Accelerate

Plotting new paths forward

Geopolitical risk remains high, so leading organizations are increasingly adopting scenario analysis. Audit committees will need to monitor this approach and any related risk-management actions based on its conclusions.

In this evolving business environment, audit committees are supporting management as they monitor the evolving geopolitical landscape and assess going concern.

Governance and trustworthiness fuel AI success

Audit committees will be instrumental in ensuring AI is adopted successfully across the organization by helping guide and oversee its proper governance and the trustworthiness of its implementation. They must also ensure organizations are adapting risk management to account for vendors’ use of AI and preparing for coming AI-related reporting requirements.

Organizations are building roadmaps to mandatory ESG reporting

While the European Union is leading the way in rolling out mandatory ESG reporting requirements, momentum is also building in Canada. Audit committees will be an integral part of the ESG reporting and assurance process. They must ensure management can present a roadmap to timely compliance. Preparing for mandatory ESG reporting is a substantial undertaking, and organizations can benefit from identifying needed resources and securing them early.

New cyber threats require new tools built on strong foundations

Audit committees are also taking a lead role in ensuring organizations are keeping pace to detect and defend against cyberattacks. As third-party breaches become more common, committees are ensuring management is looking more closely at their supply chains. And as threats become more sophisticated, they’re also challenging management to ensure they’re employing adequate threat detection procedures and engaging the right cyber security service providers.

In the current threat environment, audit committees must ensure their organizations move beyond annual or semi-annual cyber security assessments to more frequent reviews that delve deeper than a mere checklist approach. At the same time, they must ensure organizations layer new techniques for battling attacks on top of a strong foundation of basic cyber defence practices.

It’s important to ask the right questions

In the following articles, we outline the most pressing issues, highlight areas for audit committee attention and raise the questions that audit committees may want to ask themselves and management as they navigate the coming year.

This article was originally published in January 2025 and was updated in February 2025 to reflect significant geopolitical shifts. Visit our geopolitical insights page for the latest developments.