Home > Risk > According to a KPMG study, Audit Committees, Risk Management and Internal Audit need to Shape Up!

According to a KPMG study, Audit Committees, Risk Management and Internal Audit need to Shape Up!

January 29, 2013 Leave a comment Go to comments

KPMG’s latest Global Audit Committee Survey, published this month has a number of messages. You can refer to a summary by NACD’s Directorship for some of the highlights.

Here are some excerpts that caught my attention, with my comments:

  • While 37% said their risk management program is “robust and mature”, 45% said the program requires “substantial work” while 14% don’t have a program nor plans to implement one
    • Given that few boards have a good understanding of risk management, I suspect that the 37% are highly optimistic in their assessments. The KPMG survey said that 48% of boards are effective in their oversight of risk. I doubt that many boards are as effective as they think they are
  • Only 31% felt that their risk management program was dynamic enough to cope with a rapidly changing risk environment
  • The quality of risk-related information continues to be an area of concern
  • Only 52% were satisfied that management has identified the significant risks to its business/growth plans and has implemented appropriate controls to monitor those risks
    • It is interesting to note that KPMG only asked about “monitoring” the risks, not about acting to manage the risks
  • 38% were less than confident that their financial statements presented an “understandable” picture of the company’s position
  • Fewer than half of the 1,800 respondents are satisfied that internal audit delivers the value to the company it should (45%), and that the internal audit plan properly focuses on the “critical risks to the enterprise” (49%)
  • Only 38% perform a formal and comprehensive assessment of the external auditor’s performance

Overall, there is a lot of good content in the study, and I recommend a careful and thoughtful read.


  1. How does your organization rate in these areas?
  2. What are you doing about it?
  1. January 30, 2013 at 3:15 AM


    Useful as ever. It is true that the internal audit profession has some way to go to deliver on its promise. It is young compared to the 19th century accounting industry however. It would help if those responsible for internal audit made some effort to understand what it was and how it does it. Too often audit committee membership is dominated by external financial statements auditors. They think in those terms. Also look at the disparity of resource. Internal audit has to provide assurance over the whole control environment yet external financial statements auditors often get the same resource to provide assurance over one document. Is it any wonder that there is such a disparity of satisfaction, therefore?

  2. John
    February 4, 2013 at 4:12 AM

    Would agree with the above. Focus for a large number of Boards is the actual external audit -sometimes the Internal Audit is an evil necessity. There is also a lack of understanding of the internal audit function and the expectation that all internal audits should be clear – no tolerance for error. In my experiece this is totally incorrect and internal audit should be used to deliver improvements through remediation. I believe if your internal audit team is not finding issues you have a weakness in your internal audit team – I have yet to work for the perfect organisation.

  3. Norman Marks
    February 4, 2013 at 8:38 AM

    Many have been blasting KPMG for this piece of research, implying that they are not in a position to advise others.

    Personally, I fully understand that the firms, including KPMG, do this work to generate interest in their services.

    But, in the process they contribute to the improvement of practices and theory – if not through the studies themselves then through the discussions they stimulate.

    If we are to criticize the firms, then let’s do it when their work is without value.

  1. February 25, 2013 at 6:40 AM

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: