Setting the 2025 Audit Committee Agenda

The next 12 months are likely to be another challenging year for audit committees. The 9 topics we have highlighted for 2025 may include some areas audit committees would consider beyond the official scope of responsibility as outlined in their respective charters.

The 2025 Mandate for Audit Committees

  1. Confirm that the committee is receiving adequate independent assurance regarding cybersecurity vulnerabilities.
  2. Determine whether the organisation is evaluating and capitalising on generative artificial intelligence (GenAI) investments and opportunities responsibly.
  3. Consider the maturity of the organisation's governance over third-party relationships.
  4. Validate that the committee's technology expertise enables effective oversight of technology-related risks.
  5. Evaluate the strategy of the internal audit function to ensure that it is evolving at a pace that enables it to continue to add value to the organisation.
  1. Take a fresh look at the organisation's current fraud exposure and the effectiveness of mitigation strategies.
  2. Evaluate the organisational response to climate risk and other sustainability disclosure requirements.
  3. Confirm the completeness and adequacy of the enterprise-wide risk identification and management process.
  4. Assess the effectiveness of management’s reporting to the audit committee.

In formulating these topics, we considered input from our interactions with client audit committees and insights from meetings with active directors in various forums.

In times of robust technological change and innovation, boards are a critical element to the overall governance structure, helping guide where investments are made and how risks are managed. The explosion of investment and adoption of cloud infrastructure, GenAI and quantum computing will continue to increase and may extend the knowledge gap between management and the board — unless appropriate steps are taken.

Bottom line: Risks are evolving more quickly in a business environment marked by rapid technological advancements and geopolitical uncertainties, necessitating robust enterprise risk management practices that ensure timely identification of and responses to dynamic risks.

Self-Assess Committee Effectiveness: In addition to discussing these agenda items, we offer assessment questions for audit committees to consider when evaluating their performance.

For more about the 2025 audit committee agenda, read the article here.

(The Bulletin — Volume 8, Issue 9)

Loading...