CORPORATE GOVERNANCE

CORPORATE GOVERNANCE

What is corporate governance
Corporate governance (CG) concerns the way the company is operated and directed. It encompasses the following aspects: * Operations of the Board & Audit Committee
                              * Overal control & risk mgt framework

CG has become increasingly important to all organizations in particular those with stock exchange listing. Eg in the UK those co are subject to the requirement of Turnbull, Cadbury & the Combined Code.

Turnbull: a co must have an ongoing process for identifying & evaluating and managing key risks of the co and it is regularly reviewed by the Board according to its guidance( at least once annually). Breach of these requirements can not only lead to a qualification of the annual a/c but also damage to reputation.

Requirements of Corporate Governance
The key requirements that should be met are:

1. Evaluate risks within the org.

The key risks within the org needs to be identified, measured and reported. Eg identify the top 20 risks, which are then fully coordinated by the Board & Audit Committee.

1. Consider the nature & extend of the risks regarded as acceptable. A clear understanding is needed regarding the risk appetite(ie risk averse, risk neutral & risk seeker)

1. The threat of such risk realizing, assessing both the impact & likelihood

1. The ability to reduce incidence & impact if risks arise. This includes a review of the contingency arrangements in place.

1. Cost & benefits relating to operating the relevant controls should be considered

1. CG concerns the culture of the co, not only from its risk appetite but also from the risk awareness & understanding. The Board & Audit Committee need to set the tone & appropriate support needs to be in place (training, policy & procedures)

1. Regular reporting to demonstrate that risks are being managed on an ongoing basis.

Role of Internal Audit (IA) in achieving Corporate Governance compliance

According to Turnbull: ‘ An objective & resourced IA function should be in a position to provide the Board with much assurance regarding the effectiveness of the system of internal control.

IA main role is normally to evaluate risk & monitor the effectiveness of the system of IC. Turnbull set out the requirements of an org. & these have key bearing on how IA should operate.
The role of IA will depend on the nature & type of the org. and what other risk type functions are in existence within the co.

Key steps in Internal Audit will be to:

1. Review co’s measures to achieve corporate governance


2. Ensure that IA operations is consistent with the major risks facing the organization


3. Produce an analysis & opinion of the effectiveness of controls, including regular info to the Board and Audit Committee

Role of the Audit Committee in demonstrating CG

The role & importance of the Audit Committee have increased as the CG requirements have increased. The Audit Committee must have at least 3 non-executive directors.
The Audit Committee should:

1. Assess the framework for CG within the co including risk policies & measures taken to achieve requirements


2. Review top 20 risks established, including likelihood and impact


3. Require regular reporting from Internal & external audit & any other review body showing how the risks are being managed0


4. Receive & review IA assignments and follow up info


5. Discuss & consider any concerns of directors and IA


6. Review annual f/s & the result of the external auditor’s examination to ensure that the auditors have performed an effective, efficient & independent audit


7. Receive & deal with external audit criticisms of mgt & ensure that recommendations for IA & EA have been implemented.

Types of regular reporting to the Audit Committee

• Listing of current major risks & up to date assessment if impact and likelihood


• Reports on control of risk including how they are being managed


• Details of issues/concerns that have arisen recently


• Audit reports issued & impact on CG


• Info & follow up on outstanding risks & findings from reports