ABSTRACT
We have been using the concept of risk simply as the converse of confidence. Assuming, however, that the auditor chooses to arrive at a judgment about risk and confidence levels, this can be taken as given for the purpose of audit sampling. In one sense this is a matter of practicality: the number of possible risk models, not to mention the range of professional judgments, in any one complex organization is simply vast and certainly beyond the scope of a short book such as this. But it is also worth pointing out ways that the use of risk models in general, and the approach promulgated by SAS 300 in particular, can help reduce sample size by facilitating some of the confidence and risk to be taken from sources of audit evidence, other than the results of one particular sample.
