Page 13 - demo
P. 13

13









        Six takeaways








                  Risk management is a top concern for                  CFO succession planning and bench
                  audit committees. The effectiveness of                strength in the finance organization
                  risk management programs generally, as                continue to be weak spots. Forty-four
        well as legal/regulatory compliance, cyber security   percent of audit committees are not satisfied
        risk, and the company’s controls around risks, topped   that their agenda is properly focused on CFO
        the list of issues that survey participants view as   succession planning, and another 46 percent are
        posing the greatest challenges to their companies.    only somewhat satisfied. In addition, few are
        It’s hardly surprising that risk is top of mind for audit   satisfied with the level of focus on talent and skills
        committees—and very likely, the full board—given the   in the finance organization. Given the increasing
        volatility, uncertainty, and rapid pace of change in the   demands on the finance organization and its
        business and risk environment. More than 40 percent of   leadership—financial reporting and controls, risk
        audit committee members think their risk management   management, analyzing mergers and acquisitions
        program and processes “require substantial work,” and   (M&A) and other growth initiatives, shareholder
        a similar percentage say that it is increasingly difficult to   engagement, and more—audit committees want
        oversee those major risks.                            to devote more time to the finance organization,
                                                              including the talent pipeline, training, and
                  Internal audit can maximize its value to
                  the organization by focusing on key areas   resources, as well as succession planning for the
                  of risk and the adequacy of the company’s   CFO and other key finance executives.
                  risk management processes generally.                  Two key financial reporting issues may
        The survey results show that audit committees are               need a more prominent place on audit
        looking to internal audit to focus on the critical risks to     committee agendas: Implementation
        the business, including key operational risks (e.g., cyber      of new accounting standards and
        security and technology risks) and related controls—and         non-GAAP financial measures. Few
        not just compliance and financial reporting risks. They   audit committees say their companies have clear
        also want the audit plan to be flexible and adjust to   implementation plans for two major accounting
        changing business and risk conditions.                changes on the horizon—the new revenue
                                                              recognition and lease accounting standards. Given
                 Tone at the top, culture, and short-termism   the scope and complexity of those implementation
                 are major challenges—and may need more       efforts and their impact on the business, systems,
                 attention. A significant number of audit     controls, and resource requirements, those efforts
                 committee members—roughly one in four—       should be a key area of focus. In addition, audit
        ranked tone at the top and culture as a top challenge,   committees ought to consider whether to increase
        and nearly one in five cited short-term pressures and   attention to any non-GAAP financial measures,
        aligning the company’s short- and long-term priorities as   which are an area of significant attention and
        a top challenge. Meanwhile, nearly the same percentage   comment by regulators worldwide. Nearly a quarter
        of audit committee members said they are not satisfied   of those surveyed say their role with respect to the
        that their committee agenda is properly focused on    presentation of those metrics is very limited.
        those issues.
                                                                        Audit committee effectiveness hinges
                                                                        on understanding the business. Audit
                                                              committee members say a better understanding
                                                              of the business and the company’s key risks would
                                                              most improve their oversight effectiveness. They also
                                                              view additional expertise in technology/cyber security
                                                              as being key to greater effectiveness, since it would
                                                              strengthen their ability to oversee those risks.


        © 2017 KPMG Central Services, a Belgian Economic Interest Grouping (“ESV/GIE”) and a member firm of the KPMG network of independent member firms affiliated with KPMG International
        Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium.
   8   9   10   11   12   13   14   15   16   17   18