How to solve the new audit committee mandates and responsibilities
The audit committee is a cornerstone of the board of director's duties. Its mandate now extends well beyond the oversight of financial reporting and includes key areas that determine the organisation's performance, risk management, compliance, accountability, the integrity of quality data, cyber risk, and the effectiveness of internal control over operations. The long list of oversight responsibilities gets more complicated because the amount of time the audit committee members can commit is often the same
A healthy working relationship with the internal audit is the key to addressing the time issue of the audit committee. The internal and sometimes the external auditors can support the committee's ability to attain its updated goals, improve performance, enhance and protect organisational values, provide risk-based and objective assurance, advice, and insight.
Too much on the C plate
The synergetic relationship between the Audit Committee and Internal Audit is the key to addressing the new responsibilities because the structured work of the internal audit can deliver value, while the audit committee can focus on protecting and support the unbiased assurance. Therefore the Audit Committee and Internal Audit must update their charters to be prepared to:
- Recognise the resources and competencies needed to provide value and data analytics
- Protect the independence and objectivity of the internal audit team
- Communicate often and at a deep level, both formally and informally
- Agreement and alignment on expectations, design, review, and approvals
- How to hold management accountable for assessing and implementing, internal audit recommendations
The responsibility, role and scope of the audit committee to meet regulatory needs can be fulfilled by a strong working relationship with the internal auditor. The charter will enhance and protect the values based on objective assurance, advice, and insight. Thereby the Audit Committee can improve its efficiency and effectiveness of all controls of data security and operations and an ongoing and robust dialogue wth the board of directors.