May 28, 2014
According to KPMG’s 2014 Global Audit Committee Survey Report – The Canadian Perspective, the role of audit committees in identifying and assessing risk continues to grow and evolve, expanding beyond traditional areas such as legal/regulatory compliance, anti-bribery/corruption and financial to now encompass information technology — including cyber security.
And this new burden is taking a toll, with 38% of Canadian respondents saying it is becoming “increasingly difficult” to oversee the myriad of responsibilities that are now associated with their role.
While cyber security is considered a growing company threat in the U.S. only a fraction of Canadian audit committee members seem to agree — 11% perceive it to be a major company challenge, which pales in comparison to the U.S. at 27%.
In contrast, when asked if they were satisfied with time spent on cyber security issues by the board, only 31% of Canadian respondents agreed, compared to 55% globally and 57% in the U.S., leaving much room for improvement in boardrooms around the world.
It will be interesting to see if the recent high-profile Heartbleed scare will shift opinion, KPMG said in a release.
“Companies across the country must evaluate whether their audit committees are able to meet the growing and changing requirements of the committee’s roles,” said John Gordon, Canadian managing partner for audit at KPMG Canada.
“Bridging any gaps in skills and resources will help to ensure they are able to quickly identify both traditional and non-traditional risks threatening the organization.”
The report is based on responses from approximately 1,420 audit committee members in 34 countries, between September and November 2013.