On the audit committee’s agenda: Key focus areas for 2024

Talking points

• Deloitte’s latest On the audit committee’s agenda identifies important focus areas for audit committees in 2024.
• The list includes regulatory matters, enterprise risk management, finance talent, and audit committee effectiveness.
• Deloitte can provide additional insights to advise you on navigating 2024 audit committee agenda topics as they continue to evolve.

Advising audit committees on the impact of regulatory developments and emerging risks can be challenging in today’s rapidly changing environment. The same goes for advising them on how to effectively and efficiently accomplish everything on their plate. Navigating these challenges is what I love most about my role. While we can’t know with certainty what the future may hold, we can all try to do the next best thing: gather insights, plan ahead, and prepare.

Our new On the audit committee’s agenda provides detailed insights on topics that we believe may be on audit committee agendas this year. Here’s a quick preview.

Regulatory matters

We expect the SEC to be active in 2024. Audit committees will need to pay close attention to these developments, which may include:

• Cybersecurity:  New cybersecurity rules issued in 2023 will require audit committees to consider both whether and when a breach becomes material and also disclose cybersecurity risk strategy and oversight processes.
• Climate disclosure: First proposed in 2022, the possible adoption of final rules around climate change disclosure may be the most anticipated rulemaking in 2024.
• Other expected SEC rules: Among other areas, we expect the SEC to propose rules requiring additional disclosure in the areas of human capital management and board diversity in 2024.

In addition to considering activity from the SEC, audit committees should stay abreast of rulemaking coming from the PCAOB and FASB, both of which have been active in recent months.

Risk oversight

Audit committees will also have to consider how to manage a number of evolving risks facing their companies in 2024, including:

• Cybersecurity: In my discussions with audit committee chairs and members, cybersecurity comes up most often as the area that keeps them awake at night. The latest Audit Committee Practices Report published by Deloitte and the Center for Audit Quality confirms cybersecurity as a top concern for audit committees in 2024.
• AI: Any discussion of risk in 2024 will likely include risks associated with the growing use of AI. While most companies are still determining how this risk will be overseen, the audit committee will likely have a role when it comes to the use of AI in audit and financial reporting, and the audit committee should be considering both the risks and benefits of its use (see “Artificial intelligence: An emerging oversight responsibility for audit committees?” recently published in the National Association of Corporate Directors’ 2024 Governance Outlook).
• Other risks and crisis management: As emerging risks expand, audit committees are well-positioned to understand how management is addressing them through their oversight of the enterprise risk program. Considering this environment, the audit committee should ensure management has current and comprehensive crisis management guidelines or playbooks in place.

Talent challenges

Human capital challenges, especially in finance and internal audit, are an area of critical importance for audit committees. They should be working with leaders in these functions to understand if they have the right talent to address the risks their organizations are facing today and into the future. The discussions should include a focus on succession planning and any needs to upskill existing talent that may be affected by technology advancements.

Audit committee effectiveness

As noted above, part of what I love about my role is advising audit committees on considering how to effectively and efficiently execute their responsibilities. In light of ever-expanding obligations, effectiveness should continue to be an important focus. Leadership stems from the chair, but each member and management play a critical role and should adopt a mindset of continuous improvement, which can be measured in part through robust self-evaluations. Additionally, the chair should ensure there is transparent and candid communication between the audit committee, management, and external auditors, as well as effective meeting materials and discussions.

What role can Deloitte play?

Deloitte has extensive experience advising audit committees to address their ever-increasing oversight responsibilities and effectiveness. Feel free to reach out to me, Krista Parsons, with questions.

The services described herein are illustrative in nature and are intended to demonstrate our experience and capabilities in these areas; however, due to independence restrictions that may apply to audit clients (including affiliates) of Deloitte & Touche LLP, we may be unable to provide certain services based on individual facts and circumstances.

This publication contains general information only and Deloitte is not, by means of this publication, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This publication is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor. Deloitte shall not be responsible for any loss sustained by any person who relies on this publication.