Overview
Effective audit committees can catalyse better governance in an entity. They help entities become more efficient, effective, and economical, and promote accountability, integrity and transparency. To be effective, audit committees require leadership's support and engagement, and need to provide meaningful and relevant oversight and advice. Without an effective audit committee, entities may face issues that erode their performance and public trust.
Tabled 8 September 2020.
Auditor-General’s foreword
In this report I draw a connection between effective audit committees and the success of an entity’s governance framework.
There are 92 audit committees for departments and statutory bodies in Queensland’s public sector. Effective audit committees can require a significant investment in time and resources from entities and committee members. Of the 74 audit committee chairs who responded to our survey, over 80 per cent said they spend up to five hours reading papers for meetings, that for most are held four times a year for at least two hours.
Good governance is critical to ensure an entity effectively manages its business operations, programs, projects, and risks. Unfortunately, some entities still do not embrace good governance and do not move beyond compliance, thereby not realising the value good governance can bring to an entity.
Recent project failures in both the public and private sectors have often been symptomatic of ineffective governance frameworks and practices, resulting in poor program and project management and delivery due to insufficient oversight of business risks and decisions. A number of my reports to parliament over the last three years have observed failures in programs and projects that have stemmed from poor governance within and across entities. This indicates that governance is an area requiring greater attention and improvement across the Queensland public sector.
My past reports covering topics such as the effectiveness of the State Penalties Enforcement Registry ICT reform, monitoring and managing ICT projects, the National Disability and Insurance Scheme, and digitising public hospitals each demonstrated how poor governance practices can lead to significant issues, unidentified risks, and overspend and/or misspend on government programs and projects. Common weaknesses in governance included, for example:
- inadequate oversight from governance committees
- failure to keep those charged with governance fully informed
- unclear roles and responsibilities for program and project delivery and accountability within and across entities.
Instances of poor governance can expose all public sector entities to risks including financial loss, reputational damage, and missed business opportunities.
For the reasons above, I propose to build on this report in the future by assessing the effectiveness of audit committees in the local government sector. I will continue to focus on key elements of governance frameworks, such as program and project governance, and undertake a review of board appointment and renewal processes.
Brendan Worrall
Auditor-General
In brief
Actions
This report covers the audit committees of departments and statutory bodies, but the insights can also be applied to government owned corporations.
In the departmental context, the audit committee is an advisory committee to the director‑general, who is the accountable officer. For statutory bodies, the audit committee is typically a sub‑committee of the board and, as such, reports to the statutory body board.
When we say chief executive officer (CEO) in this report, we are referring to both directors‑general of departments and chief executives of statutory bodies.
We have identified the following actions for the sector to consider.
Audit committees |
|
Review the language and responsibilities in the audit committee charter to clearly define the committee’s role, ensuring it is appropriate and specific to the entity. |
|
Remain informed of the entity’s core functions and systems, and the key risks and issues facing the entity. Use this knowledge to focus the committee’s attention throughout the year, and when developing the committee’s annual workplan. |
|
Review the committee’s performance annually and tailor the assessment to align with and measure its performance against the committee’s annual workplan. |
|
Audit committee chairs and chief executive officers |
|
Initiate and ensure regular, ongoing engagement with each other throughout the year outside of committee meetings, to discuss key risks, issues and other matters facing the entity. Discuss outcomes from committee meetings, particularly those not attended by the chief executive officer. |
|
Chief executive officers |
|
Demonstrate commitment to an entity’s audit committee. Where practicable, attend all meetings agreed with the audit committee chair as an observer. |
|
Support audit committee members to access appropriate training and other resources to ensure adequate knowledge of the role, and other subject matter areas relevant to committee discussions. |
|
Queensland Treasury |
|
Mandate that all members of audit committees for Queensland state government entities, must be independent of management and not an employee of the entity or another Queensland state government entity. |
|
Coordinate with the Department of the Premier and Cabinet to actively promote the use of its Queensland Register of Nominees to prospective audit committee candidates, and to entities looking for new members. |
|
Support regional audit committees with clear guidance about how they can source suitable candidates and use technology to attract or connect with nominees. |
|
Support audit committees and entities to access appropriate training and guidance materials. |
|
Provide improved guidance to audit committees on how to effectively assess and improve their performance practices. |
1. Are leaders engaged?
The chief executive officer and statutory body board’s support and influence are the most important enablers of an effective audit committee. Without them, an audit committee loses relevance and becomes less effective, regardless of its skills and expertise.
Does your chief executive officer or statutory body board effectively engage with the audit committee?
Insight Audit committee chairs of all entities believe an engaged leader is critical to their audit committee’s effectiveness. A leader best demonstrates engagement by periodically attending audit committee meetings as an observer or guest. An entity’s leader should not be the chair or a member of the audit committee. |
Fast fact 74.5 per cent of audit committee chairs we surveyed reported executive management attend all audit committee meetings as observers, and 91.8 per cent reported that executive management attend at least half their committee meetings as observers. |
A chief executive officer is integral in setting the culture of an entity and influencing how its employees will engage with its audit committee. Audit committee chairs directly link the effectiveness of their committee to regular and open communication, and support from their entity’s leader.
If a chief executive officer does not engage with and support the committee, it is more difficult for the committee to influence the entity’s executive leadership team and decision-makers.
Audit committee chairs believe the best way a chief executive officer can show their support for an audit committee’s work is to periodically attend meetings and provide an update on the business from their unique perspective. Their attendance and presentation help audit committees focus on the entity’s most significant risks, developments, and major projects.
Audit committee chairs should regularly consult with, and report to, their chief executive officer to ensure the committee’s agenda, style and discussion are providing the level of assurance they need and expect.
Action for chief executive officers (CEO1)
Demonstrate commitment to an entity’s audit committee. Where practicable, attend all meetings agreed with the audit committee chair as an observer.
Demonstrate commitment to an entity’s audit committee. Where practicable, attend all meetings agreed with the audit committee chair as an observer.
The chief executive officer should attend as many meetings as practicable and provide a strategic update to the audit committee at least annually. The chief executive officer should meet with the audit committee chair regularly, but especially following those committee meetings where they do not attend.
Chief executive officers should not be the chairs or members of their audit committees.
Where possible, the audit committee chair and the chief executive officer should formalise their attendance in the audit committee charter to provide greater clarity and accountability for both parties.
Action for audit committee chairs and chief executive officers (ACC/CEO1)
Initiate and ensure regular, ongoing engagement with each other throughout the year outside of committee meetings, to discuss key risks, issues and other matters facing the entity. Discuss outcomes from committee meetings, particularly those not attended by the chief executive officer.
Initiate and ensure regular, ongoing engagement with each other throughout the year outside of committee meetings, to discuss key risks, issues and other matters facing the entity. Discuss outcomes from committee meetings, particularly those not attended by the chief executive officer.
Audit committee chairs and chief executive officers should establish systems to effectively engage with each other to discuss key risks or issues facing the entity, and outcomes of audit committee meetings. This may include:
- meeting before and/or after an audit committee meeting
- the secretariat providing the chief executive officer with the audit committee’s agenda before meetings
- the chair providing the chief executive officer with a one-page summary of key actions and meeting outcomes where they are unable to attend.
2. Does your audit committee understand its role?
Audit committees traditionally focused on overseeing entities’ internal control environments, financial reporting processes, risk management and their internal and external audit functions. However, as the business environment evolves, audit committees need to cover a diverse range of complex topics that require specialist knowledge. For example, the Queensland public sector is facing a range of emerging risks and issues including cyber security, complex large-scale infrastructure, and the implications of COVID-19.
Effective audit committees understand how best to use their time, experience, and available resources, including specialist support. This helps them to define their role and maximise their value to the entity.
Is your audit committee’s charter fit-for-purpose?
Insight Public sector entities should engage key stakeholders, including their entity’s leadership, to develop and document their committee’s roles and responsibilities. |
Fast facts All committee chairs believe their committee's agenda is consistent with the purpose and responsibilities outlined in their charter. Seventy-three out of the 74 we surveyed believe their committee’s agenda makes the best use of the committee’s time. Fifty-one reported that their audit committee expanded its scope of responsibilities in the last five years. |
An audit committee’s charter or terms of reference is a critical governance document that it should tailor to changes in the entity’s business environment.
Most of Queensland’s public sector entities are not tailoring their charter as much as they could. In more than 40 per cent of entities, the audit committee’s charter uses identical language to Queensland Treasury’s example in Appendix A of the audit committee guidelines. For example, requirements that the committee:
- satisfy itself that insurance arrangements are appropriate for the risk management framework
- ensure the entity adopts correct accounting policies
- approve the entity’s internal audit plan.
Rather than initially replicating the wording of Queensland Treasury’s guidelines, better practice would be for audit committees to tailor their charters to match the entity’s business environment so they can remain relevant and effective.
An audit committee’s charter should not include responsibility for approving entity policies, procedures or endorsing decisions made by the entity. Audit committees should instead provide oversight and seek assurance on a risk informed basis that appropriate controls, systems and processes are in place to support:
- an effective control environment
- informed risk management
- good quality financial reporting
- frameworks that promote compliance with legislative requirements.
The charter should define the role and responsibilities of the audit committee to inform:
- annual work plans
- agendas for meetings
- the committee’s reporting to those charged with governance
- assessment of the committee’s performance.
In not-for-profit public sector entities, the accountable body is responsible for the entity’s performance and reporting. The audit committee’s role is to provide assurance and advice to support the chief executive officer and statutory body board, to meet their statutory obligations with accuracy and integrity.
Action for all audit committees (AC1)
Review the language and responsibilities in the audit committee charter to clearly define the committee’s role, ensuring it is appropriate and specific to the entity.
Review the language and responsibilities in the audit committee charter to clearly define the committee’s role, ensuring it is appropriate and specific to the entity.
Committees should engage key stakeholders, including the entity’s leadership team, when writing their audit committee charter. The committee should ensure the charter clearly articulates its responsibility to support the chief executive officer and statutory body board.
While committees may refer to the example charter in Queensland Treasury’s guidelines, committees should tailor their charters so each fulfils its role in the specific context of their entity.
Committee chairs and members should scrutinise both the role and responsibilities of the committee and the language used in its committee charter to identify any unrealistic or unreasonable expectations for the committee.
Have you focused your committee’s role?
Fast facts Several audit committee chairs noted that oversight of entity compliance frameworks could be improved. We reviewed 21 entities, which all spent less than 15 minutes discussing legal compliance in a meeting. |
Audit committee chairs noted that their committees could provide more detailed oversight on the entity’s core corporate governance systems. Specifically, several mentioned their oversight of the entity’s compliance frameworks as an area for improvement. The Queensland Audit Office’s (QAO) directors and managers who attended the audit committees of 21 entities, reported that audit committees spent less than 15 minutes discussing legal compliance in a meeting. Audit committees should consider the nature of regulatory and other legislative requirements for their entities, to determine an appropriate amount of time to dedicate during meeting discussions.
Significant deficiencies in an entity’s corporate governance systems can have a pervasive impact on the entity’s integrity and accountability, which can affect the entity’s ability to achieve its objectives or improve other aspects of its business.
The maturity of financial reporting, risk management, governance and compliance systems will vary from one entity to another. This means the approach of an audit committee for one public sector entity may not work for all public sector entities.
Audit committees can focus on several areas. With limited time and resources, committees must focus energy on the right areas. To determine where it will spend its effort, an audit committee should have a clear view of the maturity and performance of the entity’s core corporate governance systems. This includes the entity’s:
- financial accounting processes, reporting and financial sustainability
- compliance frameworks
- governance structure, including financial delegations, adequate oversight, and reporting on significant projects or outsourced functions
- internal audit and other assurance providers, including external audit
- operational performance monitoring
- risk management, including fraud risk (if it is part of the audit committee’s scope).
Action for all audit committees (AC2)
Remain informed of the entity’s core functions and systems, and the key risks and issues facing the entity. Use this knowledge to focus the committee’s attention throughout the year, and when developing the committee’s annual workplan.
Remain informed of the entity’s core functions and systems, and the key risks and issues facing the entity. Use this knowledge to focus the committee’s attention throughout the year, and when developing the committee’s annual workplan.
Committee members should keep themselves updated on any changes to the entity’s structure or activities and be aware of key risks and issues it is facing. This knowledge should help to inform the development of its annual workplan. Taking this approach will help audit committees to focus their efforts on the areas where it is needed most. The audit committee may choose to collaborate with management and the internal audit team to develop its workplan.
Some common areas where committees may focus their attention include financial statement preparation and risk management. The committee can add value by ensuring the entity has appropriate frameworks and review processes in place to ensure these areas are effectively managed.
QAO has published some tools on its website that can assist entities and audit committees to perform their assessment in financial reporting and risk management:
Have you defined your role in overseeing the financial reporting process?
Audit committees play a significant role in overseeing financial reporting processes to provide assurance to the accountable body over the accuracy and integrity of an entity’s financial information and financial statements.
Effective audit committees are involved throughout the financial reporting process. If committees are only involved in reviewing the financial statements at the end of the process, they significantly reduce their ability to provide effective oversight and ensure a quality outcome.
Audit committees should start with reviewing the financial reporting project plan prepared by management and agreed with the auditors. This project plan should identify major processes, milestones and deliverables that the committee can factor into its own agenda-setting and work plan.
The audit committee should integrate the financial reporting plan into its own annual plan. In Appendix C we have included an example of an audit committee’s annual plan, which includes the audit committee overseeing the entity’s delivery of its financial statement project plan. This includes the audit committee’s review and approval of:
- pro forma financial statements
- key accounting position papers
- changes to key financial reporting systems and processes
- other significant project deliverables, such as valuations of property, plant and equipment.
The committee should also assess whether management has the required level of staff with necessary skills and qualifications.
Are you providing the right oversight for risk management?
Insight On a rotational basis, invite members of the entity’s management to present to the audit committee on the risks and audit issues they are responsible for. This helps the audit committee to hold management accountable for taking effective action. |
All 20 audit committees we reviewed with oversight of risk management discussed risk as a standing agenda item during committee meetings. However, to provide effective oversight, an audit committee needs to do more than acquit the information the entity provides in a risk register. We found significant variation between committees in how they discuss risk management.
An effective audit committee will discuss the sufficiency and effectiveness of the entity’s risk mitigations and conduct detailed reviews of significant and emerging risks. The Australian Securities Exchange's Corporate Governance Principles and Recommendations (4th Edition) February 2019 includes the following in its description of a risk committee’s role, whether it is a stand-alone committee or as part of a combined audit and risk committee:
- Monitor management’s performance against the entity’s risk management framework, including whether it is operating within the risk appetite set by the accountable body.
- Review any material incidents involving fraud or a break-down of the entity’s risk controls and the ‘lessons learned’.
- Assess reports from management on new and emerging sources of risk and the risk controls and mitigation measures that management has put in place to deal with those risks.
- Make recommendations to the chief executive officer and board in relation to the entity’s risk management framework.
The audit committee also needs to ensure risk management systems escalate all residual risks that sit outside the entity’s risk appetite to their chief executive officer and statutory body board.
Have you identified other areas for oversight?
An audit committee can spend a greater proportion of its time providing tailored or specialised oversight once it has comfort about the entity’s corporate governance systems.
Audit committee members and an entity’s leadership should consider how the committee can add the most value to the entity, by considering:
- the entity’s strategic objectives and core business
- significant projects and events
- the entity’s maturity, strengths and weaknesses
- the entity’s assurance map (shows sources of assurance for the entity’s governance, control environment, and risk mitigations)
- unidentified and unmitigated risks.
Audit committee members can better equip themselves for effective oversight and assurance in more specialised areas by getting additional training. Alternatively, audit committees can invite guests with specialist knowledge to attend meetings.
Are you maximising the value of your internal audit function?
Fast facts Seventy-two out of the 74 chairs we surveyed agreed that their audit committee has systems in place to ensure management addresses internal audit's findings and recommendations. |
Effective audit committees need to foster strong working relationships with the entity’s internal auditors. Internal audit gives the audit committee crucial insight into the entity by providing an objective and risk-based view on the entity’s internal control environment.
To maximise the value of an internal audit function, audit committees should have input into internal audit’s annual and strategic plans and support internal audit to effect positive change in an entity.
The audit committee’s roles and responsibilities regarding internal audit should include:
- reviewing the internal audit plan to ensure it aligns with the entity’s risks and provides adequate coverage
- assessing the independence of the internal audit function to ensure it is appropriate
- making recommendations to the chief executive officer (CEO) and board about the independence, adequacy of skills and resourcing for internal audit
- reviewing internal audit reports and recommendations and advising the board or CEO on significant findings
- assessing the sufficiency of management’s planned actions to address findings and recommendations
- monitoring management’s implementation of agreed actions.
The audit committee should also provide annual feedback to their CEO or board on the performance of the entity’s internal audit function. Assessments could include:
- suitability of the internal audit model for the entity. For example, whether the internal audit function could operate more efficiently and effectively if it were in-house, outsourced or a hybrid model (which may include outsourcing audits that require specialist knowledge)
- the quality and timeliness of internal audit’s work
- the appropriateness of their annual scope of work
- management’s engagement and responsiveness to internal audit.
3. Do you have the right members?
One in four audit committee chairs believe specific barriers prevent their members from making effective contributions to committee discussions. Figure 3A summarises the main barriers.
Entities can overcome these barriers by careful consideration of their committee’s membership and training needs. This includes managing any potential conflicts; recruiting members to suit the needs of the audit committee and the entity; and careful succession and rotation planning.
Entities should also invest in training for members with gaps in their skills or experience that may limit their contributions.
What is the right mix of independent and internal members?
Insight To guard against perceived conflicts, Queensland state government entities should not appoint individuals to the audit committee who are management, employed by the entity or employed by another Queensland state government entity. If their skills, experience or expertise need to be drawn on, they should be an invited guest. |
Fast facts 78.2 per cent of the departmental audit committees we reviewed are made up of at least half internal members. 62.5 per cent of committee charters require at least two independent members. Seventy-one out of 74 audit committee chairs, who responded to our survey, are not employed by the entity. |
Why should the committee have independent members?
The right independent members can help an entity identify gaps and weaknesses in its corporate governance systems and the collective skills of its internal management. Independent members also provide valuable and diverse experience of governance models from working with other government entities, the private sector, and industry, or sitting on boards. For Queensland state government entities, audit committee members should not only be independent of the entity, but should not be employees of other Queensland state government entities.
The chair of an audit committee should be independent of management and have the expertise to:
- provide advice and assurance to the chief executive officer and statutory body board from an objective and independent perspective
- address issues without preconceived ideas or bias and assist in encouraging objective debate on issues
- provide an insight into best practice procedures adopted in other entities.
An independent member of a Queensland state government audit committee is a member who is independent of management and is not an employee of the entity or another Queensland state government entity. In statutory bodies, an independent member of an audit committee may include members of the board. This is because members of the board are independent from management.
Several independent audit committee chairs also believe that at least one other member on the committee should be an independent external member.
Should the committee include internal members?
Audit committees are more effective where the members are independent of management because they are objective and have more diverse experience. This creates a better foundation for robust and incisive discussions and questions.
Departments often appoint deputy directors-general to the audit committees. This can blur the lines of accountability and transparency as the individual scrutinises their own activities, or that of their colleagues or chief executive officer. Further, in a government department, an audit committee may be the only committee in the entity that has independent experts as members.
Entities should assess whether a potential internal member could make the same contribution to the audit committee as a guest before adding them to their committee. If an entity’s chief executive officer or statutory body board feels strongly about including an internal member on their audit committee, they should manage the inherent risks this brings. This should include strictly enforcing requirements for members to declare interests at every meeting to mitigate the risk of actual or perceived conflicts or independence issues. Entities can also provide internal members with additional training about their roles and responsibilities or implement shorter tenures for internal members.
Audit committee chairs and chief executive officers have mixed views on whether internal management are effective audit committee members. Some believe that an internal member’s normal employment conflicts with their role as a committee member.
However, some believe that internal members contributed in ways that independent external members could not, by providing:
- on-the-ground insights
- traction with the executive management team to effect change in the entity.
Chief executive officers also noted that bringing internal members onto their audit committee provided second- and third-line benefits for the entity and the public sector by:
- increasing that employee’s skillset and future contribution to their entity
- expanding the pipeline of experienced audit committee members to broaden the pool in the Queensland state government.
For an effective audit committee, entities should focus on recruiting the right independent members and developing a culture of engagement and support amongst its employees. This would help committees provide objective oversight and better understand the business, without needing to recruit internal members to the committee.
Action for Queensland Treasury (QT1)
Mandate that all members of audit committees for Queensland state government entities must be independent of management and not an employee of the entity or another Queensland state government entity.
Mandate that all members of audit committees for Queensland state government entities must be independent of management and not an employee of the entity or another Queensland state government entity.
Queensland Treasury’s Audit Committee Guidelines: Improving Accountability and Performance should mandate that all members of audit committees for Queensland state government entities are independent of the entity’s management and are not employees of the entity or another Queensland state government entity. While this may be difficult for entities to achieve in the short-term, this should still be the ultimate goal for audit committee membership.
In statutory bodies, an independent member of an audit committee includes members of the board.
Are you recruiting the right members in the right way?
Queensland’s public sector entities need more robust and transparent recruitment of audit committee members to improve their accountability and outcomes.
Entities select committee members from a small pool of members that sit on multiple committees. This can reduce the quality and variety of members and perspectives on a committee.
Do you know what the committee needs?
An audit committee needs collective knowledge and understanding of the entity’s business and its industry, as well as expertise in areas including governance, risk management, financial reporting and public sector regulatory frameworks. It is equally important to ensure diversity when selecting members, including cognitive diversity to encourage different skillsets and ways of thinking. Audit committees should not only align the skills and experience of their members with the entity’s key risks and weaknesses but consider if it has sufficient diversity to ensure appropriate balance and scrutiny from members.
Figure 3B provides a summary of the process an entity may undertake to assess the needs of the entity and determine the current profile and skills lacking in its committee membership.
Queensland Audit Office.
Do you know how to attract the right members?
Fast facts A pool of 12 individuals served as a chair or member on 38 audit committees (or 41 per cent of all audit committees for departments and statutory bodies in the Queensland state government). Of the 38 committees, 14 had a chair and a member from this pool of 12 individuals. |
Very few audit committees use formal recruitment processes to find the best person for their committee. Instead, entity’s executive management teams identify and appoint new members based on existing relationships or word-of-mouth.
Audit committee chairs believe there are three common reasons why entities struggle to attract the right members:
- The remuneration is often not commensurate with the work and skills required.
- A lack of awareness exists about the positions amongst suitable candidates.
- Regional areas have thin markets for professional labour.
The Department of the Premier and Cabinet maintains a confidential register of people interested in serving on government boards, committees, and statutory authorities, called the Queensland Register of Nominees. The register is an online portal for public sector entities to search applicants when a position becomes available.
In our interviews, no audit committee chairs reported using the Queensland Register of Nominees to find new members for their audit committee. This is partly because, in Queensland, any resident can register regardless of their skills and experience.
Audit committee chairs also said they had more confidence adding a new member if an existing member of the committee, board or executive management referred them based on their previous experience with the person.
Very few audit committee chairs reported undertaking a formal recruitment process to find a new member. They found the process expensive and ineffective at attracting the right type of applicants.
Action for Queensland Treasury (QT2)
Coordinate with the Department of the Premier and Cabinet to actively promote the use of its Queensland Register of Nominees to prospective audit committee candidates, and to entities looking for new members.
Coordinate with the Department of the Premier and Cabinet to actively promote the use of its Queensland Register of Nominees to prospective audit committee candidates, and to entities looking for new members.
While Queensland Treasury already acknowledges that the Queensland Register of Nominees is a source of potential committee members for public sector entities in its audit committee guidelines, we are recommending that it looks for ways to increase the current level of awareness for the register.
Are you paying your members appropriately?
Audit committee chairs, internal auditors and chief executive officers agreed that remuneration for audit committee members is not commensurate with the demands or expertise required of their role. Like any market for skilled labour, the remuneration an entity offers is a contributing factor in the quality of candidates it can attract.
Entities should consider the complexity and risk of their business when selecting a new committee member. If the entity’s core business is highly specialised or public-sector specific, they will require audit committee members who have the necessary skills and experience to understand and contribute to those areas. This may mean an entity in this kind of environment needs to pay more to recruit committee members than an entity with a relatively straightforward business. While the level of complexity and risk relating to an entity may drive the level of remuneration, the quality of the individual’s performance and contribution to the committee should also be a consideration.
Under Queensland Treasury’s audit committee guidelines, the chief executive officer or statutory body board has discretion to set the amount of remuneration for independent non‑public sector audit committee members. In some cases, independent members negotiate their remuneration directly with the entity’s chief executive officer or statutory body board. However, in our interviews with audit committee chairs, they told us that most entities set audit committee remuneration based on the rates in the Queensland Government’s Remuneration Procedures for Part-Time Chairs and Members of Queensland Government Bodies.
Those procedures set out remuneration for chairs and members of sub-committees, which ranges from $500 per annum for a member in a level three entity, to $6,000 per annum for a chair in a level one entity. Entities determine their level based on a range of quantitative and qualitative indicators.
Approach taken by New South Wales Government |
---|
New South Wales Treasury department established a prequalification scheme for entities to find and appoint audit and risk committee independent chairs and members. Under the scheme, entities can only engage independent chairs and members selected from the prequalified panel for New South Wales public sector entities. A prequalified independent chair or member may join up to five New South Wales audit and risk committees at any one time. Unlike Queensland, New South Wales also sets mandatory remuneration rates for members and chairs based on the size of the entity’s annual expenditure, which range from $1,255 per meeting for a member of a small entity (less than $50 million in annual expenditure) to $20,920 per annum for the chair of a large entity (greater than $400 million in annual expenditure). |
Queensland Audit Office using information from the New South Wales’ Treasury department.
How can regional audit committees attract appropriate members?
In regional areas, or for small statutory bodies, audit committee chairs highlight a struggle to find and attract appropriately skilled members. Many of these entities cannot tap into the network of members that sit on multiple committees in South East Queensland.
Smaller or more remote committees without networks of potential candidates are more likely to benefit from a system like the Queensland Register of Nominees. However, most audit committee chairs we interviewed in small or regional statutory bodies were not aware of the register.
With technological advancements, audit committee members can attend through video or teleconferencing and do not have to be physically present at meetings. This means entities can broaden their search for members in other parts of Queensland or interstate without excluding candidates because they do not live in the same region. This widens the pool of potential audit committee members with diverse skills and knowledge who could be valuable to the audit committee.
Action for Queensland Treasury (QT3)
Support regional audit committees with clear guidance about how they can source suitable candidates and use technology to attract or connect with nominees.
Support regional audit committees with clear guidance about how they can source suitable candidates and use technology to attract or connect with nominees.
Public sector entities have demonstrated in their response to COVID-19 that effective communication is possible without being physically in the same location.
Do you have appropriate tenure and succession plans?
Queensland Treasury’s guidelines recommend that public sector entities give members an initial term of appointment of not more than three years and a maximum total period of service of six years.
As Figure 3C shows, many of Queensland’s public sector audit committee chairs have exceeded Queensland Treasury’s recommended maximum term of six years. In two cases, a committee chair’s tenure exceeds 15 years, well beyond the maximum term recommended by Queensland Treasury. However, the average term for current chairs is 3.5 years, falling within the recommended range.
Queensland Audit Office.
Other better practice guides such as Audit Committees: A guide to good practice, published by the Australian Auditing Standards Board and the Australian Institute of Company Directors, recommend that entities establish a policy for appointing audit committee members to ensure the regular rotation of the committee’s membership. However, the guide recommends that individual entities retain the flexibility to determine their own maximum tenures to fit their circumstances. While it is important for an entity to consider what is fit-for-purpose, once a chair or member approaches Queensland Treasury’s recommended six years on an audit committee, the entity should start considering if it would benefit from a replacement. Early consideration allows for a well-planned, staggered rotation, and a smooth transition to new members.
Mixing insights and views from members with a longer tenure and deeper understanding of the entity with those of new members, who possess fresh insights and ideas, can improve the quality of advice from the committee. However, familiarity can lead to complacency amongst members, and audit committees and entities should rotate their chairs and members in accordance with recommended terms.
As part of their annual work plans, audit committees should document their plans for the rotation of long serving members and the skills and experience they will require when replacing these members.
An effective committee recruitment system |
---|
One entity we interviewed created a nominations committee that meets four times per year to oversee the recruitment process for members of its main governance body and sub-committees, including the audit and risk committee. Discussions and actions from the nominations committee include:
When selecting new members, the nominations committee may review five or six candidates for the role. Before making a recommendation, the audit committee chair, the nominations committee and the responsible member of the executive leadership team will meet with the preferred candidate(s) to assess their suitability, experience and qualifications for the audit committee. Once the nominations committee narrows the pool down to one preferred candidate, the committee will recommend a candidate to those charged with governance for their approval. |
Queensland Audit Office.
Are you equipping your members to succeed?
Insight Independent members on audit committees in departments can take a year or longer to understand the breadth and depth of a public sector entity’s operational activities and its role in the Queensland public sector. |
Fast facts Thirty-one per cent of audit committees are not offering induction training to their new chairs and members. Half of the audit committees do not offer their members training after induction. |
Independent members bring a greater breadth of experience in corporate governance, risk and financial reporting, while internal members understand what is happening in the business. The audit committees that are providing induction training most commonly include an overview of the:
- nature of the business
- key strategic and operational risks facing the entity
- key financial reporting risks.
They also usually introduce all new members to the chief executive officer, the statutory body board and/or executive management.
Committees should identify and address the gaps in their members' knowledge or skills to ensure all members understand and can effectively contribute to the committee’s role and purpose.
Action for Queensland Treasury (QT4)
Support audit committees and entities to access appropriate training and guidance materials.
Support audit committees and entities to access appropriate training and guidance materials.
Consider how to enhance the support currently available, on the role and importance of audit committees in the public sector, as part of Queensland Treasury’s review of its audit committee guidelines.
Action for chief executive officers (CEO2)
Support audit committee members to access appropriate training and other resources to ensure adequate knowledge of the role, and other subject matter areas relevant to committee discussions.
Support audit committee members to access appropriate training and other resources to ensure adequate knowledge of the role, and other subject matter areas relevant to committee discussions.
Chief executive officers and statutory body boards should ensure appropriate training for audit committee members. This may include inviting members to participate in training, workshops or information sessions specific to governance, risk management and financial reporting for a comprehensive understanding of the role and contemporary issues facing the entity.
Members do not need to be an expert in all areas, but entities should ensure their members are aware of the entity’s risks and operations and have an understanding of the entity’s responsibilities and obligations in the Queensland public sector.
Where necessary, entities should arrange detailed reviews or presentations by internal or external experts in areas that require more specialised knowledge.
Entities should also consider the skills and experience of their audit committee chair and members in governance roles to determine whether they should facilitate training such as the Australian Institute of Company Directors course.
4. Do your meetings add value?
Fast facts One quarter of audit committee chairs reported that not all their members were sufficiently prepared for meetings. Audit committees can receive up to 500 pages of information for a meeting, and regularly receive more than 150 pages. Some committee members spend more than five hours preparing for a meeting. |
Effective audit committee meetings are more than an acquittal of the information the business presents. Committees should strive for insights, questions, or challenges that the entity is not already aware of. However, facilitating that kind of discussion does not just happen without establishing some key behaviours and inputs.
We have identified a hierarchy of needs for an audit committee to achieve more effective meetings.
A good culture in an audit committee means open, honest and frank conversations. Along with their relationship with the entity’s leadership, facilitating this type of environment is the chair’s most important role.
Audit committee meetings should focus on the matters in their charter or terms of reference that are most relevant to their key stakeholders—the entity’s chief executive officer and statutory body board.
The committee chair should discuss their areas of focus directly with those charged with governance and review the alignment of their focus with key business artefacts, including the strategic plan, risk register, and executive/senior leadership meeting minutes.
Several audit committee chairs commented on the overwhelming volume of information they receive before a meeting.
Some committee chairs have implemented rules that drive a reduction in volume and an increase in quality. For example, one committee chair implemented a two-and-five rule, which requires the responsible officers to submit their papers as a two-page brief with a maximum five-page attachment, with obvious exceptions for submissions like the financial statements.
This challenges the business to identify and present only the key messages and required supporting evidence or documentation to the audit committee.
An effective audit committee needs to be able to effect change in the business, ensuring relevant employees are part of the conversation. For example, if internal audit makes a recommendation to address a significant finding, the audit committee should hear directly from the owner of the mitigating actions. This helps improve the accuracy of the information to the committee and elevates the importance of resolving outstanding issues.
Effective audit committees also need to foster strong working relationships with external and internal auditors, and other key governance roles such as the entity’s risk and compliance managers.
5. Is your committee improving and evolving?
Queensland Treasury’s audit committee guidelines recommend that audit committees annually self-assess the effectiveness and efficiency of their performance against their charter. They also recommend that audit committees engage an external peer reviewer to assess their performance in conjunction with their chair’s term (usually every three years).
A meaningful performance assessment
Fast facts Of the 74 audit committee chairs who responded to our survey, one in five advised that their audit committee has not performed a self‑assessment in the last 12 months. |
Most audit committees that conduct annual self-assessments base the scope of their self‑assessment on the Queensland Treasury’s example questionnaire in Appendix M of its audit committee guidelines.
Queensland Treasury’s example checklist is a useful resource to assess some fundamental aspects of audit committee practices. However, audit committees should not rely on it exclusively. As audit committees tailor their annual work plan around the core activities and risks of their entity, they should also tailor their own performance assessment. By tailoring its performance assessment, the audit committee will more effectively measure and report on its impact in helping the entity to lift its maturity and performance.
Action for all audit committees (AC3)
Review the committee’s performance annually and tailor the assessment to align with and measure its performance against the committee’s annual workplan.
Review the committee’s performance annually and tailor the assessment to align with and measure its performance against the committee’s annual workplan.
When designing a self-assessment, audit committees should integrate their annual work plan with their planned annual self-assessment.
This may include assessing a baseline level of maturity in an area of focus for the entity. For example, the audit committee may have identified an area of weakness in the accuracy of the entity’s risk mitigation documentation. As part of its self-assessment, the audit committee could record this baseline level of maturity and then measure improvements over a period of one to three years.
Fast facts Less than one in five entities engaged an independent reviewer to assess their audit committee’s performance. |
Audit committee chairs see great value in conducting external reviews of committee performance, which many referred to as common practice in the private sector. Reasons audit committee chairs believe government entities do not engage external reviewers were:
- The entity was reluctant to fund an external review.
- Machinery-of-government changes disrupted their audit committee before the chair’s term expired.
Entities should consider what type of review makes sense for their audit committee. This includes weighing up the cost and benefits of engaging an independent reviewer for their audit committee.
Audit committees are a significant part of the effective governance in Queensland’s public sector entities. As the responsible central agency, Queensland Treasury has a stake in ensuring the committees are functioning effectively to provide appropriate assurance.
Action for Queensland Treasury (QT5)
Provide improved guidance to audit committees on how to effectively assess and improve their performance practices.
Provide improved guidance to audit committees on how to effectively assess and improve their performance practices.
Queensland Treasury could consider how it can enhance its support when updating and launching its guidelines.