Reviewing Board minutes is a great way to compliment your Internal Control program for the following key reasons:

  1. Looking for transactions, events and decisions.
  2. Addressing the COSO 2013 model.
  3. Commenting on minute best practices.

Looking for transactions, events and decisions

Minutes are a great way to understand what is going on. Minutes are about corroboration – what you see in other areas should jive with what you are seeing in your minute review. Transaction? Policies released? New event? Discussion of an impairment? They should all correspond to what you are hearing and seeing. For example, I once saw a new signing authority approved by the board but the accounting team hadn’t heard about it. This turned out to be a communication issue. Here are some examples of what to look for:

  • Asset sale
  • Asset purchase
  • Potential acquisition
  • Impairment discussion
  • Discussion about changes to the economy
  • Changes to personnel
  • Changes to processes
  • Changes to delegation of authority

Addressing the COSO 2013 model

Minutes are an excellent way to address the COSO 2013 model. You can work through your “checklist” of everything that you want to cover.

  • Code of Ethics and Professional Conduct Policy
  • Corporate Policies Framework
  • Fraud Assessment
  • Human Resources
  • Internal Controls over Financial Reporting (ICFR)/CSOX Program
  • Whistleblower/Ethics Hotline
  • Information Management

Commenting on minute best practices

Reviewing for minute best practices is a great way to compliment your Internal Control program. As the Internal Control expert, you can come in and support governance without tremendous amount of work and strife. Your company or client gets a ton of value without having to pay for expensive lawyers. Below is a list of best practices that you can look out for:

  • Listing the attendees
  • Use of clear language (not “legalese” – there is a movement towards plain language)
  • Documentation of discussion items, issues and events
  • Discussion of items that are typically covered in the COSO 2013 model (e.g. Risk Assessment, Fraud Assessment, Compensation review)
  • Discussion and approval of the financial statements
  • Approval of the CEO’s expense reports
  • Use of in-camera sessions
  • Level of detail

A final word of caution. I have developed an ability to look at notes over time. If you are starting out, it will take some professional filter and maturity. That is ok and part of your journey as an Internal Control expert! Dive in and learn the process and you will grow that ability with time and experience.

Are you looking for other advice and best practices to support your Internal Control program? I’d love to hear from you! Contact me at for further information. Risk Oversight excels at delivering high-quality Internal Control programs to our clients. We’d love to talk to you as to how we can help!