The latest enterprise risk management news from around the world

‘Business disruption,’ one of today’s most discussed topics in corporate circles, is now dramatically influencing the practice of audit, with serious impacts on the governance and oversight duties of audit committees. That is a key conclusion of ‘Audit Trends 2016: Targeting transformation’, a newly released report by KPMG in Canada, that chronicles the rise of new risks, from technology and political volatility to intensified corporate and regulatory reporting highlighting the urgency for audit committees to prepare.

“Disruption is often associated with the way technology, business and market forces create external threats or opportunities for companies, driving them to rethink how to serve customers or fend off new competitors,” notes Kristy Carscallen, Canadian Managing Partner, Audit, KPMG. “However KPMG’s report shows how disruptive trends are also impacting the mission critical internal audit function, which is ultimately responsible for evaluating business performance and spotting potential risks on the horizon.”

Four trends putting pressure on corporate audit

The KPMG report highlights four major disruptive trends in business that are multiplying the pressure upon audit committees to elevate the breadth, depth and speed of their oversight activities.

  • Technology risk: from the danger of cyber attacks on corporate networks to data protection by third party suppliers, audit committees should understand these complex risks and learn to evaluate both their organization’s potential liabilities and the adequacy of security controls. Audit committees should also be adept at evaluating business transformation programs and recognizing business model risk due to new disruptive technologies.
  • Political and economic risk: audit committees should pay closer attention to external risks, such as oil and other commodity prices, geopolitical conflict, and the rise and fall of emerging markets, to recognize the direct or indirect impacts on their organization’s strategy and performance.
  • Evolving corporate reporting: as shareholder and regulator expectations rise for more transparent and comprehensive reporting, including integrated and strategic reporting of non-financial information, audit committees should expand their disclosure capability. They should be able to provide more specialized information and performance metrics, and thoroughly understand the underlying data collection processes.
  • More complex domestic and global regulations: in addition to new national regulations introduced by Canadian supervisory bodies in recent years, audit committees should keep abreast of emerging global regulatory trends that could be enacted in Canada or shape the domestic operating environment in future.

“While these trends have an impact on organizations in most industries, they pose an even greater challenge for companies in survival-focused industries, such as oil and gas as well as mining firms, that are already grappling with large-scale disruption on their economic and fiscal models,” observes John Gordon, Canadian Managing Partner, Quality and Risk Management, KPMG. “These companies are often narrowly focused on immediate issues such as bank debt, capital management and cost reduction initiatives and should expand their stress testing programs and risk scenarios to consider additional disruptive risks that could sneak up on their organization.”

Audit committees can transform themselves to manage the disruption

The KPMG report notes that, despite the vast scope of challenges that are transforming the mandate of audit committees, they can apply a number of best practices to help ensure they are considering the full range of existing and emerging issues and that they have the right level of technical knowledge and experience to navigate the disruptive forces. For example, organizations can increase the depth and frequency of their risk framework reviews and testing, and strengthen their internal talent and third-party expertise to gain the skills and experience to manage the unfolding issues.

Read the report (PDF).

Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.