ISO 28596:2022

INTERNATIONAL ISO
STANDARD 28596
First edition
2022-09
Sampling procedures for inspection
by attributes — Two-stage sampling
plans for auditing and for inspection
under prior information
Règles d'échantillonnage pour l'inspection par attributs — Plans
d'échantillonnage à deux niveaux pour l'audit et l'inspection des lots
en exploitant l'information a priori
Reference number
ISO 28596:2022(E)
© ISO 2022

---------------------- Page: 1 ----------------------
ISO 28596:2022(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2022
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
  © ISO 2022 – All rights reserved

---------------------- Page: 2 ----------------------
ISO 28596:2022(E)
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms, definitions, symbols and abbreviated terms . 1
3.1 Terms and definitions . 1
3.2 Symbols and abbreviated terms . 5
4 Selecting and operating a two-stage sampling plan under prior information .5
4.1 General . 5
4.2 Selecting a sampling plan. 5
4.3 Sampling and decision procedure . 6
4.4 Estimation of the actual proportion nonconforming . 7
5 Application paradigms: lot inspection and financial auditing . 7
5.1 Lot inspection . 7
5.1.1 Sampling . 7
5.1.2 Acceptance of loss . 7
5.1.3 Disposition of non-accepted lots . 7
5.1.4 Lots with one or more nonconforming units . 7
5.1.5 Resubmitted lots . 8
5.2 Financial auditing . 8
5.2.1 Purposes in the risk-oriented auditing process . 8
5.2.2 Target population, proportion nonconforming and tolerance proportion p . 8
0
5.2.3 Acceptance and rejection in the case of a test of compliance of the ICS . 8
5.2.4 Acceptance and rejection in the case of a test of details. 8
6 Examples . 8
6.1 Example 1: Lot inspection . 8
6.2 Example 2: Auditing of an internal control system (purchase process) . 9
6.3 Example 3: Auditing of an integral control system (sales process) . 9
6.4 Example 4: Auditing test of details (accounts receivable) . 10
6.5 Example 5: Auditing test of details (raw materials) . 10
7 Sampling plans .10
Annex A (informative) Confidence intervals.16
Annex B (informative) Operating characteristics (OC) .18
Annex C (informative) OC matching .19
Annex D (informative) Conditional type I and II errors (conditional risks) .20
Annex E (informative) Integrated second stage probability .22
Annex F (informative) Integrated average sample number .23
Annex G (informative) Actual coverage probability .24
Annex H (informative) Prior information model .28
Annex I (informative) Operating indicators of sampling plans .30
Annex J (informative) Sampling plan search algorithm .36
Annex K (informative) Accompanying software — Guidance for use .38
Bibliography .41
iii
© ISO 2022 – All rights reserved

---------------------- Page: 3 ----------------------
ISO 28596:2022(E)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to
the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see
www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 69, Application of statistical methods,
Subcommittee SC 5, Acceptance sampling.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.
iv
  © ISO 2022 – All rights reserved

---------------------- Page: 4 ----------------------
ISO 28596:2022(E)
Introduction
This document addresses several application domains: financial auditing, lot inspection, quality
auditing, functional testing, conformance inspection and acceptance testing. In all these domains, users
are concerned with the decision problem of accepting or rejecting an inspection target.
The two-stage sampling scheme suggested by this document addresses three areas of inspection
practice:
a) adjust sample sizes to prior information on the status of the inspection target;
b) enable a rapid decision by samples of small size if the population submitted for inspection is
actually in very good or very bad condition, and enforce higher sample sizes only if the population
submitted for inspection is actually in a medium condition;
c) protect against both errors of
1) erroneously rejecting a tolerable inspection target, and
2) erroneously accepting an intolerable inspection target.
To satisfy a), the sampling plans in this document are indexed in the parameter Trust with levels low,
mid, high, where increasing Trust level reduces sample size. To satisfy b), this document imposes two-
stage sampling plans with small sample sizes in the first stage and higher sample sizes in the second
stage, where ordinarily a decision is reached already in the first stage if the population submitted for
inspection is somewhere in-between.
The sampling scheme in this document is particularly suitable for financial auditing, both for auditing
the internal control system (ICS) and for usage in tests of details as a tool of substantive procedures in
financial auditing. ICS auditing and test of details are usually based on sampling instead of screening
procedures. The relevant standard ISA 530 requires that sampling enable conclusions on the full
population. Conclusively, statistical sampling schemes are indispensable.
Previous inspection results will be an important basis for the choice of the trust level for later
inspections. Thus, the continued use of the sampling scheme in this standard will serve as an incentive
for the providers of the respective targets, e.g. the responsible authorities for the ICS in a company, to
improve upon the quality of the target populations.
The decision procedure of the sample is kept simple for immediate implementation. In particular, the
user is not requested to evaluate mathematical formulae.
The target population is considered as acceptable (tolerable) if the proportion nonconforming
does not exceed a specified tolerance p , otherwise it is considered as unacceptable (intolerable).
0
Correspondingly, the objective of sampling inspection is to enable a decision between the alternatives of
“acceptance” and “rejection”. In different application domains, acceptance and rejection have different
practical interpretations, see the explanations in Clause 5.
The sampling inspection procedure starts with a first sample of size n with the following rule: accept if
1
and only if no nonconforming units are found among the n sampled units; reject if and only if at least
1
Re (stage 1 rejection number) nonconforming units are found among the n sampled units; proceed to
1 1
the second stage if and only if at least one and at most Re -1 nonconforming units are found among the
1
n sampled units. In the second stage, sample n units, and decide “accept” if and only if the number of
1 2
nonconforming units in the combined first and second sample is smaller or equal to the stage 2
acceptance numberAc , otherwise reject. The two-stage decision procedure can be expressed
2
equivalently by comparing the limits of a two-sided confidence interval of nominal level (γ ) for the
proportion nonconforming with the tolerance p .
0
v
© ISO 2022 – All rights reserved

---------------------- Page: 5 ----------------------
ISO 28596:2022(E)
The sampling plans are indexed by three quantities:
i) the tolerance p ;
0
ii) the nominal confidence level (γ ), which is respectively either 0,7, 0,8, 0,9, 0,95 or 0,99;
iii) three levels, low, mid, high, of a scale called Trust.
The Trust levels express the user’s degree of confidence into the status of the target population.
The objective of this document is to provide procedures that enable a decision quickly and economically
if the proportion nonconforming is particularly low or high. In the latter case, the inspection procedure
will in most all cases terminate in stage 1 with small sample sizes n . Only under intermediate values of
1
the proportion nonconforming in the target population, the likelihood of proceeding to a second sample
is high. The two sample sizes in stage 1 and stage 2 are chosen so as to minimize the expected sample
size under the specified confidence level and Trust level.
vi
  © ISO 2022 – All rights reserved

---------------------- Page: 6 ----------------------
INTERNATIONAL STANDARD ISO 28596:2022(E)
Sampling procedures for inspection by attributes — Two-
stage sampling plans for auditing and for inspection under
prior information
1 Scope
This document specifies two-stage (double) sampling plans by attributes for inspection for a proportion
of nonconforming items in a target population of discrete units, in particular:
a) the proportion of nonconforming items in a lot of product items;
b) the proportion of nonconforming function instances of an internal control system (ICS);
c) the proportion of misstatements in a population of accounting entries or booking records;
d) the proportion of nonconforming test characteristics of an entity subject to an acceptance test, e.g.
in product and process audits.
The plans are preferable to single sampling plans where the cost of inspection is high or where the
delay and uncertainty caused by the possible requirement for second samples is inconsequential. The
statistical theory underlying the plans, tables and figures are provided in Annexes A through K.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
ISO 2859-2, Sampling procedures for inspection by attributes — Part 2: Sampling plans indexed by limiting
quality (LQ) for isolated lot inspection
ISO 3534-1, Statistics — Vocabulary and symbols — Part 1: General statistical terms and terms used in
probability
ISO 3534-2, Statistics — Vocabulary and symbols — Part 2: Applied statistics
3 Terms, definitions, symbols and abbreviated terms
3.1 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO 2859-2, ISO 3534-1 and
ISO 3534-2 and the following apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
1
© ISO 2022 – All rights reserved

---------------------- Page: 7 ----------------------
ISO 28596:2022(E)
3.1.1
acceptance number
Ac
largest number of nonconformities or nonconforming items found in the sample by acceptance sampling
(3.1.2) by attributes that permits the acceptance of the lot, as given in the acceptance sampling plan
(3.1.3)
[SOURCE: ISO 3534-2:2006, 4.4.2]
3.1.2
acceptance sampling
sampling after which decisions are made to accept or not to accept a lot, or other grouping of products,
materials or services, based on sample results
[SOURCE: ISO 3534-2:2006, 1.3.17]
3.1.3
acceptance sampling plan
plan which states the sample size(s) to be used and the associated criteria for lot acceptance
[SOURCE: ISO 3534-2:2006, 4.3.3]
3.1.4
Conditional risks

3.1.4.1
conditional risk type I
conditional type I
conditional probability that Hp: ≤p be accepted by the test, given that pp>
00 0
Note 1 to entry: The conditional type I error is also addressed as the conditional type I risk.
Note 2 to entry: In an auditing context, the conditional type I risk evaluates the extent in which the purpose of
auditing is failed. Hence, the type I risk can also be considered as a conditional measure of audit effectiveness.
Note 3 to entry: For a detailed mathematical explanation of this conditional risk, see Annex D.
3.1.4.2
conditional risk type II
conditional type II
conditional probability that Hp: ≤p be not accepted by the test, given that pp≤
00 0
Note 1 to entry: The conditional type II error is also addressed as the conditional type II risk.
Note 2 to entry: In an auditing context, good lots are rejected in this case. So, the conditional type II risk is a
measure for economic loss. Hence, the type II risk can also be considered as a conditional measure of auditing
efficiency.
Note 3 to entry: For a detailed mathematical explanation of this conditional risk, see Annex D.
3.1.5
confidence interval
interval calculated from the sample, which specifies a range of plausible values of the unknown
parameter p
Note 1 to entry: The reliability of the confidence interval as an interval estimate for p is measured by the actual
coverage probability, i.e. the probability that the interval contain the true value of p. For a confidence interval of
nominal level γ, the actual coverage probability has the lower bound γ pointwise in p. The length of the confidence
interval corresponds to the precision of the statistical inference on p. Thus, interest is in shortest confidence
intervals.
Note 2 to entry: See Annex A
2
  © ISO 2022 – All rights reserved

---------------------- Page: 8 ----------------------
ISO 28596:2022(E)
3.1.6
coverage probability
probability that a random confidence region contain the true value of p
Note 1 to entry: For a detailed mathematical explanation of the coverage probability, see Annex G.
3.1.7
financial statement
formal record that reports about an entity’s financial activities and position, related to one point in
time or to changes within a period in time
3.1.8
inspection by attributes
inspection by noting the presence, or absence, of one or more particular characteristic(s) in each of
the items in the group under consideration, and counting how many items do, or do not, possess the
characteristic(s), or how many such events occur in the item, group or opportunity space
[SOURCE: ISO 3534-2:2006, 4.1.3]
3.1.9
integrated average sample number
I.ASN
number measuring the average sample size resulting from a sampling plan under a given proportion
nonconforming p, weighted according to prior information on p
Note 1 to entry: For a detailed mathematical explanation of I.ASN, see Annex F.
Note 2 to entry: If costs for sampling single units are given, the I.ASN can be used to estimate average sampling
costs of the two-stage plan ()nn; .
12
3.1.10
integrated second stage probability
Ip.
2nd
probability of requiring the second step
Note 1 to entry: For a detailed mathematical explanation of Ip. , see Annex E.
2nd
3.1.11
lot
definite part of a population constituted under essentially the same conditions as the population with
respect to the sampling purpose
[SOURCE: ISO 3534-2:2006, 1.2.4]
3.1.12
misstatement
difference between the required amount, classification, presentation or disclosure of a financial
statement and the actual observed one
3.1.13
nonconforming item
nonconforming unit
item or unit with one or more nonconformities
[SOURCE: ISO 3534-2:2006, 1.2.12, modified — "unit" has been added to "item".]
3.1.14
nonconformity
non-fulfilment of a requirement
[SOURCE: ISO 3534-2:2006, 3.1.11]
3
© ISO 2022 – All rights reserved

---------------------- Page: 9 ----------------------
ISO 28596:2022(E)
3.1.15
operating characteristic
OC
probability of reaching the decision “acceptance” by a sampling plan, considered as a function of the
true value of the proportion nonconforming p
Note 1 to entry: See Annex B.
3.1.16
OC matched
sampling plans that have the same operating characteristic
Note 1 to entry: See Annex C.
3.1.17
prior information
knowledge about a parameter before the actual sampling evidence is taken into account
Note 1 to entry: Sources of prior knowledge are, for instance, historic audits and the assessment of the company
environment.
3.1.18
population
totality of items under consideration
[SOURCE: ISO 3534-2:2006, 1.2.1]
3.1.19
rejection number
Re
smallest number of nonconformities or nonconforming items found in the sample by acceptance
sampling by attributes that requires the lot to be not accepted, as given in the acceptance sampling plan
[SOURCE: ISO 3534-2:2006, 4.4.1]
3.1.20
sample
subset of a population made up of one or more sampling units
[SOURCE: ISO 3534-2:2006, 1.2.17, modified — Note 1 to entry deleted.]
3.1.21
substantive procedure
audit procedure with the objective of detecting misstatements at the assertion level
Note 1 to entry: There are two types of substantive procedures:
a) tests of details (of classes of transactions, account balances, and disclosures); and
b) substantive analytical procedures.
3.1.22
test of controls
audit procedure with the objective of assessing the operating effectiveness of controls in preventing, or
detecting and correcting, material misstatements at the assertion level
3.1.23
tolerance proportion
largest value p of the proportion nonconforming such that the target population is considered as
0
acceptable
4
  © ISO 2022 – All rights reserved

---------------------- Page: 10 ----------------------
ISO 28596:2022(E)
3.2 Symbols and abbreviated terms
sample sizes in stage i
n
i
one stage sample size with same OC as two stage sampling plan
n
match
number of misstated items (nonconforming items) found in n
x
i
i
D confidence interval for the proportion of misstatements (nonconforming items)
p proportion of misstatements (nonconforming units)
lower limit of D
p
L
upper limit of D
p
U
p tolerance proportion
0
I.cp integrated actual coverage
γ
nominal confidence level
a, b shape parameters of the beta distribution
Ac acceptance number in stage i
i
rejection number in stage i
Re
i
c.type I conditional probability of erroneous acceptance
c.type II conditional probability of erroneous rejection
Ip. integrated probability of entering the second stage
2nd
I.ASN integrated average sample number
N lot size
OC operating characteristic function
P probability of acceptance (OC function at a specified value p)
a
4 Selecting and operating a two-stage sampling plan under prior information
4.1 General
Table 1 to Table 5 in Clause 7 provide two-stage sampling plans nn,;Ac Re ,, Ac ;Re indexed
()() ()
11 12 22
in the parameters p (tolerance proportion), γ (confidence level), and in the level of prior information
0
(trust).
The aim of the application of a two-stage sampling plan is two-fold:
a) enable a decision on whether or not the actual proportion nonconforming p exceeds the tolerance
proportion p . In statistical terminology, the decision problem can be considered as a test of the
0
hypothesis Hp: ≤p versus the alternative Kp: >p ;
0 0
b) provide a confidence interval for the actual proportion nonconforming p .
The design of the sampling plans assures that the probabilities of both decision errors 1) erroneous
rejection of H, and 2) erroneous acceptance of H are bounded.
4.2 Selecting a sampling plan
Sampling plans can be obtained from Table 1 to Table 5 in Clause 7. The cell entries Table 1 to Table 5
display:
a) upper left: n sample size in stage 1;
1
5
© ISO 2022 – All rights reserved

---------------------- Page: 11 ----------------------
ISO 28596:2022(E)
b) upper right: ()Ac ;Re acceptance and rejection number in stage 1;
11
c) lower left: n sample size in stage 2;
2
d) lower right: Ac ;Re acceptance and rejection number in stage 2.
()
22
The sampling plans are indexed in p (tolerance proportion),γ (nominal confidence level), and in the
0
Trust level.
The nominal confidence level γ determines the reliability of the conclusive decision as taken according
to the algorithm in 5.3 in the sense that the coverage probability Pp()∈D exceeds γ for a wide range
of actual values p, except a small interval around p , see the coverage probability graphs in Figures G.1
0
to G.5. Correspondingly, the probabilities of both decision errors 1) erroneous rejection of Hp: ≤p ,
0
and 2) erroneous acceptance of Hp: ≤p are bounded by 1-γ for a wide range of actual values p.
0
The level of prior information shall be specified on an ordinal scale named Trust, by choosing among the
values {low, mid, high}. The Trust level low shall be used if no prior experience or bad prior experience
with populations submitted for inspection exists. The Trust level high shall be used if there is strong
evidence of good performance. The Trust level mid shall be used if there is weak evidence of good
performance or strong evidence of in-between performance.
See Annex H for further technical background on the prior information model and the Trust scale.
4.3 Sampling and decision procedure
The decision by a two-stage sampling plan ()nn,;()Ac Re ,,()Ac ;Re shall proceed according to
11 12 22
the following algorithm with Ac = 0:
1
Stage 1:
Draw a random sample of size n , determine the number x of nonconforming units among the n
1 1 1
sampled units. Decide according to the subsequent cases a), b), and c):
a) x ≤Ac : Acceptance of the hypothesis Hp: ≤p , i.e. p is considered not to exceed the tolerance p ;
11 0 0
b) x ≥Re : Rejection of the hypothesis Hp: ≤p , i.e. p is considered to exceed the tolerance p ;
12 0 0
c) Ac < 11 1
Stage 2:
If, in stage 1, the case c) occurs and enforces entering stage 2, proceed as follows:
Draw a second random sample of size n , determine the number x of nonconforming units among the
2 2
n sampled units. Decide according to the subsequent cases a) and b):
2
a) xx+≤Ac : Acceptance of the hypothesis Hp: ≤p , i.e. p is considered not to exceed the tolerance
12 2 0
p ;
0
b) xx+≥Re : Rejection of the hypothesis Hp: ≤p , i.e. p is considered to exceed the tolerance p
12 2 0 0.
6
  © ISO 2022 – All rights reserved

---------------------- Page: 12 ----------------------
ISO 28596:2022(E)
4.4 Estimation of the actual proportion nonconforming
The sample proportion nonconforming is
x

1
,,if thedecisionprocedure terminates in stage1

n

11
pˆ =

xx+
12

,.if thedecisionprocedure terminates in stage2
nn+


12
p̂ is an unbiased estimator of the actual proportion nonconforming p in the population. The sampling
uncertainty inherent in the estimator p is expressed by a confidence interval. A two-sided confidence
interval D = []pp; of a nominal level γ satisfies the inequality Pp()≤≤pp ≥γ , i.e. with a
LU LU
probability of at least γ , the actual proportion p lies between p and p . A two-sided confi
...