
Introduction
SA 330 requires the auditor to respond appropriately to the risks of material misstatement identified during the audit. After assessing risks, the auditor must design and perform audit procedures that directly address those risks and obtain sufficient appropriate audit evidence.
Objective of SA 330
The auditor aims to obtain sufficient and appropriate audit evidence regarding the assessed risks of material misstatement by:
- Designing suitable audit responses; and
- Implementing those responses effectively.
Overall Responses at Financial Statement Level
First, the auditor designs and implements overall responses to address risks at the financial statement level.
For example, the auditor may:
- Assign more experienced staff,
- Increase professional skepticism,
- Provide stronger supervision,
- Modify the nature, timing, and extent of audit procedures.
Thus, when risk increases, the auditor strengthens the overall audit approach.
Further Audit Procedures at Assertion Level
Next, the auditor designs further audit procedures for specific assertions relating to:
- Classes of transactions,
- Account balances, and
- Disclosures.
The auditor determines the nature, timing, and extent of procedures based on the assessed risk.
1. Consider Reasons for Risk Assessment
The auditor evaluates:
- The reasons for the assessed risk of material misstatement at the assertion level; and
- Whether relevant controls effectively address that risk.
Accordingly, the auditor tailors audit procedures to respond directly to identified risks.
2. Obtain More Persuasive Evidence for Higher Risk
When the auditor assesses higher risk, the auditor obtains more persuasive audit evidence.
For example, the auditor may:
- Perform substantive procedures at year-end instead of interim,
- Increase the sample size,
- Obtain external confirmations.
Therefore, higher assessed risk requires stronger and more reliable evidence.
Testing of Controls During Interim Period
If the auditor obtains audit evidence about the operating effectiveness of controls during an interim period, the auditor shall:
- Obtain audit evidence about significant changes to those controls after the interim period; and
- Determine the additional audit evidence required for the remaining period.
Thus, the auditor ensures that controls operated effectively throughout the entire financial year.
Evaluation of Audit Evidence
Before concluding the audit, the auditor evaluates whether:
- The risk assessments at the assertion level remain appropriate; and
- The audit procedures performed adequately address those risks.
While forming an opinion, the auditor considers all relevant audit evidence, whether it supports or contradicts management’s assertions in the financial statements.
Insufficient Audit Evidence
If the auditor does not obtain sufficient appropriate audit evidence regarding a material financial statement assertion, the auditor shall:
- Attempt to obtain further audit evidence.
However, if the auditor remains unable to obtain sufficient appropriate audit evidence, the auditor shall:
- Express a qualified opinion, or
- Express a disclaimer of opinion, as appropriate.
Using Audit Evidence from Previous Audits
If the auditor plans to rely on audit evidence about the operating effectiveness of controls obtained in previous audits, the auditor shall:
- Evaluate whether those controls have changed;
- Obtain evidence about their continued effectiveness; and
- Document the conclusion regarding reliance on such controls.
Conclusion
SA 330 ensures that the auditor actively responds to assessed risks instead of merely identifying them. By designing and performing appropriate audit procedures at both financial statement level and assertion level, the auditor obtains sufficient appropriate audit evidence and forms a well-supported audit opinion.
