We’ve all heard the saying, “Hindsight is 20/20.” Hindsight is a valuable tool where we can apply meaningful historical principles to our lives and our organizations. It provides us the ability to review the past, reflect on actions taken or not taken, and apply them prospectively. As our country continues to ease back to normality, we have a fantastic opportunity to reflect and learn. As I reflect, I think about enduring masks, not visiting high-risk family members, forgoing family vacations, etc. What was our driving force? For most of us, we considered these protocols an adequate control to enhance value. Maybe the value is not falling sick, being able to work, or reducing the possibility of death for a loved one. Each day, we assess risks and apply controls to mitigate those risks in order to achieve some type of enhanced value. The same is true for our organizations.
Some organizations have been stretched to their limits over the past year while others have seen record growth. With significant shifts within an organization, strategies may be altered, financial goals are perhaps adjusted, and new compliance requirements could be enforced. As your organization continues to thrive in 2021, below are some considerations for your enterprise risk management program and system of internal controls to enhance value through risk management:
- Consider significant impacts to your internal control system such as reduced staffing or new hires in key positions.
- Evaluate the impacts of new accounting standards such as the new lease standard (ASC 842) to internal controls over financial reporting.
- Consider your organization’s liquidity risks, determining if new funding is needed or how excess funds can be efficiently deployed.
- Consider the impacts of new compliance requirements (Single Audit) if your organization received $750,000 or more in federal funding.
- Consider new regulatory implications impacting your organization.
- Evaluate your organization’s information technology impacts such as automated application controls, system/control configurations, report writers and cybersecurity incidents.
- Consider the impacts of your organization’s culture post-COVID, for example, remote vs in-office workspaces.
This is a great reminder that risk assessments are a living and breathing document that must be nurtured, possibly more often than on an annual basis. This will assist the board and management to ensure that their organization “stays on track” by enhancing their defined values.
MEET THE EXPERT
Joshua Bowen, CPA, CGMA, CAMS, is a member in the Warren Averett’s Audit Division, serves on the firm’s Audit Best Practice Leader Committee and is part of the firm’s Financial Services and Public Sector Industry Groups. Contact him at 334-260-2364 or Joshua.Bowen@warrenaverett.com.
