• First Reference
  • About us
  • Contact us
  • Blog Signup 📨

First Reference Talks

Discussions on Human Resources, Employment Law, Payroll and Internal Controls

  • Home
  • About
  • Archives
  • Resources
  • Buy Policies
You are here: Home / Business / What do audit committees think about risk and audit?

By Norman D. Marks, CPA, CRMA | 2 Minutes Read August 9, 2017

What do audit committees think about risk and audit?

A recent KPMG report shows that they appear to be asking the right questions to find out what audit committees think about risk and audit.

audit committeesI am encouraged by the latest KPMG report, their 2017 Global Audit Committee Pulse Survey.
I am encouraged because KPMG appears to be asking the right questions and getting intelligent answers.
Here are some interesting excerpts, with emphasis added:

  • …nearly 4 in 10 said the [audit] committee’s effectiveness would be most improved by having a “better understanding of the business and key risks”
  • The effectiveness of risk management programs generally, as well as legal/regulatory compliance, cyber security risk, and the company’s controls around risks, topped the list of issues that survey participants view as posing the greatest challenges to their companies. It’s hardly surprising that risk is top of mind for audit committees—and very likely, the full board—given the volatility, uncertainty, and rapid pace of change in the business and risk environment. More than 40 percent of audit committee members think their risk management program and processes “require substantial work,” and a similar percentage say that it is increasingly difficult to oversee those major risks.
  • Internal audit can maximize its value to the organization by focusing on key areas of risk and the adequacy of the company’s risk management processes generally. The survey results show that audit committees are looking to internal audit to focus on the critical risks to the business, including key operational risks (e.g., cyber security and technology risks) and related controls—and not just compliance and financial reporting risks. They also want the audit plan to be flexible and adjust to changing business and risk conditions.
  • Tone at the top, culture, and short-termism are major challenges—and may need more attention. A significant number of audit committee members—roughly one in four—ranked tone at the top and culture as a top challenge, and nearly one in five cited short-term pressures and aligning the company’s short- and long-term priorities as a top challenge. Meanwhile, nearly the same percentage of audit committee members said they are not satisfied that their committee agenda is properly focused on those issues.

Whether you are on a board, an executive, a risk or internal audit practitioner, each of these areas merits attention.
Does this survey reflect the situation at your organization? If so, what is being done about it?
I welcome your views.

  • About
  • Latest Posts
Norman D. Marks, CPA, CRMA
Norman has led large and small internal audit departments, been the Chief Risk Officer and Chief Compliance Officer, and managed IT security and governance functions.

He retired in early 2013. However,he still blogs, writes, trains, and speaks – and mentors individuals and organizations when he can.
Latest posts by Norman D. Marks, CPA, CRMA (see all)
  • Twitter and risk - January 18, 2023
  • When the board insists on a list of the top risks - December 9, 2022
  • The greatest risk and the greatest asset - November 25, 2022

Article by Norman D. Marks, CPA, CRMA / Business, Finance and Accounting, Information Technology, Privacy / audit committees, Corporate culture, cyber security, internal audits, legal compliance, risk, risk management, technology risks

Share with a friend or colleague

Get the Latest Posts in your Inbox for Free!

Electronic monitoring

About Norman D. Marks, CPA, CRMA

Norman has led large and small internal audit departments, been the Chief Risk Officer and Chief Compliance Officer, and managed IT security and governance functions.

He retired in early 2013. However, he still blogs, writes, trains, and speaks – and mentors individuals and organizations when he can.

Footer

About us

Established in 1995, First Reference is the leading publisher of up to date, practical and authoritative HR compliance and policy databases that are essential to ensure organizations meet their due diligence and duty of care requirements.

First Reference Talks

  • Home
  • About
  • Archives
  • Resources
  • Buy Policies

Main Menu

  • About First Reference
  • Resources
  • Contact us
  • 1 800 750 8175

Stay Connected

  • Facebook
  • LinkedIn
  • Twitter
  • YouTube

We welcome your comments on our blog articles. However, we do not respond to specific legal questions in this space.
We do not provide any form of legal advice or legal opinion. Please consult a lawyer in your jurisdiction or try one of our products.


Copyright © 2009 - 2023 · First Reference Inc. · All Rights Reserved
Legal and Copyright Notices · Publisher's Disclaimer · Privacy Policy · Accessibility Policy