In-House Corner: The Evolution of the Audit Committee

In this blog feature, our in-house readers share tips, anecdotes, and thoughts about topics that arise in their daily practice. This particular batch of thoughts is about the audit committee today:

1. "The biggest challenge for audit committees is "who is on first for what." Cyber. Risks of all sorts and varieties. I prefer to have the audit committee review the overall risk profile and ERM, then allocate oversight of risks amongst appropriate committees. Some will stay with the audit committee. Many will not. 'E and S' commitments and disclosure. Elevate the commitments to the full board – as part of the corporate strategy. Let the audit committee cover disclosure to the extent reasonable."
    
2. "I am not a huge fan of "experts" on the board. Deep experience in/exposure to a topic in the course of business usually helps the directors provide greater challenge and better advice than trying to be the company's expert on cyber risk, or DEI, or whatever.
   
   Pick your directors for judgment; hire employees with expertise; hold those employees accountable. Is that too old-fashioned? This includes the audit committee with its burgeoning breadth of topics to cover."
    
3. "Create an annual calendar for the audit committee that covers all of the required items in the committee's charter. Add things that are optional and beneficial. Include that in every posting. Refer to it so that members see how things are progressing during the year.
   
   It can also help management respond to questions about 'why aren't we talking about this or that now' – just point to the calendar and say that's a May topic or November topic or whatever."
    
4. "Give the audit committee a 'directed reading memo' with each disclosure document. It should cover what requires the company to file this particular document, changes to regulations since the last filing, changes to the company's circumstances or approach to disclosure of an item since last filing, etc.
   
   It need not be long but it should be enough to aid navigation and foster an understanding of the filing, address anticipated questions, make audit committee members comfortable that they know the 'why's and wherefore's' of content and changes.
   
   A directed reading memo helps directors answer honestly if asked – did you read and understand [fill in the blank]. They can say that they received the materials with enough time to read and consider, the memo highlighted sections for them to focus on, they read the memo, they read the document, they understood both – and were able to formulate and ask relevant and more probing questions. It's really about continuing to educate them on the intersection of regulations and the company's business. Can't do those separately."
   
   5. "Over the years, I got comfortable with Audit Committee Financial Expert. At first, some companies thought all audit committee members must be ACFEs – and pushed the boundaries of the standards. Then, they came to realize that it was not such a good idea and that ACFEs might actually be in a bad place if ever challenged about their 'expertise' and they reverted to the lesser designations."
   
   6. "The audit committee covers a lot of ground. One of best audit committee members I worked with was a doctor in charge of processes and procedures for huge medical center – identifying transmittable diseases, preventing transmission, etc. – and therefore all about controls and human foibles."