What is statistical sampling?
At some point during review, a partner or quality reviewer asks: "How did you arrive at that sample size?" If the answer is a PIOOMA number (pulled it out of my audit approach), the conversation goes badly. Statistical sampling exists to make that conversation defensible. The sample size traces back to stated inputs, and the conclusion traces back to a quantified evaluation.
ISA 530.5 (g) defines statistical sampling by two features that must both be present: random selection (every item in the population has a known, non-zero probability of being chosen) and evaluation using probability theory to measure sampling risk and draw conclusions. If either feature is missing, the sample is non-statistical regardless of how rigorous the process appears.
ISA 530 .A10 makes clear that both statistical and non-statistical sampling are equally valid when properly applied. The standard does not prefer one over the other. The distinction is not about quality but about how the auditor quantifies uncertainty. Statistical sampling produces a numerically defensible confidence level; non-statistical sampling relies on professional judgement to reach the same conclusion.
The practical advantage is traceability. Every input (confidence level, expected misstatement (EM), tolerable misstatement (TM), population size) is documented and recalculable. ISA 530 .A11 highlights this as a benefit during quality reviews. However, statistical sampling also carries structural limitations: it assumes the population is well-defined and the selection is genuinely random. When those assumptions do not hold, the quantified confidence level is misleading.
Key Points
- Quantifies sampling risk. Statistical sampling produces a measurable confidence level, allowing the auditor to state the probability that the sample result reflects the population within a specified precision.
- No standard requires it. ISA 530 .A10 treats statistical and non-statistical sampling as equally valid. The choice depends on the auditor's judgement and the characteristics of the population.
- Forces discipline with defined inputs. The auditor must specify confidence level, EM, TM, and population size before selecting the sample, creating a documented and reviewable basis for the sample size.
- Must evaluate results statistically. Selecting randomly but evaluating judgmentally invalidates the statistical conclusion. ISA 530 classifies such a mixed approach as non-statistical sampling.
Why it matters in practice
The most common error with statistical sampling is selecting items randomly but then evaluating results using professional judgement rather than probability theory. ISA 530 .A13 warns against this explicitly. When an auditor uses random number generators to pick items but then concludes "no material misstatement" without computing projected misstatement and upper error limits, the sample is non-statistical by definition. The selection method does not rescue the conclusion.
A second practical issue is teams defaulting to statistical sampling without checking whether the population characteristics support it. Populations with many zero-value items or heavy skew can produce misleading statistical results. In these cases, stratification or a switch to non-statistical sampling may be more appropriate and produce a more reliable conclusion.
We have seen teams just roll it forward, reusing last year's sample size and confidence level without rechecking whether the population or risk assessment changed. It is one of the most frustrating review findings because the fix is trivial (re-run the inputs) but the time wasted defending a stale sample size during EQCR is not.
Key standard references
- ISA 530.5 (g) defines statistical sampling as random selection plus probability-based evaluation.
- ISA 530.7 confirms that the decision to use statistical or non-statistical sampling is a matter of professional judgement.
- ISA 530 .A10 states that both approaches can provide sufficient appropriate audit evidence when properly applied.
- ISA 530 .A11–A13 covers traceability advantages and evaluation requirements, including the warning against mixing selection and evaluation methods.
Related terms
Related tools
Related reading
Frequently asked questions
Does ISA 530 require statistical sampling?
No. ISA 530.A10 states explicitly that both statistical and non-statistical sampling can provide sufficient appropriate audit evidence when applied properly. Statistical sampling is a choice, not an obligation.
What makes a sample statistical?
Two features must both be present: random selection (every item has a calculable probability of being chosen) and evaluation using probability theory. If you select randomly but evaluate judgmentally, ISA 530 classifies that as non-statistical sampling.
What is the main advantage of statistical sampling?
Defensibility during review. A statistically designed sample has traceable inputs (confidence level, expected misstatement, tolerable misstatement, population size) that a reviewer can recalculate. The basis for the conclusion is visible and verifiable.