You are on page 1of 27
The Audit Committee Purpose, Process, Professionalism www.theiia.org
The Audit
Committee
Purpose, Process, Professionalism
www.theiia.org
A New World of Corporate Governance Boards of directors and committees must be: – Proactive –
A New World of
Corporate Governance
Boards of directors and
committees must be:
– Proactive
– Informed
– Investigative
– Accountable
www.theiia.org
Clarifying Governance Governance is the system by which organizations are directed and controlled. It includes the
Clarifying Governance
Governance is the system by
which organizations are directed
and controlled. It includes the
rules and procedures for making
decisions on corporate affairs to
ensure success while
maintaining the right balance
with the stakeholders’ interest.
www.theiia.org
The IIA Corporate Governance Model Effective Governanc e www.theiia.org
The IIA Corporate
Governance Model
Effective
Governanc
e
www.theiia.org
The Bad News • Stakes are greater • No “figure head” board members allowed • Public
The Bad News
• Stakes are greater
• No “figure head” board
members allowed
• Public trust has diminished
• Greater challenges
• More director liability
www.theiia.org
Clarifying Liability Directors need to be realistic about their personal liability under state and federal law,
Clarifying Liability
Directors need to be realistic
about their personal liability
under state and federal law,
neither exaggerating nor
ignoring their exposure.
www.theiia.org
Fiduciary Duties The duties of care and loyalty, and the expectation that directors will act in
Fiduciary Duties
The duties of care and loyalty, and
the expectation that directors will
act in good faith.
These are the primary source of
director liability under state law.
Source: Director Liability: Myths, Realities And Prevention –
National Association of Corporate Directors
www.theiia.org
Fiduciary Duties (cont.) Board members who wish to become empowered guardians and builders of corporate value
Fiduciary Duties (cont.)
Board members who wish to become
empowered guardians and builders of
corporate value must:
– Learn and follow best practices,
– avoid conflicts of interest,
– pay strict attention to board matters,
– drawing on appropriate expertise,
including their own.
Source: Director Liability: Myths, Realities And Prevention – National
Association of Corporate Directors
www.theiia.org
Director Evaluations and Qualifications • 38% of companies performed director evaluations in 2005 and 45% are
Director Evaluations and
Qualifications
• 38% of companies performed
director evaluations in 2005 and
45% are planning to do so in 2006
• 97% of companies have established
director qualifications up from 87%
in 2005
Harvard Business School
www.theiia.org
What is the AC’s Role in Governance? • Oversight of financial reporting • Risk management •
What is the AC’s Role in
Governance?
• Oversight of financial reporting
• Risk management
• Internal control
• Compliance
• Ethics
• Management
• Internal auditors
• External auditors
www.theiia.org
Committee Meetings • 52% of companies report a significant increase in the number or length of
Committee Meetings
• 52% of companies report a
significant increase in the
number or length of meetings
of the Audit Committee in the
past two years.
Harvard Business School
www.theiia.org
Tone at the Top Management, the board, and the audit committee all play critical roles in
Tone at the Top
Management, the board, and the
audit committee all play critical
roles in an organization’s tone at
the top.
www.theiia.org
Best Practices in Code-of- Conduct Oversight: Ensure: – A code of conduct has been developed, reviewed
Best Practices in Code-of-
Conduct Oversight:
Ensure:
– A code of conduct has been developed,
reviewed and updated as needed.
– All employees receive the code of
conduct, understand it, and receive
training.
– Management exhibits ethical behavior
and reported violations receive action.
www.theiia.org
Best Practices in Compliance and Ethics Oversight: Ensure: – Compliance with laws and regulations – Financial
Best Practices in Compliance
and Ethics Oversight:
Ensure:
– Compliance with laws and regulations
– Financial reporting of significant issues
– Management monitoring of program effectiveness
Staying informed and recognizing trends to ensure
appropriate action
Internal audit includes assessment of compliance
and ethics risks in their audit plan
– AC meetings with program manager to discuss key
risks, status, issues, investigations, disciplinary
action and effectiveness.
www.theiia.org
Noses In. Fingers Out. •The lines of authority for audit committees and management should be clear
Noses In. Fingers Out.
•The lines of authority for audit
committees and management
should be clear and understood.
•AC members must communicate
openly with management. They
must also challenge management as
appropriate.
www.theiia.org
Communications Checklist • Management is easily accessible. • Management reaches out to the audit committee regularly.
Communications Checklist
• Management is easily accessible.
• Management reaches out to the
audit committee regularly.
• Management answers audit
committee questions fully and
completely.
• Management provides factual
information to support responses.
www.theiia.org
Communications Checklist (continued) • Management admits not knowing an answer. • Management supports the audit committee
Communications Checklist
(continued)
• Management admits not knowing
an answer.
Management supports the audit
committee by contacting additional
resources and specialists.
Management advises the audit
committee of significant issues in a
timely manner.
Management seeks audit committee
input in advance of key decisions.
www.theiia.org
Key Issues of Concern • Financial Accuracy • Risk Management • Control Assessment • External Auditor
Key Issues of Concern
• Financial Accuracy
• Risk Management
• Control Assessment
• External Auditor Oversight
• Effective Use of Internal
Auditing
www.theiia.org
Statistics on First Full Year of Filings As of March 30, 2006 - 404 Opinions •
Statistics on First Full Year of Filings
As of March 30, 2006
- 404 Opinions
• 3710 filers
• 591 (15.9%) received adverse opinions
from their public accountants
• 90 (2.4%) of all filers restated their first
year’s Section 404 opinion; 59 (10%) of
filers with adverse opinions restated their
first year’s Section 404 opinion
Source: Section 404 Internal Control Material
Weakness Dashboard Audit Analytics
www.theiia.org
GAAP/Accounting Areas of Failure for Adverse Opinions • Tax-related issues – 32% • Revenue recognition –
GAAP/Accounting Areas of
Failure for Adverse Opinions
• Tax-related issues – 32%
• Revenue recognition – (31.3%)
• Inventory – (27.4%)
Source: Section 404 Internal Control Material
Weakness Dashboard Audit Analytics
www.theiia.org
Internal Controls Over Financial Reporting Issues – Adverse Opinions • Material year-end adjustments (53.1%) • Personnel
Internal Controls Over Financial
Reporting Issues – Adverse
Opinions
• Material year-end adjustments
(53.1%)
• Personnel issues (48.1%)
• Restatements of financials (49.6%)
Source: Section 404 Internal Control Material
Weakness Dashboard Audit Analytics
www.theiia.org
Clarifying the Value of Internal Auditing Audit committees must understand internal auditing’s role if they are
Clarifying the Value of
Internal Auditing
Audit committees must
understand internal auditing’s
role if they are to work
effectively and share a healthy
interdependence.
www.theiia.org
Understanding Internal Audit • Objectivity • Reporting structure • Risk management • Staffing • Prioritization •
Understanding Internal Audit
• Objectivity
• Reporting structure
• Risk management
• Staffing
• Prioritization
• Adding Value
www.theiia.org
Asking the Right Questions Audit committee members must maintain an in-depth understanding of internal audit best
Asking the Right Questions
Audit committee members must
maintain an in-depth understanding
of internal audit best practices and
how internal audit is functioning.
www.theiia.org
Consider… How does the audit committee live up to its significant governance responsibilities and meet the
Consider…
How does the audit committee
live up to its significant
governance responsibilities
and meet the high expectations
of shareholders and other
outside parties?
www.theiia.org
Charting the Course An audit committee charter is a blueprint for its operation and should address:
Charting the Course
An audit committee charter is a
blueprint for its operation and
should address:
– Processes
– Procedures
– Responsibilities
www.theiia.org
For More Information on Audit Committees and Governance • • IIA website www.theiia.org/go?to=audit committee Research/Publications –
For More Information on
Audit Committees and
Governance
IIA website www.theiia.org/go?to=audit committee
Research/Publications
– Audit Committee Effectiveness: What Works Best
– Tone at The Top (corporate governance newsletter)
– The Professional Practices Framework
– The IIA Bookstore
Guidance
– Audit Committee: Purpose, Process, Professionalism
– Audit Committee: Discussions on Performance (self-assessment)
– 20 Questions Directors Should Ask About Internal Audit
www.theiia.org