Attribute-sampling sizes from published binomial and Poisson formulas, derived at runtime, not from a table.
See it run - a worked example, 100% in this browser tab
The problem
Internal-audit and SOX teams sizing control tests must defend the sample size and the allowable-deviation count against PCAOB inspection. Pasting reliability factors from a table invites transcription error and offers no checkable derivation.
The local-first solution
This plugin returns the required sample size and allowable deviations by exact closed-form attribute sampling, deriving the Poisson reliability factors at runtime by inverting the Poisson CDF so they reproduce the published AICPA tables and stay checkable, all in your browser.
What it does
Binomial exact sample size n = ceil(ln(risk)/ln(1 - tolerable)) for a zero expected deviation rate
Poisson reliability-factor sizing for nonzero expected deviation rates, with the factor derived by bisection on the exact Poisson CDF
Allowable-deviation count returned alongside the sample size
Reliability factors that reproduce the published AICPA Audit Sampling Guide values to the displayed precision
Optional cited finite-population correction shown beside the uncorrected size so nothing is hidden
Control-frequency rule-of-thumb minimum-sample reference table surfaced for context
Honest scope
Not auditing, accounting, or legal advice: the acceptable risk of overreliance and the tolerable rate are professional judgments under PCAOB AS 2315 / AICPA AU-C 530 that the engagement team sets. The binomial and Poisson formulas, the derived reliability factor, and the finite-population correction are exact; the control-frequency rule-of-thumb counts are practice conventions you confirm against your firm's methodology, and variables/MUS sampling, stop-or-go and discovery sampling, and the evaluation of deviations actually found are not modeled.
Authorities cited
PCAOB AS 2315 (Audit Sampling) - audit sampling for tests of controls: tolerable rate, acceptable risk of overreliance (assessing control risk too low), expected population deviation rate, and sample-size determination.
AICPA AU-C 530 (Audit Sampling) - factors influencing sample size for tests of controls; the relationship of tolerable rate, expected deviation rate, and the acceptable risk to the required sample size.
AICPA Audit Guide, Audit Sampling (Appendix - Attribute Sampling tables and Poisson reliability factors) - the published reliability factors R(c, risk) (e.g. 3.00, 4.75, 6.30, 7.76, 9.16 at 5% risk of overreliance) reproduced here by inverting the Poisson CDF.
Binomial zero-deviation sample size: with an expected deviation rate of 0, acceptance requires a clean sample; P(clean | true rate = tolerable t) = (1-t)^n <= risk gives n = ln(risk)/ln(1-t). e.g. ln(0.05)/ln(0.95) = 58.40 -> 59.
Poisson reliability-factor sample size: n = R(c, risk)/tolerable, where R(c, risk) is the largest mean lambda with P(X<=c)=risk, X~Poisson(lambda). Allowable deviations c chosen so expected_rate * n <= c.
Finite-population correction: n_corrected = n / (1 + n/N), reducing the sample for small populations relative to the "infinite-population" attribute tables (standard sampling-theory adjustment).
Control-frequency rule-of-thumb minimum samples (annual=1, quarterly=2, monthly=2-5, weekly=5-15, daily=20-40, multiple/day=25-60) - common internal-audit / SOX practice conventions (illustrative; confirm against firm methodology and PCAOB inspection expectations).
Size a control test
Compute the sample size in your browser and route the result into a Sandbox workspace, a Worklog case file, or a Gate client portal. Nothing is uploaded to anyone's cloud.