ICAEW.com works better with JavaScript enabled.

A policy for progress

Find out more about ICAEW’s nine recommendations for developing a meaningful audit and assurance policy

Read the full report
A person reading a publication

Call to action

ICAEW recommendations in the report and the extensive outreach and evidence gathering process on which they are based, suggest that introducing an “Audit and Assurance Policy“ could render corporate information more informative: augmenting the understanding, utility and value of audit and assurance activities, enabling them to be driven by the needs and expectations of key users, and making them more accessible in order to facilitate more appropriate resource decisions.

If the Policy is to fulfil its potential, UK companies will need to engage fully and follow the nine recommendations in this report.

An hourglass

1. Seize the moment

We urge companies to seize the moment to create a Policy that builds on existing activities, rather than waiting for this to become mandatory. We emphasise the ongoing need for discussion that results in a consistent and inclusive language to articulate and describe audit and assurance. Improved definition will support the great value that this Policy has the potential to provide, improving internal decision making while providing insight to external users.

A signpost

2. Deliver integrated and enhanced information

We encourage viewing the Policy as a mechanism to deliver, through effective signposting across all disclosures, integrated and enhanced information on the system of risk management and internal control and the audit and assurance obtained over risks, disclosed financial and non-financial information and regulatory requirements.

A blank puzzle

3. Encourage a broad range of companies and other organisations

We encourage companies and organisations of any size to consider producing an Audit and Assurance Policy, recognising the potential value for all users, and providing clarity for regulators.

Keys with a house-shaped key ring

4. Audit committees should own the Policy

We encourage audit committees to own the Policy on behalf of the board, focusing on realising the full range of opportunities through clear, concise and comparable information; ensuring appropriate audit and assurance coverage of those matters of greatest concern to users; providing education to all parties; holding providers to the highest standards; and telling a story that drives value and builds trust.

A magnifying glass

5. Deliver clarity and transparency, avoiding boilerplate descriptions

We believe the Policy must deliver clarity and transparency, avoiding boilerplate descriptions, and evolve over time as improvements are embedded. Companies may initially need to prioritise aligning their understanding internally to learn, identify practical improvements, build capability, and evaluate gaps in their underlying audit and assurance provision.

A computer monitor, a laptop screen and a tablet each of which has text on it e.g. 'Where and how do directors get comfort?'

6. Create a cohesive and complete narrative covering all sources of audit and assurance

We encourage a cohesive and complete narrative covering all sources of audit and assurance to indicate where and how directors obtain their comfort. Technology and data-driven techniques should be considered as a fully integrated element of the solution, delivering improved insight across all risks. Culture and behaviours should also be addressed.

A notebook, pen and pair of glasses

7. Update the Policy regularly, with proactive shareholder engagement

We recommend that the Policy is updated regularly, with proactive engagement of shareholders. Ideally, the need to consider shareholder views will promote proactive dialogue between shareholders and directors.

A pair of binoculars

8. Focus on underpinning principles, creating flexibility through a proportionate and pragmatic response

We support guidance and regulation with a focus on underpinning principles, creating flexibility through a proportionate and pragmatic approach, alongside a limited number of minimum mandatory elements for comparability. This will allow the approach taken by organisations to evolve, recognising that many will not have all of the information needed on first implementation, and allowing for transparency in discussing how they are progressing.

A tape measure

9. Aim for tailored, engaging and interactive reporting

We encourage tailored, engaging and interactive reporting that reflects the nature, scale and complexity of the company, with succinct, summarised and integrated reports located in the Annual Report. The Policy should explain the core principles in sufficient detail to enable users to evaluate the content and to engage in a meaningful discussion.

hijab business woman in office
Audit and corporate governance reform

Unpacking the UK government's proposed measures to restore trust in governance, reporting, and auditing.

Find out more
Get in touch
Join the conversation

Please get in touch to share your views or to join our activities.

Audit and assurance policy report
A policy for progress

Watch ICAEW’s webinar which offers hints and tips for organisations who are implementing an audit and assurance policy for the first time.