Deloitte brief on audit committees
I have been impressed by Deloitte’s contribution to discussions about risk management, in particular their “Risk Intelligence” series.
Now the firm has published an “Audit Committee Brief” that truly makes their risk management thought leadership shine in contrast. The document is truly brief: on new or interesting information.
So the question is then what should guidance to audit committees in 2012 include?
Here are some thoughts:
1. As the role of the audit committee changes, it is not acceptable for the committee to “stand pat” with the same practices, composition, agenda, attendees, etc. Together with the governance committee and with guidance from counsel and internal audit, it should regularly assess its abilities against its needs and adapt as necessary.
2. Maybe it is expecting too much from the accounting and consulting firms, like Deloitte, to provide expert guidance outside financial reporting. While that remains important, arguably the unpleasant surprises will come from other areas where the audit committee provides oversight. I would look to counsel and internal audit to be watchful for valuable thought leadership and guidance from other sources, sharing as appropriate with the members.
3. I would be mindful of the need to manage overlap between committees. In particular, I like the idea that at least one of the audit committee members would be a member of any risk committee, compliance or ethics committee, etc.
4. As technology becomes even more critical, I would make sure that the audit committee is capable to challenge management not only about risks related to technology, but also the opportunity presented by it. For example, does management have the information it needs, when it needs it, in a useful form, to run the business effectively?
What would you like to see included in thought leadership for audit committees?