Copyright © 2012 Deloitte Development LLC. All rights reserved. Audit Committee Brief November/December 2012 | 1

Top Issues for Audit Committees in 2013

Audit Committee Brief

The audit committee’s primary role is the oversight of the financial reporting process, although the scope of this role varies depending on the organization. One aspect that is constant is the audit committee’s need to respond to fast-charged environments with continuous uncertainty and change, whether in dealing with the regulatory arena, risk-related responsibilities, or uncertainty in the financial reporting process. This Audit Committee Brief addresses key issues that are expected to affect audit committee agendas in 2013.

The importance of the audit committee in maintaining appropriate governance was mentioned often in governance forums and PCAOB roundtables in 2012. PCAOB Chairman James Doty stated, “Investors rely on auditors and audit committees, as intermediary agents, to attend to [financial reporting] risk. The audit committee directly oversees management’s reporting of the company’s financial position and results to investors. Auditors validate. Naturally, both agents should support each other’s work with an open dialogue about how to protect investors from misleading or inadequate management reports.”

Discussion of mandatory audit firm rotation and tendering of independent audits continues. One common view is that it is essential for the audit committee, as a representative of investors’ interests, to challenge management and the independent auditors when needed. This is a critical role in the governance of our financial system.

Audit Committee Brief November/December 2012 | 2Copyright © 2012 Deloitte Development LLC. All rights reserved.

At the 2012 NACD Board Leadership Conference, PCAOB Board Member Jeanette Franzel noted, “[At recent roundtable discussions] we heard from many panelists and audit committee members that the audit committee oversight process was effective and working well in their organizations. However, we also heard that not all audit committees are created equal, and that there appears to be significant variability in quality of practice.”

This Audit Committee Brief addresses the effectiveness of audit committees by providing an overview of developments and available resources in several areas for audit committees to consider as they plan their agendas for 2013:

1. Finance talent assessment

2. Managing through uncertainty

3. Ebb and flow of technical accounting activity

4. Tax landscape transformation

5. Interaction with the independent auditor

6. SEC regulatory activity

7. Oversight of management

8. Interaction with internal audit

9. Information technology risk

10. Committee education

¡¡ “ The next year promises to be as demanding on audit committees as the most recent. Anticipating the impact of potential regulatory activity and continued uncertainty remains a key challenge of audit committees. This brief provides additional insight to aid in addressing these challenges.”

Greg Weaver Chairman and Chief Executive Officer Deloitte & Touche LLP

Copyright © 2012 Deloitte Development LLC. All rights reserved. Audit Committee Brief November/December 2012 | 3

Finance Talent AssessmentArguably the most important aspect of the audit committee’s oversight of financial reporting is to assess the abilities of the company’s finance talent. Having the right talent results in the appropriate level of competence, skill, and integrity needed to produce sound financial statements. This assessment may provide a basis for determining where investment could be made in enhancing the abilities of the current staff or considering the need for outside hiring and assistance. The success of addressing the issues below largely depends on the company personnel leading the assessment and response, while the audit committee evaluates whether company personnel have the ability to succeed.

There are four steps audit committees can take in overseeing their finance organization strategy:

•Evaluate the development of management’s talent strategy specific to finance

•Evaluate management’s definition of what finance talent means to your organization

•Evaluate the critical workforce segments of your finance organization and their development needs

•Evaluate finance-specific programs established to develop your leadership team.

With the continued accounting technical complexities, the talent war for finance will continue into 2013, and audit committees should encourage strategies that allow their organizations to win the important battles along the way.

Questions for audit committees to considerConsider the following questions:•Does management have a strategic

talent plan and process specific to the finance function? Has the audit committee evaluated and contributed to the plan and process?

•What knowledge, skills, abilities, and experience does the organization need from a technical, behavioral, and leadership perspective?

•What are the critical workforce segments in the finance function? What specific measures are used to attract, develop, and retain professionals in those segments?

•What steps are taken to identify and develop leaders in the finance organization?

Additional Resources

CFO insights: Do you have a fi nance-talent strategy?

As fi nance’s depth and scope of responsibility grow, so does the need for highly skilled talent and leaders. As CFO, how do you identify the skill sets you need now and those you require going forward? In other words, do you have a fi nance-talent strategy that supports your broader fi nance and corporate strategies? Is it robust enough to evolve with your needs? And is it unique enough to allow you to focus on what differentiates your company—and yourself?

Answering these questions is critical for today’s CFOs. In the 1Q11 Deloitte CFO Signals™ survey, we asked fi nance leaders about the biggest challenges for their companies and their industries. In each case, talent availability was a top-four concern. The strong message was that despite continued high unemployment levels, the elevated skill sets companies now require are not easy to fi nd. One out of three CFOs surveyed said they were having trouble fi lling open positions, and nearly 60% were taking steps to engage and “lock in” top performers.1

Unfortunately, fi nding and securing fi nance talent is just the fi rst step in developing a fi nance-talent strategy. The goal should be to develop an integrated plan that identi-fi es the people and skills needed at the macro, micro-, and individual-levels; integrates and deploys those people and skills into both the fi nance and business functions; and supports fi nance professionals across employee life cycles—from recruitment to retirement. It is the rare com-pany that has such a program in place but with specialized fi nance skills at a premium, it is essential that CFOs de-velop programs and processes that foster talent retention and not leave career development to chance.

In this edition of CFO Insights, we will review what a fi nance-talent strategy is; why it is important to have one now; and what you as a CFO can do to facilitate develop-ing your talent strategy. In future issues, we will drill into some of the specifi c components of an integrated talent strategy, including how to retain critical staff, strategies for effective fi nance career development, and the implications of the generation gap in fi nance.

Source: 1Q11 Deloitte CFO Signals™ survey, www.deloitte.com/us/2011/cfosignalsq1

Assessing the fi nance talent landscapePercent of CFOs who agree with each statement

Taking new steps to keep top performers

Actively recruiting new fi nance talent

Having trouble fi nding the right people for our open fi nance positions

Seeing an improved market for fi nance talent

Increasing use of outsourced/offshore fi nance talent

0% 20% 40% 60%

Deloitte CFO Insights: Do You Have a Finance-Talent Strategy?

CFO Insights Do you have the finance talent you need now?

1

Source: Talent Edge 2020: Building the recovery together - What talent expects and how leaders are responding, Deloitte Consulting LLP, April 2011

Lack of career progress

Lack of compensation

increases

New opportunities in the market

Lack of job security

Lack of trust in leadership

Lack of acceptable

bonus/financial incentives

30%

20%

25%

15%

10%

5%

0

Figure 1. Top six departure triggers which support the development of appropriate retention strategies

Economic volatility. Tax reform. IFRS and convergence. Hedging strategies. The scope of a chief financial officer’s (CFO) responsibilities is constantly evolving and expand-ing and calls for a team of highly skilled leaders as well as deep bench strength. Identifying and keeping that talent is far from easy.

In fact, it is the talent paradox. Despite continued high un-employment rates, CFOs tell us that they cannot find the talent they need. In the Q1 2011 Deloitte CFO Signals™ survey, for example, one out of three CFOs surveyed said they were having trouble filling open positions, and nearly 60% were taking steps to engage and “lock in” top per-formers. At the same time, critical talent is on the move. Since the end of the recession, for example, voluntary quit rates have nudged higher according to the Bureau of Labor Statistics, and employees leave for a variety of reasons (see Figure 1). In addition, finance employees are at greater risk of being poached as companies compete for the same highly skilled talent pool.

None of that bodes well for CFOs who want to move be-yond their operator and steward roles and focus long term on the development and execution of strategy. It is hard to move forward when you do not have the team you need to make such an advance. When CFOs honestly assess their teams, they often do not see the talent necessary to free them up to spend more time on broader business priorities (see “Crossing the Chasm,” CFO Insights, May 2011). So when critical talent can be identified, it is even more imperative that CFOs work to retain that talent and neutralize the numerous triggers that can lead to a separa-tion.

In a recent issue of CFO Insights, we looked at the benefits of having a finance strategy that identifies the people and skills needed at the macro-, micro-, and individual levels; integrates and deploys those people and skills into both the finance and business functions; and supports finance professionals across the employee life cycle—from

Deloitte CFO Insights: Do You Have the Finance Talent You Need Now?

Copyright © 2012 Deloitte Development LLC. All rights reserved. Audit Committee Brief June 2012 | 1

Finance and the war for talent

Audit Committee Brief

For the past 20 years, there has been a talent war. Today, fresh from economic battles, domestic and global companies may face shortages in their finance leadership pipelines. This can represent a significant risk, garnering the attention of management and the audit committee.

The Deloitte CFO Signals first quarter 2011 survey reported that one out of four executives anticipates severe shortages of senior and emerging leaders. As companies face greater business challenges in response to increased globalization and financial regulation, the skills required of finance executives continue to expand. These include technical abilities in accounting, auditing, and leveraging financial systems to effectively aggregate data for performing analysis, as well as general business skills such as leadership, industry knowledge, and business process expertise.

In the years ahead, vigilant audit committees and finance organizations may need to focus on identifying and developing finance talent.

Deloitte Audit Committee Brief: Finance and the War for Talent

Copyright © 2012 Deloitte Development LLC. All rights reserved. Audit Committee Brief November/December 2012 | 4

Managing through UncertaintyWith the uncertainty surrounding new legislative activity following the election cycle, the pending “fiscal cliff,” volatility in Europe, and global political events, managing through uncertainty is now a constant consideration. Although the audit committee is responsible for overseeing the response to financial risks, the committee must be aware of nonfinancial risks that may affect the company. In several organizations, the audit committee has assumed responsibility for overseeing other risks, such as information technology, reputational, and supply-chain risk.

Other risks may include:

1. Uncertainty on key judgments, including performance projections and estimates of recovery affecting the financial statements, such as assessing for impairment or the need for a tax valuation allowance

2. Risks related to using shared service centers and counter-party risks associated with outsourcing

3. Oversight of decentralized subsidiaries and locations, whether domestic or international.

Questions for audit committees to consider•What mechanisms does management

use to monitor emerging risks? Do they monitor performance or risk indicators? What are the early-warning mechanisms, and how effective are they?

•How is the audit committee informed of evolving risks?

•What is the role of the tax department in the risk management program?

•How does management stay apprised of IT security risks and threats and develop timely responses?

•What are the critical assumptions used in developing significant management estimates? Are the assumptions reasonable?

•Has management considered the financial statement risks of the business strategy, including executive compensation?

•Are business goals aligned with risk management priorities (e.g., calculated risk-taking)?

Additional Resources

Deloitte: Governance, Risk and Compliance site

Deloitte: Risk Angles

Risk Committee ResourceGuide for Boards

Deloitte: The Risk Committee Resource Guide for Boards

Ebb and Flow of Technical Accounting ActivityAlthough there were few new accounting pronouncements issued in 2012, the FASB is working on several significant standards that are likely to have an impact on most companies. Several of these standards are expected to be issued in 2013. Although they probably will not be effective in 2013, now is the time to assess management’s ability to digest the impact of these standards and implement strategies for adoption. Understanding management’s key challenges in implementing these standards—whether related to the quality of the existing talent pool, system modifications needed, potential impact on the underlying financials, or control and process modifications—will be a critical monitoring activity for audit committees. The FASB expects to issue its standards on revenue recognition and consolidations in 2013, while making significant progress on standards related to accounting for leases and financial instruments. In addition to the FASB activity, COSO plans to issue an update to its Internal Control – Integrated Framework, which is the framework nearly all companies and auditors use for their internal control over financial reporting assertions and attestations.

Copyright © 2012 Deloitte Development LLC. All rights reserved. Audit Committee Brief November/December 2012 | 5

Questions for audit committees to consider•How does management monitor FASB

activity and assess the effect on the business and financial statements, and how do they keep the audit committee informed?

•What are the capabilities of the people responsible for this process?

•Once issued, what is the project plan for adopting new standards and what are the biggest challenges in the plan?

Additional Resources

Update on the Project to Enhance COSO’s Internal Control — Integrated Frameworkby Jennifer Burns and Brent Simer, Deloitte LLP

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) initially published its Internal Control — Integrated Framework (the “framework” or the “original framework”) in 1992. Since then, it has become one of the most widely accepted internal control frameworks around the world. On December 19, 2011, COSO issued an exposure draft (ED) that proposes enhancements to the framework. COSO’s primary objective in updating and enhancing the framework is to address the significant changes to business and operating environments that have taken place over the past 20 years.

This Heads Up provides (1) an overview of the ED’s enhancements, (2) information regarding feedback received and expected timing of issuance, (3) an update regarding the development of COSO guidance on internal control over external financial reporting (ICEFR), and (4) considerations for preparers of financial statements before and after release of the updated framework.

Overview of the EDThe following aspects of the framework have not changed since its original issuance in 1992:

• Definition of internal control. The framework defines internal control as “[a] process, effected by an entity’s board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories: effectiveness and efficiencies of operations; reliability of reporting; compliance with applicable laws and regulations.”

• Five components of internal control:

o Control environment.

o Risk assessment.

o Control activities.

o Information and communication.

o Monitoring activities.

• Use of judgment in evaluating the effectiveness of systems of internal control.

Heads Up

August 7, 2012

Volume 19, Issue 18

In This Issue:• Overview of the ED• Feedback Provided to COSO

and Expected Timeline for Issuance

• Internal Control Over External Financial Reporting — Supplementary Guidance

• Considerations Before and After Final Release of Updated Framework

• Appendix A — Comparison of the ED’s Principles With Related Sections in the Original Framework

• Appendix B — Summary of Enhanced and Expanded Concepts in the ED by Component

COSO’s primary objective in updating and enhancing the framework is to address the significant changes to business and operating environments that have taken place over the past 20 years.

Deloitte Heads Up: Update on the Project to Enhance COSO’s Internal Control – Integrated Framework

Heads Up

Re-Lease Me Overview of Board Decisions on the Leases Projectby Trevor Farber, Sean Prince, and Beth Young, Deloitte & Touche LLP

In the nearly two years they have spent addressing comments received on their August 2010 exposure draft (ED), the FASB and IASB (the “boards”) have made a number of significant changes to their proposed guidance on leases. The boards substantially concluded redeliberating the guidance at their recent meeting and are expected to expose for public comment a revised ED, with a 120-day comment period, in the first quarter of 2013. On the basis of this timeline, a final standard is likely to be issued in late 2013, with an effective date no earlier than annual reporting periods beginning January 1, 2016.

Editor’s Note: Board decisions are tentative until a proposed standard is finalized. We expect that on the basis of the comments they receive on the revised ED, the boards may decide to reexamine the definition of a lease, variable lease payments, the expense recognition patterns for lessees, and the accounting for lessors.

This Heads Up summarizes the boards’ decisions to date on the leases project.

In a NutshellThe table below highlights the most significant provisions of the proposed lease accounting model. A discussion of these provisions, as well as various other aspects of the model, follows the table.

Topic Decisions

Lessee accounting — right-of-use (ROU) model

• The lessee recognizes an ROU asset and a liability for all lease contracts (other than short-term leases).

• The ROU asset represents the lessee’s right to use the leased asset for the lease term; the liability represents the lessee’s obligation to make lease payments.

Scope • Similar overall to scope in current U.S. GAAP.

Definition of a lease

• A leased asset must be specifically identifiable either explicitly (e.g., by a specific serial number) or implicitly (e.g., the only asset available to satisfy the lease contract).

• A physically distinct portion of a larger asset could represent a specified asset.

• A lease contract would convey the right to control the use of the specified asset. The concept of control would be similar to that in the proposed revenue recognition standard (i.e., the customer has the ability to direct the use, and receive benefits from the use, of that asset).

• Obtaining all the output from an asset is, in isolation, no longer determinative of control.

September 27, 2012

Volume 19, Issue 24

In This Issue:• In a Nutshell• Scope• Definition of a Lease• Lease Term• Lease Payments• Discount Rate• Lessee Accounting• Lessor Accounting• Other Lease Considerations• Presentation and Disclosure

Requirements • Transition

Deloitte DashLeases: What Companies Need to Know

Listen to a brief discussion about the FASB’s and IASB’s changes to the proposed lease accounting model.

Deloitte Heads Up: Overview of Board Decisions on the Leases Project

The More Things Change, the More They Stay the SameUpdate on FASB’s Project on Classifying and Measuring Financial Instrumentsby Magnus Orrell and Jason Nye, Deloitte & Touche LLP

Introduction This Heads Up addresses classification and measurement, a key component of the FASB’s project on accounting for financial instruments. With redeliberations nearly complete, the FASB’s tentative decisions to date1 describe a fairly complete model and give clues regarding what application issues may arise if the FASB amends U.S. GAAP on the basis of these decisions.

The body of this Heads Up gives an overview of the tentative decisions. The appendixes contain detailed information on more specific aspects of this topic:

• Appendix A discusses the cash flow characteristics and business model assessments in the FASB’s tentative model.

• Appendix B describes other components of the tentative model.

• Appendix C provides an overview of the FASB’s tentative presentation and disclosure requirements.

• Appendix D illustrates classification of common instruments under both current U.S. GAAP and the FASB’s tentative approach.

• Appendix E compares current U.S. GAAP with the FASB’s tentative approach.

• Appendix F compares IFRS 92 with the FASB’s tentative approach.

OverviewThe FASB has tentatively decided that financial assets should be classified at initial recognition into one of three categories: (1) fair value through net income (FV-NI), (2) fair value through other comprehensive income (FV-OCI), or (3) amortized cost. Classification of financial assets would be based on two factors: (1) the cash flow characteristics of the financial instrument and (2) the entity’s business model for managing the instrument. Financial liabilities would be classified as amortized cost unless (1) the obligation is a derivative, (2) the liability is a short sale, or (3) the entity will subsequently transact at fair value.

Heads Up

September 24, 2012

Volume 19, Issue 23

In This Issue:• Introduction• Overview• Classification and

Measurement of Investments in Equity Securities

• Classification and Measurement of Debt Instruments

• Other Components of the Model

• U.S. Income Tax Considerations

• Appendix A — Cash Flow Characteristics and Business Model Assessments

• Appendix B — Other Components of the Model

• Appendix C — The FASB’s Tentative Presentation and Disclosure Requirements

• Appendix D — Classification of Common Instruments Under Both Current U.S. GAAP and the FASB’s Tentative Approach

• Appendix E — Comparison of Current U.S. GAAP With the FASB’s Tentative Approach

• Appendix F — Comparison of IASB’s and FASB’s Tentative Approaches

1 Decisions include those made as of the FASB’s September 5, 2012, Board meeting. Because decisions are tentative, they could change before new requirements are finalized.

2 IFRS 9, Financial Instruments.

Deloitte Heads Up: Update on FASB’s Project on Classifying and Measuring Financial Instruments

Heads Up

Sizing Up the FeedbackComments on the Revised Exposure Draft on Revenue Recognitionby Mark Crowley, Sean St. Germain, Beth Young, and Amy Zimmerman, Deloitte & Touche LLP

Introduction On November 14, 2011, the FASB and IASB (the “boards”) jointly issued their revised exposure draft (ED) on revenue recognition.1 The comment period for the revised ED was 120 days and ended on March 13, 2012. The boards received approximately 350 comment letters on the proposal — significantly fewer than the nearly 1,000 they received on the original ED issued in June 2010. The boards plan to hold various roundtable discussions, perform additional outreach activities in April, discuss the comments received and the project plan in May, begin redeliberations in June, and complete the project by the first quarter of 2013. The effective date of the final standard will be determined during redeliberations.

This Heads Up summarizes responses to the proposal’s questions for respondents and the general themes of the comment letters. Although the feedback from most industries was similar and generally indicated support for the boards’ efforts to develop a single comprehensive revenue recognition standard, respondents expressed concerns about several aspects of the revised ED. The appendixes to this Heads Up outline some of these industry-specific concerns.

Summary of Feedback on Questions for RespondentsThe boards requested comments on the entire revised ED but specifically sought feedback on six aspects of it: (1) the criteria for evaluating when a good or service transfers over time, (2) the measurement and presentation of a customer’s credit risk, (3) constraining revenue to the amount that is reasonably assured, (4) the scope of the onerous performance obligations test, (5) the proposed interim financial statement disclosure requirements, and (6) the application of certain provisions from the revised ED to the transfer of a nonfinancial asset that is not within the proposal’s scope (such as the sale of property, plant, and equipment). Feedback on these six aspects is summarized below.

Criteria for Evaluating When a Good or Service Transfers Over TimeUnder the revised ED, an entity must evaluate whether a performance obligation transfers over time by considering whether certain criteria are met. Many respondents supported the ED’s method of determining when a performance obligation is transferred over time and the resulting recognition of revenue over time. However, certain respondents expressed concerns that entities may not interpret or apply the guidance consistently. They therefore requested that the boards clarify certain aspects of the guidance and provide additional examples.

April 13, 2012

Volume 19, Issue 8

In This Issue:• Introduction• Summary of Feedback on

Questions for Respondents• OtherCommentLetter

Themes• AppendixA—Aerospaceand

Defense and Engineering and Construction Industries

• AppendixB—AutomotiveIndustry

• AppendixC—EnergyandResources Industry

• AppendixD—FinancialServices Industry

• AppendixE—Technology,Media, and Entertainment Industries

• AppendixF—Telecommunications Industry

Although the feedback from most industries was similar and generally indicated support for the boards’ efforts to develop a single comprehensive revenue recognition standard, respondents expressed concerns about several aspects of the revised ED.

1 Proposed FASB Accounting Standards Update, Revenue From Contracts With Customers. See Deloitte’s November 15, 2011, Heads Up for a summary of the key provisions of the revised ED.

Deloitte Heads Up: Comments on the Revised Exposure Draft on Revenue Recognition

Copyright © 2012 Deloitte Development LLC. All rights reserved. Audit Committee Brief November/December 2012 | 6

Tax Landscape UncertaintyChief tax executives have their hands full in dealing with corporate tax policy matters, continuing volatility in the economic environment, the quest for increasing transparency by regulators, and continuing challenges surrounding internal controls. They must contend with the uncertainty in the tax landscape on all fronts while adding value to the business as a whole. More specifically:

•Tax authorities are increasingly challenging companies on tax positions to identify additional sources of income given the economic conditions most localities face. This includes questioning positions on transfer pricing and digging into the required uncertain tax position disclosures.

•The complexity of the tax code and financial reporting for taxes remains a challenge as companies struggle to find competent resources; tax matters continue to be a leading cause of material weakness and restatements. Because the judgment required to appropriately address complex tax issues is significant and evolving, audit committees need to consider tax processes and risks in their discussions and financial reporting oversight.

•Regulatory authorities continue to emphasize the importance of greater transparency in financial statement reporting, with a focus on income tax accounting and reporting. The SEC has indicated several areas of emphasis, including indefinite reinvestment of foreign earnings, the realizability of deferred tax assets, and the effectiveness of internal controls, particularly for foreign operations.

Questions for audit committees to consider•Is the tax department engaged by operations

management at an appropriate time to understand and provide guidance on the implications of proposed transactions and events?

•How does the tax department remain current on tax laws, regulations, and leading practices?

•What are the most significant risks of the organization related to the tax function and processes, as well as to tax exposure?

•What are the results of recent regulatory audits and actions? Do these raise concerns as to how the tax function operates and evaluates the recognition and measurement of tax positions?

•How are tax risk, compliance, and reporting managed outside the United States? How much visibility does the tax department have?

•What significant judgments are involved in the company’s transfer pricing? What does the company rely on to support those positions?

•In what significant areas is management relying on external service providers to supplement in-house resources? Who makes provider decisions?

Additional Resources

Copyright © 2012 Deloitte Development LLC. All rights reserved. Audit Committee Brief October 2012 | 1

Tax risks for U.S.-based multinationals

Audit Committee Brief

As 2012 comes to a close, much uncertainty in the tax landscape remains, particularly for U.S.-based multinationals managing tax risk across borders. From corporate tax policy matters—the focus of our November/December 2011 Audit Committee Brief—to the continuing volatility in the economic environment to the quest for increasing transparency by regulators and continuing challenges surrounding internal controls, chief tax executives have their hands full. They must contend with these issues while adding value to the business as a whole.

In order to reduce surprises and provide effective oversight of the financial reporting process, it is important for audit committees to understand major tax-related developments and their implications for organizational and financial risk.

This issue of the Audit Committee Brief highlights three significant tax regulatory areas affecting entities and typically requiring audit committee oversight.

Deloitte Audit Committee Brief: Tax Risks for U.S.-Based Multinationals

November/December 2011

Audit Committee Brief

Tax Complexities Drive Audit Committee Oversight

Copyright © 2011 Deloitte Development LLC. All rights reserved. Audit Committee Brief—November/December 2011 • 1

Tax matters continue to be a leading source of material weaknesses and restatements. Accordingly, tax-related U.S. GAAP issues remain an area of regulatory focus and often increased risk, thus, warranting significant attention. Because the judgment required to appropriately address complex tax issues is significant and evolving, even entities that have not identified material weaknesses in tax controls typically need to consider tax processes and risks in their audit committee discussions and financial reporting oversight. The SEC has increased the scrutiny of tax issues as a result of the significant judgment involved, and it is one of the agency’s most frequent areas of reviews. IRS Commissioner Douglas Shulman has encouraged board directors and members of management to regularly communicate with tax directors and the external auditors to learn about tax risks and exposures. The IRS has also developed corporate tax return disclosure rules related to uncertain tax positions for large companies. To lessen the likelihood of material weaknesses, restatements, IRS audits, litigation, and other negative developments, it is important for audit committees to assess tax-related risks in their financial reporting oversight role. Due to the complex nature of taxes and related risks, audit committees should assess whether they have the background to evaluate these matters and, if not, how they will gain an appropriate understanding. The importance of continual oversight by the audit committee and the overall board throughout the year is highlighted in PCAOB Auditing Standard No. 5, which notes that a material weakness exists when “there is a reasonable possibility that a material misstatement of the company’s annual or interim financial statements will not be prevented or detected on a timely basis.”

“Tax processes often develop outside of existing enterprise-wide platforms, so the more established financial reporting environment, controls, and governance may not be replicated in tax. Tax and the business must work together to ensure an appropriate control environment exists while also finding ways to add tax value.” Rita Benassi

National Leader of Deloitte’s Financial Accounting and Reporting – Income Taxes group and U.S. Tax Leader for Deloitte’s Governance and Risk Management, Deloitte Tax LLP

Deloitte Audit Committee Brief: Tax Complexities Drive Audit Committee Oversight

Accounting Roundup — Special EditionChanges in the Tax LandscapeJanuary 2012

Deloitte Accounting Roundup: Special Edition – Changes in the Tax Landscape

Copyright © 2012 Deloitte Development LLC. All rights reserved. Audit Committee Brief November/December 2012 | 7

Interaction with the Independent Auditor The PCAOB remains extremely active in identifying opportunities to improve audits and interaction between the audit committee and the independent auditor. Significant changes may be on the horizon. There are 15 projects in differing stages of completion on the PCAOB’s standard-setting agenda, including projects related to the auditor reporting model and the auditor’s independence, objectivity, and skepticism, which encompasses the concept of mandatory audit firm rotation.

Recently, the PCAOB issued:

•PCAOB Release No. 2012-003, Information for Audit Committees about the PCAOB Inspection Process.

•Auditing Standard No. 16, Communications with Audit Committees. If approved by the SEC, AS 16 will be effective for audits of fiscal years, and interim periods of such fiscal years, beginning on or after December 15, 2012.

In addition, on October 15, several governance organizations released a tool to help audit committees evaluate their independent auditor as part of the annual reappointment process, as discussed in Deloitte’s Heads Up, Auditor Evaluation Tool for Audit Committees.

Questions for audit committees to consider•How will AS 16 affect current audit

committee/auditor communications?

•What additional communications can we expect in relation to PCAOB inspections?

•Will the audit committee and/or company participate in the audit standard-making process through the submission of comment letters?

•Does the auditor adequately challenge significant management estimates?

•Has the audit committee considered utilizing the Audit Committee Annual Evaluation of the External Auditor tool as a part of the reappointment process?

Copyright © 2012 Deloitte Development LLC. All rights reserved. Audit Committee Brief November/December 2012 | 8

SEC Regulatory ActivityThe SEC has been implementing the requirements of the Dodd-Frank Act, but not all of these new rules will have a direct impact on the audit committee or the financial reporting organization. However, while many of the rules relate only to financial service companies, there are a number of rules that could affect all industries and some that specifically relate to corporate governance topics, such as “say on pay,” compensation committee independence requirements, and proxy access.

The SEC approved two final rules implementing Sections 1502 and 1504 of the Dodd-Frank Act on August 22, 2012. Section 1502 instructs the SEC to promulgate regulations that require issuers to disclose an annual description of the measures they took to “exercise due diligence on the source and chain of custody of…conflict minerals.” Section 1504 requires the SEC to finalize rules requiring resource extraction issuers to provide information related to any payment made by the issuer, or its subsidiary or an entity it controls, to a foreign government or the U.S. federal government for commercial development of oil, natural gas, or minerals.

The SEC has also issued a proposed rule to implement changes required by Title II of the JOBS Act, which eliminates the prohibition against general solicitation and general advertising in Rule 506 and Rule 144A exempt offerings.

The SEC also continues to evaluate registrants’ filings, with the most common comments related to:

•Foreign operations, including income tax and liquidity ramifications of repatriating overseas funds, effects of holding Eurozone debt, and risk disclosures for issuers with subsidiaries that may be inaccessible to the PCAOB for their inspections

•Contingencies, revenue, fair value, and impairment of assets, including goodwill

•Cyber-security risks

•Debt-related disclosures about restrictions that limit the payment of dividends in a consolidated group (Regulation S-X, Rule 4-08(g))

•Non-GAAP financial measures.

Additional Resources

As Good as Gold?SEC Issues Final Rule on Conflict Minerals by Joe DiLeo and Tim Kolber, Deloitte & Touche LLP

On August 22, 2012, the SEC narrowly approved (by a 3–2 vote) a final rule1 implementing Section 1502 of the Dodd-Frank Wall Street Reform and Consumer Protection Act (the “Dodd-Frank Act”).2 Section 1502 instructs the SEC to promulgate regulations that require issuers to annually disclose a description of the measures they took to “exercise due diligence on the source and chain of custody of . . . conflict minerals.”

The SEC originally expected to finalize its December 2010 proposed rule on conflict minerals in April 2011 but delayed issuance of the final rule to (1) consider feedback received in over 400 comment letters on the proposal; (2) assess input requested from key stakeholders at an October 2011 roundtable discussion; and (3) further evaluate the rule’s implementation costs, which the SEC estimates will be between $3 billion and $4 billion. See Deloitte’s November 29, 2011, Heads Up for a discussion of the proposed rule’s key provisions and constituents’ feedback.

Editor’s Note: One of the primary ongoing concerns with the conflict minerals rule is the cost of implementing the provisions of Section 1502. The SEC’s estimate of $3 billion to $4 billion is based on its revised economic analysis and is a significant increase from its original estimates. Estimates from outside the SEC have been as high as $16 billion.

Because the concepts underpinning the conflict minerals rule are rooted in the statutory language of the Dodd-Frank Act, the final rule’s provisions are generally consistent with those in the proposed rule. However, to address stakeholder input, the SEC changed several of the key “mechanisms.” For example, although the final rule retains the proposed rule’s three-step process for evaluating a registrant’s use of conflict minerals,3 the final rule requires registrants to file such information with the SEC in a newly created Form SD rather than in their annual report (e.g., Form 10-K, 20-F, or 40-F).4

Heads Up

September 11, 2012

Volume 19, Issue 21

In This Issue:• Determining Whether a

Registrant Is Within the Scope of the Final Rule

• Reasonable Country-of-Origin Inquiry and Due Diligence Requirement

• Audit Requirement and Conflict Minerals Report

• Transition and Next Steps• Appendix A — Summary

of Differences Between the Proposed Rule and the Final Rule

• Appendix B — Final Rule Decision Tree

• Appendix C — Leading Industry and Nongovernmental Organization Initiatives

• Appendix D — Legislative and Other Initiatives

1 SEC Final Rule Release No. 34-67716, Conflict Minerals.2 Section 1502 of the Dodd-Frank Act amends the Securities Exchange Act of 1934 by adding Section 13(p).3 The three-step process involves (1) determining whether the conflict minerals rule applies to the registrant, (2) performing

a reasonable country-of-origin inquiry for determining whether conflict minerals in a registrant’s process originated in the Democratic Republic of Congo and adjoining countries (“covered countries”), and (3) fulfilling requirements related to supply-chain due diligence and the independent private-sector audit.

4 In explaining the rationale for requiring a registrant to “file” the conflict minerals information rather than “furnish” it as originally proposed, the final rule notes that the requirement to file subjects the registrant to potential liability under Section 18 of the Securities Exchange Act of 1934. However, the final rule notes that Section 18 does not create strict liability; rather, it requires a plaintiff asserting a claim to meet the statute’s criteria for establishing a claim, including reliance and damages. Moreover, a registrant will not be liable for misleading statements under Section 18 if it can establish that it acted in good faith and did not knowingly provide false information. The change requiring registrants to file the information on a new form (outside of the registrant’s annual report to the SEC) also means that conflict mineral reports will not be subject to CEO and CFO annual certifications.

Deloitte Heads Up: Conflict Minerals

Show Us the Money!SEC Issues Final Rule Requiring Resource Extraction Issuers to Disclose Certain Paymentsby Joe DiLeo and Tim Kolber, Deloitte & Touche LLP

Introduction On August 22, 2012, the SEC narrowly approved (by a 2–1 vote) a final rule1 implementing Section 1504 of the Dodd-Frank Wall Street Reform and Consumer Protection Act (the “Dodd-Frank Act”), which adds Section 13(q) to the Securities Exchange Act of 1934 (the “Exchange Act”).2 One of the primary objectives of Section 1504 is to improve transparency by holding governments of resource-rich countries accountable to their citizens for wealth that is created by using a country’s natural resources. Under the final rule, resource extraction issuers, subsidiaries of resource extraction issuers, and entities under the control of resource extraction issuers are required to disclose certain information about payments made to the U.S. federal government or foreign governments “for the purpose of commercial development of oil, natural gas, or minerals.” Among other things, the final rule:

• Defines the term “resource extraction issuer.”

• Specifies which governments are within its scope.

• Discusses the activities that constitute commercial development (of oil, natural gas, or minerals).

• Indicates the payments that an entity must disclose.

Definition of Resource Extraction IssuersThe final rule defines resource extraction issuers (or “extractive issuers”) as issuers that are (1) required to file an annual report with the SEC and (2) engaged in commercial resource extraction of oil, natural gas, and minerals. Domestic issuers (including smaller reporting companies), foreign issuers, their subsidiaries, and other entities controlled by such extractive issuers are subject to the final rule’s disclosure requirements. The final rule notes that the terms “control” and “subsidiary” are defined in Rule 12b-2 of the Exchange Act.3

Heads Up

September 27, 2012

Volume 19, Issue 25

In This Issue:• Introduction• Definition of Resource

Extraction Issuers• Governments Within Scope of

Final Rule• Definition of Commercial

Development• Definition of Payment• Disclosure Requirements• Filing Requirements and

Transition

1 SEC Final Rule Release No. 34-67717, Disclosure of Payments by Resource Extraction Issuers.2 Although the SEC originally issued its proposed rule on Section 1504 in December 2010 and had expected to finalize it in

April 2011, it delayed issuance of the final rule to consider feedback received in over 150 comment letters on the proposal and to further evaluate the rule’s implementation costs.

3 Footnote 315 of the final rule states that Exchange Act Rule 12b-2 and Regulation S-X, Rule 1-02, “Definitions of Terms Used in Regulation S-X,” define “control” as “the possession, direct or indirect, of the power to direct or cause the direction of the management and policies of a person, whether through the ownership of voting shares, by contract, or otherwise.” In addition, a “‘subsidiary’ of a specified person” is defined as “an affiliate controlled by such person directly, or indirectly through one or more intermediaries.”

One of the primary objectives of Section 1504 is to improve transparency by holding governments of resource-rich countries accountable to their citizens for wealth that is created by using a country’s natural resources.

Deloitte Heads Up: Extraction Issuer Payments to Governments

Copyright © 2012 Deloitte Development LLC. All rights reserved.

Oversight of ManagementThe audit committee’s influence on management’s actions and the tone at the top cannot be overstated. An engaged audit committee can have a positive impact on maintaining and enhancing a strong, ethical corporate culture through its actions, including understanding risks and incentives related to executive compensation arrangements and potential exposure to violations of the Foreign Corrupt Practices Act and broader anti-corruption legislation in China, Russia, the United Kingdom, and a growing number of other countries.

The SEC’s whistleblower program received 2,820 tips through October 8, 2012—an average of eight tips each day—and paid its first reward in August 2012. In the following two months, the IRS announced whistleblower rewards of $104 million and $38 million, the largest rewards under its whistleblower program created in 2007. Proactively establishing an appropriate tone for management’s actions and communications and monitoring the performance of the organization’s internal whistleblower system can assist in deterring and detecting wrongdoing. These actions can also, if the need arises, help demonstrate to regulators that the organization took appropriate steps to implement an effective compliance and ethics program.

Questions for audit committees to consider•Does the audit committee review an evaluation of

the whistleblower system that benchmarks its performance against industry-specific statistics?

•Has the audit committee, directly or through the internal audit function, made an anonymous report to the whistleblower system alleging financial reporting fraud or other wrongdoing by senior management, to test the integrity of the flow of communications directly to the audit committee without management intervention?

•Does the level of alleged or suspected fraud and other violations of organization policies reported through the whistleblower system or other channels suggest that the tone at the top or the tone communicated by middle management may need strengthening?

Additional Resources

The Tone at the Top: Ten Ways to Measure Effectiveness

Taking a No-Nonsense Approach to Enforcing the Federal Securities Laws

Retaliation: When Whistleblowers Become Victims

August 2011

Audit Committee Brief

Fraud, Corruption and the Audit Committee: Protecting Reputation and Value

Copyright © 2011 Deloitte Development LLC. All rights reserved. Audit Committee Brief—August 2011 • 1

Imagine two similar companies that are publicly alleged to have engaged in a significant incident of fraud or corruption, such as bribery of foreign officials. Company A takes a proactive approach to managing fraud and corruption risks, has world-class—but not infallible—antifraud and anticorruption processes, has a good relationship and strong record with its regulators, and has robust plans in place to investigate potential wrongdoing and to implement crisis communications to help protect the company’s reputation. Company B takes a reactive approach, is confident in its ability to deal with issues as they arise, and is a follower rather than a leader in implementing risk management and antifraud and anticorruption processes. As an investor, which company would you believe better protects your investment? From an audit committee member’s perspective, which company would you judge better able to demonstrate that you have fulfilled your duty of care as a director? Of course, there is no guarantee that a better-prepared company will experience a more favorable outcome than one that chooses a reactive approach. But experience suggests that companies that manage their risks proactively may be less vulnerable to having their reputations harmed by allegations of wrongdoing, falling behind in the news cycle of reactions, and losing the support of regulators, customers, suppliers, investors, the general public, and even politicians. Global media and the Internet enable news to travel faster and reach more people than ever before. The international nature of business and growing collaboration among regulators worldwide can expose companies to a greater number of regulatory regimes. These factors may increase both the likelihood and the potential impact of alleged wrongdoing on a company’s reputation and shareholder value. Audit committee members may want to consider how their company manages its risks of fraud and corruption and whether today’s risk environment merits a more proactive approach.

“Protecting your entity’s reputation, value, and ability to operate may require antifraud and anticorruption processes that aim higher than the lowest permitted level (mere compliance).” Toby J. F. Bishop

Director, Deloitte Forensic Center Deloitte Financial Advisory Services LLP

Deloitte Audit Committee Brief: Fraud, Corruption and the Audit Committee: Protecting Reputation and Value

Audit Committee Brief November/December 2012 | 9

On November 14, 2012, the SEC and the Department of Justice released A Resource Guide to the U.S. Foreign Corrupt Practices Act. The guide provides a detailed analysis of the U.S. Foreign Corrupt Practices Act (FCPA) and closely examines the approach to FCPA enforcement.

Copyright © 2012 Deloitte Development LLC. All rights reserved. Audit Committee Brief November/December 2012 | 10

Interaction with Internal AuditIt has become increasingly important for audit committees to assess whether internal audit is performing appropriate activities, has adequate resources, and is proactively identifying risks and monitoring critical controls. The specific expectations for internal audit functions vary by organization, but audit committees can facilitate a mutually beneficial relationship by setting high expectations, clearly communicating these expectations, and holding internal audit accountable for meeting them.

Looking to 2013, audit committees should consider performing a periodic assessment of internal audit, which could help align expectations with other key stakeholders, support the chief audit executive in assessing the function’s ability to meet expectations, and secure resources as needed. A formal external quality assessment of the internal audit function is required at least once every five years by IIA Standard AS 1312, External Assessments.

Questions for audit committees to consider in evaluating internal audit:•Does internal audit comply fully with

all of the International Standards for the Professional Practice of Internal Auditing issued by the Institute of Internal Auditors?

•Does internal audit have a clearly articulated strategy that is reviewed periodically and approved by the audit committee?

•Does internal audit have a clear set of performance expectations that are aligned with the success criteria of the audit committee, and that are measured and reported to the audit committee?

•Is the internal audit plan aligned to the key risks of the organization and other assurance activities? Is internal audit’s risk assessment process appropriately linked to the company’s enterprise risk management activities?

Additional Resources

Copyright © 2012 Deloitte Development LLC. All rights reserved. Audit Committee Brief August 8, 2012 revised | 1

Harnessing the Full Potential of Internal Audit

Audit Committee Brief

Internal audit is not a one-size-fits-all function, and typically not everyone in the organization agrees on what its primary focus should be. If you ask yourself as an audit committee member what you see as internal audit’s primary function—assurance and value protection, strategic focus and value creation, business risk insights and risk mitigation, or some combination thereof—and compare your response to those of other key stakeholders in the organization, you may be surprised at the range of views you encounter.

The key activities of leading-edge internal audit functions align with the expectations of the audit committee and management, and are flexible enough to meet the changing business strategies and needs of the organization. Often, internal audit primarily concentrates on financial and compliance areas; however, in some organizations, more of an enterprise risk focus may be adopted—one that considers strategic and operational risks as well as financial and regulatory risks, with internal audit serving as a strategic adviser.

To continue to enhance the expected performance of the internal audit function and its value to the organization, audit committees should periodically assess whether internal audit is performing the appropriate activities, has adequate resources, and is proactively identifying risks and monitoring critical controls. This issue of the Audit Committee Brief explores the audit committee’s role and offers leading practices to consider in evaluating internal audit and the chief audit executive (CAE).

Deloitte Audit Committee Brief: Harnessing the Full Potential of Internal Audit

Deloitte’s Key Questions for Audit Committees to Ask about Internal Audit

The broken triangle? Improving the relationship between internal audit, management, and the audit committee

Deloitte’s The Broken Triangle? Improving the Relationship between Internal Audit, Management, and the Audit Committee

Copyright © 2012 Deloitte Development LLC. All rights reserved. Audit Committee Brief November/December 2012 | 11

Information Technology RiskThe reliance of management on information technology and systems continues to increase. Understanding the related risks and level of checks and balances is an important aspect of the audit committee’s oversight process. Typically, audit committee members have limited direct experience with the sophisticated IT structures that are in place and must develop strategies to obtain that understanding and appropriately assess the IT environment and related risks.

Cyber-security risks and incidents have risen to the top of audit committee agendas, especially given the recent threats against specific financial firms. SEC guidance from October 2011 regarding disclosure obligations relating to cyber-security risks and incidents states: “Registrants should address cyber-security risks and cyber incidents in their Management’s Discussion and Analysis of Financial Condition and Results of Operations (MD&A), Risk Factors, Description of Business, Legal Proceedings and Financial Statement Disclosures.”

Questions regarding IT strategy•Does the audit committee receive

sufficient information to discuss IT strategy intelligently and effectively?

•Is IT aligned with the business vision? Is IT strategy developed to both enable and shape business strategy?

•How effective has the organization been in achieving its objectives during the past several years? Do you understand the role IT has played in helping achieve these goals, or whether IT was a factor in failing to meet objectives?

•How does management control and monitor the software? How does management track what information is leaving the organization and where it is going?

•Is there a complete inventory of Internet-facing resources and the potential exposure to the company?

Additional Resources

Copyright © 2012 Deloitte Development LLC. All rights reserved. Audit Committee Brief July 2012 | 1

The Promise and Perils of Information Technology

Audit Committee Brief

The sophistication of information technology (IT) at all levels of organizations has rapidly increased in recent years. Gone are the days when IT was simply a basic support function that automated business activities. IT now plays many fundamental and highly beneficial roles in businesses, including:

• Improving access to and analysis of information

• Facilitating and strengthening communications both within the company and with customers

• Storing and organizing numerous streams of sensitive data

• Securing communications and other proprietary information to prevent identity and intellectual property theft, network interruptions, and other intrusions.

Such capabilities are vital to maintaining business competitiveness, but at the same time, the expanding IT landscape poses a risk of malicious activities. Attacks on IT infrastructure are no longer isolated occurrences. A study by the Ponemon Institute revealed that among 50 companies studied in 2011, there was on average more than one successful cyber attack per company per week, an increase of 44 percent from 20101.

Given the increasing complexity and pervasiveness of technology and the common assignment of the audit committee to couple risk and IT oversight with financial reporting oversight, IT literacy is an essential competency for the audit committee. This knowledge is often gained through the expertise of a committee member or through external specialists as needed.1 “ Second Annual Cost of Cyber Crime Study: Benchmark Study of U.S. Companies,” Ponemon Institute, August 2011, p. 1. Available online at

http://www.arcsight.com/collateral/whitepapers/2011_Cost_of_Cyber_Crime_Study_August.pdf.

Deloitte Audit Committee Brief: The Promise and Perils of Information Technology

Risk Intelligence Series Issue No. 23

Risk Intelligent governance in the age of cyber threatsWhat you don’t know could hurt you

Deloitte’s Risk Intelligent Governance in the Age of Cyber Threats

Deloitte’s The Tech-Intelligent Board: Priorities for Tech-Savvy Directors as They Oversee IT Risk and Strategy

Copyright © 2012 Deloitte Development LLC. All rights reserved. Audit Committee Brief November/December 2012 | 12

¡¡ Visit the Center for Corporate Governance at www.corpgov.deloitte.com for the latest information for boards of directors and their committees.

¡¡ To subscribe to the Audit Committee Brief and other Deloitte publications, go to https://deloitte.zettaneer.com/subscriptions.

Now you can instantly access the Audit Committee Brief through a free, easy-to-use tablet app. Deloitte’s new Audit Committee Resources application is available in the iTunes App Store. New issues of the brief are made available for download each month and feature useful multimedia content not available in the print version.

Click here or visit the App Store and search for “Deloitte Audit Committee Resources” to download the application.

Committee EducationEducation is generally recognized as an essential component of audit committee effectiveness. More and more audit committees are planning tailored education sessions, whether adding an hour or two onto the audit committee agenda for certain topics or planning a day of education. Others may choose to have their members attend third-party trainings. Whatever the format, continuing education is critical.

Heading into 2013, committees may want to assess their education plans, taking into account changing regulations and requirements, the evolution of the business, and the experience of their members. Given the enhanced focus on the responsibilities of audit committees, continuing education is an area of increasing importance. For the audit committee, the focus is specifically centered on its role to exercise primary oversight of the independent auditor relationship and management’s financial reporting process.

This publication contains general information only and Deloitte is not, by means of this publication, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This publication is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional adviser.

Deloitte is not responsible for any loss sustained by any person who relies on this publication.

As used in this document, “Deloitte” means Deloitte LLP and its subsidiaries. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.

Member of Deloitte Touche Tohmatsu Limited

Additional Resources

Copyright © 2012 Deloitte Development LLC. All rights reserved. Audit Committee Brief May 2012 | 1

Audit Committee Composition, Meeting Practices, and Education

Audit Committee Brief

The composition, meeting practices, and education of audit committees are generally recognized as essential components of their effectiveness. Many committees periodically assess the optimal mix of members, taking into account regulations and requirements; the evolution of the business; and the competencies, diversity, time commitments, tenure, and rotation of their members. Audit committees may consider the practices discussed further in this brief related to the number and manner of meetings, the involvement of specialists and management, and meeting materials when planning their activities for the year.

Overview of regulations and requirementsMost audit committee charters include composition requirements. The Sarbanes-Oxley Act and the NYSE and NASDAQ listing rules require that all audit committees consist of at least three members and that all members be independent.1 Independence is an important attribute for audit committees to perform an objective assessment of management and the financial statements and related audit reports, and should be reviewed continuously.

Although all committee members must be financially literate, the NYSE and NASDAQ rules require at least one member to have accounting or financial management expertise. The SEC does not require one member to be an audit committee financial expert, but requires disclosure of whether there is one, and if so, the individual’s name. If there is no expert, the company must disclose this and explain why.

1 Sarbanes-Oxley Act Section 301, NYSE Corporate Governance Rules 303A.06 and 7(a) and (b), and NASDAQ Corporate Governance Rule 5605(c)(2)(A)

Deloitte Audit Committee Brief: Audit Committee Composition, Meeting Practices, and Education

Audit committee performance evaluation

Deloitte’s Audit Committee Performance Evaluation

Financial literacy self-assessment tool

Deloitte’s Financial Literacy Self-Assessment Tool