Audit Committee Priorities Remain Risk, Compliance, and Technology

KPMG has published a summary of their Audit Committee Institute’s roundtable, which includes reference to a survey of audit committee members. Health Skepticism Rules: The 2011 Audit Committee Agenda doesn’t have any earth-shattering new revelations — but remains a useful read. It identifies the top concerns for audit committees as:

  1. Risk management and crisis response.
  2. Financial communications/disclosures and new accounting standards/convergence.
  3. Legal/regulatory compliance.
  4. Uncertain economy and government regulation.
  5. Leadership/culture/tone at the top.
  6. IT/emerging technologies (cloud computing).
  7. Audit committee effectiveness (composition/self-evaluation).
  8. Globalization (off-shoring, supply chain).

All of these are areas where the CAE can assist, whether it’s by being a consultant (for example, helping the audit committee determine how to add risk management oversight to its already heavy burden) or by ensuring that internal audit is providing assurance on the high risk areas.

Do you agree?

Posted on Apr 18, 2011 by Norman Marks

Share This Article:    

  1. Totally Agree,

    One of the AC responsibilities is to oversee the effectiveness of the internal control, 

    Since the Committee of Sponsoring Organizations (COSO) defines the minimum requirements to have effective internal controls needs to have the five internal control components effective (control environment, risk assessment ...)
    The way I look at these top priorities that they are not a new addition to the control agenda and they are already part of the control process
    If the message made clear to the audit committee that these are necessities that needs to be evaluated and monitored in order to be able to issue an opinion on the effectiveness of the internal controls, they well accept the fact
    With proper alignment and cooperation, reporting these top priorities status has a good opportunity!
    May be these top priorities can be reported through different channels and obtained from multiple outputs such as legal, internal and external audit reports , self assessment outputs in the organization .
    Using the combined efforts of all parties and functions to address risks and concerns can also create partnership in facing these priorities and enhance the sense of ownership and responsibility of the  risk management by having all functions as reporters of the risk issues rather than leaving it to the auditors.


  1. I think the Audit Committee and full BOD should be concerned about creating and preserving shareholder value. What are the incremental cash flows from our new strategic investments? How are related activities monitored to ensure these cash flows are realized.?Are there gaps, key performance indicators, reporting?  Do we need to adjust the strategy?

    Don't focus on risk, focus on governance, value management and performance.

    Mike Corcoran, GVP Partners



Leave a Reply