Your Risk Management Magazine
Broad audit role causes some disquiet

Font size : + -

email print

UNCERTAINTY OVER THE role of internal risk and audit committees may be one reason boards and committees feel they are not adequately dealing with the risks they face, according to KPMG.

A KPMG survey of board audit committees found most respondents took an “enterprise-wide view” of risk management, but only about half are “somewhat satisfied” with the board or audit committee’s oversight of risk.

“Some boards feel as though the linkage between what the internal auditors do in terms of helping the board to understand risk and … how they should be managing risk … could be more clearly enunciated,” said Michael Coleman, KPMG’s national risk manager.

Less than 60 per cent of respondents in Australia to the Agents of Change survey rated their audit committees as ‘very effective’, compared to 72 per cent of their counterparts in the US.

Coleman said this reflected the fact that legislation in the US mandates a more specific role for audit committees compared to Australian laws.

“In the US, through [the] Sarbanes-Oxley Act, it is quite clear what the role of the audit committee is,” he said.

“The audit’s committee’s role is a more narrowly focused role around the proper presentation of financial statements and checking the independence of the external auditor.”

In Australia, the board has primary responsibility for overseeing risk management, and audit committees tend to be “sub-committee”of the board, he said. ASX guidelines require boards to “consider” to assess risk management in their companies, but “boards have actually got to make up their own minds about whether or not they do or they don’t undertake things”.

“It is easier I think for audit committees in the United States to say that they can identify how effective they have been. In Australia the whole process is more open-ended. The individual boards determine what they want to do and perhaps some directors don’t feel as comfortable as they could about the overall outcome.”

While most big companies would have a “well ingrained” risk management process across the whole enterprise, Coleman said “not every single audit committee member would be comfortable in saying that they’re satisfied that all of those risks are being effectively managed”.

“That could mean that there’s not enough time being spent on it,” he said. “It could mean that perhaps the audit committee members are focusing more on the financial reporting side of it rather than the [enterprise-wide] side of it.”

  • Bookmark & Share
go back
Your comment
Risk management is the place for positive industry interaction and welcomes your professional and informed opinion.
eNewsletter

Breaking news, video interviews, opinion and analysis delivered straight to your inbox. Subscribe now
Categories

Home   |    Advertising   |    About Us   |    Contact Us   |    Privacy Policy  

© 2012 Key Media Pty Ltd.