ABSTRACT
We explore how audit committees (ACs) oversee risk management in UK Higher Education Institutions (HEIs), using semi-structured interviews, attendance at AC meetings and documentary analysis. We find that the AC’s oversight seems constrained by a fixation on the process of risk management, an over-reliance on risk registers, and varying levels of emphasis on operational risks. Theoretically, the AC’s oversight reflects different shades of symbolic and substantive activities designed to maintain the HEI’s legitimacy and that of its governing board, hence providing a symbolic representation. We raise concerns as to the AC’s ability to monitor effectively the HEIs’ risk management practices.
Acknowledgements
We acknowledge the financial support of the Leadership Foundation for Higher Education (LFHE) Small Development Project Scheme. We would also like to thank the reviewer and participants of the 8th Asia-Pacific Interdisciplinary Research in Accounting (APIRA) Conference (Melbourne, July 2016) for their valuable comments and suggestions.
Disclosure statement
No potential conflict of interest was reported by the authors.
Notes
1 Indeed, much of the audit committee literature (Gendron et al., Citation2004) is concerned with the AC’s impact on observable outputs (e.g. quality of published earnings; financial disclosures) and the implications for financial market participants. Arguably, these can be seen to be less crucial for institutions such as universities or not-for-profit organizations.
2 (i) reputation (5 items); (ii) student experience (6 items); (iii) staffing (4 items); (iv) estates and facilities (7 items); (v) financial (11 items); (vi) commercial (5 items); (vii) organizational (7 items); and (viii) information and IT (6 items).
3 For the sake of confidentiality, we cannot reveal the nature of the project. However, it was a significant investment, which never generated substantial income and eventually was abandoned a few years after this interview.