Audit Committees and Their Role in Control

Audit committee and internal control In recent years, focus was directed toward internal control and its role in the governance of public shareholding companies. Accordingly, audit committees emerged and turned significant. Many professional committees were formed to study the role of internal control, including audit committees, make recommendations and establish the standards that govern such roles. Most of these recommendations confirmed the role of audit committees and internal audit in implementing and following internal control. In the first paper, reference was made to the emergence of audit committees and their roles, duties and responsibilities while indicating at the same time the regulations of JSC in that regard. Their supervisory role was emphasized and summarized as follows: Ensure the companys compliance with the applicable legislations and study the periodical reports before presenting them to the board for recommendations, particularly with relation to any changes in the accounts, as well as reviewing the external and internal auditors reports, assessing the procedures of internal control and present recommendations to the board. Moreover, audit committees must ensure the absence of any conflict of interests and review the third parties transactions. Internal control constitutes a major element of companies governance. In fact, it is the most essential element, and its importance increased over the past years after the collapse of many gigantic companies as a result of corruption and poor control. Internal control offers the necessary tool for providing the audit committee with the basic information required to set the procedures that protect the companys funds and assets as well as protecting it from business risks in addition to other tools the contribute in increasing effectiveness in order to realize the companys objectives. This is the product of applying an effective and accurate system that provides the ability to control the financial reporting in the company. In view of that, we can summarize the relation between audit committees and their role in that concern as ensuring the continuous availability of policies, rules and procedures that together form an effective system for internal control in public shareholding companies. Internal control has various benefits that are summoned as follows:

1- Provision of reasonable assurance to achieve the entitys objectives in offering reliable, high quality financial reporting for third party. 2- Compliance with applicable reports and systems. 3- Mitigation of risks and establishment of necessary procedures to mitigate the impact thereof. 4- Assurance of quality and effectual performance and the accuracy and reliability of accounting transactions. 5- Firmly root the culture of integrity and transparency. To attain these benefits efficiently, internal control must include the following activities: - Control for the purpose of completing information. - Compliance with laws and regulations. - Achieve high degree of protection for assets and properties. - Provide reasonable, acceptable and reliable financial statements and accurate accounting transactions. - Sound distribution of tasks and responsibilities to reflect the confidence in job performance. - Mitigation of all types of business risks. All professional institutes, corporations and committees were keen to ensure the role of internal control in providing reliable financial reporting that reflects high certainty. Paragraph 42 of the ISA 315 issued by IFAC defines internal control as follows: Internal control is a process designed and implemented by those in charge of governance and other employees to provide reasonable assurance regarding the accomplishment of entitys objectives with relation to the reliability of financial reporting and effectiveness and efficiency of operations as well as compliance with the applicable laws and regulations. Moreover, internal control is designed and implemented to deal with identified business risks that threaten the accomplishment of such objectives. In the context of this definition, which summarized the duties and objectives of internal control, we believe that a clear-cut system of internal control characterized by accurate design and effective use of tools should be available. We also believe that the designers of such systems should have practical and professional expertise in addition to the participation of all employees in the responsibility of implementing those systems. As a matter of fact, the internal control system comprises of manual and automatic systems and depends chiefly upon those two systems according to the work environment, size of entity and complexity of transactions. However, the internal control systems should cover the following: - Delegation of powers, responsibilities and authorities. - Information processing. - Processes of performance review.

Elements of internal control. Segregation of duties. Paragraph 90 of ISA 315

Consequently, the audit committee is required to understand the goals, tasks and benefits of such systems and the activities they control. Audit committee should possess such understanding in order to be able to perform its duties within a sound control environment with the view of achieving its objectives for which they existed and to be able to perform their duties and responsibilities perfectly. Committee of Sponsoring Organizations of the Treadway Commission COSO, a commission formed with the participation of a number of professional committees such as, the American Institute of Certified Public Accountants AICPA, the Association for Accountants and Financial Professionals in Business IMA, the Institute of Internal Auditors IIA, Financial Executives International FEI and the American Accounting Association AAA, indicated in its report the role of the board of directors and audit committee emerged therefrom as well as the importance of a strong and effective board of directors, especially when the company is managed by executive directors or managerial team restricted by specific rules and regulations. Accordingly, the board of directors performs effective control over the major areas of the company such as transactions, compliance with rules and regulations and financial reporting. Audit committee is the first line for the board of directors to practice such control. Moreover, it is essential for all employees to understand their roles in implementing the applicable system of internal control with integrity, efficiency and transparency. The role of internal auditor as indicated in COSOs report is to assess the effectiveness and sufficiency of internal control system and the compliance therewith. Therefore, the internal audit should submit its reports to the internal audit committee emerged from the board of directors and/or high level management. Such reports contribute to persistency of the benefits, ensure the effectiveness of internal control and detect any faults in compliance at any managerial level. The internal control system, which is precisely designed and includes all five elements required for any sound system, is an effective tool for any company and the audit committee therein to perform its role in performing reliable financial reporting and offer protection form risks. The following five elements comprise the major components of any effective control system Control environment Risk assessment Information exchange system Various control activities Follow up of control elements

Paragraph 43 of ISA 315 audit standards A number of questions may arise with regard to any of these elements and they are usually put in the form of a questionnaire or survey by the internal audit team and the external audit team to ensure the competence of the system and compliance therewith. Answers to such questions may constitute significant cases that require reporting the same to the internal audit committee in order for to perform its responsibility of following up the comments. This questionnaire is divided to various main sections or areas under which a number of related questions follow. These areas are: 1- Organizational structure and distribution of authorities and responsibilities 2- Determination of tasks distribution (preparation and implementation) 3- Integrity and conduct 4- Compliance and adequacy 5- Management philosophy and due process 6- Risk assessment 7- Exchange of information and documentation 8- Different control activities over all types of accounts, department and sections 9- General guidance Since audit committees are unable to perform their duties and meet their obligations without the help of the internal and external auditors like using the results of the questionnaire, as previously mentioned, the work of such auditors is a major reference for the audit committee and their reports are essential. For these tools and references to be a functional basis, audit committees should provide the means therefor, most important of which ensuring the competence of individuals and their independence in order to work without the interference or influence of executive managements. IIA established international standards for the practice of internal audit that aim at: 1- Establishing the focal points of internal audit practice. 2- Establishing a general framework for the added value of internal audit 3- Establishing the rules of assessing internal control 4- Enhancing and developing the effectiveness of companies activities. It is noted that all standards paid great attention to internal control and established the needed rules to confirm its efficacy making it a fundamental procedure and objective at the same time. ISA 212 describes

in detail the procedures to be followed by internal auditors to achieve such goals: Internal audit performs the following types of auditing: - Financial and accounting audit - Auditing compliance with rules and regulation - Auditing operations and activities - Auditing control systems and compliance therewith - Consultation services and recommendation provision By examining these types, we find that audit committees depend, while performing their job, mainly upon the reports of internal auditors and all professional bodies advised the submission of such reports to the audit committees. Summary After this review of the role of audit committees and their relation to internal control systems, we can summarize their role as follows: 1- Audit committee represents the first line for the board of directors to ensure the existence of an effective control system that should be complied with constantly. 2- Audit committee uses different tools, including the work of internal and external auditors, to ensure compliance with such systems. 3- Audit committees should understand that the existence of an adequate and efficient control system is not enough; persistency must be applied to ensure the implementation and compliance of these systems. 4- Audit committee should ensure that all employees understand their roles within the internal control systems. 5- Audit committee should ensure the availability of all necessary tools for the internal audit to perform its tasks. 6- Audit committee should follow up the compliance of the administrative levels with the comments presented by internal and external auditors 7- Any internal control system must have the following: - Accurate description of tasks and responsibilities - Clear determination of all types of powers (financial and administrative) - Segregation of powers and authorities within clear areas. - Provision of adequate information, whether financial or operational, and compliance regulations the means of exchanging such must be clear and defined. - Provision of the tools necessary for the system such as manual and automatic tools coupled with clear instructions for use and determination of responsibility. - Keeping the study of the effectiveness of the system to make the necessary amendments thereto.

8- Utilizing the work of internal and external auditors to assess the effectiveness of the system. 9- Any internal control system should contain the main components in order to be complete and achieve the objectives thereof. Finally, the audit committee assumes huge responsibility in protecting entities from various risks, which may cause the collapse of these entities if they were ignored or negligently dealt with. Saed Suleiman

References 1- Internal Standards on Auditing 2- COSO document 1992 3- International Standards on Internal Audit 4- Jordan Securities Commissions regulations 5- IFAC publications internal audit as a tool for audit committees 17/4/2008