What Really Matters For Audit Committee Member Actions – Considering Updating & Publishing My Audit Committee Guide

I have been considering updating and publishing again my audit committee guide. The most recent publication was as a new chapter to the 2007 California Continuing Education of the Bar publication Advising and Defending Corporate Directors and Officers, which was an excellent publication with 17 chapters on the various topics. Unfortunately for whatever reason the sales were not sufficient and CEB later discontinued the publication. I have attached a copy of my initial 2007 chapter HERE.

A lot has changed from 2007 to now. And the materials that I cover in my blog have also changed considerably. But as I have been considering a possible update and the table of contents it strikes me how much of the material consists of lists of qualifications, issues and topic areas that an audit committee and its member are required to consider. And the list is growing as we speak. Considerable detail is being added as to how an audit committee member should evaluate the sufficiency of the external auditor – in other words, a deliberate evaluation where perhaps before in many cases there might not have been any significant evaluation. This will also change how the external auditor goes about performing the audit, the value that the external auditor might provide to helping the audit committee member perform his or her oversight duties, and somewhat the relationship between the audit committee members and the external auditor. On the whole I believe the change is good. But I have also written for some time that I have concern about the long list of issues and topic areas that an audit committee member is required to consider, and that all audit committee members really do need to understand what their duties are, including what is in the audit committee charter (e.g., if the charter says “risk management” that description is simply too broad – risk management of what?).

It strikes me, however, that at the end of the day, the performance of an audit committee member’s oversight responsibilities requires:

Audit committee member understanding and competency;

Agenda;

Timely and active diligence;

Putting in the time;

Reasonable reliance on competent other people (the CEO, the CFO, internal audit if there is one, the external auditor, culture, reputation and tone at the top, the accounting and financial reporting functions and professionals, legal counsel and others);

Sufficiency of information;

Deliberative decision making; and

Anticipation and thinking ahead.

In other words, we are primarily talking about the business judgment rule.

I’m not sure that I will put in the time to update the audit committee guide. If I had a crystal ball that decision would be easy – if the guide will be read and used by enough people, or if I could find a law firm that is interested in these topics, then it is worthwhile. If I do the update, most likely I will post the updated materials in blog posts and then add to the materials as they progress. That will get the materials out considerably earlier. I doubt that I will use a publisher – in addition to many published articles I have previously formally published two audit committee related materials. The process takes longer than I prefer. And, on my blog the materials also will be free and available to everyone.

Those are my thoughts this July 3, 2015, morning. More to follow on this.

Dave Tate, Esq. (San Francisco / California)

New Audit Committee Standard of Care – External Auditor Assessment Tool From NACD, NYSE Governance Services, Center for Audit Quality, and Others

Several influential organizations have issued External Auditor Assessment Tool, A Reference for Audit Committees Worldwide. Here is a link to a PDF of the Tool auditor_assessment_tool_worldwide.

The tool is presented by the NACD, NYSE Governance Services, the Center for Audit Quality, the Independent Directors Council, the Association of Audit Committee Members, and Tapestry Networks. And that is why, i.e., because of the stature of the presenting organizations, this document has or will present a standard of care, i.e., a standard in the relevant community, for audit committees on the topics that the tool covers.

Every audit committee member of a public company needs to read, digest and understand this document (it’s not very long – basically 10 pages in length and large type font). On its face the document provides sample questions and issues for audit committees to discuss and consider when assessing their organization’s external auditor. But the document provides more – as you analyze the questions and issues, they present sample questions and issues that the external auditor needs to have satisfied and that the audit committee needs to oversee.

Consider for example the following sample questions:

1. Did the lead audit partner discuss the audit plan and how it addressed company/sector-specific areas of accounting and audit risk (including fraud risk) with the audit committee?  Well . . . did this occur and in what detail?

2.  During the audit, did the auditor meet the agreed-upon performance criteria as reflected in the engagement letter and audit plan?  So . . . did the audit satisfy for example the applicable Statements on Auditing Standards?

3.  In private sessions, did the auditor discuss sensitive issues candidly and professionally?

4.  Did the auditor adequately discuss the quality of the company’s financial reporting, including the reasonableness of accounting estimates and Judgments?

5.  Were there any significant differences in views between management and the auditor?

6. Is the external auditor responsive and communicative (e.g., by soliciting input relative to business risks or issues that might impact the audit plan, identifying and resolving issues in a timely fashion, and adapting to changing risks quickly)?

7. Does the external auditor proactively identify opportunities and risks (e.g., by anticipating and providing insights and approaches for potential business issues, bringing appropriate expertise to bear, and by identifying meaningful alternatives and discussing their impacts)?

And the suggested questions and issues continue.

Although many of these suggested questions and issues already are covered in various Statements on Auditing Standards, how often do you hear Statements on Auditing Standards discussed in the context of audit committee responsibilities? They have been in my published materials for years (including for example, many audit committee guideline and evaluation discussion papers; Audit Committee Functions and Responsibilities, Chapter 5A for the California Continuing Education of the Bar publication, Advising and Defending Corporate Directors and Officers (October 2007); and Accounting and Its Legal Implications, A Guide for Managers, Business Owners, and Entrepreneurs (Irwin Professional Publishing, Business One 1994).

This audit committee assessment tool, presented by high-stature organizations, puts the spotlight on the topics that the document discusses.  Some people will think this is good, and some will think it is bad. Some people will believe that the document goes too far, and other people will identify the many questions and issues that it does not cover. Nevertheless, most of these questions and issues have already existed for years.

Dave Tate, Esq. (San Francisco/California), http://directorofficernews.com

California Nonprofit Board and Director Standards of Care

This blog post includes a video about California nonprofit board and director standards of care including discussions about the business judgment rule, the Nonprofit Integrity Act, risk management, audit committees, and board and committee self-evaluation. Below the video you will also find a link to my paper discussing those topics in detail. Please pass this blog post to everyone who would be interested in these materials. Thank you. Dave Tate, Esq. (San Francisco and California).

Click on the following link for the paper discussing California nonprofit board and director standards of care, Nonprofit Board and Director Standard of Care David Tate Esq 05252015

Audit Committee Self-Evaluation Form For Your Use

Audit committee self-evaluation form for your use, click on the following: Audit Committee Self-Evaluation Form David Tate Esq 10302014
Dave Tate, Esq. (San Francisco/California)

Lessons Learned from the Transition to COSO 2013

Protiviti has shared with us a useful Top 10 Lessons Learned from Implementing COSO 2013. I especially like this section: It is presumed that everyone understands that a top-down, risk-based approa…

Click on the following for the discussion: normanmarks.wordpress.com

A good COSO 2013 discussion from Norman and Protiviti.

Dave Tate, Esq. (San Francisco/California)

My other blog: trust, estate, conservatorship and elder abuse litigation, http://californiaestatetrust.com

Addressing Cybersecurity Oversight in Audit Committee Charters | JD Supra

Cybersecurity continues to emerge as a key risk that is attracting the attention of regulators and boards of directors. Companies take different approaches regarding how the board…

Click on the following link for the discussion: www.jdsupra.com

Click on the link, which contains a short JD Supra update from Wilmer Hale discussing KPMG’s 2015 Global Audit Committee Survey. The survey is long and contains useful information (over 80 pages). I am making this post because of the discussion about audit committees being given responsibility for cybersecurity oversight. That’s fine, but I suggest that the overall board still must be actively involved in this oversight, you need to be sure that the audit committee members are qualified and have the time to take on this area of oversight, and the audit committee members and other stakeholders should have a good understanding about just what the oversight involves and how the committee should go about that oversight.

As we all know, cybersecurity is an important area of oversight that can significantly effect all businesses. Enjoy.

Dave Tate, Esq. (San Francisco/California)

My other blog: trust, estate, conservatorship and elder abuse litigation, http://californiaestatetrust.com

SSARSs Clarity Project

The standard eliminates the need for the accountant to determine whether they?ve prepared financial statements by drawing a clear line between preparation and compilation.

Click on the following for the article: www.cpa2biz.com

Why is this important?  Well . . . if you are an accountant who performs review and compilation services, it should be important to you. And if you are someone who depends on information and representations provided in reviews or compilations, it should be important to you, if you care to know whether a compilation or review provides you with any useful information. Speaking of the subject, I never hear anyone discussing whether a quarterly review for a public company provides any useful information. I believe that at least in theory they do, but, if not, then why continue with the expense?  Dave Tate, Esq. (San Francisco)

My other blog: trust, estate, conservatorship and elder abuse litigation and administrations, http://californiaestatetrust.com