audit-committe-issues-conference-highlights-2011

Choon

Le téléchargement nécessite un accès à la bibliothèque YouScribe
Tout savoir sur nos offres

12 pages

English

Le téléchargement nécessite un accès à la bibliothèque YouScribe
Tout savoir sur nos offres

A propos
Informations
Extrait

Description

Informations

Publié par	Choon
Nombre de lectures	11
Langue	English

Extrait

AUDIT COMMITTEE INSTITUTE
Highlights from the
7th Annual Audit Committee
Issues Conference
Planning the 2011 Agenda
Miami, FL
Scottsdale, AZ
auditcommitteeinstitute.com© 2011 KPMG LLP , a Delaware limited liability partnership and the U.S. member firm of the KPMG network of independent member firms affiliated with KPMG
International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in the U.S.A. The KPMG name, logo and “cutting through complexity”
are registered trademarks or trademarks of KPMG International. 23660NSSAbout the Audit Committee
Issues Conference
Now in its seventh year, the Annual Audit
Committee Issues Conference brings together
audit committee members from around the
country to discuss the challenges, practices,
and priorities shaping audit committee and
board agendas. Designed exclusively for audit
committee members, the conference is hosted
by KPMG’s Audit Committee Institute (ACI),
and cosponsored by the National Association
of Corporate Directors, the University of Miami
School of Business Administration, and Weil
Gotshal & Manges LLP .
For more information about the conference,
visit auditcommitteeinstitute.com, or contact
KPMG’s ACI at 1-877-KPMG-ACI (576-4224).
© 2011 KPMG LLP , a Delaware limited liability partnership and the U.S. member firm of the KPMG network of independent member firms affiliated with KPMG
International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in the U.S.A. The KPMG name, logo and “cutting through complexity”
are registered trademarks or trademarks of KPMG International. 23660NSS1 | Highlights from the 7th Annual Audit Committee Issues Conference
It should come as no surprise to find risk management
at the top of the audit committee agenda in 2011:
Events and developments of the past 18 months—
business crises, product recalls, WikiLeaks, mounting
public debt, geopolitical unrest, and more—point
to the ongoing challenges that companies face
in managing risk globally in a complex, volatile
environment. Among the other “top concerns”
for audit committees in the year ahead: financial
communications/disclosures and new accounting
standards, legal and regulatory compliance,
uncertainties posed by the economy and government
regulation, IT risk and emerging technologies, and
leadership/culture/tone at the top.
Based on the dialogue and polling at Key Risks Shaping Audit
our 7th Annual Audit Committee Issues Committee Agendas in 2011Top Concerns for 2011 Conference, this line-up of issues—with
In addition to financial reporting and risk, compliance, and financial reporting
What issues will pose the greatest related internal control risks, a number integrity front-and-center—is not only
concern for your audit committee of new or emerging risks will be front-shaping what is on audit committee
in 2011? and-center for audit committees in the agendas, but how those agendas are
months ahead, and much of the Issues being carried out: “Crossing the T’s and 1. Risk management and crisis
Conference dialogue focused on how dotting the I’s is necessary – but it’s not response
audit committees will be dealing with a substitute for truly understanding the
2. Financial communications/ these risks.business and its risks. ” “The risk culture
disclosures and new accounting of the organization trumps everything— Emerging Issues in IT Risk and standards/convergence*
including process. ” “Are dissenting views Governance
being heard?”3. Legal/regulatory compliance Cloud Computing
From linking strategy and risk—and 4. Uncertainty: economy and As the demands on business IT
tying it to the board’s self-evaluation—government regulation infrastructures have increased
to defining their information needs, dramatically in recent years—with 5. Leadership/culture/tone at challenging management, and ensuring companies generating huge amounts of the top the company is ready to respond data, sharing it among multiple users,
to a crisis, leading boards and audit 6. IT/emerging technologies and transmitting it across the globe—
committees are focused squarely on (cloud computing) more and more companies are turning to
raising their game. “The best boards, ” cloud computing and similar technologies 7. Audit committee effectiveness noted one speaker, “have moved from (such as mobile computing and the (composition/self-evaluation) governance to leadership”—and audit use of “virtual” hardware platforms,
committees, often viewed as a board 8. Globalization (off-shoring and operating systems, storage devices, and
within a board, are playing a pivotal role.supply chain) network resources), to meet these IT
demands in a cost-effective and scalable In the following pages, we highlight key * Reflects combined votes for “Financial
way. One panel member cited recent communications/disclosures” and “new issues and practices that are shaping
accounting standards/convergence,” which surveys indicating that nearly two-audit committee agendas in 2011, as
are closely related but were offered as two thirds of business executives say their discussed by 120 audit committee possible survey responses.
companies are using cloud computing members and business leaders attending
now or have plans to do so within the this year’s “Issues Conference. ”
next 24 months.
© 2011 KPMG LLP , a Delaware limited liability partnership and the U.S. member firm of the KPMG network of independent member firms affiliated with KPMG
International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in the U.S.A. The KPMG name, logo and “cutting through complexity”
are registered trademarks or trademarks of KPMG International. 23660NSSPlanning the 2011 Agenda | 2
At the same time, of course, cloud While only 19 percent of audit committee
computing poses significant regulatory members said their audit committee Cloud Computing
and operational risks—including critical receives briefings on the company’s Does your board or audit committee
data security risks—as companies plans to use the cloud, panel members receive briefings on the company’s
transfer their data to third-parties suggested that audit committee plans to use cloud computing?
for storage, processing, or support. members may want to probe more
Protecting intellectual property and deeply about the company’s cloud 19%
safeguarding employee, customer, computing plans as well as its overall
Yesand third party information is a critical “data policy”:
challenge for every company.
• “What information will be stored in the
64%As panelists emphasized, however, cloud? Where?”
another important and often overlooked No• “Who owns the data and applications?
risk for many companies is the risk that
Who can access, delete, or change the
individual business units or departments
data?” 17%may move to the cloud without an overall
company-wide cloud adoption strategy. Panelists offered a number of No plans to use cloud
Because of the ease of purchasing cloud “takeaways” for audit committee
IT services, company executives may opt members:
to purchase services directly through the
• Do we have a clearly articulated cloud
cloud rather than obtain those services
adoption strategy—including a road
(e.g., sales force support and HR
map and timeline for cloud adoption?
applications) through the company’s IT
organization, particularly when it means • Are the company’s policies and
additional delay or expense. procedures “cloud ready” prior to
adopting cloud solutions?
• “You may lose control of your supply
chain of IT providers. ” • Are the CIO and CRO involved in
selecting cloud service providers?
• “Who is managing the company’s
cloud adoption strategy? What is the • Do we have an information security
role of the CIO?” governance policy?
© 2011 KPMG LLP , a Delaware limited liability partnership and the U.S. member firm of the KPMG network of independent member firms affiliated with KPMG
International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in the U.S.A. The KPMG name, logo and “cutting through complexity”
are registered trademarks or trademarks of KPMG International. 23660NSS3 | Highlights from the 7th Annual Audit Committee Issues Conference
WikiLeaks
In light of the WikiLeaks issue,
which of the following pose the
greatest concern for your company
regarding employee access to
sensitive information? (select two)
62%
Employee with access may
unintentionally expose sensitive
information
56%
Company’s crisis response plan may
be inadequate
48% • “Take a look at your policies regarding • Have we classified information
Access not effectively limited to employee access to information and according to its sensitivity and
employees with a “need to know” criticality to the business? the use of social media. And make
sure you have a crisis response plan. ”
• Is internal audit focused on key cloud-
34% • “Information can go viral in an instant. related risks?
To protect your brand, it’s critical to Employee with access may • Do we meet regularly with the CIO— have a communications plan ready to intentionally expose sensitive and are these discussions in business take off the shelf.”information conte