INTRODUCTION

Each audit committee is unique and must be responsive to the specific company environment. In general, most
committees formally meet with the internal and external auditors at least twice during the year and often more
frequently. Both groups, along with management, are often in attendance at audit committee meetings. The ten
areas listed in this document offer an overview of what typically encompass the most common audit committee
responsibilities. Leading practices related to carrying out these responsibilities are set forth in this exhibit. The
effectiveness of these practices and the overall committee will be heavily influenced by:
• Committee Mindset: The overall committee mindset for listening and balancing a proactive approach to
committee responsibilities with management’s role.
• Relationships: The quality of committee, management and internal and external auditor relationships and the
resulting level of mutual trust, confidence and respect.
• Understanding the Business: The committee time and effort devoted to fully understand the company’s
business.
• Information: The quality and focus of information made available to the committee.
• Communications: The timeliness and candor of communications among all important parties.

IMPORTANT AUDIT COMMITTEE RESPONSIBILITIES

Develop an Effective Audit Committee Charter/Mandate

The audit committee has a written charter, tailored to the company environment, clearly indicating committee
duties and responsibilities. This charter is carefully reviewed and approved by the board of directors and
periodically challenged and updated by the committee board.

Leading Practices (Key Performance Indicators)

• Define the background and experience requirements for committee members.
• Define the committee’s authority and specific responsibilities, particularly those relative to business and
financial risk identification and related controls, compliance with laws and regulations and oversight of internal
and external audit activities.
• Set guidelines for the committee’s relationships/meetings with members of the management team,
internal/external auditors, and others, as appropriate.
• Set the frequency and general timing of meetings, allowing adequate time for preparation of substantive
reporting to the full board.
• Define the committee’s accountability and reporting requirements to the board and to the shareholders.
• Provide the authority for access to internal and external resources as the committee may require.
• Review the charter with, and obtain input from, appropriate members of management, auditors and counsel.

Selecting, Orienting and Updating Audit Committee Members

The size of the audit committee is typically three to five independent directors. Members and the committee
chairman are appointed by the board or nominating committee. The committee’s knowledge and effectiveness are
enhanced by a strong orientation program for new members, timely access to focused relevant information and
adequate meeting time for discussion and sharing of views.

Leading Practices (Key Performance Indicators) – Selection of Members

2 Source: www.knowledgeleader.com
• Maintain committee continuity but also provide a fresh perspective through the selection process.
• Look for certain key qualities in candidates, including:
− Knowledge of the company’s industry segment.
− Good listener, inquisitive and tough-minded.
− Financial reporting or auditing background (in at least one member).
− Experience in business and financial risk management.
− International background and experience, if applicable.
− Available time to serve.
• The committee chairman should meet with potential candidates to discuss roles, responsibilities, levels of
interest and qualifications.
• Select a chairman who is knowledgeable of the duties and responsibilities of the position, has the requisite
industry business, financial, and leadership skills, and is a good builder of relationships.

Leading Practices (Key Performance Indicators) – Orienting and Updating Members

New Members
• Meet with committee chairman and jointly agree on specific orientation and education needs.
• Receive tailored information about the company’s:
− Business and industry.
− Key business and financial risks and risk control processes.
− Important legal and regulatory requirements.
− Code of ethical conduct.
• Meet with CEO/CFO and, as necessary, internal/external auditors, to get the background on key business and
financial risks, accounting principles and other relevant matters.

All Members
• Routinely receive highly focused information about:
− Important, relevant industry issues, developments and trends.
− Key financial and other performance indicators.
− Significant and relevant proposed changes in financial reporting and regulatory requirements.
− Other ongoing business risk matters as determined by the committee.
• Participate, over time, in in-depth discussions of business process to manage risk:
− Risk management.
− Regulatory compliance.
− Company-specific “vital few” key processes.
• Individual committee members selectively make periodic visits to new or troubled locations, meet with local
management and report to the full committee.
• Attend relevant outside seminars and share information at subsequent committee meetings.

Influencing The Overall Corporate “Tone” for Quality Financial Reporting, Sound
Business Risk Controls and Ethical Behavior.
The committee strongly influences the overall company financial reporting and regulatory compliance
environment. This influence is apparent in the committee charter. More importantly, relationships and
communications with management and the full board reflect beyond the “form” to the committee member attitudes
and substance of their role.

3 Source: www.knowledgeleader.com
Leading Practices (Key Performance Indicators)
• Be visible – communicate the committee’s role and expectations in a positive, constructive light to relevant
groups within the company and in relevant internal publications.
• Meet periodically with key management, internal and external auditors and compliance staff to understand the
company control environment and important regulatory issues.
• Assess management’s attitude toward the internal audit function.
− Consider input from operating management.
• Review, approve and continuously assess the code of ethical conduct.
• Review and assess the company’s processes for administering a code of ethical conduct, disseminating and
explaining it to all employees, providing relevant employee training, monitoring compliance and enforcing
disciplinary actions.
• Maintain ongoing interaction with management.
− Encourage senior management to involve other management team members in committee meetings to
more fully understand committee values.
• Report to shareholders annually on committee responsibilities and activities.

Planning and Conducting Committee Meetings and Agendas.

The committee effectively uses valuable meeting time through solid planning by the chairman, advance
distribution of relevant materials/information, and a highly focused agenda. The relevance, value and overall
quality of each meeting is benefited by a proactive chairman, and pre-meeting discussions with management and
other meeting participants to assure proper focus, meeting time allocation and necessary actions.

Leading Practices (Key Performance Indicators)

• Meet annually, outside normal meeting times, with management and internal/external auditors to:
− Clearly agree on mutual expectations.
− Agree on an annual detailed plan of committee activities.
− Agree on nature, extent and timing of committee information needs.
• Chairman review and agree upon meeting agenda in advance of distribution to committee members and
others.
• Distribute meeting agenda and selective and focused pre-read materials at least one week in advance of
meetings.
• Manage meeting agenda to assure:
− Significant time for committee member questions and open dialogue.
− A focus on discussion of important business and financial risks and related controls, qualitative aspects of
financial reporting and potential future issues.
− Adequate time for regular, private, committee-only discussions with internal and external auditors.
− Substantive discussion of “required” external auditor communications.

Reviewing the Internal and External Auditors’ Risk Assessments and Overall Audit
Plans.
The audit committee reaches a common understanding with management and auditors about the company’s
business risk management process, key business and financial risks and related controls. The committee
understands the focus of the internal and external audit plans, the logic behind such planning, and provides
appropriate input based on committee member insight and experience.

4 Source: www.knowledgeleader.com
Leading Practices (Key Performance Indicators)
General
• Review and assess the company’s business risk management process with management and internal/external
auditors.
• Review and assess internal/external auditors’ responsibility for detecting accounting and financial reporting
errors, fraud and defalcations, illegal acts and non-compliance with the corporate code of conduct and
regulatory requirements.
• Monitor the coordination of internal/external audit efforts, focusing on solid audit coverage of key business and
financial risk areas and related risks and controls, without duplication of effort.

External Audit
• Review the overall scope and focus of the annual audit.
− Consider input from management and internal audit.
◦ Request expansions, as appropriate.
• Review and assess audit scope and level of auditor responsibility regarding unaudited quarterly or other
interim-period information.
• Review and understand the auditors’ assessment of financial statement materiality.

Internal Audit
• Review and approve the internal auditors’ charter and relate to committee expectations.
• Review the process for establishing the annual internal audit plan and the focus on risk.
• Review and assess the annual audit plan with management and internal auditors, recognizing the need to
balance financial and operational auditing.
− Ask for input from external auditors.

Risks and Controls – Monitoring Company Processes for Management’s Identification

and Control of Key Business, Financial and Regulatory Risk.
The committee thoroughly understands the company’s key business and financial reporting risks and focuses on
the reasonableness of control processes to manage such risks.

Leading Practices (Key Performance Indicators)

• Periodically review the adequacy of the company’s overall control environment.
− Consider views of management, auditors and others, as appropriate, with particular emphasis on:
◦ Management’s attitudes about controls.
◦ Key policy matters, documentation and internal communication.
◦ Adequacy of key management and audit committee information, particularly key performance indicators.
◦ Focus and timeliness of financial and other information for management and the board.
◦ Timeliness and substance of management response to important internal/external auditor control
recommendations.
• Meet with management and internal/external auditors to fully understand and assess management’s response
(and auditors’ views) to controlling important key risk situations.
− Focus very specifically on the adequacy of key controls over those vial few risks considered to be, currently
or in the future, more significant and likely to occur.

5 Source: www.knowledgeleader.com
• Inquire of management and auditors about the “root causes” of any significant year-end financial adjustments
with a focus on the need to improve financial controls and the reliability of interim reporting.

Financial Reporting – Monitoring the Integrity and Quality of Annual and Interim
Financial Reporting to Stakeholders.
The committee reviews all annual and interim financial reports to stakeholders with particular emphasis on the
accuracy and completeness of information and key disclosures, changes from prior reporting periods, and
important judgment questions impacting the overall integrity of this information.

Leading Practices (Key Performance Indicators)

• Establish appropriate processes and protocols for the timing, and extent of the committee’s review of financial
information, including the quality of disclosures (e.g., press releases, broker and institutional investor briefings,
interim reports, statutory filings, annual report).
• Each company is unique.
− However, committee members generally review the annual and quarterly reports before release.
− Consider:
◦ The current and prospective financial health of the company.
◦ The depth and quality of the company’s processes for managing reviews of this information.
◦ The degree of involvement of the internal and external auditors before financial information is released.
◦ The nature, and perceived magnitude, of risks involved in disclosure issues.
◦ The company’s history and experience regarding accuracy and completeness of financial reports.
• Review and approve important company accounting principles, and changes therein, and the method of
application in both annual and interim financial reports.
• Assess alternative accounting principles proposed or considered.
• Meet with management and external auditors to fully understand and assess all key financial statement issues
and risks, the impact or potential future impact on reported financial information, the processes used by
management to address such matters, and the basis for auditors’ conclusions.
• Consider, in particular:
− Important management judgments and accounting estimates.
− Unusual transactions, including matters which involve related parties.
− Asserted and unasserted litigation and claims.
− Instances of noncompliance or possible noncompliance with laws and regulations.
• Review and assess the results of governmental or other regulatory audits.
• Discuss auditors’ views on the overall quality of the company’s internal and external financial reporting,
including:
− The “appropriateness” of important accounting principles, particularly revenue recognition and asset
valuation.
− Comparison with industry or other peer company practices.
− Annual report – “management discussion and analysis”.
• Understand and assess company processes and policies for communication with institutional investors,
analysis and brokers.
• Review quarterly teleconference communications between management and the investor community (audit
tapes are made available to committee members as a common practice).
• Meet periodically with the company officer responsible for investor relations.
− Understand the investor community’s overall views and concerns about the company.

6 Source: www.knowledgeleader.com
Compliance – Monitoring Compliance with the Corporate Code of Conduct and
Regulatory Requirements, and Reviewing and Assessing Conflicts of Interest and
Related-Party Transactions.
The audit committee understands the overall environment, relevant laws and regulations of particular significance
to the company, and the company program to provide reasonable assurance of compliance. The audit committee
acts, as designated in the charter, on illegal acts, reported conflicts of interest and related-party transactions.

Leading Practices (Key Performance Indicators)

• Interact with the CEO, CFO, compliance officer and others, as appropriate, to review and understand the laws
and regulations having the most significant impact on the company.
• Meet periodically with counsel to understand changing regulations, the potential impact on the company and
management’s control response.
• Review and assess compliance monitoring programs in place within the company.
− Consider input of auditors, counsel and compliance officers, as appropriate.
• Review and assess auditors’ responsibility for detecting noncompliance with the code of conduct and
regulatory requirements, and for detection of illegal acts.
• Noncompliance – Obtain periodic updates from counsel and other parties responsible for monitoring
compliance with laws, regulations and code of conduct and review management disposition of all instances of
noncompliance.
• Review/assess and approved significant conflict-of-interest and related-party transactions, as well as current
violations and issues, if any.
• Taxes – Meet periodically with those responsible for income tax and other significant tax-related compliance.
− Periodically meet with external tax advisors to review, understand and assess important tax issues and
related judgments.
• Monitor audits/examinations by governmental or other regulatory agencies.

Assessing Internal and External Auditor Performance

The audit committee periodically focuses on the performance of internal and external auditors and their
responsiveness to committee needs and expectations. The committee recommends external auditor selection or
reappointment to the board of directors/shareholders.

The external auditor’s role, in a publically held company, is to serve the shareholders through the board of
directors and audit committee. The internal auditor’s role also includes reporting and assistance to the audit
committee.

Leading Practices (Key Performance Indicators)

• Maintain a direct line of communication with internal and external auditors, including periodic informal contact
by the committee chairman.
• Understand the role of the other partners (tax, concurring, advisory) involved in the external audit, and request
their periodic involvement at audit committee meetings.
• Committee chairman meets periodically with management and internal and external auditors to review and
agree on mutual expectations.
• Annually request management and committee member views on internal and external audit performance
against committee criteria and expectations.
• Set aside time, at least annually, to discuss and assess overall auditor effectiveness, objectivity and
independence.
− Review committee assessment with management.

7 Source: www.knowledgeleader.com
• Review the nature of all services performed by external auditors and the potential impact, if any, on the
independence of the external auditors.
− Consider relative magnitude of fees and the engagement personnel involved.
• Committee chairman meets annually with internal and external auditors and reviews committee overall
performance assessment.
• Recommend the external auditor selection or reappointment to the board of directors/shareholders.
• Concur with the external audit fee arrangements while gaining reasonable assurance of a complete audit.

Assessing Audit Committee Performance

The committee periodically assesses its own performance, considering the effective use of committee time,
responsiveness to the board-approved charter, and the effectiveness of relationships and communications with
management, auditors and the full board.

Leading Practices (Key Performance Indicators)

• Solicit informal feedback from the board, CEO, CFO, CAE and external auditors on specific opportunities to
improve overall committee effectiveness.
• Complete a self-assessment process at least every two years and review the results with the board of
directors, top management and auditors.
• Assess the contribution and performance of individual committee members (this should be done periodically by
the committee chairman) for review with the chairman of the board and the CEO.
• Consult with external auditors, internal auditors and others on how audit committee best practices relate to
committee practices, and institute appropriate change.

8 Source: www.knowledgeleader.com