Focused on the Future: Five Areas Where Today’s Audit Committees Are Creating Tomorrow’s Success

Undoubtedly, audit committees play a vital role in corporate governance by providing checks and balances for management control. This role ensures that the interests of all stakeholders are protected and that the company operates with integrity. Though audit committees focus much of their energy on financial reporting, new issues are emerging that demand a pivot in focus.

Though there is ample competition for committee members’ attention, a recent Deloitte survey revealed five particular areas on which boards will focus in the coming year. By understanding these five focus areas, all directors can be better equipped to handle potential problems and help their organizations achieve their strategic goals.

1. Cybersecurity

No matter the industry, today’s companies rely on increasingly complex technologies to manage everyday tasks, including those in the financial and operational realms. Consequently, data security has become of the utmost importance. 

More than 3,000 of these cybersecurity incidents occurred in 2023, and the number is only rising. The costs of these incidents are also on the rise, with the average spent being close to $4.5 million, underscoring the urgent need for robust cybersecurity measures.

It’s no wonder that cybersecurity is the top priority for audit committees over the coming months and years. In 2023, the SEC adopted a new rule regarding cybersecurity risk management, governance, and strategy. This rule requires companies to disclose material cybersecurity incidents and plans for cybersecurity risk management. 

As a result, 58% of corporations have given their audit committees oversight of this issue. Of those companies, 73% plan to give it space on their quarterly agenda, with 18% of committees believing it deserves more discussion. 

With generative artificial intelligence becoming a part of corporate executives’ everyday reality, it’s more important now than ever for boards to engage outside experts and seek in-depth training on the topic.

2. Enterprise Risk Management

The threat landscape has evolved heavily in the last few years. From global health emergencies and hostility between nations and political rivals to supply chain disruptions and regulatory changes, recent threats have no doubt changed audit committees’ approach to enterprise risk management.

This makes ERM more important now than ever, and boards clearly understand this. Nearly half cited it as their second most important priority, and nearly that many corporations have assigned the issue to the audit committee. 

Deloitte found that a quarter of directors believe this issue needs more time on the agenda. Understandably, that number rises to 27% for financial institutions. 

As audit committees look to increase their focus on ERM, it would be a good idea to reassess current practices to ensure they are in line with recent threats and have management frequently assess risk. Additionally, effective scenario modeling can help audit committees understand the potential impact of these risks so that they can respond quickly to any issues that arise.

3. Internal Audit Talent

According to Deloitte’s survey, the vast majority of directors believe that the internal audit function is both effective and valuable in their organization. Still, Deloitte revealed that 80% of respondents believe there are opportunities for the internal audit team to offer even more value.

Outside of the role of assurance provider and risk adviser, how can internal audit teams use their business acumen in new ways in the coming years? As the survey shows that over 90% of companies put this function into the hands of the audit committee, several committee-based actions can get these teams closer to this goal. 

The first is to take on succession planning for the finance and internal audit teams. This allows the audit committee to consider emerging issues and technologies, assess possible skills gaps, ensure they upskill existing team members, and evaluate for future needs when selecting new ones. Maintaining regular contact and a relationship with the CFO is key in this aspect. 

Additionally, the audit committee should encourage internal audit teams to anticipate emerging risks and ensure their focus remains on high-priority issues. This can underscore proper risk assessment and ensure the business is ready for what’s coming down the pipeline.

4. Regulatory Compliance

The business landscape is constantly changing, thanks to shifting political issues and ever-changing regulations. As a result, Deloitte found that 36% of directors note compliance as a top-five priority within the next year. 

While many believe their audit committees are doing a good job with compliance, it will be up to them to ensure that this continues. As climate change becomes more of a concern throughout the U.S. and around the world, ESG reporting will likely emerge as one area that requires consistent management. 

To reduce compliance risk over the next 12 months, audit committees may need to reassess risk assessment processes to align them with insight into new regulations. Audit and risk committees should be in constant communication with one another and the board, which can allow for a deep understanding and effective prioritization of emerging risks. 

5. Finance Transformation

Finance transformation isn’t an area that sees enough discussion, but it is critical to the finance function and, therefore, to audit committees. It involves aligning the organization’s finance processes and operations with the company’s overall mission and goals.

In today’s world, much of this alignment can involve new software applications built on emerging technology, such as generative artificial intelligence. In fact, Deloitte found that two-thirds of audit committee members believe they should spend more time discussing use cases and governance for AI. 

This will no doubt prove to be challenging, as even regulatory and legislative bodies are still trying to figure out what sufficient oversight looks like. As with internal audit talent, audit committees should spend some time discussing the necessary skills for true finance transformation. This may also require outside expertise and additional training, but it will be worth it to secure the future of the organization and its finance function.

The Right Focus Holds the Key to Accomplishing the Mission

With so many issues competing for attention from the audit committee, members must prioritize their focus issues wisely. For many, cybersecurity, enterprise risk management, talent acquisition, regulatory compliance, and finance transformation are key areas that they will zero in on over the next 12 months.

As political, financial, and regulatory changes continue, audit committee members may see many challenges in their immediate futures. However, with a deep understanding of the finance landscape, the right priorities, and a willingness to change with the times, audit committees can ensure a successful finance function, regardless of what the future holds.