audit committee self-assessment guide.pdf
TRANSCRIPT
-
7/28/2019 Audit Committee Self-Assessment Guide.pdf
1/14
4th Edition
Audit Committee EffectivenessWhat Works Best
Prepared by
Principal Authors
Catherine L. Bromilow, CPA
Donald P. Keller, CPA
Project Manager
Garret K. Tripp, CPA, CFE
Sponsored by
IIA-Chicago Chapter
IIA-Philadelphia Chapter
Copyright 2011, The IIA Research Foundation
Reprinted with permission
-
7/28/2019 Audit Committee Self-Assessment Guide.pdf
2/14
Disclosure
Copyright 2011 by The Institute o Internal Auditors Research Foundation (IIARF), 247Maitland Avenue, Altamonte Springs, Florida 32701-4201. All rights reserved. No part o thispublication may be reproduced, stored in a retrieval system, or transmitted in any orm by any
means electronic, mechanical, photocopying, recording, or otherwise without prior writtenpermission o the publisher.
The IIARF publishes this document or inormational and educational purposes. This document is
intended to provide inormation, but is not a substitute or legal or accounting advice. The IIARFdoes not provide such advice and makes no warranty as to any legal or accounting results throughits publication o this document. When legal or accounting issues arise, proessional assistance
should be sought and retained.
The Institute o Internal Auditors (IIAs) International Proessional Practices Framework (IPPF)comprises the ull range o existing and developing practice guidance or the proession. The IPPF
provides guidance to internal auditors globally and paves the way to world-class internal auditing.
The mission o The IIARF is to expand knowledge and understanding o internal auditing by
providing relevant research and educational products to advance the proession globally.
The IIA and The IIARF work in partnership with researchers rom around the globe who conductvaluable studies on critical issues aecting todays business world. Much o the content presented
in their nal reports is a result o IIARF-unded research and prepared as a service to The Foun-dation and the internal audit proession. Expressed opinions, interpretations, or points o view
represent a consensus o the researchers and do not necessarily refect or represent the ocialposition or policies o The IIA or The IIARF.
ISBN 978-0-89413-708-26/11
First Printing
Copyright 2011, The IIA Research Foundation
Reprinted with permission
-
7/28/2019 Audit Committee Self-Assessment Guide.pdf
3/14
Appendix A | Audit Committee Self-assessment Guide | 11
The ollowing guide summarizes leading auditcommittee practices discussed in this report. Youmay use it to help assess your audit committeesperormance and identiy changes to consider in
your processes. Audit committees may also nd itbenecial to obtain eedback rom management,the internal audit director, general counsel, and theexternal auditors on committee perormance.
Appendix A
Audit Committee Self-assessment Guide
Characteristics of Effective Audit Committees Comments and Follow-up Actions(including any personal plans)
Financial Reporting and Disclosures
Your committee:Adequately understands the companysbusiness and the industryin which it operates
Is satised the company adequatelyaddressesthe risk that the nancial statements maybe materiallymisstated, intentionally orunintentionally
Understands how management and theexternal auditors evaluate materiality, both
quantitativelyand qualitatively, or nancialreporting purposes
Assesses reasonableness and appropriatenessocritical accounting policies the companyollows, discussing with management andexternal auditors
Reviews the reasons or and implicationsochanges in accounting principles made
at managements discretion, understandingstakeholders potential reaction beore approving
Scrutinizes areas involving managementestimates that have a material impact onthe nancial statements and understands thereasonableness o the underlying assumptionsand whether the amount recorded is closer to theconservative or aggressive end o the spectrum
Copyright 2011, The IIA Research Foundation
Reprinted with permission
-
7/28/2019 Audit Committee Self-Assessment Guide.pdf
4/14
113 | Audit Committee Effectiveness What Works Best
Characteristics of Effective Audit Committees Comments and Follow-up Actions(including any personal plans)
Discusses with managementsubstantivereasons orsignifcant changes in the nancial
statements between reporting periods androm budget ensuring explanations areconsistent with understandingo the companys
perormance
Reviews with management transactions thatare unusual, complex, or have increased
volume near period ends and their accountingtreatment, evaluating appropriateness andconsistencywith members knowledge othe company
Understands managements process to identiyany signicant related party transactions thatoccur during a reporting period and is satised
with the related disclosures
Reads annual fnancial statements, assessingtheir completeness and consistencywithoperational and other inormation known tomembers and discussing also with managementand the external auditors
Reviews interim fnancial statements andrelated disclosures, understanding consistency
with annual reporting, beore flingwithregulators
Understands and is comortable withpressreleases and otherfnancial inormation (e.g.,earnings guidance, orward-looking inormation,inormation or rating agencies) routinelydisclosed by the company, including separatereporting ospecial items or non-GAAPdisclosures
Reads, beore publication, narrative reportingand related inormation, ensuring consistency
withfnancial statements, completeness,and appropriate transparencyor issues suchas liquidity and fnancing needs
Copyright 2011, The IIA Research Foundation
Reprinted with permission
-
7/28/2019 Audit Committee Self-Assessment Guide.pdf
5/14
Appendix A | Audit Committee Self-assessment Guide | 11
Characteristics of Effective Audit Committees Comments and Follow-up Actions(including any personal plans)
Discusses audit results with external auditors,considering managements handling o corrected
or uncorrected misstatements
Meets periodically with counsel to discusslitigation, claims, contingencies, or other
signifcant issues and their impact on thenancial statements
Understands how management captures allrelevant inormation in the nancial statements,
including how the management disclosurecommittee unctions
Reviews any correspondence between thecompany and regulators regarding nancialstatement lings and disclosures
Considers the impact o any identiedsubsequent events on nancial disclosures
Risk Management and the System
o Internal Control
Your committee:Is comortable with the eectiveness o thecompanys risk management process
Clearlyunderstands and agrees with the board
onwhich o the key risks likely those coveringnancial reporting and compliance with lawsand regulations it oversees on behal o theboard. Agrees with the board on thespecifc scopeo the committees oversight responsibilities ormonitoring risks.
Copyright 2011, The IIA Research Foundation
Reprinted with permission
-
7/28/2019 Audit Committee Self-Assessment Guide.pdf
6/14
115 | Audit Committee Effectiveness What Works Best
Characteristics of Effective Audit Committees Comments and Follow-up Actions(including any personal plans)
Reviews the approach to and extent ointernal control testing by management,
internal audit, and external auditors andhow the testing supports any related reportingthe company does
Discusses with management, internal audit,and external auditors their observations, issues,andfndings on internal control eectiveness.Understands anysignifcant or material control
weaknesses as well as managements plans toremediate anycontrol defciencies.
Reads managements external reports on theeectiveness o internal control and/or riskmanagement and any related reports romexternal auditors
Understands whether compensation incentivescould create risk or nancial reporting
Understands any actors that increase fnancialreporting raud risk and how managementaddresses the risk
Understands the risks obriberyand corruptionand how management is minimizing those risks
Culture and ComplianceYour committee:Evaluates the tone at the topand thecompanys culture, understanding their relevanceto nancial reporting and compliance
Copyright 2011, The IIA Research Foundation
Reprinted with permission
-
7/28/2019 Audit Committee Self-Assessment Guide.pdf
7/14
Appendix A | Audit Committee Self-assessment Guide | 11
Characteristics of Effective Audit Committees Comments and Follow-up Actions(including any personal plans)
Understands the eectiveness o the companysprograms or ensuring compliance with laws
and regulations, considers anysignifcantcompliance issues identied, and is satised
with managements actions
Ensures management has an appropriate codeo conduct. Makes sure that managementprovides the code, along with related training,to employees and periodically requires employeesto certiytheir compliance.
Is satised that the companys ethics and
conduct policies properly address culturallyor regionally sensitive issues
Sees that appropriatesupport channelsare available to help employees addresscompliance and ethics issues
Meets periodicallywith internal audit,
general counsel, the compliance ofcer,and management, among others, to discusssensitive issues
Ensures procedures are in place to receive, retain,and address complaints regarding accounting,internal controls, or auditing matters. Considersthe potential impact and resolution o anysignicant issues raised through thewhistleblowerprogram.
Oversight o Management and Internal Audit
Your committee:Maintains aproductive relationship withmanagement through open lines o communica-tion and candid, continual dialogue, includingbetween committee meetings
Copyright 2011, The IIA Research Foundation
Reprinted with permission
-
7/28/2019 Audit Committee Self-Assessment Guide.pdf
8/14
117 | Audit Committee Effectiveness What Works Best
Characteristics of Effective Audit Committees Comments and Follow-up Actions(including any personal plans)
Strikes the right balance between advisingmanagement and monitoringmanagement and
is ready to increase its engagement i changesin circumstances warrant
Ensures management obtains the auditcommittees input beore making key decisions
Assesses senior nance managementsperor-mance and competence, obtaining eedback rom
internal audit and external auditors
Monitorssuccession plans or the CFO andsenior nance team members
Involves management appropriately inmeetings and ensures emphasis on discussion,
not presentation
Meets privatelywith management on aregular basis
Builds a trusting relationship with internalaudit that includes candid and continual
communication between meetings, acilitatingability to raise sensitive issues
Ensures the role internal audit plays meetsthe committees needs or assurance andprovidesvalue to management
Copyright 2011, The IIA Research Foundation
Reprinted with permission
-
7/28/2019 Audit Committee Self-Assessment Guide.pdf
9/14
Appendix A | Audit Committee Self-assessment Guide | 11
Characteristics of Effective Audit Committees Comments and Follow-up Actions(including any personal plans)
Approves internal audits charter and reviewsannual plans and anysignifcant changes
ensuring appropriate coverage o risks andcoordination o work with external auditors
Ensures internal audit has adequate resourcesand budget, including quality and continuityosta, with ability to supplement skillsas needed
Discussessignifcant internal auditfndings,reported to the committee at an appropriately
summarized level, as well as thestatus omanagements remediation actions
Ensures internal audit reports directlyto thecommittee, as well as to an appropriately
senior position within the company, promotinginternal audits stature and objectivity
Plays a central role in appointingor replacingthe internal audit director, evaluatinghis or
herperormance and determining compensation
Evaluates internal auditsperormance andoperational independence by weighing results oany quality control reviews as well as eedbackrom management and external auditors
Meets privatelywith the internal audit directoron a regular basis
Relationship with External Auditors
Your committee:Builds a trustingandproessional relationship
with external auditors, ensuring open lines ocommunication
Copyright 2011, The IIA Research Foundation
Reprinted with permission
-
7/28/2019 Audit Committee Self-Assessment Guide.pdf
10/14
119 | Audit Committee Effectiveness What Works Best
Characteristics of Effective Audit Committees Comments and Follow-up Actions(including any personal plans)
Drives theselection, oversight, and evaluationo external auditors, obtaining managements
and internal audits input and consideringreplacement when appropriate
Ensures external auditors independence bypreapprovingaudit and nonauditservices,understanding impact o ees, and evaluatingtype ononaudit services
Reviews the external audit scope, understandingrisk coverage and signicant plan changes
Receives inormation required to becommunicated under auditingand regulatory
standards and seeks insight on how thecompanys practices compare to those o peers
Reviews managements representationletters to the auditors and inquires about any
nonstandard representations
Understands anydisagreements betweenthe auditors and management and determines
whether outside advice is needed or resolution
Understands managements rationale orusing other audit frms or audit work or
other services
Meets privatelywith external auditors ona regular basis
Copyright 2011, The IIA Research Foundation
Reprinted with permission
-
7/28/2019 Audit Committee Self-Assessment Guide.pdf
11/14
Appendix A | Audit Committee Self-assessment Guide | 12
Characteristics of Effective Audit Committees Comments and Follow-up Actions(including any personal plans)
What to Do When Things Go Wrong
Your committee:Understands any signicant identifed errors inpreviously issued nancial statements and agrees
with management conclusions regarding the needor restatement
Ensures management conducts a thoroughinvestigation to identiy and resolve all errors
Understands its role and key considerations inoverseeing investigations (or possible raudor illegal acts) and is prepared to take charge
when needed
Has authorityand makes the appropriatedecision on whether to engage outside advisors
Activelymonitors investigation progress and
ensures management captures lessons learnedand applies them in uture investigations
Is satised a crisis management plan existsand enables the company to respond quicklyand appropriately to an emerging crisis
Committee Composition
Your committee:Has its new members selected by the nominatingcommittee based onskills and attributes thecommittee needs
Considers, with the nominating committee,a need or balancing continuitywithresh
perspective when addressing member turnover
Copyright 2011, The IIA Research Foundation
Reprinted with permission
-
7/28/2019 Audit Committee Self-Assessment Guide.pdf
12/14
121 | Audit Committee Effectiveness What Works Best
Characteristics of Effective Audit Committees Comments and Follow-up Actions(including any personal plans)
Has asuccession plan or its members and chair
Has a chair who possessesstrong leadershipqualities, ability to promote eective discussionand working relationships, and time andfnancialexpertise to direct the committee appropriately
Has members whopossess critical characteristicssuch as integrity, courage, skepticism, independent
judgment, and industry knowledge and have theavailable time
Has members who are independent andpossess requisite levels ofnancial literacyand nancial expertise
Is the right size, bringing requisite knowledge,abilities, and skills to the table, yetsmall enough
to act cohesively
Meetings
Your committee:Uses ascheduling calendar to ensure it addressesall its responsibilities over the course o a year,
while balancing its workload
Holds asufcient number o meetings,
scheduled at appropriate points, to addressits responsibilities on a timely basis
Ensures meetings are oadequate length toallow the committee to accomplish its agenda,
with time toully discuss issues
Copyright 2011, The IIA Research Foundation
Reprinted with permission
-
7/28/2019 Audit Committee Self-Assessment Guide.pdf
13/14
Appendix A | Audit Committee Self-assessment Guide | 12
Characteristics of Effective Audit Committees Comments and Follow-up Actions(including any personal plans)
Plans meetings properly with the chair drivingthe agenda and members providing input
Is satised it receives appropriate advancematerial or agenda topics, providing theright inormation and insight, and that materialis received in a timelymanner and reviewedbymembers beore meetings
Requires meeting attendance by the rightindividuals, those with meaningul input on
agenda items, and limits the number oobserverswhose presence may hinder discussion
Meets in separateprivate sessions regularlywith the CFO, internal audit director, andexternal auditors and periodically withgeneralcounsel, compliance ofcer, chie risk ofcer,and other management allowingull and
rank discussion o potentially sensitive matters
Has members meet regularlyinprivatesession, allowing confdential discussiono managements and auditors perormanceand refection on other issues
Communicates eectively with managementabout issues that arise between meetings,thereby avoiding surprises
Allows time at meetings or dialogue, with thediscussion ocusing on relevant topics
Ensures minutes provide accurate descriptionso meetings, at the right level odetail, andreviews and approves them in a timely manner
Copyright 2011, The IIA Research Foundation
Reprinted with permission
-
7/28/2019 Audit Committee Self-Assessment Guide.pdf
14/14
Characteristics of Effective Audit Committees Comments and Follow-up Actions(including any personal plans)
Reports regularly to the board to discussactivities, keyissues, major recommendations,
and action plans
Supporting Committee Eectiveness
Your committee:Has awritten charter, which has been approvedby the board odirectors, that it assesses annuallyor anyupdates
Ensures annually that it has carried out allthe responsibilities outlined in its charter
Assessesperormance o the committee asawhole annually, taking decisive correctiveaction and considering improvements
Evaluates individual members perormanceregularly, considering training and other
needed support
Has proper administrative support on anongoing basis and the authorityto engageadditional resources when needed
Ensures new members receive robust orientationto enable them to understand their role and get
up to speed quickly
Ensures that all members have access tocontinuing education on business and accountingdevelopments and other matters relevant to newresponsibilities or changes in the business