Accelerate

It’s a new era. The economy is showing signs of improvement, generative artificial intelligence (AI) is reshaping the work world and ESG reporting is now mandatory for some organizations. At the same time, cyberattacks are becoming more frequent and sophisticated, but so are the tools to fight them.

Until recently, many of the biggest drivers of this new era were of only cursory interest to audit committees. Now, AI, ESG and cyber are being examined more rigorously and increasingly becoming standing items on the audit committee agenda. This trend will only continue as these areas become ever more important for organizations in the coming years.

After years of disruption, there’s greater clarity around the direction of interest rates and where the economy is heading. In this business environment, audit committees are assisting organizations as they plan and execute their next moves, from deploying dry powder and capital projects to M&A and assessing going concern.

At the same time, geopolitical risk remains high, so leading organizations are increasingly adopting scenario analysis. Audit committees will need to monitor this approach and any related risk-management actions based on its conclusions.

As businesses once again look to invest, AI implementations are top of mind. Audit committees will be instrumental in ensuring AI is adopted successfully across the organization by helping guide and oversee its proper governance and the trustworthiness of its implementation. They must also ensure organizations are adapting risk management to account for vendors’ use of AI and preparing for coming AI-related reporting requirements.

While the European Union is leading the way in rolling out mandatory ESG reporting requirements, momentum is also building in Canada. Audit committees will be an integral part of the ESG reporting and assurance process. They must ensure management can present a roadmap to timely compliance. Preparing for mandatory ESG reporting is a substantial undertaking, and organizations can benefit from identifying needed resources and securing them early.

Audit committees are also taking a lead role in ensuring organizations are keeping pace to detect and defend against cyberattacks. As third-party breaches become more common, committees are ensuring management is looking more closely at their supply chains. And as threats become more sophisticated, they’re also challenging management to ensure they’re employing adequate threat detection procedures and engaging the right cyber security service providers.

In the current threat environment, audit committees must ensure their organizations move beyond annual or semi-annual cyber security assessments to more frequent reviews that delve deeper than a mere checklist approach. At the same time, they must ensure organizations layer new techniques for battling attacks on top of a strong foundation of basic cyber defence practices.

In the following articles, we outline the most pressing issues, highlight areas for audit committee attention and raise the questions that audit committees may want to ask themselves and management as they navigate the coming year.