Emerging technologies present big opportunities for efficiencies and strategic advantages for companies, but they also pose substantial challenges for audit committees.
Artificial intelligence and robotic process automation can change the way companies do business and increase efficiency and the quality of financial reporting. But the technologies also pose risks to financial reporting that audit committees must address in an oversight role.
A new Center for Audit Quality (CAQ) tool, Emerging Technologies, is designed to help audit committees perform their oversight of financial reporting that is affected by emerging technologies.
"Today's technological innovation has revolutionary potential for both public company auditing and financial reporting," CAQ Executive Director Cindy Fornelli said in a news release. "While emerging technologies present exciting opportunities to enhance audit quality and the financial reporting process, these opportunities are not risk-free."
The CAQ tool applies the internal control framework of the Committee of Sponsoring Organizations of the Treadway Commission (COSO) to this oversight of emerging technologies in financial reporting. (The AICPA is affiliated with the CAQ and is a member of COSO.)
Audit committees are advised by the tool to:
- Understand the company's emerging technology strategy and any specific technologies contemplated.
- Understand management's risk identification and risk assessment process.
- Understand the control activities in place that respond to the identified risks.
- Establish information and communication protocols for obtaining the information they need to carry out their responsibilities.
- Monitor emerging technology activities.
The tool also suggests that audit committees ask auditors whether the engagement team has the right expertise to address risks related to the technology; how much experience the firm has with emerging technologies; how the impact of emerging technologies has been considered during risk assessment; whether emerging technologies have a significant impact on the planned audit scope; and if the audit team identified any additional risks that management has not sufficiently explored.
— Ken Tysiac (Kenneth.Tysiac@aicpa-cima.com) is the JofA's editorial director.