It may be tempting to combine the board's enterprise risk management (ERM) committee with the audit committee, as to do so cuts down on number of committees and the amount of time looking at risk. However, in the 'Three Lines of Defense' philosophy supported by the financial services industry, the roles and responsibilities of ERM versus audit are quite different. Plus, audit should independently review ERM; reporting the results to the same committee that provides ERM oversight would appear to impact some level of independence. In this condensed discussion, the risk of combining ERM and audit committees is reviewed and facts shared.
- ERM and Its Focus
- Audit Committees and Their Focus
- Critical Division of Risk Defense
- The 3 Lines of Defense
- Key Considerations
Please note: This site employs features that may cause unexpected behavior in older versions of Internet Explorer. If you experience a problem, try refreshing your screen. If this doesn't solve the problem, click on this link.
You may contact us by using the Online Chat button below.