Rethinking the Audit Committee; 9 areas for consideration

08 September 2020

Rethinking the Audit Committee; 9 areas for consideration

The impact of the coronavirus pandemic on the UK and global economies has been severe and has led to significant changes in demand across all economic sectors. The speed and strength of UK and global economic recovery will depend in large part on the success of public health measures and economic policies.

It is likely that all businesses will be affected in some way. Studies from the last recession suggest that companies that are proactive can gain a lasting competitive advantage. It is more important than ever for Audit Committees to be seeking assurance over their organisation’s business impact assessments and the response plans for the short, medium and long term.

When it comes to the role of the Audit Committee in seeking assurance over the organisation’s management of the crisis, now is time to rethink the questions they are asking and what information they need.

Many organisations will follow a staged process to manage a crisis. Our own BDO Rethink Model is based on React; Resilience; and Realise.

We have highlighted nine key areas that Audit Committees should be questioning and seeking assurance over. We look at:

  1. Cyber Security - cyber criminals are quick to exploit opportunities to make fraudulent gains. COVID-19 is no different and ‘phishing’ campaigns were soon up and running hoping to trick unsuspecting employees
  2. Financial Fraud - as a result of social distancing and the increased levels of remote working the usual controls, policies, systems and processes often take second place. Fraudsters only need one instance of a control failure to succeed
  3. Regulatory Compliance - in the current climate, some regulators may be relaxing reporting requirements and deadlines but have not changed the expectation of good governance
  4. Data Privacy - as a result of the pandemic, data privacy has been catapulted back into the limelight. Organisations have been forced to process personal information in different ways than they would have done so previously
  5. Performance and Reporting - monitoring, measuring and reporting on the financial and operational health of the organisation will be crucial during the crisis
  6. Scenario Planning - it is vital to have a clear plan for a number of potential scenarios to assist in decision making and to ensure sufficient cash headroom
  7. Focus of Internal Audit -  Some Internal Audit functions have moved to ‘dynamic’ audit planning in the short term, whereby plans are reassessed quarterly or every six months to reflect the rapidly changing risk environment
  8. Supply Chain and Contract Management - the inter-connectedness across the value chain has highlighted the fragility of the supply chain and limitations of existing models. It has also demonstrated how supplier shortfalls are closely linked to the promises organisations have made on the customers/client side
  9. Managing Change – the focus to date has been primarily based on reacting to the challenge confronting all of us and there has clearly been a great ‘crisis’ response from so many people and organisations in establishing effective interim activities and operations.

Download the full publication 

For further information

visit our Rethink hub