The function of an internal auditor is to add value to an organization. The management wants to know to what extent information is reliable, procedures have been complied with, and recorded assets are present and well protected. The internal auditor can play an important role in giving assurance to the management in these matters.
In order to fulfill his task the auditor has a variety of methods and techniques like analytical review procedures, verification of documents and inventory taking. As a professional the auditor is responsible for making the choice which combination of methods and techniques is the most efficient ito give the required assurance to the management. One of the techniques available to the auditor is statistical sampling. Through an investigation of a small part of a population the auditor is able to express an opinion over the whole population with a quantified risk and precision.
Statistical sampling and audit have a long combined history. The history shows an intensive discussion. Already in 1933 there was a debate in the Netherlands to what extent statistical sampling was an appropriate audit technique. There was a tendency to audit every transaction and thus a question was raised to what extent a population, for instance, was homogeneous enough to carry out a statistical sample. In 1961 Dutch professor A. van Heerden managed to deal with the latter problem by introducing the monetary unit sampling method: all elements (being a money unit) had the same probability of being selected.
Later on when organizations became bigger and more complex, the number of transactions increased. The discussion about the cost of audit was raised. In order to reduce costs, the auditor started to rely on the system of internal controls. It was accepted that not every error needed to be detected and corrected (materiality) and that the auditor does not need to give 100% assurance. This was a perfect environment for the growth of statistical sampling in audits, especially when a large number of units had to be audited.
Nowadays statistical sampling is a little under pressure. As auditors have better access to databases that can be audited by specific software, all transactions can be easily verified based upon specific queries: e.g. double paid invoices. It could possibly lead to statistical sampling as an audit technique being neglected. This, however, would be a mistake. Not every kind of error can be caught through queries. Especially in the case of complex documents, exceptions to the rules or documents that are interrelated. Above Furthermore, databases are often a reflection of the system of internal control, e.g. through a digital signature, proving that a transaction is delivered or documents are valid. The correctness of the digital signature has to be tested by the auditor. In this area statistical sampling can deliver added value to the auditor to determine if the digital signature is correct (if the population is big enough).
In various countries in Europe the internal audit function is becoming more and more developed. We hope that statistical sampling gets the attention it deserves: it can contribute to efficient and effective auditing nowadays too. We also advise to include the clients in this field as for clients it is not always easy to understand that, based upon a small sample, it is determined that the estimated error in a population could be very big. This needs explaining. If the client understands the concept of statistical sampling and the impact on audit costs, he/she is more willing to accept the outcome.