DOCSLIB.ORG

Audit Committee Oversight of Enterprise Risk Management

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Audit Committee Oversight of Enterprise Risk Management Audit Committee Oversight of Enterprise Risk Management Topical Areas: ERM Implementation and Oversight Main Theme: The emphasis the SEC and Standard and Poor’s have placed on risk management processes has led many companies to increase the oversight responsibility for risk management placed on the board of directors. Because of their involvement with internal and external auditors who assess the efficacy of internal controls, the audit committee is often being charged with oversight of enterprise risk management as well. Executive management, especially the CFO, is being held accountable by the board of directors for their assessment of key risk exposures and leading the enterprise risk management effort. Summary of Article: Key stakeholders are pressuring boards of directors to better handle near‐term risks and to identify strategic risks that might affect future operating performance. More companies are implementing enterprise risk management (ERM) to identify strategic and operating risks, in addition to financial risks, and define the organization’s overall risk appetite. Rising Expectations for the Audit Committee Boards are seeking more risk intelligence to help them evaluate the trade‐offs between risk and return when weighing strategic alternatives. The audit committee is responsible for oversight of the internal and external auditors as well as financial reporting. In part because the assessment of internal controls over financial reporting is risk‐based, the audit committee is increasingly being charged with overseeing management’s risk policies and discussing the enterprise’s key risk exposures with management. Audit committees charged with risk oversight are placing demands on management for more information about key risk exposures and risk management processes. The Role of the CFO and Internal Audit The CFO is the executive most often responsible for reporting on risk issues to the board according to The Conference Board’s 2006 report, The Role of U.S. Corporate Boards in Enterprise Risk Management. CFOs are well positioned to lead an enterprise’s risk management effort because they are required to understand key activities related to financial and operational performance in their management of the enterprise’s finances. This understanding facilitates the tasks of defining risk terminology, identifying potential risk drivers and risk events, and assessing the probability and impact of risk events using uniform criteria across the enterprise. The internal audit function is involved in risk assessment and risk management activities. However, an Institute of Internal Audit position paper, The Role of Internal Auditing in Enterprisewide Risk Management, recommends that internal audit should not be involved in developing the risk management process for board approval, imposing risk management processes, managing identified risks or setting the risk appetite of the enterprise. Internal audit should monitor the effectiveness of ERM processes designed by senior management by evaluating and giving assurance on risk management processes, evaluating the reporting of key risks, and reviewing the management of key risks. Realistic Expectations for Enterprise Risk Management ERM implementation is a process, which also involves cultural changes for the enterprise, whereby risk oversight improves over time. ERM efforts should be designed to more effectively manage risks on an enterprise‐wide basis while realizing that effective ERM will help the enterprise better identify and manage risk, but not lower risk. In its 2006 report, The Role of U.S. Corporate Boards in Enterprise Risk Management, the Conference Board found that a majority of boards believe that strategic risks pose the greatest threat to a company. Boards believed that more risk intelligence would help them evaluate risk/return trade‐offs when considering strategic alternatives. Audit committees are exerting pressure on their external auditors to share risk information and key business risks affecting the enterprise identified during the process of understanding the entity and its business environment necessary to complete audits of the financial statements or internal controls. Auditors of publicly traded companies may also identify deficiencies in risk responses as they assess the effectiveness of internal controls surrounding core business processes that affect financial reporting. The board of directors, and specifically the audit committee, is under increasing pressure from stakeholders to improve management’s process for identifying, assessing, and responding to specific risks in the near term and anticipating future risks. IBM’s Global CFO Study 2008 found that 62% of enterprises with revenues in excess of $5 billion encountered a major risk event in the last three years and 42% of CFOs indicated that their enterprise was not adequately prepared. In response to the increase in the volume and complexity of risks, the audit committee is being increasingly relied upon to oversee the management of risk. Source: Mark S. Beasley, Bruce C. Branson and Bonnie V. Hancock, Rising Expectations: Audit Committee Oversight of Enterprise Risk Management, Journal of Accountancy, April 2008. Abstract Prepared By: ERM Initiative Faculty and Lora Blackburn, 2009 Master of Accounting Student. .
Load more

Recommended publications
  • Audit Committees and Auditor Independence Brochure
    relationships with the company, its officers, directors or significant Change of Independent Auditors shareholders. Thus, audit committees should consider whether the company The auditor generally must be independent for has implemented processes that identify the entire engagement period and the period such prohibited relationships. covered by the financial statements being audited. Once this relationship is terminated, z Certain Financial Relationships. Audit there is no continuing requirement for the auditor committees should be aware that certain to remain independent. The auditor may financial relationships between the generally re-issue its former opinions on the company and the independent auditor company’s financial statements. However, if a are prohibited. These include creditor/ restatement of the financial statements becomes debtor relationships, banking, broker- necessary, the auditor must be independent to dealer, futures commission merchant audit the restatement adjustments and re-issue its accounts, insurance products and opinion. Further, if the Board is contemplating or interests in investment companies. plans a change in auditors, the audit committee Communications Between the Audit must consider whether the prospective firm will be independent during the audit engagement period. Committee and the Independent Auditor That is, the prospective firm must cease all Independence Standards Board Standard No. 1 prohibited services and/or sever all prohibited AUDIT COMMITTEES AND requires that the auditor disclose to the audit relationships with the issuer prior to the beginning AUDITOR INDEPENDENCE committee in writing all relationships between of the audit engagement period. Therefore, the the audit firm and the company that may audit committee should consider these issues reasonably be thought to bear on the audit firm’s before hiring a predecessor auditor or a independence.
    [Show full text]
  • The Role of Internal Auditing in Enterprise-Wide Risk Management
    IIA POSITION PAPER: THE ROLE OF INTERNAL AUDITING IN ENTERPRISE-WIDE RISK MANAGEMENT Issued: January 2009 ERM PP Revised: Page 1 of 8 Introduction The importance to strong corporate governance of managing risk has been increasingly acknowledged. Organizations are under pressure to identify all the business risks they face; social, ethical and environmental as well as financial and operational, and to explain how they manage them to an acceptable level. Meanwhile, the use of enterprise-wide risk management frameworks has expanded, as organizations recognize their advantages over less coordinated approaches to risk management. Internal auditing, in both its assurance and its consulting roles, contributes to the management of risk in a variety of ways. What is Enterprise-wide Risk Management? People undertake risk management activities to identify, assess, manage, and control all kinds of events or situations. These can range from single projects or narrowly defined types of risk, e.g. market risk, to the threats and opportunities facing the organization as a whole. The principles presented in this paper can be used to guide the involvement of internal auditing in all forms of risk management but we are particularly interested in enterprise-wide risk management because this is likely to improve an organization’s governance processes. Enterprise-wide risk management (ERM) is a structured, consistent and continuous process across the whole organization for identifying, assessing, deciding on responses to and reporting on opportunities and threats that affect the achievement of its objectives. Responsibility for ERM The board has overall responsibility for ensuring that risks are managed. In practice, the board will delegate the operation of the risk management framework to the management team, who will be responsible for completing the activities below.
    [Show full text]
  • Audit Committee Charter & Checklist
    Audit Committee Charter & Checklist GP Natural Resource Partners LLC Purpose The Audit Committee (the "Committee") is appointed by the Board of Directors of GP Natural Resource Partners LLC (the "Company") to serve as an independent and objective party to: • oversee the quality and integrity of the financial statements, reports and other financial information of Natural Resource Partners L.P. (the "Partnership") that the Partnership provides to any governmental body or to the public; • oversee the Partnership's compliance with legal and regulatory requirements; • oversee the independent public accountant's qualifications and independence; • oversee the performance of the independent public accountants; • oversee the performance of the internal audit functions of the Partnership and the Company; • oversee the Partnership's systems of internal controls regarding finance, accounting, legal compliance and ethics that management and the Board of Directors have established; • prepare on an annual basis a Report of the Audit Committee for inclusion in the Partnership's annual report on Form 10-K; • provide an open avenue of communication among the independent public accountants, financial and senior management, the personnel responsible for internal audit functions, and the Board of Directors, always emphasizing that the independent public accountants are accountable to the Committee; and • perform such other duties as are directed by the Board of Directors and report regularly to the Board of Directors. Consistent with this purpose, the Committee should encourage continuous improvement of, and should foster adherence to, the Partnership's policies, procedures and practices at all levels. Committee Membership The Committee shall be comprised of three or more Directors, as recommended by the Compensation, Nominating and Governance Committee and approved by the Board of Directors.
    [Show full text]
  • Brookfield Business Partners Limited Audit Committee Charter
    BROOKFIELD BUSINESS PARTNERS LIMITED AUDIT COMMITTEE CHARTER A committee of the board of directors (the “Board”) of Brookfield Business Partners Limited (the “BBU General Partner”), the general partner of Brookfield Business Partners LP (the “Partnership”), to be known as the Audit Committee (the “Committee”) shall have the following terms of reference: MEMBERSHIP AND CHAIR Annually the Board shall appoint three or more directors (the “Members” and each a “Member”) to serve on the committee for the upcoming year or until the Member ceases to be a director, resigns or is replaced, whichever occurs first. The Members will be selected by the Board on the recommendation of the Governance and Nominating Committee of the BBU General Partner (the “Governance and Nominating Committee”). Any Member may be removed, with or without cause, from office or replaced at any time by the Board. All Members will be Independent directors (as defined below). In addition, every Member will be Financially Literate (as defined below). Members may not serve on more than two other public company audit committees, except with the prior approval of the Chair of the Board. Not more than fifty percent of the Members may be residents of any one jurisdiction (other than Bermuda and any other jurisdiction designated by the Board from time to time). The Board shall appoint one Member as the chair of the Committee (the “Chair”). If the Board fails to appoint a Chair, the Members of the Committee shall elect a Chair by majority vote to serve at the pleasure of the majority. If the Chair is absent from a meeting, the Members shall select a Member from those in attendance to act as Chair of the meeting.
    [Show full text]
  • The Audit Committee's Role in Control and Management of Risk
    Mauritius Audit Committee Forum Position Paper 3 The Audit Committee’s Role in Control and Management of Risk December 2015 2 | Mauritius Audit Committee Forum About the Mauritius Audit Committee Forum Recognising the importance of Audit Committees as part of good Corporate Governance, the Mauritius Institute of Directors (MIoD) and KPMG have set up the Mauritius Audit Committee Forum (the Forum) in order to help Audit Committees in Mauritius, in both the public and the private sectors, improve their effectiveness. The Position Paper 3 deals with the Audit Committee's role in control and management of risk. The purpose of the Forum is to serve Audit Committee members and help them adapt to their changing role. Historically, Audit Committees have largely been left on their own to keep pace with rapidly changing information related to governance, risk management, audit issues, accounting, financial reporting, current issues, future changes and international developments. The Forum provides guidance for Audit Committees based on the latest legislative and regulatory requirements. It also highlights best practice guidance to enable Audit Committee members to carry out their responsibilities effectively. To this end, it provides a valuable source of information to Audit Committee members and acts as a resource to which they can turn for information or to share knowledge. The Forum’s primary objective is thus to communicate with Audit Committee members and enhance their awareness and ability to implement effective Audit Committee processes. Position Paper series The Position Papers, produced periodically by the Mauritius Audit Committee Forum, aim to provide Board directors and specifically Audit Committee members with basic best practice guidance notes in running an effective Audit Committee.
    [Show full text]
  • The Role of the Audit Committee Chair
    The role of the audit committee chair Audit Committee Institute Part of the KPMG Board Leadership Centre The importance of the audit committee chair’s leadership in setting the committee’s tone, work style, and agenda is vital to the committee’s effectiveness. In our experience, the most effective audit committee chairs are fully engaged – recognising that the position may require their attention at any time, and often beyond regularly scheduled meetings. They understand the culture of the organisation; they set clear expectations for committee members; they understand, and hold to account, both management and auditors; and they ensure that the right resources are being employed to support quality financial reporting. To provide effective leadership, the audit committee Audit committee chairs often set aside “white chair must have a clear understanding of the space” at the beginning of each meeting for the committee’s duties and responsibilities; be able to committee members to have one last look at the commit the necessary time (which will vary depending agenda (including time allocated to each agenda item) on the size, complexity and circumstances of the after they have had the opportunity to review the pre- business); be readily available on urgent matters and in meeting materials. times of crisis; and have the requisite business, financial, communication, and leadership skills. Many audit committee chairs also set aside time at each meeting for the audit committee to take a deep Setting the agenda dive into an important area of risk, accounting policy, judgement estimate or the company’s use of non- The audit committee chair plays a critical role in GAAP measures.
    [Show full text]
  • Sample Audit Committee Charter Center for April 2018 Board Effectiveness Sample Audit Committee Charter
    Sample audit committee charter Center for April 2018 Board Effectiveness Sample audit committee charter Sample audit committee charter This sample audit committee charter is based on observations of selected companies and the requirements of the SEC, the NYSE, and NASDAQ. The information presented can and will change; we are under no obligation to update such information.1 This template is designed for US public companies; exceptions to the requirements noted below may apply for certain issuers, including investment companies, small-business issuers, and foreign private issuers. Many of the items presented here are not applicable to voluntary filers. All companies should consult with legal counsel regarding the applicability and implementation of the various requirements identified. Audit committee of the board of directors—charter I. Purpose and authority The audit committee is established by and among the board of directors for the primary purpose of assisting the board in: • Overseeing the integrity of the company’s financial statements [NYSE Corporate Governance Rule 303A.07(b)(i)(A)] and the company’s accounting and financial reporting processes and financial statement audits [NASDAQ Corporate Governance Rule 5605(c)(1)(C)] • Overseeing the company’s compliance with legal and regulatory requirements [NYSE Corporate Governance Rule 303A.07(b)(i)(A)] • Overseeing the registered public accounting firm’s (independent auditor’s) qualifications and independence [NYSE Corporate Governance Rule 303A.07(b)(i)(A) and NASDAQ Corporate Governance Rule 5605(c)(1)(B)] • Overseeing the performance of the company’s independent auditor and internal audit function [NYSE Corporate Governance Rule 303A.07(b)(i)(A)] • Overseeing the company’s systems of disclosure controls and procedures • Overseeing the company’s internal controls over financial reporting • Overseeing the company’s compliance with ethical standards adopted by the company.
    [Show full text]
  • Model Audit Committee Charter
    Model Audit Committee Charter PURPOSE To assist the board of directors in fulfilling its oversight responsibilities for the financial reporting process, the system of internal control, the audit process, and the company's process for monitoring compliance with laws and regulations and the code of conduct. AUTHORITY The audit committee has authority to conduct or authorize investigations into any matters within its scope of responsibility. It is empowered to: Appoint, compensate, and oversee the work of any registered public accounting firm employed by the organization. Resolve any disagreements between management and the auditor regarding financial reporting. Pre-approve all auditing and non-audit services. Retain independent counsel, accountants, or others to advise the committee or assist in the conduct of an investigation. Seek any information it requires from employees-all of whom are directed to cooperate with the committee's requests-or external parties. Meet with company officers, external auditors, or outside counsel, as necessary. COMPOSITION The audit committee will consist of at least three and no more than six members of the board of directors. The board or its nominating committee will appoint committee members and the committee chair. Each committee member will be both independent and financially literate. At least one member shall be designated as the "financial expert," as defined by applicable legislation and regulation. MEETINGS The committee will meet at least four times a year, with authority to convene additional meetings, as circumstances require. All committee members are expected to attend each meeting, in person or via tele- or video-conference. The committee will invite members of management, auditors or others to attend meetings and provide pertinent information, as necessary.
    [Show full text]
  • 2020 Conversations with Audit Committee Chairs
    2020 Conversations with Audit Committee Chairs February 2021 This document represents the views of PCAOB staff and not necessarily those of the Board. It is not a rule, policy, or statement of the Board. The PCAOB does not set standards for, or provide authoritative guidance on, audit committee conduct. 2020 Conversations with Audit Committee Chairs This document summarizes the feedback we OVERVIEW received in each topic area. Please note that the PCAOB does not necessarily endorse what The Public Company Accounting Oversight we heard from audit committee chairs. Rather, Board (PCAOB) views engaged and informed we present this summary in an effort to provide audit committees as effective force multipliers greater transparency into these important in promoting audit quality and believes that conversations. the PCAOB and audit committees jointly benefit from our ongoing dialogue. Continuing with the expanded engagement we launched in 2019, we again reached out to the audit 2020 Inspections committee chairs of most of the U.S. public companies whose audits we inspected during by the Numbers 2020 and offered them the opportunity to speak with our inspection teams. In total, we Number of audit spoke to nearly 300 audit committee chairs. firms reviewed by our inspectors, In addition to the effects of the COVID-19 219 which includes: pandemic on the audit, we discussed three core topics during our conversations: y 11 U.S. firms with more than 100 issuer audit clients; y The auditor and communications with the audit committee; y 103 U.S. firms with 100 or fewer issuer audit clients; y New auditing and accounting standards; and y 66 U.S.
    [Show full text]
  • Audit Committee Charter
    AUDIT COMMITTEE CHARTER I. PURPOSE The primary functions of the Audit Committee are to assist the Board of Directors in fulfilling its oversight responsibilities by reviewing: the financial reports and other financial information provided by the Partnership to any governmental body or the public; the Partnership’s systems of internal controls regarding financial, accounting, legal compliance and ethics that management and the Board have established; and the Partnership’s auditing, accounting and financial reporting processes generally. Consistent with this function, the Audit Committee should encourage continuous improvement of, and should foster adherence to the Partnership’s policies, procedures and practices at all levels. The Audit Committee’s primary duties and responsibilities are to: • Serve as an independent and objective party to monitor the Partnership’s financial reporting process and internal controls system. • Select, monitor, evaluate and, where appropriate, replace the independent auditors (which shall be a registered public accounting firm as defined under the Sarbanes-Oxley Act of 2002). • Oversee the Partnership’s internal auditing department. • Provide an open avenue of communication among the independent auditors, financial and senior management, the internal auditing department and the Board of Directors. • Monitor compliance by the Partnership with legal and regulatory requirements with respect to the foregoing. The Audit Committee will primarily fulfill these responsibilities by carrying out the activities enumerated in Section IV of this Charter. The Audit Committee is responsible for the duties set forth in this Charter but is not responsible for either the preparation of the financial statements or the auditing of the financial statements. Management has the responsibility for preparing the financial statements and implementing internal controls.
    [Show full text]
  • Audit Committee Charter
    CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS OF TRUIST FINANCIAL CORPORATION AND TRUIST BANK Purpose The Audit Committee (the “Committee”) is a joint committee appointed by the Boards of Directors (collectively and/or individually for the respective corporation, as the case may be, the “Board”) of Truist Financial Corporation and Truist Bank (collectively and/or individually herein, as the case may be, the “Corporation”) to assist the Board in monitoring: (i) the integrity of the financial statements of the Corporation; (ii) the compliance by the Corporation with legal and regulatory requirements; (iii) the independent auditor’s qualifications and independence; (iv) the Corporation’s internal controls and procedures; and (v) the performance of the Corporation’s internal audit function and the Corporation’s independent auditors. The Committee shall also prepare the disclosure required by Item 407(d)(3)(i) of Regulation S-K. While the Committee has the responsibilities and powers set forth in this Charter, it is not the duty of the Committee to plan or conduct audits or to determine that the Corporation’s financial statements and disclosures are complete and accurate and are in accordance with generally accepted accounting principles and applicable rules and regulations. These are the responsibilities of management and the independent auditor. Committee Membership The Committee members and its Chair are appointed annually by the Board, on the recommendation of the Nominating and Governance Committee of the Corporation, and may
    [Show full text]
  • Audit Committee Charter Amended and Restated September 15, 2020
    PSEG AUDIT COMMITTEE CHARTER AMENDED AND RESTATED SEPTEMBER 15, 2020 Committee Role and Organization The Audit Committee (the “Audit Committee” or the “Committee”) of the Board of Directors (the “Board”) of Public Service Enterprise Group Incorporated (the “Corporation”) assists the Board in fulfilling its responsibility for oversight of the integrity of the Corporation’s financial statements, and the quality and integrity of the accounting, auditing and financial reporting practices of the Corporation. The Audit Committee’s responsibilities also include: assisting the Board in its oversight of the Corporation’s compliance with legal and regulatory requirements; assessing the independence and qualifications of the independent auditor; and assessing the performance of the independent auditor, the internal audit function and the internal ethics and compliance function. The Committee shall have open and free access to all information, may require any officer or employee of the Corporation or its subsidiaries to furnish it with information, documents or reports that it deems necessary or desirable to carrying out its business, and is empowered to investigate any matter involving the Corporation or its subsidiaries. The Committee may retain appropriate resources to assist in the discharge of its responsibilities. The Audit Committee shall consist of three or more independent Directors who are in compliance with the financial literacy requirements of the New York Stock Exchange, including at least one member with accounting or related financial management expertise, and at least one member who is an audit committee financial expert in accordance with the Securities and Exchange Commission (SEC) requirements. Each member shall be free of any relationship that, in the opinion of the Board, would interfere with his or her individual exercise of independent judgment, or that would render such member not to be independent under applicable law.
    [Show full text]