ICAEW.com works better with JavaScript enabled.

Risk committees

Guidance for corporate governance professionals working on risk committees. In smaller companies it is likely that there will not be a separate risk committee and risk will be the responsibility of the audit (or audit and risk) committee.

In this section

9 Traits of an effective Audit Committee

Having an effective Audit Committee is essential for good corporate governance as it leads on financial reporting, internal controls, risk management and external audit functions.

Guidance

Reporting business risks

This report is intended as a timely contribution to debate about how risk reporting should evolve. It reviews both the general experience of risk reporting to date and the risk reporting of financial institutions before the crisis, considers why risk reporting is thought to have been disappointing (Chapter 3), and suggests ways to improve it.

Getting it right

A report by Independent Audit Limited on risk governance in non-financial services companies

Special Report 20: Internal control from a risk-based perspective

This special report, which looks at internal control from a risk-based perspective, could not have come at a more fitting time. Recent events at France’s Société Générale highlight how even the largest and most highly regulated businesses can be severely compromised by the apparent failure of internal controls.

Special report 10: Risk management

The management of risk has come a long way in the last 10 years. When we first wrote a guideline for the Faculty, the term ‘risk management’ was still evolving.

Risk Management for SMEs

A briefing document from The Faculty of Finance and Management of The Institute of Chartered Accountants in England & Wales

Webinars and other recordings

Building your cybersecurity defences

Stuart Jubb, MD of Consulting at Crossword Cybersecurity, and Nikki Cole, an experienced Non-Executive Director, discuss the processes that Boards should have in place to manage their cybersecurity risks.

Fighting fraud: the internal audit

Martyn Scrivens, Chair of the ICAEW's Internal Audit Advisory Panel and Martin Robinson, consultant for the Fraud Advisory Panel and advisor to the Chartered Institute of Internal Audit, look at the role of internal audit and its use in preventing, detecting and responding to fraud.

Whistleblowing and fraud

Ian Foxley, whistleblower and Dino Bossi, Addveritas share their views on the benefits of whistleblowing and the system that should be in place to support people.

Managing social media to avoid reputational damage

Jennifer Janson, Six Degrees and Jamie Harley, PwC discuss the potential impact of social media on reputation, how best to manage this risk and use social media to the benefit of the organisation.

Cyber security: an update on what boards need to know

Simon Shooter, Head of Cybersecurity and Co-Head of International Commercial Group, Bird & Bird LLP, Kirstin Gillon and Mark Taylor from ICAEW’s IT Faculty provide an overview of the Audit Insights: Cyber Security report.

eBooks

The Library & Information Service provides a collection of eBooks as a benefit of membership. Please note that ICSA and Credo publications are only available to ICAEW members and ACA students.  Please log in to access these titles. If you are unable to access an eBook, please see our Help and support or contact library@icaew.com.

The role of the board in risk management oversight

This title provides comprehensive, expert-led coverage of all aspects of corporate governance for public, nonprofit, and private boards. This chapter looks role of the board in risk management oversight, usually by the audit committee or by establishing a separate risk committee.

The board structure and its committees

Chapter 3 deals with the structure of the board, its governance role and responsibilities. It also gives brief overviews of the different types of board committees, including: audit; nomination; remuneration; and risk committees. These are dealt with in more detail in later chapters.

Risk managment

An introduction to governance for directors and executives. Chapter 14 deals with risk management with sections on: risk management and corporate governance; risk assessment; controls; risk management; Basel II; ERM framework; COSO ERM framework.

Internal control and risk management

An essential source of reference and route map for the position of Non-executive director. Contains case studies and checklists throughout. Chapter 9 of the handbook covers Internal control and risk management and includes a Model terms of reference for an audit committee: internal control, risk management and internal audit

Governance of information technology

This title provides comprehensive, expert-led coverage of all aspects of corporate governance for public, nonprofit, and private boards. This section comprises two chapters: Information technology and cyber security in a digital world and; The board's role in the governance of enterprise information and technology.

Terms of use: You are permitted to access, download, copy, or print out content from eBooks for your own research or study only, subject to the terms of use set by our suppliers and any restrictions imposed by individual publishers. Please see individual supplier pages for full terms of use.

The Library & Information Service provides a collection of articles as a benefit of membership. Please log in to view these articles. If you are unable to access the articles, please see our Help and support page or contact library@icaew.com.

Security, resilience require better questions

The article offers suggestions for increasing corporate cybersecurity efforts for the board. Topics discussed include ineffectiveness of artificial intelligence in preventing cybercrime and data security failures; making sustainable data privacy compliance; and verifying identities and providing access to resources through authentication.

How to build a cyber-capable board

The article offers several tips for businesses to create a board of directors that can help manage cybersecurity risks. These tips include consulting both the board and chief information security officers on cybersecurity issues, demanding clarity in security reporting, and focusing on the human aspects of cyber risk.

Good times and bad: The trauma of the financial crisis needs to be remembered even as new threats become a growing concern.

The article focuses on the risk management by the financial services industry in the United States. The industry faces various challenges that include non-financial risks like cybersecurity, model, third-party and also economic risks. Many companies now have a risk committee of the board with primary responsibility for risk oversight

Terms of use: You are permitted to access articles subject to the terms of use set by our suppliers and any restrictions imposed by individual publishers. Please see individual supplier pages for full terms of use.

Useful links

Risk committee

KPMG Board Leadership Centre guidance and resources to help risk committee members navigate the risk landscape

Audit, risk and internal control

The FRC published the revised Guidance for board effectiveness in July 2018. Section 4 Audit, risk and internal control look as the audit committee's (or risk committee's if separate) responsibility in this area.

Governance challenges 2017: Board oversight of ESG

National Association of Corporate Directors (NACD) report which aims to assist directors in meeting additional responsibilities associated with considering Environmental, Social and Governance (ESG) factors when setting company strategy and risk. Requires free registration to download.

ICAEW accepts no responsibility for the content on any site to which a hypertext link from this site exists. The links are provided ‘as is’ with no warranty, express or implied, for the information provided within them. Please see the full copyright and disclaimer notice.

* The Chartered Accountants’ Trust for Education and Research, a registered charity, owns the library and maintains and operates it for ICAEW.