The Ideal Audit Committee Member

An article in AccountancyAge caught my eye this morning. It refers to a survey by the Chartered Institute of Internal Auditors (CIIA, formerly known as IIA–UK) and talks about desired characteristics of non-executive (also known as independent) directors. You can see the survey on the CIIA site.

The survey is pretty heartening on a number of fronts. For example, members of the audit committee are assessed as understanding the role of internal audit and paying attention to the management of risk. However, there is still “substantial scope for improving the understanding of risk” at 71% of companies.

While understanding of strategic risk is very good at 75% and good at 3%, the same cannot be said for operational risk: 30% very good and 62% good.

82% said that independent directors “think and act sufficiently independently of executive management.” This is markedly different from the PwC study of directors and boards, where only 61% “rated themselves very effective in standing up and challenging management.”

The AccountancyAge article talks about some of the qualities desired in non-executive directors. They talk about:

  • Relevant experience. I agree this is important, but the coverage in the article is skimpy and limited at best. I look for these characteristics:
o   An understanding of the business.
o   An understanding of the business environment.
o   An understanding of the areas of greatest risk to achievement of strategies and objectives. For example, many companies need the audit committee to have expertise in IT, global trade, finance, strategy, and more.
o   The ability to work effectively with each other and management.
o   An understanding of the role of the director: "noses in, fingers out."
  • Personality traits. The primary discussion topic in the article is the ability of the director to challenge management. I agree that is important. Also important are:
o   The ability to listen actively.
o   The ability to ask the right questions so they can get to the heart of the issue.
o   The ability to explain their views and concerns — and the willingness to do so.
o   The patience and perseverance to continue until their concerns are addressed.
o   The demeanor of a patient person: the ability to get angry without losing their cool. I once had a director who totally "lost it" during an audit committee meeting, and thereby not only lost credibility but destroyed the chances of a constructive discussion.
o   The knowledge that they don’t know everything, and the ability to retain an open mind.
o   The desire to learn and grow.
o   The ability to change their mind.
o   Leadership. After all, this is who the CAE works for.
o   Time: the ability to make time for management, the external auditor, and the CAE. The ability to make time to read and absorb the materials provided for board meetings. The ability to spend additional time reading and generally following the company, its business sector, and other relevant topics.
o   The ability to stay on point, on the more significant issues. I can’t tell you how much valuable committee time I have seen wasted on topics of interest to just one member (important, but could and should have been handled offline).
  • Talent pool. I believe the article is talking about the need for diversity — not only more female directors, but directors from a variety of backgrounds who can collectively meet the needs of the organization. Frankly, when I see comments about a small talent pool I shudder, because I don’t think people are looking hard enough at other sources of directors, such as former CAEs and risk officers.
  • Adaptive risk management. This is not really an attribute; it’s more a desire for the board and the audit committee to spend more time providing governance and oversight of risk management (but see the CIIA study above).

What do you look for in non-executive members, and in the composition of the audit committee as a whole?


Posted on Oct 18, 2011 by Norman Marks

Share This Article:    

  1. Note that organisations today have a separate Audit function and Risk Management function. My comment is focussed on financial risk management. I have been in banking and financial services for 30 years with experience in both mutinational banks and banks with local focus and am currently the head of risk management and compliance in a bank in the middle east. In my experience, the understanding of financial risk issues by internal auditors (and external auditors of the big 4) leave much to be desired. They also tend to emphasize the status quo in terms of processes and policies, while it is a fundamental job of a risk manager to try and change the status quo if it is not risk optimal. Within financial risk management, auditors, for obvious reasons are more comfortable with 'operational risk', but only from a process perspective. The methodologies applied by each function for operational risk is different and in many instances I have found that Audit wants Risk to follow audit processes because they are uncomfortable with things like self assessments and also statistical/mathematical approaches. Because the risk management function also needs to be audited, there are inbuilt conflicts --- and not much has been written about this.

  1. It is great to have all these quaiities in the audit committee members however to me the most important quality is to have a reasonable working relationship of the committee especially the chairman of the audit committee and CAE.

    They need to meet outside the board room and discuss issues related to the organisation. I would strongly recommend that this meeting helps to clear off many issues especially those that are said between the lines and committee members may tend to miss it (because of the brevity in reporting and paucity of time). However, the busy schedule of all important board member is the culprit.

    The other quality to my understanding should be the audit working experience of the audit committte members. Like the financial expert is recommended for audit committee, at least one member should be having some experience in running an audit shop. Former CAE and Risk Management personals should definitely be a value addition to the audit committee.

    Audit committees are expected to understand almost every risk under the sky i.e. starting from financial, to legal, to accountancy, to Information Technology. CAE is also expected to do the same and now I see that the board expects audit to have alook at the macro picture of the business, surprisingly most of the CAEs do their level best to cater to all this demand.

    I think time is something that the board members should be commiting when they agree to sit in one more company board. Having all the above mentioned skills and not being able to do justice when the issues are on hand, is much more pathetic than not having some of the high level skills.


    A person essentially help to make seriously <a href="" title="article">article</a>s I would state. <a href="" title="This">This</a> is the first time I frequented your <a href="" title="web">web</a> page and thus far? I amazed with the research you made to c<a href="" title="rea">rea</a>te <a href="" title="this">this</a> particular publish incredible. Wonderful job!

Leave a Reply