The Role of the Audit Committee
ByHave you ever wondered what an organization’s audit committee does? Are you considering whether you should add an audit committee to your board? There are many questions around the role of audit committees, but they’re not as mysterious as they may seem. Here are answers to some of the most common questions about audit committees.
What is an audit committee?
As a committee supporting a board, audit committees are valuable to organizations by helping them to understand their financial reporting systems and provide oversight of finances, internal controls, and audits. Tasks include receiving reports from the financial department, assessing the efficacy of internal controls, and soliciting and overseeing the work of external and internal auditors. One common thread of audit committee duties is oversight. To keep proper oversight within the operations of an organization, many different parties or departments may report to the audit committee – including internal departments, management, and external auditors. They provide resources that the committee can use to make informed decisions for the organization. The audit committee also hears reports from internal and external auditors and is responsible for ensuring that recommendations made by the auditors are implemented timely.
Do I need an audit committee?
Audit committees, while serving an essential purpose for the board, are not the only ones who can oversee audit processes. Audit oversight can be performed by an executive committee, finance committee, or even the board itself, though the oversight of internal and external audit functions can sometimes be cumbersome for boards with a lot of activity. Regardless of which body performs the tasks of an audit committee, all of these responsibilities should be performed by the board in some capacity to ensure proper oversight.
Who should be on an audit committee?
Audit committees are usually made up of stakeholders with different perspectives and often include financial professionals and industry experts. They should not include members of management in order to maintain independence over the audit process. The independence and professional skepticism of committee members is paramount when making decisions that may be unpopular with management but could be required to meet compliance requirements or may be beneficial to the health and longevity of the organization. The presence of bias, or even appearance of bias, can impair the independence of audit committee and board members. Training can be provided for committee members who are unfamiliar with the role of the audit committee and how it interacts with stakeholders.
How does the audit committee interact with internal and external audit?
If an organization has an internal audit function, the majority of the audit committee’s time and resources are typically dedicated to interaction with the internal audit function, including review and approval of the audit charter, hiring the chief audit executive, managing the internal audit budget, and approving the internal audit plan. The internal audit function historically has had a compliance role in many organizations, checking that processes meet the federal and state regulations, as well as the standards of other regulatory bodies. This usually results in a checklist methodology, making sure all the correct boxes are ticked. However, as the scope of internal audit functions has expanded to include support for external financial audits, establishing and testing internal controls, and more advanced organizational risk assessments, audit committees have had to keep up. Audit committees are increasingly called to oversee risk by reviewing their organization’s enterprise risk management (ERM) and becoming more involved with the internal audit function’s annual risk assessment.
A key audit committee responsibility is analysis of the information provided to the committee. Internal auditors, external auditors, and other reporting parties, bring data, results, and recommendations to the committee. It is the responsibility of the audit committee to see the bigger picture of these data points, analyze the information provided, and address the risks identified by this information. This may sound intimidating, but there is an increasing abundance of tools at the disposal of the committee, including artificial intelligence (AI) to help summarize and digest large amounts of data, metric dashboards, and audit management software. Risks are always evolving, so it is up to the audit committee and the auditors to evolve as well.
If you have any other questions or want to discuss more, contact our team today.