Tate’s Excellent Audit Committee Guide (02172017) – posted here, and being update

Below I have provided a link to Tate’s Excellent Audit Committee Guide, which I last fully updated February 17, 2017. Since that time developments relating to various of the discussion topics have been posted to this blog. I am starting the process of fully updating the Guide. To be sure there have been changes and developments since February 17, 2017; however, I believe that you will still find the Guide useful.

Click on the following link to the February 17, 2017, Guide Tate’s Excellent Audit Committee Guide 02172017 with Appendix A-2

The following is a screenshot of the Guide’s cover:





Director (Prudent) Note Taking, Discouraged or Not – Forward From Woodruff-Sawyer and Priya Cherian Huskins With Comments

Here is a link to a good discussion by Priya Cherian Huskins, Esq. at Woodruff-Sawyer about director note taking (not minute taking, but note taking), which can also apply to note taking in general in many situations, CLICK HERE. I agree with Ms. Huskins.

There should be policies and procedures or guidelines to be followed, but a director should be allowed to take notes, and should not be told that he or she cannot take notes. It is a matter of the director performing his or her oversight function in the manner that he or she believes is prudent and necessary. If I was told that as a director or audit committee member that I could not take notes that I thought were necessary and helpful to me and my oversight, I would question that instruction or request, and consider declining the position if it was forced.

Best, Dave Tate, Esq. (San Francisco/California)

‘Internal audit is crucial to assessing impact of corporate culture’

Internal audit’s mandate is much broader than external audit’s, says Richard Chambers of Institute of Internal Auditors

Click on the following link for the article: www.thehindubusinessline.com

Dave Tate, Esq. comment.


I’m going to disagree with Mr. Chambers on this one. I believe it is better for external audit to be auditing this issue – which is an issue that external audit already should be taking into consideration when designing the audit and the extent to which management and the accounting and internal control functions can be relied upon.


Although internal audit could be assigned a task or project relating to culture, on this topic I would keep the task or project very specific. Internal audit does also work and interact with management and executive management – assessing culture might detrimentally impact those relationships. I would however recommend that internal audit be more involved in risk management, which could involve culture but in a different context.


Audit committee, D&O, risk management, etc. blog: http://auditcommitteeupdate.com

Website: http://tateattorney.com

Trust, estate, conservatorship and elder abuse litigation blog: http://californiaestatetrust.com



How Can Internal Audit Support the Growing Responsibilities of the Audit Committee?

Recent 2015 audit surveys report some interesting findings about the current role of audit committees. They highlight not only how complex the world of risk management and oversight has become in the corporate world, but also the enormous breadth of responsibilities that the audit committee is expected to bear.

Click on the following link for the article: corporatecomplianceinsights.com

Dave Tate, Esq. comments: although this is a very brief article, the topics and issues listed are large and complex. The article also offers no help at resolution. But, these issues are here to stay for boards and audit committees. Every internal audit function is different – some are qualified or partially qualified to help with these issues, whereas some are not. For some additional information, see Tate’s Excellent Audit Committee Guide (January 3, 2016, version, 183 pages) at http://wp.me/p75iWX-q.


Best. Dave Tate, Esq. (San Francisco and California. See also my other blog re trust, estate, conservatorship, power of attorney and elder abuse litigation and contentious administrations at http://californiaestatetrust.com, and my website at http://tateattorney.com.

Do You Have a Contrarian on Your Team?

A divergent opinion can lead to more creative and better decisions.

Click on the following for the article: www.gsb.stanford.edu

Dave Tate, Esq. comments – good for thought – every board and management situation is different anyway – but also, did anyone say that there shouldn’t be or can’t be contrarian views on a board or committee? Look at the business judgment rule – there’s nothing there about all having to agree. One vote per person. My website: http://tateattorney.com.

Does Your Audit Committee Charter List Risk Management?

If you are an audit committee member of a public company your audit committee charter might and in some cases must in some manner list risk management oversight as a responsibility.

If you are a nonprofit, private business or company, or governmental entity, and if you have an audit committee charter, your charter also might list risk management oversight, and if it doesn’t, then that oversight is the sole responsibility of the entire board.

In relevant part for example the NYSE Listed Company Manual states under Audit Committee Additional Requirements that the audit committee’s purpose in part at a minimum must be to:

  1. Assist board oversight of (1) the integrity of the listed company’s financial statements, (2) the listed company’s compliance with legal and regulatory requirements, (3) the independent auditor’s qualifications and independence, and (4) the performance of the listed company’s internal audit function and independent auditors (if the listed company does not yet have an internal audit function because it is availing itself of a transition period pursuant to Section 303A.00, the charter must provide that the committee will assist board oversight of the design and implementation of the internal audit function); and
  2. Discuss policies with respect to risk assessment and risk management.

And under related Commentary with respect to risk assessment and management: While it is the job of the CEO and senior management to assess and manage the listed company’s exposure to risk, the audit committee must discuss guidelines and policies to govern the process by which this is handled. The audit committee should discuss the listed company’s major financial risk exposures and the steps management has taken to monitor and control such exposures. The audit committee is not required to be the sole body responsible for risk assessment and management, but, as stated above, the committee must discuss guidelines and policies to govern the process by which risk assessment and management is undertaken. Many companies, particularly financial companies, manage and assess their risk through mechanisms other than the audit committee. The processes these companies have in place should be reviewed in a general manner by the audit committee, but they need not be replaced by the audit committee.

The Listed Company Manual also states that each listed company must have an internal audit function.

And under related Commentary with respect to the internal audit function: Listed companies must maintain an internal audit function to provide management and the audit committee with ongoing assessments of the listed company’s risk management processes and system of internal control. A listed company may choose to outsource this function to a third party service provider other than its independent auditor. While Section 303A.00 permits certain categories of newly-listed companies to avail themselves of a transition period to comply with the internal audit function requirement, all listed companies must have an internal audit function in place no later than the first anniversary of the company’s listing date.

Further, General Commentary to Section 303A.07 states: To avoid any confusion, note that the audit committee functions specified in Section 303A.07 are the sole responsibility of the audit committee and may not be allocated to a different committee.

From an audit committee member perspective, here’s the issue that I have with risk management oversight – it’s whether the audit committee and the board primarily, and possibly other necessary stakeholders or people involved, really have reached an understanding about what that “risk management” oversight means, both in terms of substantive risk oversight areas that are (and therefore also that aren’t) included in your oversight responsibilities, and exactly what you are expected to do to satisfy that oversight? And then, how those areas and responsibilities are described in the charter. Without clarification the term “risk management” is or can be vague and potentially extremely broad.

As risk management oversight has grown, or you might say, exploded, in importance for the board and its committees, over the past several years I have regularly received materials from risk management professionals discussing and disagreeing about exactly what risk management is, what terms and criteria to use, and how to go about performing risk management. I’m not trying to duplicate their efforts. But risk management can be a complicated area requiring a substantial investment of oversight effort and time. Obviously it’s an important area for the board, and for an audit committee or risk committee to which that oversight has been delegated. Even with delegation to a committee, the board should still maintain risk management oversight.

And risk management also is an area that relates to other areas of oversight such as internal controls (COSO 2013), personal safety, anonymous reporting processes and investigations, compliance with laws, and other areas.

You as an audit committee member, and other stakeholders need to understand what is involved, and what is expected of you, so that hopefully, to the extent possible (because it isn’t possible to avoid all surprise or unexpected situations) the important possible risks or surprises and related processes that are under your oversight have been and are being evaluated, addressed (designed and implemented), monitored and updated as necessary, including what to do and how to act to mitigate and remedy the situation if a surprise or unexpected situation does occur.

You can find additional discussions on this blog and on Tate’s Excellent Audit Committee Guide, the January 3, 2016, version of which can be found at http://wp.me/p75iWX-q

Wishing you the best.

Dave Tate, Esq. and CPA licensed in California (inactive), San Francisco and California



I am offering to help facilitate your audit committee self-evaluation for a fixed fee. The facilitation would follow the process outlined at part XII of my audit committee guide to discuss and evaluate your audit committee – how things work, and things that could improve and would be helpful to the committee members and how the committee operates. I have also pasted that process below. You can see the complete January 3, 2016, of Tate’s Excellent Audit Committee Guide at http://wp.me/p75iWX-q.

The requested fixed fee is $1,900 to facilitate a three person audit committee self-evaluation, or $2,300 for a four person audit committee self-evaluation. Fees are negotiable, depending on your type and size of entity or committee (including, for example, for profit, nonprofit, public entity, private entity, etc.) and your other circumstances – you can suggest an alternative amount if the two amounts that I have indicated don’t work for your particular situation.

My primary objective is to help you and your committee with the important self-evaluation, at a reasonable cost with which you are comfortable. The facilitation process also does involve a not insignificant amount of my time and effort. Out of pocket costs, if any, such as for travel are in addition to the above amounts.

The following is partially copied and pasted from part XII of my audit committee guide, and also provides the self-evaluation process. Please contact me by email at davetateesq@gmail.com if you would like to discuss a facilitated audit committee self-evaluation – contact me – let’s talk it over.

Dave Tate, Esq. (San Francisco and throughout California)


Self-evaluation is an important board and committee activity, and can be very helpful if done properly.

  1. Introduction and Overview

The following discussions cover board and audit committee self-evaluations and provides processes that you can use. As noted elsewhere in these materials, although many board and audit committee functions, responsibilities and tasks are specified by statute, regulation, rule or pronouncement, board and audit committee member standards of care remain significantly dependent on due diligence and prudent judgment.

Boards and audit committees of various entities are required by law, regulation or rule to conduct annual committee self-evaluations (for audit committees, see, i.e., part V.B.1.a. above); however, it is worthwhile for boards and audit committees of all public and private companies and nonprofit entities to conduct self-evaluations. Board and audit committee jobs are challenging, ongoing, and technical in nature, and require the members to significantly interact with many people in different capacities within and outside of the entity. It only makes sense that both boards and audit committees should at least once each year take time to step back and review, evaluate and make improvements to their manners of operation, and also consider helpful actions that can be taken by other people with whom the boards and audit committees interact. Self-evaluation will be worthwhile even if it results in improving only one area of operation.

Board and audit committee responsibilities originate from several different sources at least including (1) activities and responsibilities that boards or audit committees voluntarily undertake or that are delegated to them; (2) the business judgment rule; (3) the specific laws, regulations and rules that are applicable to the entity’s directors and audit committee members; (4) the wording of the board and audit committee charters, if there are charters; (5) shareholder and stakeholder expectations, and (6) for audit committees, accounting and auditing pronouncements relating to the outside auditor’s activities.

Prudent board and audit committee processes and diligence are also important to reduce member and entity liability and reputation risk. An increasing number of cases hold that board and audit committee members can be liable for failure to exercise sufficient diligence, failure to spot and respond to red flags, and failure to take action. Active board, committee and corporate diligence tend to demonstrate prudent business judgment and negate allegations of recklessness, improper intent, intentional wrongdoing, or “scienter” such as in the context of securities litigation, thus reducing the risk of securities liability and damages. In the context of audit committee activities, potential entity, board, and audit committee member liability typically arises in the context of alleged improper accounting practices, written and oral public misrepresentations (such as with respect to financial matters), and improper employment practices. For additional discussion on these topics see parts II. and III. above in these materials.

Although not required, there can be advantages to having a facilitator conduct an interactive interview approach to the self-evaluation process, but without performance grading or rating: it can be difficult to construct a questionnaire with standardized questions that would be similarly understood by each of the participants in the self-evaluation process; different people use different rating scales; different people express responses in different manners; and certain important issues will change from year to year. A facilitated approach may encourage better discussion and comment, compilation, continuity, explanation, and follow-up. Contact me if you are interested in evaluation assistance.

Issues and topic areas to consider during the self-evaluation process will naturally vary from entity to entity, and from board and audit committee to board and audit committee. Thus, to stimulate discussion, below for both boards and audit committees I have provided lists of potential broad issues or topic areas to consider for discussion and evaluation, including both successes and possible improvements; and I have also outlined processes to assist your board and audit committee self-evaluation processes.

  1. Audit Committee Self-Evaluation
  2. Sample List of Issues and Topics to Consider for Audit Committee Self-Evaluation

The following is a list of issues and topic areas to consider for discussion and evaluation. The list is intended to help trigger thought processes, but, of course, is not exhaustive as areas of discussion and evaluation will vary from entity to entity, and from committee to committee. The following list is not intended to and does not suggest that each or any of the below issues and topics must be considered or covered and is not a checklist – instead, if your audit committee is required to conduct a specific evaluation process or to cover certain specific issues and topics, you will need to separately consider the specific requirements, if any, for your audit committee and its evaluation process pursuant to law, regulation or rule. In that regard, please also see the disclaimer and limitations at the beginning of these materials.

The following is a list of issues and topics areas to consider for discussion and evaluation. See also the discussion areas listed at part XI. above.

-Audit committee meeting agenda preparation and dissemination process.

-Committee member independence, financial literacy, experience and expertise.

-Committee member access to information and/or education pertinent to the functions and responsibilities of the audit committee. Are the needs of the committee members being met, so that they are sufficiently knowledgeable and educated about the company or nonprofit and its industry; relevant significant accounting and auditing issues; relevant legal matters; internal controls, risk assessment and management; governance; and new developments in those and other areas?

-Committee and committee member interactions, including interaction between committee members, and between the committee and the board, the CEO, the CFO, the outside auditor, the internal auditor, legal counsel, compliance and ethics, HR, consultants, and other people.

-The committee’s processes for identifying and spotting issues, evaluation and decision making.

-The contents of the audit committee charter, and a mutual understanding of the audit committee’s responsibilities and tasks. The charter is a requirement for public companies, and is a good idea for many private companies and nonprofit entities. The charter is a prudent document to identify and clarify the audit committee’s responsibilities. In addition to the committee itself, it is important for the board, the executive officers, and other stakeholders to have a correct understanding about the committee’s responsibilities and limitations, and the extent to which state or local jurisdiction, U.S. and international requirements and responsibilities apply or may apply to your audit committee.

-Selection of the outside auditor; audit planning; review of the performance of the outside auditor; and review of the quarterly review and annual audit report and process (or compilation if appropriate).

-Review of recent developments relating to standard of care and acceptable reliance on other people.

-Review of accounting and financial internal and fraud/embezzlement related controls and processes, risk assessment and management, possible entity and individual liability and reputation risk exposure; and compliance assessment and management relating to laws, regulations, and rules that are within the scope of the audit committee’s functions and responsibilities including issues relating to the Foreign Corrupt Practices Act.

– Review of the accounting department, and accounting and financial reporting for transactions including all of the subcomponents such as principles and policies applied (quality not just acceptability); judgments, estimates and reserves; timing and cutoff procedures; off balance sheet transactions; related party transactions; contingencies and liabilities; revenue recognition; expenses; inventories; goodwill; insider trading; and other matters relating to accounting and financial statement reports.

-Implementing the new revenue recognition rules.

-Review of the financial and internal audit functions, and how they can be helpful to the audit committee in the performance of its responsibilities and tasks.

-Review of risk or uncertainty assessment and management processes that are within the scope of the audit committee’s functions and responsibilities.

-Implementing COSO 2013.

-Documenting and reporting the audit committee’s activities and minutes.

-The audit committee’s use of attorneys and consultants.

-The company’s investor communication processes.

-Whistleblower, ethics and complaint handling processes; corporate investigations.

-Document retention policies.

-Review of the compliance and ethics function and processes that are within the scope of the audit committee’s responsibilities, and how they can be helpful to the audit committee in the performance of its responsibilities and tasks.

-Governance, including tone at the top, financial leadership, transparency and appearance.

-Review of employer, employee and workplace processes that are within the scope of the audit committee’s function and responsibilities.

-Review of tax compliance and reporting issues that are within the scope of the audit committee’s function and responsibilities.

-Review of cybersecurity within the scope of the audit committee’s responsibilities.


-Review of pension and health plan related issues that are within the scope of the audit committee’s function and responsibilities.

-Review of billing and accounting relating to the receipt of funds or revenue from governmental sources such as Medicare and Medicaid; compliance with applicable laws, regulations, rules and other requirements; and oversight of expenses relating to these areas.

-Review of the acceptance, receipt, allocation, expenditure or distribution, and accounting for all charitable and donor funds, grants, contributions, pledges and other resources, including compliance with all requirements, restrictions and special uses.

-Review of accounting for collaboration and joint venture arrangements, including the allocation of receipts/income and distributions/expenses between the entities.

-And, in this economic environment, review of the fair value of funds and investments, including loss of value; liquidity concerns; possible going concern issues; estimates for uncollectibles and related reserves; debt/loan covenants; and funding source uncertainties including those that relate to collaboration and joint venture arrangements.

-It is also important for the audit committee to clarify with the board what responsibilities it has, if any, for oversight of the numerous and various areas of taxation and compliance; ERISA, pension and health and welfare plans; investments; tax exempt status including fund raising, dues, solicitation, and political, campaign and lobby activities; and other areas significant to the entity.

-Additional significant topics or issues that should be discussed.

  1. A Self-Evaluation Process and Format for Audit Committees

The following eight primary steps outline a proposed audit committee self-evaluation process that is workable for audit committees of public companies, private companies and nonprofit entities, whether using or not using, an outside facilitator.


Step 1. Determine the people who will be participating in the evaluation process, including the audit committee members, and other people, if any, to interview for comment.

Provide the names of the people who will participate in the evaluation process.



Step 2. Determine how the participant interviews will be conducted, individually or in a group, in person or by telephone, skype or some other means.

Provide comments or information about how the interviews will be handled with the various different people who will participate in the evaluation.



Step 3. Arrange participant individual or group interview dates and times.

Provide participant individual or group interview date and time information.



Step 4. Provide the participants with pre-interview materials and a list of possible issue or topic areas (broad and specific) for consideration and discussion. Of course, the participants can add additional issues or topics. Use this paper for that purpose.

Provide information regarding the status of disseminating the pre-interview materials.



Step 5. Have each participant provide a list of one to five, or more, issues or topic areas that the participant would specifically like to discuss during the evaluation process.

Provide comments and information regarding receipt of issues or topic areas from the self-evaluation process participants, and the respective issues or topic areas listed.



Step 6. Conduct information intake or interviews with participants individually or as a group.

Provide comments and information from the participants or the status of such – the input can be made by the participants themselves or by a facilitator during self-evaluation interviews.



Step 7. Summarize in a report format the issues and topic areas, information received, and suggestions made during the self-evaluation process.

Provide a summary in a report format.



Step 8. Provide a report back to the audit committee, and possibly conduct a committee group review of the self-evaluation process, information obtained, and suggestions made, and possible future actions or follow-up.

Provide additional comments and information about the self-evaluation process or results.



Concluding comments. I hope you have found this discussion helpful and at least a good starting point for your audit committee self-evaluation. Feel free to contact me if you are interested in discussing the audit committee self-evaluation process, or if you would like help with facilitation.

* * * * *