KPMG survey reveals audit committee to play key role reducing risk of
major company threats
TORONTO, May 27, 2014 /CNW/ - According to KPMG's 2014 Global Audit Committee Survey Report - The Canadian Perspective, the role of audit committees in identifying and assessing risk
continues to grow and evolve, expanding beyond traditional areas such
as legal/regulatory compliance, anti-bribery/corruption and financial,
to now encompass information technology — including cyber security. And
this new burden is taking a toll, with 38 per cent of Canadian
respondents saying it is becoming "increasingly difficult" to oversee
the myriad of responsibilities that are now associated with their role.
While cyber security is considered a growing company threat in the US,
only a fraction of Canadian audit committee members seem to agree — 11
per cent perceive it to be a major company challenge, which pales in
comparison to the US at 27 per cent. In contrast, when asked if they
were satisfied with time spent on cyber security issues by the board,
only 31 per cent of Canadian respondents agreed, compared to 55 per
cent globally and 57 per cent in the US, leaving much room for
improvement in boardrooms around the world. It will be interesting to
see if the recent high-profile Heartbleed scare will shift opinion.
Economic/political uncertainty, operational risk, government regulations
ranked as top challenges
Of the challenges companies face today, half of Canadian audit committee
members surveyed perceive economic and political uncertainty to be the
greatest concern followed by operational risk (46 per cent) and
government regulations (40 per cent). To tackle these emerging issues,
31 per cent of Canadian companies said their board has recently
reallocated or rebalanced risk responsibilities.
Information quality falling short
Given their growing responsibilities, audit committees want to see an improvement in the quality of information they receive on emerging technologies and
company growth and innovation plans (especially cyber security). They
also want to better understand the company's global systemic risks and
supply chain dependencies. Although Canadian audit committees rate much
of the information they receive on key risks facing the company (e.g.,
legal/regulatory compliance, operational risk and public policy
developments) as "good" or "generally good", they should reflect on
whether there is an increased risk to the company if the information
received is not "great". Steps companies can take to improve the
quality of risk information they receive, include:
Work with management to define or refine the audit committee's (and
board's) information needs.
Seek out independent sources of information instead of relying
exclusively on management.
Ensure the board has insight and foresight about the impact of new
technologies on the business, the industry and the competitive
Ensure management is actively listening to the conversation on social
media to better understand the risks, opportunities and changing
attitudes and perceptions about the company.
Pace of change slower in Canada
As the role of the audit committee continues to evolve and grow, only
half of those surveyed in Canada believe internal audit's role should
extend beyond the traditional responsibilities of financial reporting
and controls to include other major risks and challenges facing the
company. This compares to 66 per cent in the US and 70 per cent
globally. Only 28 per cent of Canadian survey respondents are satisfied
internal audit currently has the skills and resources to be effective
in the role they envision. Steps companies can take to optimize the
audit committee's workload, agenda and skills, include:
Ensure the committee has the time and expertise for major categories of
risk "beyond the core".
Consider whether risk oversight responsibilities need to be rebalanced.
Leverage additional resources and expertise from internal and external
auditors and third-party experts — particularly in the areas of risk
and emerging technology.
Recognize that internal audit is most effective when it is focused on
the critical risks to the business: operational risks and related
controls — not just compliance and financial reporting risks.
As the audit committee's role continues to evolve to take on deeper
responsibilities for risk, a disconnect is emerging between skills that
were traditionally required and those that are now needed to
effectively minimize company risk. Boards and management teams across
the country must become even more integrated in their approach in order
to successfully ward off potential risks.
"Companies across the country must evaluate whether their audit
committees are able to meet the growing and changing requirements of
the committee's roles. Bridging any gaps in skills and resources will
help to ensure they are able to quickly identify both traditional and
non-traditional risks threatening the organization."
- John Gordon, Canadian Managing Partner, Audit, KPMG in Canada
2014 Global Audit Committee Survey - The Canadian Perspective
KPMG on LinkedIn
About KPMG's 2014 Global Audit Committee Survey Report - The Canadian Perspective
This report is based on responses from approximately 1420 audit
committee members in 34 countries, between September and November 2013.
All survey respondents serve on the audit committee, or equivalent
supervisory board, of at least one company. Of the 145 Canadian
respondents, 53 per cent were audit committee chairs and 43 per cent
serve on audit committees of companies that earn less than $250 million
in annual revenue. Respondents were asked to answer survey questions
based on the largest company they represent, by revenue.
KPMG LLP, an Audit, Tax and Advisory firm (kpmg.ca) and a Canadian limited liability partnership established under the
laws of Ontario, is the Canadian member firm of KPMG International
Cooperative ("KPMG International"). KPMG member firms around the world
have 155,000 professionals, in 155 countries.
The independent member firms of the KPMG network are affiliated with
KPMG International, a Swiss entity. Each KPMG firm is a legally
distinct and separate entity, and describes itself as such.
Image with caption: "Audit Committee Survey Infographic (CNW Group/KPMG LLP)". Image available at: http://photos.newswire.ca/images/download/20140527_C9477_PHOTO_EN_40764.jpg
SOURCE: KPMG LLP
For further information:
National Manager, Communications
KPMG in Canada