Good Practices of the Audit Committee

Similar documents
PULSE OF INTERNAL AUDIT Navigating an Increasingly Volatile Risk Environment.

June 2016 Issue 05/2016

Session 6C Internal audit value Developing metrics to present IA value

Leadership and Rising Stakeholder Expectations

From Dubai to Beijing

Maneuvering the Politics of Internal Auditing to Make Positive Change. Richard F. Chambers, CIA, QIAL, CGAP, CCSA, CRMA IIA President and CEO

FSB Consultative Document - Guidance on Supervisory Interaction with Financial Institutions on Risk Culture

Enhancing Audit Committee Excellences through Internal Audit. 21 November 2017

#PurposeServiceImpact IIA Global Chairman s Theme

Ms. Maridel Piloto de Noronha, PAS Secretariat Via

Joining The IIA is an investment in your career and the profession.

Implementation Guides

Whitepaper September Middle East Perspective State of the Internal Audit Profession 2016

About the Pulse of Internal Audit

Internal audit strategic planning Making internal audit s vision a reality during a period of rapid transformation

The IPPF in How changes to The IIA s guidance framework can benefit internal auditors and SAIs

IIA 2015 Worldwide survey of 15,000 internal auditors

Drive Your Career Forward IIA Certifications and Qualifications

Should boards and CEOs care about COSO ERM 2017? By Tim J. Leech

Issue 2 GLOBAL PERSPECTIVES AND INSIGHTS: Beyond the Numbers Internal Audit s Role in Nonfinancial Reporting

Response ed to

Value-Added Internal Audit: Myth or Reality?

2014 Global Council. Dubai, UAE 6-9 March 2014 DAY 2. globaliia.org

Advisory Services Governance, Risk & Compliance

LEVERAGING COSO ACROSS THE THREE LINES OF DEFENSE

THE CFO OF THE FUTURE

Issue 8. GLOBAL PERSPECTIVES AND INSIGHTS Internal Audit and External Audit. Distinctive Roles in Organizational Governance

Sarbanes-Oxley Act of 2002 Can private businesses benefit from it?

Creating a Customer Centric Organization

Today s CFO: Changing the game plan for tomorrow

AUDIT ADVANTAGE: IMPROVING MISSION READINESS

BEST PRACTICES IN CYBER SUPPLY CHAIN RISK MANAGEMENT

Board of Directors Performance Self-Evaluation Questionnaire

White Paper Well-founded Audit Planning

HOW TO HIRE A SECURITY TEAM STRONG AND EFFECTIVE HOW TO HIRE A STRONG AND EFFECTIVE SECURITY TEAM - 1

2017 North American Pulse of Internal Audit. Public Sector Focus. Courageous Leadership: Instilling Confidence from Within

What We Will Cover Today

Implementation Guide 1000

Best Practices for Establishing a Cost-Effective Internal Audit Function. Article by Heidi Wier June 2016

Internal Oversight Division. Internal Audit Strategy

Audit Committee Charter Amended September 3, Tyco International plc

Driving the Benefits Win:

Leading the Global. Next Decade Doing More with Less The Lean Internal Audit Model. Larry Rieger

Effective implementation of COSO s new anti-fraud guidance

Issue 5. GLOBAL PERSPECTIVES AND INSIGHTS: Emerging Trends. Powered by Global Pulse of Internal Audit

Implementation Guide 2050

OPERATIONAL EXCELLENCE ACROSS THE ERO ENTERPRISE: Adding Value to the Compliance Monitoring and Enforcement Program

Developing an Integrated Anti-Fraud, Compliance, and Ethics Program

Caribbean Association of Audit Committee Members Inc. Independent Quality Assurance Assessment of the Internal Audit function

Legal Firms and the Struggle to Protect Sensitive Data IT Disaster Recovery Planning and Preparedness Survey

National Defense University. Strategic Plan 2012/2013 to 2017/18 One University Evolution

STRATEGIC FRAMEWORK. National CASA Association

Business Resilience: Proactive measures for forward-looking enterprises

KPMG s Audit Committee Institute

External Quality Assessment Are You Ready? Institute of Internal Auditors

CORPORATE GOVERNANCE THEORY, SCOPE AND IMPORTANCE

Baptist Health South Florida

THE RESOURCE MANAGEMENT SERIES. Resource Management Trends Agencies Can't Afford to Miss

Executive Recruitment

International Finance Corporation

Corporate Risk Management Services. Pinkerton is a leading provider of risk management services and solutions for organizations around the globe.

Staying the course toward True North: Navigating disruption

Patty Miller, CIA, QIAL, CPA, CRMA, CISA PKMiller Risk Consulting, LLC

DRAFT Feb 2018 GPAI GLOBAL PERSPECTIVES AND INSIGHTS. Internal Audit in the Age of Disruption

Benchmarking Report Share, Compare, Validate SAMPLE. Year: 2017 Your Organization Date

It s Not About Employee Satisfaction! The Do s and Don ts of Conducting an Employee Engagement Survey By Bob Kelleher

CLAconnect.com/creditunions. Impact the Future of Credit Unions

Increasing the Intensity and Effectiveness of Supervision

Enterprise Risk Management: Developing a Model for Organizational Success. White Paper

Auditor General s Office REVIEW OF THE CITY SAP COMPETENCY CENTRE APPENDIX 1. June 1, 2010

Agenda. How the strategy was developed. Update from your feedback in the first Informal Consultation. Implementation plan and progress so far

A leader lives in each of us. Leadership is one of the four functions of management.

CONTINUOUS PROCESS IMPROVEMENT AND INNOVATION (CP2I)

INTERNAL AUDIT OFFICE

Culture: Why is it important?

TOOL 8.1. HR Transformation Milestones Checklist. The RBL Group 3521 N. University Ave, Ste. 100 Provo, UT

Executive summary. This initial paper looks at: The demands of finance profession and the challenges it faces

A Changing Profession for a Changing Market: Evolving services, skills and talent to meet business demands

Stepping Forward Together: Creating Trust and Commitment in the Workplace

TRENDS

BBA VIII Semester. Strategic Management. POST RAJ POKHAREL M.Phil. (TU) 01/2010), Ph.D. in Progress

Quality Assessments what you need to know

Top Priorities for Internal Audit in Financial Services Organizations

Increasing External Auditor Reliance

Independent Validation of the Internal Auditing Self-Assessment

PLAN TEGIC TRA S

(

SIAAB Guidance #02 Internal Audit Independence- Interaction with Agency Head, Senior Staff and Placement Within the Organizational Structure

6th annual Digital IQ survey The five behaviors that accelerate value from digital investments

GREATER PHOENIX ECONOMIC COUNCIL STRATEGIC PLAN

IPPF Oversight Council

Best Practices for Leveraging Technology. A Five Step Strategic Framework

CITY OF VAUGHAN EXTRACT FROM COUNCIL MEETING MINUTES OF JUNE 25, 2013

Internal Audit Advisory

Agenda. Enterprise Risk Management Defined. The Intersection of Enterprise-wide Risk Management (ERM) and Business Continuity Management (BCM)

Why have so few companies registered to ISO 9001:

Extended Enterprise Risk Management

REVISED CORPORATE GOVERNANCE PRINCIPLES FOR BANKS (CONSULTATION PAPER) ISSUED BY THE BASEL COMMITTEE ON BANKING SUPERVISION

INBOUND MARKETING AT THE SPEED OF A STARTUP AGILE INBOUND MARKETING DRIVES BETTER, FASTER RESULTS FOR COMPLIANCE WAVE

Measuring the value of internal audit in the banking industry

Transcription:

Good Practices of the Audit Committee Richard F. Chambers, CIA, QIAL, CGAP, CCSA, CRMA President and Chief Executive Officer The Institute of Internal Auditors

Overview Audit Committee s Core responsibilities are Expanding Must cope with the complex challenges facing 21 st century organizations Need strong and capable leaders 5 Things the Audit Committee is Unlikely to Hear from the Chief Audit Executive 10 Questions the Audit Committee Should Ask the Chief Audit Executive

The Audit Committee s Core Responsibilities Are Broader Than Ever Oversight of: Financial reporting and internal control over financial reporting External auditors Internal auditors Establishment of whistleblower procedures Risk management, legal and regulatory compliance

21 st Century Organizations Face Complex Challenges

Organizations Face a Volatile Risk Landscape Risks can materialize with little or no warning Trust and value can evaporate Boards, management, and auditors must be attuned to changes Internal auditors must audit at the speed of risk

Unlocking the Value of Internal Audit The Paradox of Structural Expectations for Internal Audit: Base level coverage often provides the lowest perceived value Source: The CBOK 2015 Global Internal Audit Practitioner survey: : 2015 The IIA Research Foundation

Unlocking the Value of Internal Audit Internal audit increasingly is called on to help improve strategic areas such as risk management Recommendations: Ensure the internal audit plans are focused on the most significant risks to the business, including strategic and operational risks Clarify internal audit s role in connection with risk management (providing assurance, not managing risks) Expect internal audit to audit at the speed of risk

Culture Is Increasingly the Culprit in Organizational Debacles

CEOs and CFOs See Culture As Critical Over 90% believe culture is important 92% believe improving their culture would improve value of the company Over 50% believe culture influences: Productivity Creativity Profitability Firm value and growth rates Yet only 15% believe their corporate culture is where it needs to be Source: Corporate Culture: Evidence from the Field, Graham, Harvey, Popadak, and Rajgopal; Duke University, 2015

The Root Cause Can Often Be Culture It is tempting to only look at specific issues and how to correct Did certain behaviors cause the problem? Is culture a fundamental root cause? When controls fail When risks aren t managed When regulations or laws are violated CULTURE

Unlocking the Value of Internal Audit

Unlocking the Value of Internal Audit Recommendations: Seek internal audit s assessment of culture Ensure internal audit has necessary resources and skills for the task Reinforce internal audit s stature within organization and accountability to audit committee Define reporting relationship that maximizes objectivity

Technology Risks Are As Complex As Ever 36% of Corporate Directors surveyed say they are not satisfied with the quality of information provided by management on cybersecurity and information technology risk. Technology risks: Rank among the top concerns of corporate directors Integrated into the fabric of the business Difficult to identify and mitigate Source: 2015 NACD Public Company Governance Survey

Technology Risks Are As Complex As Ever Many executives are declaring cyber as the risk that will define our generation. Dennis Chelsey, Global Risk Consulting Leader, PwC 38% Year-over-year increase in detected information security incidents Average total financial loss due to security incident $2.5m Source: Turnaround and transformation in cybersecurity: Key findings from The Global State of Information Security Survey 1016. http://www.pwc.com/gx/en/issues/cyber-security/information-security-survey/download.html

Unlocking the Value of Internal Audit Bolstering cyber preparedness by coordinating with the board and management on: Protection: Provide a holistic approach to identify vulnerabilities; assurance over IT governance Detection: Work with IT to develop key risk indicators; ensure adequate and effective controls Business continuity: Assurance that plans are effective, efficient, and enterprise-wide Crisis management and communications: Help develop plans or provide assurance Continuous improvement: Help evolve and improve strategies

Regulators Are Raising the Bar Regulation s impact is growing and regulations lack consistency and collaboration 83% 36% said the impact of regulation on their organization is more significant compared to five years ago. 48% said the approach to regulation between different regions in which their organization operates is not consistent. said that different regulators collaborate with each other ineffectively. Regulation and Growth: IFAC Global Regulatory Survey, International Federation of Accountants, September 2015. https://www.ifac.org/publications-resources/regulation-and-growth-ifac-global-regulatory-survey

Regulation Is Essential, but Comes at a Cost Regulation impacts costs, growth, and innovation 80% 66% 63% said regulation has a significant impact on their organization s cost of doing business. said it has a significant impact on their organization s opportunity to grow. said it has a significant impact on their organization s opportunity to innovate. and regulations remain complex. 79% said the regulation impacting their organization is complex or very complex. Regulation and Growth: IFAC Global Regulatory Survey, International Federation of Accountants, September 2015. https://www.ifac.org/publications-resources/regulation-and-growth-ifac-global-regulatory-survey

Unlocking the Value of Internal Audit Leverage internal audit s deep understanding of the regulations and potential risks to the organization Charge internal audit with monitoring risks from emerging regulations and ensuring organization s capabilities Mandate internal audit s ability to audit risk and compliance

Tension for the Chief Audit Executive (CAE) CAE is an important member of the company s management team while the CAE is also responsible for reviewing management s conduct and performance.

Unlocking the Value of Internal Audit CAE should report functionally to the audit committee and administratively to the CEO or other executive. To ensure internal auditor s objectivity, the audit committee should be involved in: Developing audit plan Determining budget and resources Hiring and termination of the CAE Performance review of the CAE Compensation of the CAE

Audit Committees Need Strong and Effective Leaders

Five Attributes of Extraordinary Audit Committee Members 1. Courageously independent 2. Professionally skeptical and intellectually curious 3. Deeply experienced 4. Approachable relationship builders 5. Risk-centric strategists

What the CAE Won t Tell the Audit Committee

What the CAE Won t Tell the Audit Committee 1. The risk assessment I present to you is sometimes limited because I don t have the right staff with the right skills and expertise in some areas. Audit coverage is driven by resources rather than risks.

What the CAE Won t Tell the Audit Committee 2. Identifying emerging risks is one of the biggest challenges we face. Auditing at the speed of risk. Understanding that many risks have ripple effects that can impact in unanticipated ways.

What the CAE Won t Tell the Audit Committee 3. We want to provide assurance on strategic risks, but we are bogged down in tactical financial and compliance audits. The paradox of structural expectations

What the CAE Won t Tell the Audit Committee 4. We are as important to you as the external auditors. Internal auditors identify the root causes of issues and help the organization to operate more efficiently and effectively.

What the CAE Won t Tell the Audit Committee 5. Within an effective governance structure, internal audit is the audit committee s only independent line of defense for effective risk management and control. While there may appear to be overlap with certain control functions like Compliance and Financial Control, internal auditors should be independently evaluating these functions, providing assurance they are being effectively executed.

Parting Thoughts

10 Questions the Audit Committee Should Ask the CAE 1. What is the internal audit coverage of the organization s risk management governance processes? 2. How responsive to change and flexible is internal audit s risk-based audit plan? 3. How does internal audit use technology to enhance its auditing and monitoring activities? 4. What is the strategic vision and plan for internal audit? 5. What perceived value does the organization receive from its internal audit activities?

10 Questions the Audit Committee Should Ask the CAE 6. How do we strengthen communications and relationships between internal audit and the audit committee? 7. How does internal audit ensure that its activities are in full compliance with The IIA Standards? 8. How does internal audit acquire and develop top talent for the organization? 9. What types and levels of training are necessary for internal audit to accomplish its mission? 10.Does internal audit periodically inventory and assess its skills to identify gaps and how are they being addressed?

Thank You!

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback