The concept of an audit committee is hardly new. Examples can be found in both the public and private sectors going back many years. Likewise, a full decade has now passed since the GFOA first offered a recommended practice specifically devoted to the topic. All the same, the audit committee has become the focus of unprecedented attention in the wake of the passage of the Sarbanes-Oxley Act.
The Sarbanes-Oxley Act mandated important changes in the structure and operation of private-sector audit committees. A little more than a year ago, the GFOA Executive Board asked its standing Committee on Accounting, Auditing, and Financial Reporting to examine these developments with a view toward identifying specific private-sector changes from which the public sector might also benefit.
The committee studied the provisions of the Sarbanes-Oxley Act itself, as well as related guidelines promulgated by the Securities and Exchange Commission (i.e., Regulation 33-8220). The committee also considered the recommendations published in 1998 by a joint "blue ribbon" committee of the New York Stock Exchange and the National Association of Securities Dealers under the title Report and Recommendations of the Blue Ribbon Committee on Improving the Effectiveness of Corporate Audit Committees.
Ultimately, the Committee on Accounting, Auditing, and Financial Reporting came to the conclusion that the GFOA'S earlier recommended practice on audit committees needed to be substantially rewritten to take full advantage of the newest private-sector developments. This much expanded and updated version of the recommended practice was approved by the GFOA2s Executive Board in 2006. This article will examine the new vision of the public-sector audit committee incorporated in the new recommended practice.
THE ROLE OF THE AUDIT COMMITTEE
Financial reporting is a core managerial function. Accordingly, management is primarily responsible for financial reporting, including the adequacy of internal control over the financial reporting process. Similarly, it is a core responsibility of any governing body to exercise oversight of management. Therefore, the governing body is ultimately responsible for ensuring that management is, in fact, meeting its internal control and financial reporting responsibilities.
There are at least two practical challenges in the way of a governing body effectively exercising its oversight responsibility for internal control and financial reporting. First, the topic is unlikely to emerge at all on a typical governing body's "radar screen" unless something actually goes wrong. Second, management may compromise the independence of the financial statement audit (a key component of financial reporting) by inserting itself into the process in a way that impedes regular direct communication between the independent auditors and the governing body
The audit committee is a practical tool for overcoming both of these potential obstacles. On the one hand, the creation of an audit committee institutionalizes the governing body's involvement with internal control and financial reporting, thereby ensuring that both topics are periodically addressed by the governing body On the other hand, it enhances the real independence of the financial statement audit by providing a practical vehicle for ensuring regular, direct communication between the independent auditors and the governing body, apart from management.
The governing body of a small government is no less responsible for the quality of its internal control and financial reporting than is the governing body of a much larger government. Moreover, a well-designed audit committee should facilitate the governing body's performance of its oversight role, thereby reducing, rather than increasing, its burden. Therefore, all governments, regardless of size or circumstance,should have an audit committee.
Many managers and governing bodies would be delighted were it only possible to "outsource" their responsibility for internal control and financial reporting to someone else. …