The examples and perspective in this articledeal primarily with the United States and do not represent aworldwide view of the subject. You mayimprove this article, discuss the issue on thetalk page, orcreate a new article, as appropriate.(November 2012) (Learn how and when to remove this message)

Anaudit committee is a committee of an organisation's board of directors which is responsible for oversight of thefinancial reporting process, selection of the independentauditor, and receipt of audit results both internal and external.

In a U.S.publicly traded company, an audit committee is an operating committee of theboard of directors charged with oversight of financial reporting and disclosure. Committee members are drawn from members of the company's board of directors, with aChairperson selected from among the committee members. A qualifying (cf. paragraph "Composition" below) audit committee is required for a U.S. publicly traded company to be listed on astock exchange. Audit committees are typically empowered to acquire the consulting resources and expertise deemed necessary to perform their responsibilities. The role of audit committees continues to evolve as a result of the passage of theSarbanes-Oxley Act of 2002. Many audit committees also have oversight of regulatory compliance andrisk management activities.

Not for profit entities may also have an audit committee.

Internationally, an audit committee assists a board of directors to fulfil its corporate governance and overseeing responsibilities in relation to an entity's financial reporting, internal control system, risk management system and internal and external audit functions. Its role is to provide advice and recommendations to the board within the scope of its terms of reference / charter. Terms of reference and requirements for an audit committee vary by country, but may be influenced by economic and political unions capable of passing legislation. The European Union directives are applied across Europe through legislation at the country level. Although specific legal requirements may vary by country in Europe, the source of legislation on corporate governance issues is often found at the European Union level and within the non-mandatory corporate governance codes that cross national boundaries.

• Institute of Internal Auditors definition:"The Audit committee refers to the governance body that is charged with oversight of the organization’s audit and control functions. Although these fiduciary duties are often delegated to an audit committee of the board of directors, the (...) Practice Advisory is also intended to apply to other oversight groups with equivalent authority and responsibility, such as trustees, legislative bodies, owners of an owner-managed entity, internal control committees, or full boards of directors" (IIA Practice Advisory 2060-2 of 2004).
• In Nigeria, the Audit Committee is defined as a“Committee of Directors and the enterprises shareholders representatives whose specific responsibility is to review the annual financial statements before submission to the Board of Directors”.
• In Uzbekistan, audit committee — a committee, consisting of the members of the supervisory board of an economic entity, as a rule, including at least one independent member, responsible for establishing control over the correctness of financial reporting, selection of an independent auditing organization, overseeing audit processes, as well as obtaining and reviewing the results of internal and external audits ("Law on Audit Activity".).
• The above definitions are focused on the private sector. A similar definition has been developed by thegovernment auditors in theINTOSAI’s Internal Control Standards:"A committee of the Board of Directors whose role typically focuses on aspects of financial reporting and on the entity's processes to manage business andfinancial risk, and for compliance with significant applicable legal, ethical, and regulatory requirements. The Audit Committee typically assists the Board with the oversight of (a) the integrity of the entity's financial statements, (b) the entity's compliance with legal and regulatory requirements, (c) the independent auditors' qualifications and independence, (d) the performance of the entity's internal audit function and that of the independent auditors and (e) compensation of company executives (in absence of a remuneration committee). (Standard INTOSAI GOV #9100, "Internal Control Standards for the Public Sector”, annex 2).^[1]

In India, according to Section 177(1) of theCompanies Act 2013, the Board of Directors of every listed company and such other class or classes of companies, as may be prescribed, shall constitute an Audit Committee.^[2]

As per Rule 6 (Committees of the Board) of the Companies (Meetings of Board and its Powers) Rules, 2014, the Board of directors of every listed companies and the following classes of companies shall constitute an Audit Committee and a Nomination and Remuneration Committee of the Board:

All public companies having:

• Paid-up Capital ≥ ₹10 Crore;
• Turnover ≥ ₹100 Crore;
• Loans + Borrowings + Debentures + Deposits ≥ ₹50 Crore.

Usually, membership of the committee is subject to the maximum number of 6 persons.

• In the US, a qualifying audit committee is required for listed publicly traded companies. To qualify, the committee must be composed ofindependent outside directors with at least one qualifying as a financial expert.
• TheEuropean Union's 8thDirective on company law 2006/43/EC states that“Each public-interest entity shall have an audit committee. The Member State shall determine whether audit committees are to be composed of non-executive members of the administrative body and/or members of the supervisory body of the audited entity and/or members appointed by the general meeting of shareholders of the audited entity. At least one member of the audit committee shall be independent and shall have competence in accounting and/or auditing.”^[3]
• Institute of Internal Auditors best practice:^[4]“The audit committee will consist of at least three and no more than six members of the board of directors... Each committee member will be both independent and financially literate. At least one member shall be designated as the "financial expert" as defined by applicable legislation and regulation”.

Boards of Directors and their committees rely on management to run the daily operations of the business. The Board's role is better described as oversight or monitoring, rather than execution. Responsibilities of the audit committee typically include:^[5][6]

• Overseeing the financial reporting and disclosure process.
• Monitoring choice of accounting policies and principles.
• Overseeing hiring, performance and independence of the external auditors.
• Oversight of regulatory compliance, ethics, and whistleblower hotlines.
• Monitoring the internal control process.
• Overseeing the performance of theinternal audit function.
• Discussingrisk management policies and practices with management.

The duties of an audit committee are typically described in a committee charter, often available on the entity's website.^[7]×

• European Union: Directive 2006/43/EC, article 41.2: (...) the audit committee shall, inter alia: (a) Monitor the financial reporting process; (b) Monitor the effectiveness of the company's internal control, internal audit where applicable, and risk management systems; (c) Monitor the statutory audit of the annual and consolidated accounts; (d) Review and monitor the independence of the statutory auditor or audit firm, and in particular the provision of additional services to the audited entity.^[3]
• Public sector: Cf. Standard INTOSAI GOV #9100^[1]

Audit committees typically reviewfinancial statements quarterly and annually inpublic companies. In addition, members will often discuss complex accounting estimates and judgments made by management and the implementation of newaccounting principles or regulations. Audit committees interact regularly with senior financial management such as theCFO andController and are in a position to comment on the capabilities of these managers. Should significant problems with accounting practices or personnel be identified or alleged, a special investigation may be directed by the audit committee, using outsideconsulting resources as deemed necessary.

External auditors are also required to report to the committee on a variety of matters, such as their views on management's selection of accounting principles, accounting adjustments arising from theiraudits, any disagreement or difficulties encountered in working with management, and any identifiedfraud or illegal acts.^[8]

Audit committees typically approve selection of the externalauditor. The external auditor (also called a public accounting firm) reviews the entity's financial statements quarterly, audits the entity's financial statements annually, and issues an opinion providing assurance on the entity's annual financial statements. Changing an external auditor typically also requires audit committee approval. Audit committees also help ensure the external auditor is independent, meaning no conflicts of interest exist that might interfere with the auditor's ability to issue its opinion on the financial statements.

• European Union: Directive 2006/43/EC, article 41.3 and 41.4:"In a public-interest entity, the proposal of the administrative or supervisory body for the appointment of a statutory auditor or audit firm shall be based on a recommendation made by the audit committee. The statutory auditor or audit firm shall report to the audit committee on key matters arising from the statutory audit, and in particular on material weaknesses in internal control in relation to the financial reporting process."^[3]

Audit committees discuss litigation or regulatory compliance risks with management, generally via briefings or reports of the General Counsel, the top lawyer in the organisation. Larger corporations may also have a Chief Compliance Officer or Ethics Officer that report incidents or risks related to the entity'scode of conduct.

Internal control includes the policies and practices used to control the operations, accounting, and regulatory compliance of the entity. Management and both theinternal auditing function and external auditors provide reporting to the audit committee regarding the effectiveness and efficiency of internal control.

• IIA Practice Advisory: Cf. PA1110-1 paragraphs 2 and 3 (where the “board” means “an organization's governing body, such as a board of directors, supervisory board, (...) any other designated body of the organization, including the audit committee to whom the chief audit executive may functionally report)
• European best practice for the role of the Audit Committee in overseeing internal audit.^[9]

Organizations have a variety of functions that perform activities to understand and address risks that threaten the achievement of the organization's objectives. The policies and practices used by the entity to identify, prioritize, and respond to the risks (or opportunities) are typically discussed with the audit committee. Having such a discussion is required for listing on theNew York Stock Exchange. Many organizations are developing their practices towards a goal of a risk-based management approach calledEnterprise risk management. Audit committee involvement in non-financial risk topics varies significantly by entity. Dr.Ram Charan has argued for risk management early warning systems at the corporate board level.^[10]

• European best practice for the role of the Audit Committee in risk management: cf.^[9]

TheSarbanes–Oxley Act of 2002 increased audit committees’ responsibilities and authority. It raised membership requirements and committee composition to include more independent directors. Companies were required to disclose whether or not a financial expert is on the committee. Further, theSecurities and Exchange Commission and thestock exchanges proposed new regulations and rules to strengthen audit committees.

Below are a few key milestones in the evolution of audit committees:^[11]

• 1939: TheNew York Stock Exchange (NYSE) first endorsed the audit committee concept.
• 1972: TheU.S. Securities and Exchange Commission (SEC) first recommends that publicly held companies establish audit committees composed of outside (non-management) directors.
• 1978: NYSE adopts a listing requirement that audit committees be composed entirely of independent directors.
• 1988: AICPA issues SAS 61 "Communication with Audit Committees" addressing communications between the external auditor, audit committee and management of SEC reporting companies.
• 1999: NYSE, NASD, AMEX, SEC and AICPA finalize major rule changes based on Blue Ribbon Committee on Improving the Effectiveness of the Corporate Audit Committee.
• 2002:Sarbanes-Oxley Act is passed in the wake of corporate scandals and includes whistleblower and financial expert disclosure requirements for audit committees.

• TheEuropean Confederation of Institutes of Internal Auditing (ECIIA)’s best practice:^[9]

"The work of the audit committee can only be valuable if sufficient time is allotted on the board agenda for the audit committee to present the results of its work. The audit committee should also feel that the board is taking appropriate action on its report."

• European Union best practice: Cf. European Parliament resolution of 10 March 2009 on implementation of Directive 2006/43/EC on statutory audits of annual accounts and consolidated accounts (2008/2247(INI)): ‘’”(...) Stresses that recent experience shows the need for frequent and high-quality interaction within audit committees and between independent directors, supervisory boards and auditors; and that non-executive board members should consider carefully the possibility of having meetings without executive board members being present.”’’

Many audit committee chairpersons conduct interim calls with key members of management between quarterly meetings. Key contacts may include theCEO,CFO, Chief Auditor, and external audit partner. Many boards also schedule dinners prior to formal meetings that allow informal interaction with management. Some companies also require their boards to spend a certain amount of time learning their operations beyond board meeting attendance.

These are formally scheduled private meetings between the audit committee and key members of management or the external auditor. These meetings typically are unstructured and provide the opportunity for the committee to obtain the feedback of these managers in private. A key question audit committee members ask in such sessions is: "Is there anything you would like to bring to our attention?"

Audit committees should complete a self-evaluation annually to identify improvement opportunities. This involves comparing the committee's performance versus its charter, any formal guidelines and rules, and against best practices. Such a review is confidential and may or may not include evaluations of particular members.^[12]

Various consulting and public accounting firms perform research on audit committees, to provide benchmarking data.^[11][13][14] Some results are identified below:

• 54% of committee members surveyed felt the audit committee was "very effective", while 38% indicated "somewhat effective."
• Risk management, internal control, and accounting estimates and judgments were the top priority areas for 2007.
• Most audit committees have 3-4 members and are usually chaired by persons with experience as a CFO, external auditor, or CEO.
• Audit committees meet 6-10 times per year, either face-to-face or via teleconference, with the former lasting from 1–4 hours and the latter 1–2 hours.
• Audit committee members devoted 50–150 hours to their responsibilities each year.
• The percentage of audit committees with oversight responsibility for: IT compliance (66%), business continuity (50%), and information security(45%).
• 41% were "very satisfied" with the internal audit function, while 52% were "somewhat satisfied."
• Two-thirds felt the Chief Internal Audit position was for a professional internal auditor, rather than as a "stepping stone" to other roles.
• 93% indicated the audit committee was "somewhat" or "much more" effective since theSarbanes-Oxley Act was implemented in 2002.
• 58% of committee members were "somewhat satisfied" that they understood management's processes to identify and assess significant business risks.
• Only 17% of audit committees had primary responsibility for oversight of non-financial risk; the full board had this responsibility in 56% of companies.

In a 2011 study,^[15] the Council of Europe concluded that:“The Benchmarking results from a sample of 15 international organisations in Europe show that 11 have an audit committee (of which the name may vary from Audit Committee, Advisory Committee on Audits, Audit Advisory Board, Audit Progress Committee, Finance and Audit Committee, Independent Advisory Oversight Committee, Independent Audit Advisory Committee of Experts) and in seven, the Audit committee plays a role in the selection of the External Auditor".

A 2009 study^[16] on 23 international organisations showed that 10 had an Audit Committee and 3 considered having one in future, with 8 reporting to the Governing Body level and 2 reporting to DG/Executive Director level. The sizes of all Audit Committees were between 3 and 9 members, with 5 committees having a mix of external expert members and internal members.

• Corporate governance
• ISA 310 Knowledge of the Business

• Example ofAudit Committee Terms of Reference: at the Council of Europe (1. Guiding principle, 2. Role of the committee, 3. Membership of the committee, 4. Terms of appointment, 5. Rules and procedures, 6. Access to documents, 7. Reporting, 8. Resources):wcd.coe.int/wcd/ViewDoc.jsp?id=1684131&Site=CM 12 January 2011.
• SampleAudit Committee Charter by TheIIA.orgCommittee Charter
• Powerpointpresentation on Audit Committee by TheIIA.org: Purpose, Process, and Professionalism.[1]
• nacdonline.orgNational Association of Corporate Directors
• Association of Audit Committee Members, Inc.

• Auditing
• Corporate governance
• Corporate law
• Committees
• Board of directors

• All articles with dead external links
• Articles with dead external links from October 2018
• Articles with permanently dead external links
• Articles with dead external links from April 2019
• Articles with short description
• Short description is different from Wikidata
• Articles with limited geographic scope from November 2012
• United States-centric