tolerable deviation rate**; do not rely on these controls as planned. Consider increasing substantive testing or revising audit strategy. --- **If you have access to exact sampling tables (from your textbook), use those for more precise sample size and upper limits, but the logic remains the same!** --- **Do you want to see the process for calculating the upper deviation limit from scratch, or any more details about attribute sampling logic?**