Roles of audit committee

An Audit Committee does not focus solely on internal audit activities or on financial issues. Recent trends are for it to take on broader roles and responsibilities. The establishment of an Audit Committee affords the opportunity to set aside time to focus on governance, risk and control issues. The key responsibilities of an Audit Committee include: overseeing the risk management framework and processes; reviewing compliance related matters and internal controls; overseeing the relationship, appointment and work of the external and internal auditors; and reviewing the annual financial statements and recommending them for governing body approval.

As it relates to oversight of the internal audit function, the responsibilities of Committees include: ensuring that internal audit activity is structured to achieve organisational independence; ensuring the internal audit charter permits full and unrestricted access to top management, the Audit Committee and the governing body; ensuring unrestricted access by internal auditors to records, personnel, and physical properties; ensuring the function is appropriately resourced; and ensuring the function is operating effectively.

In relation to its other roles, Audit Committee responsibilities could include: review, with management, the adequacy of policies and practices for risk management and the operation of the internal control system; review, with management, the adequacy of polices and practices to ensure compliance and their ability to monitor compliance; review, with management, the adequacy of financial information presented to the governing body including the acceptability of and correct accounting treatment for and disclosure of significant transactions which are not part of the agencys normal course of business; and manage on behalf of the governing body all aspects of the relationship with the external auditors.

The audit committee can contribute to the success of internal auditors and the achievement of their value-added activities by ensuring that they have 1. Sufficient independence from management by reporting to and being held accountable to the audit committee 2. Adequate resources, competence, and focus to assess the companys operational efficiency, internal control effectiveness, ERM, and reliability of financial reports 3. Proper knowledge of the companys corporate governance, internal control, financial reporting, and audit activities 4. The mechanisms and confidence to bring forward controversial financial reporting issues 5. A process for communicating directly with the companys audit committee on a regular and timely basis 6. Access to the audit committee to discuss concerns related to management activities, financial reporting risk, and fraudulent financial reporting 7. Audit committee approval of the budget and staffing of the internal audit function.

Benefits and challenges of internal audit reporting directly to the board audit committee
Benefits
Ability to transcend all departments without fear of limitation of scope by being tied to, for example, the finance department. The board and audit committee know that the information they are receiving on the internal controls and risk management systems reflects a true description and has not been watered-down or filtered by management beforehand. The independence of the internal audit function is absolute. The funding of the internal audit function is outside the normal process of budgeting thereby allowing resources to be allocated by the assurance needs of the organisation as assessed by the board/audit committee. Enables the board/audit committee to directly and critically analyse and evaluate the internal audit function in its contribution to the fulfilment of the boards responsibility for internal controls. Reinforces the board/audit committees knowledge of the business and its risk profile when dealing with management and stakeholders.

Challenges
Internal audit may not be privy to all sources of information throughout the company if seen as outside the management structure. The chairman of the audit committee may not have allocated sufficient time, or have adequate resources/capacity to deal with the oversight of the internal audit function. It would be necessary to set up a specific charter outlining the roles and responsibilities of the board in relation to internal audit, as separate from management. For example, who would look after the HR administration, including personnel evaluations, compensation and career planning for the head of internal audit? The audit committee would be assuming more responsibility and therefore, perhaps, more liability in relation to the adequacy of the internal control and risk systems of the organisation. Potentially restricts the ability of the CEO to use internal audit as a tool to reinforce control principles, or in special projects.

prior to using IA work, what are the necessary steps that should be undertaken by external auditor when deciding whether to use or not to use the IA as part of its annual review?

i. criteria - dept's internal control environment, total resources managed by dept relative to organization as a whole ii. planning - notify dept by letter to select IA, obtain background info of IA iii. Discussion - discuss qualifications of auditors n independence of management iv. Evaluation - External auditor evaluate performance of IA by observation, inspection or inquiry with proper professional authorities. External auditors n BOD will consider quality n efficiency of services provided by IA
v. Appointment - External auditors n BOD will select the best n most qualified internal auditor