The Emerging role of Auditors and CFOs in Risk Management
The Emerging role of Auditors and CFOs in addressing Risk Management: A New Perspective
Introduction
The regular business disruptions and the changing risk landscape has had a disruptive and devastating effect on organizations. A new perspective of risk management in the context of evolving technology and data driven experience in the last few years have prompted an important shift in the role of auditors and Chief Financial Officers (CFOs) in organizations. With the emergence of new technology at an unprecedented pace, the role of auditors and CFOs is poised for a rapid change. Auditors along with senior management need to take a holistic and forward trending view on the emerging risk and risk management practices. They need to be transparent about arriving at the audit opinion and expand their coverage in implementing and improving compliance, governance and risk management-related processes and controls within an organization. It is surprising that auditors and CFOs seems to spend very less time on the organization’s risks in critical business processes and on controls within each process to mitigate those risks. In this regard, the occurrence of a Black Swan event like COVID 19 pandemic has raised some profound questions for risk practitioners given the fact that COVID 19 is affecting the health of the Company and the event has posed a threat to all organizations. The importance of managing risk for auditors and CFOs is a priority in view of the changing risk landscape and the continued technological advancements. The organizations are under pressure of identifying all risks that they are confronted with and also to the way it manages them. The question for auditors and CFOs now is to recalibrate the existing risk practices, think from the frontline as to how risks can be identified and addressed in order to help the company address the risk more proactively.
In the same time, board, senior leaders, regulators have all started using integrated risk management practices to expand their focus to include the concept of enterprise risk management (ERM). Frequent business disruptions and the present dynamic environment have also made the concept of ERM important in companies The concept of Enterprise-wide risk management (ERM) is not a siloed activity. It helps to elevate the focus of risk management from the tactical to strategic level. ERM helps top management to manage different types of risk effectively (Annamalah et al. 2018). Effective ERM practices help to reply to unexpected threats, to ensure flexibility and to take the benefits of opportunities which in turn facilitate firms to gain competitive advantage (Armeanu et al. 2017). It is a structured, consistent and continuous process across the whole organization for identifying, assessing, deciding on responses to and reporting on opportunities and threats that affect the achievement of its objectives (IIA Position Paper: The role of Internal Auditing in Enterprise -wide risk management, January 2020).
In today’s challenging global economy, risk management along with ERM has a critical role to play in assessing, managing and monitoring an organization’s key business risks in order to prevent or minimize losses. Boards need assurance that risks are being managed effectively and that the system of internal controls is operating effectively. These risks could include regulatory risks, operational risks, strategic risk, compliance risk, ethical risks to name a few. As risk is present in all actions and is also complex, a firm commitment by the management ie a form tone at the top to create a strong risk landscape in today’s environment can ensure there is adequate professional expertise to develop best practices. This can be implemented by First, embedding risk considerations and actions as part of the KRA (Key Responsibility Area) definition of senior leaders and the operating plan and Second, driving a culture of foresight to minimize surprises and joint accountability between business, senior management and risk function. This has become particularly important following the global pandemic, multiple economic and financial crisis along with a series of scandals across sectors. Against this backdrop, the objective of the present research proposal is to bring out the changing roles and responsibilities of the auditors and CFOs in addressing emerging risks and underline what the changing risk landscape means for auditors and CFOs in organizations. The research will offer suggestions and insights to auditors, board and top management a framework for effective implementation of risk management and ERM. The following sections present the aims and objective, review of literature, research methodology, conceptual framework and then discussion on the ERM framework. The final section provides the relevance, implications and conclusions of the study.
Read More on ICAI