Risk Management Jumps to Top of Audit Committee Agendas, Says New Survey by KPMG's Audit Committee Institute
|
|
|
NEW YORK, July 2 NY-KPMG-risk-survey
Only One In Five Are Fully Satisfied With Management's Risk Reports;
Credit Crisis Likely Fueling Concerns;
Overall, Nine Out Of Ten Feel That Audit Committees Are More Effective Since SOX
NEW YORK, July 2 /PRNewswire/ -- Only 28 percent of audit committee members are "very satisfied" they understand the process that management uses to identify and assess significant business risks, and only 21 percent are "very satisfied" with the risk reports they receive from management, according to results of the third annual audit committee member survey conducted by KPMG's Audit Committee Institute (ACI) and the National Association of Corporate Directors.
And, while nine out of ten respondents say their audit committee is more effective now than before the Sarbanes-Oxley (SOX) legislation was enacted in 2002, many acknowledge there is still room for improvement - particularly in the area of risk management, which they cited as their top priority.
"The current business and regulatory environment is sharpening the audit committee's focus on risk management," said Henry R. Keizer, Vice Chair - Audit, KPMG LLP, the U.S. audit, tax and advisory firm, and Global Head of Audit, KPMG International. "The near 'perfect storm' of the credit crunch, economic slowdown and market volatility has placed risk management high on the audit committee agenda, where it is likely to stay for some time."
Risk Management Ranked as Chief Concern
Overall, the nearly 300 public company audit committee members who responded to this year's survey ranked risk management as their top priority, replacing accounting judgments and estimates, which moved to second on the list.
Information Technology (IT) risk and governance moved up to third, with respondents indicating the least confidence in this area. One quarter of respondents said they were not clear about the areas of IT risk the audit committee is responsible to oversee and 26 percent said they were not satisfied with management's reports on IT risks.
Survey respondents expressed the highest levels of confidence in their oversight of traditional financial reporting areas, including accounting judgments and estimates, internal controls, and 404 compliance.
"Audit committees are more confident in their 'traditional' areas of financial reporting oversight," said Edward F. Smith, executive director of ACI. "But there's much less comfort in the area of risk management. They clearly want a better understanding of the company's risks and its risk management processes."
Smith pointed to two key challenges for audit committees that are highlighted by the survey:
- defining the audit committee's risk oversight responsibilities (half the respondents expressed concern they have too much responsibility for risk oversight);
- coordinating risk oversight activities with other board committees to better monitor potential risks (74 percent said communication and coordination of risk oversight activities among the audit committee, board, and other committees could be improved).
Following are key findings from the survey:
The Good News: Nine in Ten Say Audit Committees are More Effective Since SOX
- Nine out of ten audit committee members say their audit committee is more effective now than prior to the enactment of SOX in 2002; nearly half saying the committee is "much more effective."
- Audit committee members are most confident in their oversight of "traditional" financial reporting areas, including accounting judgments and estimates, internal controls and 404 compliance.
Key Risk Management Concerns: Processes, Reports, and Oversight Responsibilities
- Only 28 percent of audit committee members are "very satisfied" that the audit committee understands management's processes to identify and assess the significant business risks facing the company; and only 21 percent are "very satisfied" with the information and reports they receive from management on its risk management efforts.
- Nearly half of the survey respondents expressed some concern that the audit committee has been assigned, or has assumed, too much responsibility for risk oversight;
- 74 percent said the communication and coordination of risk oversight activities among the audit committee, board, and other committees could be improved.
- One quarter of respondents are not clear about which areas of IT risk and governance the audit committee is responsible for, and 26 percent said they are not satisfied with management's reports on IT risks. Of the major areas of audit committee oversight, respondents indicated they are least confident in this area.
Room to Improve Agendas, Meetings, Coordination of Oversight, and More
- Many respondents say the audit committee's effectiveness may be hampered or negatively impacted by overloaded agendas, compliance activities that at times detract from substantive discussion of issues, and inadequate communication and coordination of oversight activities with the board and other committees.
- One in three are only "somewhat satisfied" the committee spends enough time discussing issues and asking questions; fewer than half said the committee allocates adequate time to discuss issues that are on the minds of its members; and many said pre-meeting materials could be improved by more comparisons to industry statistics, better identification of important issues, and timely delivery.
- Less than half are fully confident that other standing committees are sensitive to financial reporting implications of the risks they oversee; nearly half say committee reports to the full board, which most audit committees say they rely on to stay apprised of oversight activities of other standing committees, are high quality only some of the time, or they are "boilerplate" and compliance-oriented.
Concerns About Resources, Skills, Succession Plans for CFO, Internal Audit
- Nearly 90% expressed concern about the company's succession plans for the CFO and other key members of the financial reporting team, and most see room to improve their approach to evaluating the performance of the CFO and financial staff.
- Half of respondents are "somewhat satisfied" and 44 percent are "very satisfied" that internal audit delivers the value to the company that it should; yet about one in five say they are only "somewhat confident" that the company's chief audit executive would report any controversial issues involving senior management to the audit committee (similar to results in the 2007 survey.
About the Survey
The third annual Audit Committee Member Survey was conducted by KPMG's Audit Committee Institute and the National Association of Corporate Directors between November 2007 and February, 2008. The results reflect the responses of 281 audit committee members, each of whom was asked to respond based on the largest U.S. public company (by revenue) for which they serve as an audit committee member.
About ACI and KPMG
Established in 1999, KPMG's Audit Committee Institute (ACI) provides information, resources, and knowledge-sharing opportunities--through a variety of forums, surveys, and publications--to help audit committee members and their boards enhance the effectiveness and integrity of the financial reporting process. Throughout the year, ACI's Roundtable Series, Audit Committee Issues Conference, Audit Committee Fundamentals program, and quarterly webcasts bring together directors, senior executives, and corporate governance luminaries to discuss common challenges and leading practices in the oversight of financial reporting and related risks.
KPMG LLP, the audit, tax and advisory firm ( www.us.kpmg.com), is the U.S. member firm of KPMG International. KPMG International's member firms have 123,000 professionals, including more than 7,100 partners, in 145 countries.
Contact: Ray Zardetto
KPMG LLP
Tel. 201-307-8494
SOURCE KPMG LLP
|
Copyright © 2008
PR Newswire. All rights reserved.
|
|
|
|
|
|
|
|
|
|
