New audit committee survey reveals trends on risks, ESG reporting and more

In late January, a survey entitled “Audit Committee Practices Report: Common Threads Across Audit Committees” was published by Deloitte and the Center for Audit Quality, an affiliate of the American Institute of Certified Public Accountants. The survey analyzed 246 responses, including 86% of respondents who served on audit committees of public companies. Here are some key findings from that survey.

Key concerns

The top area of focus for almost everyone (96%) was financial reporting and internal controls, including fraud risks. Many also reported concerns related to:

  • Cybersecurity (53%),
  • Data privacy (48%),
  • Ethics and compliance (48%),
  • Third-party risk (47%), and
  • Enterprise risk management (42%).

Almost all (98%) of those surveyed said that audit quality has increased or remained the same compared with the previous year. But 42% indicated that fraud risk has increased.

Teleworking during the COVID pandemic was cited as a key reason for the enhanced risk, and 74% of respondents reported that their company’s internal controls had been updated over the last year to address the remote work environment.


Critical audit matters (CAMs) are defined as issues that:

  • Have been communicated to the audit committee,
  • Are related to accounts or disclosures that are material to the financial statements, and
  • Involved especially difficult judgment from the auditor.

The CAM requirement is intended to make the auditor’s report more useful to investors. But only 28% said that CAM discussions provided insights that weren’t readily available before the Public Company Accounting Oversight Board adopted these rules.

ESG issues

Approximately two-thirds (66%) of respondents said that their companies issue environmental, social and governance (ESG) reports, and 69% said their companies currently obtain (or are actively discussing getting) third-party assurance on ESG information. Respondents reported that the most material ESG factor for their company was:

  • Human capital (36%),
  • The environment (26%),
  • Leadership and governance (20%),
  • Business model and innovation (12%), and
  • Social capital (5%).

Investors are increasingly demanding ESG information that’s both useful and reliable. They also generally believe that third-party assurance would make the information more trustworthy.

Lessons learned

When your audit report is delivered, it’s a good time to review lessons learned during fieldwork about key areas of concern, major sticking points and the relevance of ESG matters. Contact us to find out how to apply those lessons to lower risk, improve transparency and facilitate the audit process next year.