Audit Committees Call for Better Risk Management
KPMG’s Audit Committee Institute surveyed 240 individuals who serve on the audit committee of at least one public company in June and July 2011 about what top issues they are facing in the upcoming year. Risk management, especially IT related risk management, is high on the agendas of most surveyed.
In regards to risk management, survey respondents expressed the following concerns:
- Although 42 percent (up from 29 percent last year) described the company’s risk management system as “robust and mature,” and equal number said their risk management system requires “substantial work.”
- Only 34 percent of respondents said they were satisfied that they hear dissenting views about the company’s risk environment and related controls.
- Several respondents gave low ratings to the quality of information they receive regarding “significant risks facing the business.”
- Audit committees want to hear more frequently from the Chief Risk Officer (CRO) and mid-level management.
- Many audit committee members say they want to hear more frequently from the chief information officer (CIO) about IT risk and emerging technologies.
- Only 61 percent are satisfied with the audit committee’s process to oversee IT risks.
While it should be noted there has been progress on risk management, compared to the prior years responses, challenges are still present. Key issues directing the risk dialogue include:
- The importance of considering “what-if” scenarios and having a robust crisis response plan
- Focusing on operational risks and controls, and the effectiveness of reports about possible problems with safety and compliance issues as an “early warning sign”
- The impact of cost reductions undertaken over the past several years- particularly those related to internal controls and management of outsourcing.
The survey noted other priorities of audit committees over the coming near, including a desire to devote more time to compliance in light of public policy initiatives and reforms (including healthcare, financial regulation, energy, etc.).
Visit the KPMG Audit Committee Institute to download the full publication for more information and detailed survey results.
Source: KPMG Audit Committee Institute and National Association of Corporate Directors