A well-governed audit committee is a hallmark of well-run companies, and the way to ensure the committee is managed in the best possible way is to follow the guidance set out in the AICD’s latest publication.
The third edition of Audit Committees, A Guide to Good Practice, released last month, is a joint publication by the Auditing and Assurance Standards Board, the Australian Institute of Company Directors and the Institute of Internal Auditors-Australia.
It covers all the essentials of running an audit committee, which typically focus on issues relevant to the integrity of an entity’s financial reporting. The committee oversees external audit, internal audit, risk management, and internal control and compliance.
As the book notes, “some entities establish one committee with the responsibility for all these tasks, such as an audit and risk management committee. Larger entities may establish more than one committee, such as an audit committee, a risk and compliance committee, a health and safety committee and an environmental committee depending on the nature and extent of the entity’s operations.”
The guide is designed for directors and audit committees of Australian listed companies, though directors, boards of management and audit committees of not-for-profit, public sector and other private sector entities might also find the guide useful.
There is no one-size-fits-all approach to managing audit committees. The nature of the business, the regulatory environment, ownership structure, legal requirements, and audit committee membership all influence the objectives and activities of an audit committee.
Smaller entities with limited resources might find it impractical to meet all of the practice solutions outlined in the guide. But they may use the guide to assess the elements of good practice that are relevant for their financial reporting, corporate governance, risk management and internal controls, and exercise them at the board or committee level.
The guide provides a practical introduction to the role and responsibilities of an audit committee. It explains the context in which an audit committee typically operates and outlines good practice.
While the guide will assist boards and audit committee members, it may also be helpful to risk and compliance managers, internal auditors, external auditors and senior management, as it explains the expectations and accountabilities between the audit committee and these other parties.
Clarifying the roles and responsibilities between the audit committee, risk and compliance managers and auditors (both internal and external) assists their communication, efficiency and effectiveness.
The guide can assist audit committees in assessing an entity’s external financial and other internal and external reporting requirements. It also assists in assessing the effectiveness of an entity’s risk management and internal control systems.
This third edition of the guide reflects developments in audit committee practice, legislation and guidance from regulatory bodies and in leading global board practices since the previous edition was published in 2012.
The guide does not attempt to advise directors or members of audit committees about their legal duties. For a general discussion of directors’ duties, refer to Duties and Responsibilities of Directors and Officers, 21st edition, by Professor Bob Baxt AO FAICDLife, published in 2016.
Recent developments regarding audit committees
Since the previous edition of the guide, there have been a number of developments in this area in Australia. These include:
January 2017 – The Institute of Internal Auditors Inc issued a revised International Professional Practices Framework (IPPF). It has been adopted by The Institute of Internal Auditors-Australia (IAA-A) and was effective from 1 January 2017. The changes mainly affect the International Standards for the Professional Practice of Internal Auditing and have generally been made for clarification purposes.
December 2016 – Revised Australian Auditing Standards came into effect, some of which impact the operation of audit committees as they change the requirements in relation to an auditor reporting to the board.
Examples include the Auditing Standard ASA 700 series, including the new ASA 701: Communicating Key Audit Matters in the Independent Auditor’s Report, revised ASA 720: The Auditor’s Responsibility Relating to Other Information and related consequential changes to other relevant auditing standards, such as ASA 260: Communication with Those Charged with Governance and ASA 570: Going Concern.
August 2016 – The IIA issued Supplement Guidance: Applying the International Practices Framework as a Professional Services Firm which provides some clarification about the services of internal auditing as distinct from external auditing.
June 2015 – ASIC issued Information Sheet 203: Impairment of non-financial assets: Materials for directors explaining the responsibilities of a director in connection with the testing of non-financial assets for impairment in the financial report of a company.
December 2014 – ASIC re-issued Information Sheet 183: Directors and financial reporting, which covers the financial reporting responsibilities of a director.
March 2014 – The ASX Corporate Governance Council released the third edition of the Corporate Governance Council Principles and Recommendations. These revised guidelines came into effect from 1 July 2014 and broaden Principle 4 to encompass corporate reporting rather than just financial reporting.
March 2014 – ASIC issued Information Sheet 196: Audit quality – the role of directors and audit committees (INFO 196) providing guidance to assist directors and audit committees in their role supporting the quality of the external audit of the financial report.
February 2014 – The International Auditing and Assurance Standards Board (IAASB) issued A Framework for Audit Quality: Key Elements that Create an Environment for Audit Quality which encourages all participants in the financial reporting supply chain, including audit committees, to challenge themselves to do more to increase audit quality in their particular environments.
January 2014 – The Australian Prudential Regulation Authority (APRA) revised Prudential Standard CPS 510 Governance from 1 January 2015 and the new Prudential Standard CPS 220 Risk Management. Revisions of these guides have since been issued and came into effect from 1 July 2017.
Beyond the latest regulatory and best practice developments concerning audit committees, the guide also covers the board’s relationship with the audit committee, regulatory requirements and responsibilities. It also delves into how to develop an effective charter, conducting meetings, reporting by the audit committee and assessing performance.
The guide includes a sample audit committee charter, a management representation letter, and a practical exploration of the differences between internal and external audit.
This comprehensive guide can be accessed through the AICD online bookshop at companydirectors.com.au/auditcommittee.