CONTACT US
Creation of additional committees such as risk and technology can spread tasks more evenly and enable more effective risk management.

Risks Confronting Boards 2016 - Audit Committee Most Significant Risk

Download

To get a better breakdown of the risks boards are faced with, we asked directors an open-ended question about what the committee feels is the most significant risk under its responsibilities. For directors on audit committees at public and private organizations, financial statement accuracy is the most significant risk, while financial risk is the most cited risk for not-for-profit audit committee members. Directors on private boards' audit committees also identified cybersecurity, while not-for-profit directors included internal controls.

Audit Committee Most Significant Risk

To further explore board committee's top-of-mind risks, we asked how directors felt about the oversight and management of each committee's most significant risk.

Across all three board types – public, private and not-for-profit – we see satisfactory results (59%, 55% and 52% respectively) indicating that the audit committee is providing adequate oversight of its most significant risk.

However, when asked whether management is adequately addressing this risk, the results were less favorable – 40% public, 34% private and 36% not-for-profit.

How do you feel about the oversight and management of each committee's most significant risk?

Generally, when asked if management was adequately addressing the risks of each committee, the executives yield lower percentages (in some cases as much 20%+) than the board/committee providing adequate oversight.

Another interesting result is driven by the members of the risk committee. This committee, along with strategy, shows less confidence in itself than other committees. Boards are charged with providing the organization with strategic planning, which also includes managing risk.

A growing trend within boardrooms is audit committees with too many responsibilities to effectively manage and oversee. With the creation of additional committees (risk, technology, strategy, and others), some pressure can be alleviated from the audit committees to oversee and understand all the key issues and risks, provided that non-audit committee members (who have the skill set) are assigned to these committees. Having the numerous tasks and efforts spread more evenly through the different committees should enable more effective risk management.

ADDRESSING RISK

In last year's survey (2015), it became obvious as the results were analyzed that boards were concerned with a range of risks: What should be top-of-mind, and which risks could be most detrimental to the organization. However, it seemed there was little to no action in terms of addressing the key risks. This year, we delved into the issue directly. In an open-ended question, directors were queried about which risks garner the most board discussion, with the least management action.

Q: Which concerns garner the most discussion with the least amount of management action?

I serve on multiple boards and, in general, the management teams are very responsive
to the boards. However, I would say executive succession is one area where the CEOs move slowly, mostly because I operate in the small cap arena and there usually are not overlapping resources.

DIRECTOR
Private Board
2016 EisnerAmper Survey

Q: Which concerns garner the most discussion with the least amount of management action?

Key skills and succession planning.

DIRECTOR
Private Board
2016 EisnerAmper Survey

Labor, which is a long-term issue.

DIRECTOR
Private Board
2016 EisnerAmper Survey

Succession planning, cash flow and financial planning, and long-term capital development.

DIRECTOR
Not-for-Profit Board
2016 EisnerAmper Survey

Public

Public boards see senior management succession planning as the most discussed risk with the least amount of action from
management, followed closely by cybersecurity risk. Product risk is the third most popular response. Public board members cite these
3 risks more than private and not-for-profit boards combined.

Private

Directors from private boards showed greater variance. Their top responses included:

  • Cybersecurity
  • Senior management succession planning
  • Key skill deficits
  • Global economic conditions

Not-for-Profit

Not-for-profit directors commented most frequently around financial risk and fundraising issues, including long-term financial management.

Senior management succession planning follows financial risk in popularity, with prioritization/strategy rounding out the top 3 risk areas with no action.

Knowledge transfer is key. We recommend to our clients that they create an accounting manual as a best practice to help ease with senior management succession planning. Allow for cross-training; if someone is on vacation, create a plan for another staff member to fulfill his or her responsibilities. With respect to fundraising, concentrate on the return on investment. Special events can be costly; consider alternative methods that may generate better returns, such as online fundraising.

CANDICE METH, CPA
Partner, National Leader of Not-for-Profit Practice
EisnerAmper LLP

 In order to better address risk, what best practices would you like to see your board implement?

With such a variety of risks that public, private, and not-for-profit organizations have to combat, it can be a daunting task for boards and management to focus on and prioritize all of the potential issues that can and probably will arise. Throughout this year's survey results, it is clear that boards are concerned with how to prioritize and focus on the most important issues and risks while guiding a strategy that benefits the organization.

We polled directors on which best practices they wish to see their boards implement to better address their companies' risks. The results varied dramatically among the 3 company types surveyed: more than 70% of public boards want to see an integration of risk and strategy board discussions; 59% of private boards would like to see this change as well, and only 40% of not-for- profit boards would employ this best practice. There is not a one-size fits all solution nor a standard set of practices that boards must do in order to thrive. It is certainly whatever works best for the organization and shareholders, which can be radically different on not only an organization type level, but also on a case-by-case basis.

Board meetings would be more productive with open, candid brainstorming sessions that truly address the company's sacred cows.

NEAL GODT, CPA
Partner, Co-Head Firmwide Audit and Assurance Practice
EisnerAmper LLP

Public

As stated above, public boards would like to see an integration of risk and strategy during board discussions. Also of some interest is more frequent risk deep dives during board-management meetings.

Private

Private boards were also interested in an integration of risk and strategy during board discussions. More than public boards, scenario planning at the board level and board training on emerging risk areas garnered favorable results in private organizations. Overall, private boards seem to be more concerned with board-level involvement than public boards.

Not-for-Profit

Not-for-profit boards are focused on implementing more frequent risk deep dives during board- management meetings.

Strategy discussion without risk consideration is like a day without sunshine.

PETER BIBLE
Chief Risk Officer
EisnerAmper LLP


Concerns About Risks Confronting Boards - 2016 Survey Results

Have Questions or Comments?

If you have any questions about this media item, we'd like to hear your opinion. Please share your thoughts with us.

* Required