Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.


Status message

Start your free, no obligation 5-day trial to continue exploring with full access.

How Audit Committees Really Think About Risk

Matt Kelly | October 19, 2015

Several weeks ago the latest Compliance Week executive roundtable debated how to move from siloed exercises in compliance to a broader program of enterprise risk management. So we spent lots of time talking about risk, and who at the company bears ultimately responsibility for overseeing risk management, which of course is the audit committee.

Finally someone asked: “Do you know how much your audit committee is supposed to worry about risk? Has anyone actually pulled up your audit committee charter and counted how many times the word ‘risk’ appears?”

That struck me as an excellent question. So I pulled up a bunch of audit committee charters and started counting.

The conclusion: most audit committee charters don’t mention risk very much, and some don’t mention it at all. And if you are looking for rules on setting risk tolerances—you...

Read this single article for $49, or click the subscribe button below to review subscription options.

Enjoy unlimited access to thousands of articles, browse five years of digital magazines, qualify for reduced admission to events, and more.