Why have an audit committee?
For entities that are considering whether to have an audit committee, the real question is often about what will provide the best assurance to the entity? Does the entity have the right balance of assurance, monitoring, evaluation, and other mechanisms to know that it is currently performing well and that it is not missing risks and opportunities? Audit committees are not the solution to every problem or provide total assurance, but they can add value.
What potential value can audit committees add?
An audit committee can be a powerful advisory group to help the entity manage its risk. By applying external, independent perspectives to the risks, issues, and challenges facing an entity, the committee can help the entity to manage the variability of its delivery of outputs, impacts, and outcomes.
Ultimately, an audit committee must be fit for purpose. If it exists only for compliance purposes, rather than because it adds value to the organisation’s assurance picture, then it should not exist.
We have said before that:
Audit committees have a valuable contribution to make in improving the governance, and so the performance and accountability, of public entities. They can play an important role in examining an organisation’s policies, processes, systems, and controls. An effective audit committee shows that an organisation is committed to a culture of openness and continuous improvement.
An audit committee does not displace or change proper accountability arrangements. Accountability for good governance rests with the public entity’s governing body …
Effective audit committees can provide objective advice and insights into the public entity’s strategic and organisational risk management framework. In doing so, they can identify potential improvements to governance, risk management, and control practices.1
The groups of advisers who give advice, test, and challenge the highest level of governance go by many names (such as, audit, risk, or assurance committees or advisory groups). For the purpose of these resources, we call these groups “audit committees”.
Because of our role in carrying out public sector audits, we interact with audit committees. We see that they share challenges that come from their public sector context. Organisational governance settings can also pose more specific opportunities and challenges. This resource is designed to help those that have chosen to have an audit committee, make the most of it. We suggest you start with the principles we have found that work.
Choosing when to have, consult, and use an audit committee
Our work with people involved in audit committees shows that no single structure, arrangement, or practice works all the time or in every case. We think this is because many of the practises of governance and risk management are about people, their relationships, expectations of each other, and of how they are involved with an entity and its context.
Discussing issues and ideas about solutions can help an entity or board choose the circumstances in which audit committees can add value. This kind of sharing raises awareness and motivates action more than a prescriptive approach to determine when an audit committee is the right choice.
We also find that, generally, common sense works. Common sense is the action of need, not compliance. Audit committees are a way to help focus on common sense and give governance test and challenge to the organisation. If an entity chooses to have an audit committee, it needs to be fit for purpose. Audit committees created solely for compliance reasons are unlikely to be effective and add value to the entity.
1: Office of the Auditor-General (2008), Audit committees in the public sector, Wellington, page 2.