www.theiia.org

Auditing Executive Compensation and Benefits

Steven E. JamesonCIA, CFSA, CCSA, CPA, CBA, CFE

EVP Chief Internal Audit & Risk OfficerCommunity Trust Bancorp, Inc.

www.theiia.org

Logistics

• The audio for this web event should be

streaming through your computer only.

• Go to the Chat Room to download the slides

for the presentation.

• This webinar does not qualify for NASBA

CPEs, but may be self-reported for IIA

Certifications.

www.theiia.org

Webinar Participation

• Submitting Questions to the Presenter:

– Type the question into the Q&A panel section.

– Select the “Send” button.

– We will have a dedicated question and answer session at the end

of the presentation to address your questions.

• Technical Assistance

– Type your issue into the Chat panel section to IIA Tech Support.

– Select the “Send” button.

– We will respond to your question privately.

www.theiia.org

Demographic Polling Questions

1. How many viewers are watching the Webinar at your location?

a) 1 – I am the only viewer

b) 2 to 4 viewers

c) 5 to 7 viewers

d) 8 to 10 viewers

e) More than 10 viewers

2. At what level in your internal audit career are you?

a) New to internal audit

b) Staff Auditor

c) Sr. Staff Auditor

d) Audit Manager

e) Audit Director

f) Chief Audit Executive

www.theiia.org

Auditing Executive Compensation and

Benefits

IIA Practice Guide

www.theiia.org

Learning Objectives

• Executive Compensation and Benefit (ECB)

Risks

• Audit Approach for ECB

• Audit Considerations for ECB

• Audit Program Development for ECB

• Types of ECB

• Real Life Examples of ECB Audit Findings

www.theiia.org

• Strong governance systems are needed

for ECB programs

• Management is often responsible for

designing and recommending ECB

• Auditors can provide assurance on ECB

programs

Auditing Executive Compensation

and Benefits

www.theiia.org

• Includes salary, bonus, reimbursements,

personal use of assets

• Bonus components can vary significantly

and take on many forms

• Appendix A of the Practice Guide

identifies various forms of ECB

Auditing Executive Compensation

and Benefits

www.theiia.org

Risks Related to ECB

• Employment market risk

• Compliance risk

• Financial reporting risk

• Reputation risk

• Operating risk

• External business relationship risk

www.theiia.org

Employment Market Risk

• ECB programs should be competitive in

order to attract and retain talent

• Compensation surveys

• Peer comparisons

• Industry practices

• Use of consultants

www.theiia.org

Compliance Risk

• Laws and regulations

• Organization policy

• Oversight and governance

• Controls

• Reporting

www.theiia.org

Financial Reporting Risk

• Incomplete data

• Inaccurate data

• Valuations and estimates

• Tax considerations

www.theiia.org

Reputation Risk

• Inequitable or unreasonable

compensation

• Failure to develop, communicate, and

defend ECB strategies

• Timing

• Failure to recognize the “political” or

“public perception” environment

www.theiia.org

Operating Risk

• Complex ECB program designs

• Incenting the wrong behavior

• Not aligned with goals or objectives

• Lack of governance processes

• Poor internal controls

www.theiia.org

External Business

Relationship Risk

• Contracts

– Privacy clauses

– Right-to-audit clauses

– Service level agreements

– Fees or penalties for failure to deliver services

• Monitoring relationships

– Vendor management policies

www.theiia.org

Audit Approach

• Listing ECB in the “audit universe”

• Separate audit versus part of another

audit (payroll or human resources)

• Comprehensive ECB audit versus

targeted segment of ECB

• Use of a risk assessment to determine

approach

www.theiia.org

Audit Considerations

• Access to information

– Audit charter

– Request by executive management

• Privilege

– Legal considerations

• Skills and knowledge

– Special considerations

www.theiia.org

Audit Program Development

• Governance considerations

– Board and committee involvement

• Management considerations

– Policies

– Departments involved

– Public reporting, regulatory filings

• External Business Relationships

www.theiia.org

Types of ECB

• Refer to Appendix A of practice guide

• Compensation components

• Benefit components

• Incentives versus core or base

compensation

• Discretionary versus non-discretionary

www.theiia.org

Questions and Answers

http://www.theiia.org/guidance/standards-and-guidance/ippf/practice-guides/executive-comp/

www.theiia.org

Thank You for joining us!

• Next Global Guidance in Action Event

August 17, 2010

Auditing User-developed Applications, GTAG 14

Jeffery S. Rowland , CIA

Vice President, USAA Internal Audit

• This webinar is worth 1 CPE that can be

self-reported for IIA certifications.

– CPE certificates will not be distributed.

www.theiia.org

Webinar Playback & Survey

IIA members may access this Webinar playback

at:

http://www.theiia.org/guidance/standards-and-

guidance/practice-guide-series/

We value your feedback. Please take a moment

to complete the survey questions.