Risk Assessment and Oversight

Traditionally, audit committees have focused on understanding a company's financial reporting and the related risk management programs. Audit committees, today, have broadened their horizon to include an understanding of the broader risks affecting the company, as well as the company’s overall risk management program.

These risks may be related to the organization’s strategy, operations, and compliance with environmental, health, safety, legal, and regulatory requirements. Therefore, audit committees should develop a thorough understanding of the company's overall risk management processes across the enterprise.

There are a growing number of tools available for companies to use to support their management of enterprise risks, including risks associated with financial reporting; to assess the potential impact of risks and the degree of vulnerability; and to link risks to specific management areas and activities in the organization.

Does your Board have risk mitigation strategies for all risks to the business publicly identified by the company?

  • Yes

  • No

Dig Deeper