Blogs

"COVID-19: Audit committee considerations in uncertain times" from the EY Center of Board Matters is a must-read for audit and risk committees as well as financial reporting, risk, compliance and internal audit management to ensure that all reasonably foreseeable potential impacts of COVID-19 on the company's accounting, financial reporting, and risk management processes are at least considered as applied to the company's circumstances. Aside from the sobering (but realistic) extensive list of accounting and financial reporting (and associated disclosure) considerations, the reader-friendly briefing includes these (among others) risk management and financial reporting/internal control process considerations, which may apply to all types of companies:

• Determine whether additional company personnel should be added to the disclosure controls and procedures process.
• Consider the efficacy of remote controls and whether there have been changes or overrides of existing controls to accomplish the financial close and reporting process.
• Assess whether IS measures have been reviewed to be responsive to the changing business environment. Inquire about stakeholder education efforts related to increased phishing emails and messages with a COVID-19 theme.
• Determine if appropriate precautions are being taken relating to the security of directors’ and executive management’s personal IT networks.
• Consider whether the governance over the company’s ERM program at the board or committee level should be changed and whether the timing, frequency and extent of the communications of the audit committee’s overall updates to the board should also be adjusted.
• Have there been any meaningful changes to key policies governing ICFR or DC&P to address the changing operating environment?
• Have there been any meaningful changes to the company’s key policies, any material exceptions granted or any unusual allowances to any compliance provisions? If so, what were they?
• What is the appropriate cadence and frequency of risk reporting and financial reporting to the audit committee that would enable effective oversight and decision-making?