Audit Committees Prioritize Cybersecurity, Enterprise Risk Management in New Survey
Two-thirds of audit committee members see opportunities to improve effectiveness, according to Deloitte, Center for Audit Quality Survey
A total of 266 respondents participated in this year's survey, most of whom are from US public companies (74%), and of which 81% have more than
Respondents cited enterprise risk management (ERM) as the No. 2 priority, demonstrating a broader, more holistic view of risk. Meanwhile, trending topics like artificial intelligence (AI) governance and environmental, social and governance (ESG) reporting are receiving comparably less attention.
"We are seeing the role of the audit committee continue to evolve and adapt as demands on oversight responsibilities change with the business environment and investor expectations," said
In addition to cybersecurity and ERM, finance and internal audit talent (a new entry in this year's survey), compliance with laws and regulations, and finance transformation rounded out the top five priorities. Although the majority of respondents view internal audit as an effective function — one that adds demonstrable value — nearly 80% believe there is an opportunity for internal audit to add even more value. Audit committees are also increasingly prioritizing compliance with laws and regulations, with more than one-third citing it as a top-three priority, a significant increase from last year.
Cybersecurity remains No. 1 priority for audit committees, followed by ERM
Cybersecurity topped the list of committee priorities by nearly 20 percentage points over ERM. Notably, 58% of respondents said the audit committee has primary oversight over cybersecurity, with 25% indicating the full board has oversight responsibility. Sixty-nine percent of respondents highlighted cybersecurity as a top concern in the next 12 months, with 3-in-10 ranking it No. 1.
The heightened focus on cybersecurity is likely due to greater disclosure requirements from regulatory agencies. The U.S. Securities and Exchange Commission (SEC), for example, is requiring new disclosures on cybersecurity risks and incidents, as well as management and strategy, including an explanation of oversight processes.
When considering what additional expertise would enhance the audit committee's effectiveness, cybersecurity was highlighted as the top area (44%). This is particularly notable given that almost half (48%) of respondents said they have some level of cybersecurity expertise on the committee.
The evolving risk landscape and emerging risks have put an increased spotlight on ERM. Nearly half of respondents indicated that ERM will be a top focus area in the next 12 months. More than three quarters (85%) of respondents reported some level of ERM expertise on the audit committee, positioning it to effectively oversee management's risk programs.
Opportunities for audit committees to increase effectiveness
With a growing agenda and evolving responsibilities, audit committee members see an opportunity for continuous learning and improvement and have perspectives on how they could enhance their effectiveness. Only one-third of respondents say the committee is effective as is, while the rest feel there is at least one strategy that could boost general effectiveness. Those respondents highlighted three key areas for improvement:
- Increased discussion and/or engagement from members during meetings — highlighted by 29% of respondents.
- Improved quality of pre-read materials — highlighted by 28% of respondents.
- Improved quality of presentations during meetings — highlighted by 26% of respondents.
"The effectiveness of an audit committee can be distinguished by how it executes its responsibilities," said
About the survey
This edition of the "Audit Committee Practices Report," like prior editions, is based on a survey of audit committee members. A total of 266 respondents participated in this year's survey, most of whom are from US public companies (74%) and of which 81% have more than
In its third year, the Audit Committee Practices Report added a charitable element to the survey, allowing the first 200 qualifying respondents to select from Braven and/or New Profit for a
About the Center for Audit Quality
The Center for Audit Quality (CAQ) is a nonpartisan public policy organization serving as the voice of US public company auditors and matters related to the audits of public companies. The CAQ promotes high-quality performance by US public company auditors; convenes capital market stakeholders to advance the discussion of critical issues affecting audit quality, US public company reporting, and investor trust in the capital markets; and using independent research and analyses, champions policies and standards that bolster and support the effectiveness and responsiveness of US public company auditors and audits to dynamic market conditions.
About Deloitte's Center for Board Effectiveness
Deloitte's Center for Board Effectiveness helps directors deliver value to the organizations they serve through a portfolio of high-quality, innovative experiences throughout their tenure as board members. Whether an individual is aspiring to board participation or has extensive board experience, the Center's programs enable them to contribute effectively and provide focus in the areas of governance and audit, strategy, risk, innovation, compensation and succession.
About Deloitte
Deloitte provides industry-leading audit, consulting, tax and advisory services to many of the world's most admired brands, including nearly 90% of the Fortune 500® and more than 8,500 US-based private companies. At Deloitte, we strive to live our purpose of making an impact that matters by creating trust and confidence in a more equitable society. We leverage our unique blend of business acumen, command of technology, and strategic technology alliances to advise our clients across industries as they build their future. Deloitte is proud to be part of the largest global professional services network serving our clients in the markets that are most important to them. Bringing more than 175 years of service, our network of member firms spans more than 150 countries and territories. Learn how Deloitte's approximately 457,000 people worldwide connect for impact at www.deloitte.com.
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a
View original content to download multimedia:https://www.prnewswire.com/news-releases/audit-committees-prioritize-cybersecurity-enterprise-risk-management-in-new-survey-302086446.html
SOURCE Deloitte
Serious News for Serious Traders! Try StreetInsider.com Premium Free!
You May Also Be Interested In
- SEC mulls changes to ETF oversight framework
- Realty Income forms data center JV with $6B in seed assets
- Talos Energy to buy Shell deepwater assets for up to $500M net
Create E-mail Alert Related Categories
PRNewswire, Press ReleasesSign up for StreetInsider Free!
Receive full access to all new and archived articles, unlimited portfolio tracking, e-mail alerts, custom newswires and RSS feeds - and more!



Tweet
Share