Skip to main content

ACS & ASCO are Stronger Together: Cancer.Net content is now available on

Audit & Risk Committee Charter

I. Purpose of Committee

The Audit and Risk Committee (the “Committee”) is a committee of the Corporation’s Board of Directors (the “Board”) established to support the Board in fulfilling its oversight responsibilities for: the monitoring of the Corporation’s accounting; financial reporting; internal control processes and related policies and procedures; identifying and managing enterprise risks, including cyber security; and audits of the Corporation’s financial statements.

II. Committee Membership

The Committee is chaired by a Board member appointed by the Chair of the Board and the Committee shall have at least three (3) members at all times. Committee members must be “independent directors” of the Board as defined on Exhibit A attached hereto and incorporated by this reference. Committee membership is appointed by the Chair of the Board and approved by the Board. The Board Chair shall sit on the Committee ex officio, shall count for purposes of quorum, but shall not have a vote unless appointed to the Committee as a full voting member. The Board will use its best efforts to maintain a “financial expert” on the Committee as defined on Exhibit A. Committee members serve one-year terms beginning January 1st and ending December 31st of that same year or until the new Committee is appointed by the Chair of the Board. Any disputed question regarding a Committee member’s independence should be reviewed by the Board for final resolution.

While Committee membership is restricted to Board members, external expert ad-hoc individuals may be invited to Committee meetings or workgroups by the Chair of the Committee to assist with its work. Adhoc members are advisory only and are not considered voting Committee members.

III. Committee Authority and Responsibilities

The Committee will:

  1. Recommend appointment, retention and termination of the independent auditor to the Board on an annual basis. On behalf of the Board, the Committee shall oversee the Corporation’s independent auditor, including the terms of engagement and the resolution of any disagreements between management and the independent auditor regarding financial reporting, and any restrictions on the scope of the auditor’s activities or access to requested information. The independent auditor shall report directly to the Committee;

  2. Prior to commencement of work, review the independent auditor’s compensation, the terms of its engagement, its independence, and the scope of the audit to be conducted. Provide a clear understanding to the independent auditor that the auditor is accountable to the Committee and, ultimately, the Board. Any noteworthy findings or potentially damaging circumstances that may adversely affect the reputation of the Corporation should be brought to the attention of the Board;

  3.  Pre-approve all audit and non-audit services performed by the independent auditor;

  4. Annually, confirm with the independent auditor its independence delineating all its relationships and professional services with the Corporation (verbal or in writing). In addition, review with the independent auditor the nature and scope of any disclosed relationships or professional services and take appropriate action to ensure the continuing independence of the independent auditor;

  5. Review and discuss with the independent auditor any material risks and weaknesses in internal controls identified by the auditor and the adequacy of the Corporation’s accounting and financial reporting processes. Solicit recommendations from the independent auditor for the improvement of the Corporation’s internal control procedures and particular areas where new or more detailed controls or procedures are desirable;

  6. Serve as the direct channel of communication between the independent auditor, the internal auditor (the Internal Audit Services (“IAS”)), and the Board;

  7.  Oversee the IAS function as provided in the IAS charter approved by the Committee, including appointment and removal of the Vice President of IAS, oversight of the Chief Legal and Risk Officer’s management, annual performance evaluation, and whether the current compensation is in the established range for that position;

  8. Review the procedures for the receipt, retention and treatment of complaints received regarding accounting, internal controls or audit matters; and the confidential anonymous submission by staff and volunteers of concerns regarding questionable activity related to financial internal controls, audit, illegal activity, accounting issues and related matters;

  9. Institute and oversee any special investigatory work as needed, and assure responses to investigations;

  10. Annually approve the risk-based internal audit plan, including resourcing to determine whether there are inappropriate scope or resource limitations. Review results of IAS quality assurance and improvement program efforts;

  11. Review the Corporation’s external audit reports (including Uniform Guidance), internal audit reports, and legal and regulatory compliance and monitor compliance with all required tax and information return filings with federal, state and local government agencies. Review should include discussion with management and the independent auditor of significant issues regarding accounting principles, practices and judgments, including certain matters required to be communicated to the Committee in accordance with AICPA professional standards;

  12. Oversee the adoption, implementation of, and compliance with the Corporation’s Code of Ethics Policy, the Conflict of Interest Policy, and the Whistleblower Protection Policy, and recommend revisions to the Board as needed. Review disclosed or potential Related Party Transactions in accordance with the Conflict of Interest Policy. The Chair of the Audit Committee will be provided with copies of all annual disclosure statements completed by officers and directors;

  13.  Identify, review, and monitor all “related party transactions” and “CEO-involved transactions,” in accordance with the Conflict of Interest Policy. The Chair of the Committee shall convene the Committee as necessary to consider related party or CEO-involved transactions, in accordance with the Conflict of Interest Policy. A full list of other transactions involving the senior staff leadership team that have been approved by the CEO (in accordance with the Conflict of Interest Policy) in between committee meetings will be provided to the Committee at each meeting for disclosure purposes;

  14.  Review the Corporation’s policies assigned to the Audit Committee and recommend new policies and appropriate revisions to current policies to the Board; also review Corporation management’s compliance with such policies and report results to the Board;

  15. Designate a subcommittee on Enterprise Risk Management (ERM) to oversee the Corporation’s ERM program which includes, but is not limited to:
    • Develop and continuously refine a consistent and broadly understood definition of “Enterprise Risk” to guide volunteers and staff across the organization in identifying potential risks.
    • Review and advise on the enterprise risk prioritization and assign management of the enterprise risks to the appropriate committee(s).
    • Develop guidelines for determining risk appetite and review and, if necessary, update the guidelines each year for Board review and approval.
    • Review committee risk monitoring reports upon receipt.
    • Review and discuss with the Chief Executive Officer, or his/her designee(s), any significant enterprise risks or exposures, the management team’s risk assessments, steps management has taken or should consider taking to minimize such risks or exposures, and the Corporation’s underlying policies with respect to risk assessment and risk management.
    • At least once a year, provide an ERM update to the Board of Directors.
    • Review results of the independent assessment of the ERM process conducted by IAS and oversee implementation of changes as deemed necessary.
  16.  Oversee enterprise risk management related to assigned risk areas;

  17.  Designate a subcommittee to review the Corporation’s privacy and data security risk exposures, including (i) the potential impact of those exposures on the Corporation’s business, operations, and reputation; (ii) the steps taken to monitor and mitigate such exposures; (iii) the Corporation’s information governance policies and programs; and (iv) major legislative and regulatory developments that could materially impact the Corporation’s privacy and data security risk exposure. 

  18.  At least annually, report its activities and findings to the Board;

  19. Operate under a charter and review annually for adequacy and recommend any necessary changes for approval to the Board; and

  20. Accomplish additional tasks as charged by the Chair of the Board or as may be required under applicable law.

In carrying out its responsibilities, the Committee's policies and procedures should remain flexible in order to react to changing conditions and to ensure that the accounting and financial reporting practices of the Corporation are in accordance with all requirements and are of the highest quality.

IV. Committee Meetings

The Committee and each of its designated subcommittees will meet at least annually and as often as its chair or a majority of its members deems necessary or appropriate, either in person, telephonically or electronically, and at such times, places and manner as its chair and chair’s staff may determine. Deliverables, budget, and alternative meeting methods should be included in the decision-making process. The chair and management team’s lead will develop an agenda in advance of each meeting and communicate meeting details to Committee members in a timely fashion.

The Chair of the Board shall be an ex-officio participant of Committee meetings. The Committee may invite other interested parties or resource advisors to attend the Committee meetings to present information, provide expertise or guidance, or answer questions before any Committee deliberations or voting begins. Notwithstanding the foregoing, the Committee will ensure that only independent directors participate in any Committee deliberations or voting.

As necessary, the Committee will meet in a joint session with other committees regarding items of concern to both committees.

V. Committee Reports

The Committee will produce a written report at the conclusion of each meeting, which will include an attendance record, a copy of the agenda and a full report of Committee discussions with documented recommendations and decisions. These reports will be completed no more than three weeks following the meeting and forwarded to the Committee membership and the Office of the General Counsel for proper filing. All Committee reports, to the extent not confidential, will be posted on the ACS, Inc. Board Portal so all Board members have access to the reports.

VI. Committee Evaluation

The Committee will conduct periodic performance evaluations to review the performance of the Committee in relation to the requirements of this Charter and such other matters as the Committee deems appropriate.

VII. Resources and Authority of the Committee

The Committee has the authority to conduct any investigation appropriate to fulfill its responsibilities, and it has direct access to the independent auditor as well as any staff member, Corporation volunteer or outside vendor of the Corporation. The Committee will have the resources and authority it deems appropriate to discharge its duties and responsibilities, including the sole authority to select, retain, terminate, and approve the fees and other retention terms of special or independent counsel, accounting experts or other advisors without seeking approval of the Board or management, any such engagement to be reported to the Board. In carrying out its responsibilities, the Committee may rely upon reasoned written opinions of legal counsel and of qualified legal, accounting, compensation, and valuation experts. Legal counsel may be in-house or independent.



CEO-Involved Transaction

“CEO-involved transaction” means any transaction, agreement or any other arrangement of the Corporation or its affiliated entities in which (i) the CEO, (ii) any entity in which the CEO serves as a director, officer, or key person, or (iii) any entity in which the CEO has an ownership or beneficial interest, has a financial interest.

Financial Expert

For purposes of defining a “financial expert,” the Board shall consider whether a person has, through education and experience as a public accountant or auditor “or a principal financial officer” or controller or principal accounting officer, or from a position involving the performance of similar functions, the following:

  1.  an understanding of generally accepted accounting principles (GAAP) and financial statements;
  2.  the ability to assess the general application of such principles in connection with the accounting for estimates, accruals, and reserves;
  3.  experience preparing, auditing, analyzing or evaluating financial statements that present a breadth and level of complexity of accounting issues that can reasonably be expected to be raised by the Corporation’s financial statements or experience actively supervising one or more persons engaged in such activities;
  4. an understanding of internal controls and procedures for financial reporting; and
  5. an understanding of Audit Committee functions.

Financial Interest

A person has a “financial Interest” if the person has, directly or indirectly, through business, investment, or family:

  1. An ownership or investment interest in any entity with which the Corporation or its affiliated entities has a transaction or arrangement;
  2. A compensation arrangement with the Corporation or its affiliated entities or with any entity or individual with which the Corporation has a transaction or arrangement; or
  3. A potential ownership or investment interest in, or compensation arrangement with, any entity or individual with which the Corporation or its affiliated entities is negotiating a transaction or arrangement.

Compensation includes direct and indirect remuneration as well as gifts or favors that are not nominal in value. Compensation does not include the reimbursement of reasonable expenses incurred in connection with the performance of Corporation duties.

Independent Directors

An “independent director” is a director who meets all of the following criteria:

  1. Within the last three years, the director has not been an employee or key person,and the director’s relatives have not been key persons of the Corporation or its affiliated entities.
  2. In any of the last three fiscal years, the director or the director’s relatives have not received more than ten thousand dollars ($10,000) in direct compensation from the Corporation or its affiliated entities.
  3. The director is not a current employee of or does not have a substantial financial interest in, and does not have a relative who is a current officer of or has a substantial financial interest, in any entity that has provided payments1 , property or services to, or received payments, property or services from, the Corporation or its affiliated entities if the amount paid to or received from such entity exceeded:

                    (i) the lesser of ten thousand dollars ($10,000) or two percent (2%) of such entity's consolidated gross revenues if the entity's consolidated gross revenue was less than five hundred thousand dollars ($500,000);

                    (ii) twenty-five thousand dollars ($25,000) if the entity's consolidated gross revenue was five hundred thousand dollars ($500,000) or more but less than ten million dollars ($10,000,000); or

                    (iii) one hundred thousand dollars ($100,000) if the entity's consolidated gross revenue was ten million dollars ($10,000,000) or more.

    4. The director or the director’s relatives are not partial or whole owners, directors, officers or employees of the Corporation’s outside auditor who has worked on the Corporation’s audit at any time during the past three years.

Key Person

“Key person” of the Corporation or its affiliated entities is any person, other than a director or officer, whether or not an employee of the Corporation or its affiliated entities, who (i) has responsibilities, or exercises powers or influence over the Corporation or its affiliated entities as a whole similar to the responsibilities, powers, or influence of directors and officers; (ii) manages the Corporation or its affiliated entities, or a segment of the Corporation or its affiliated entities that represents a substantial portion of the activities, assets, income or experience of the Corporation or its affiliated entities; or (iii) alone or with others controls or determines a substantial portion of the capital expenditures or operating budget of the Corporation or its affiliated entities.

Related Party  

“Related party” means:

  1. any director, officer or key person of the Corporation or its affiliated entities;
  2. any relative of any individual described in subsection (1) above;or
  3. any entity in which any individual described in subsection (1) or (2) above has a 35% or greater ownership or beneficial interest, or in the case of a partnership or professional corporation, a direct or indirect ownership in excess of 5%.

Related Party Transaction

Related party transaction” means any transaction, agreement or any other arrangement in which a related party has a financial interest and in which the Corporation or any affiliated entity of the Corporation is a participant. A transaction shall not be a related party transaction if:

  1. the transaction or the related party's financial interest in the transaction is de minimis;
  2. the transaction would not customarily be reviewed by the board or boards of similar organizations in the ordinary course of business and is available to others on the same or similar terms; or
  3. the transaction constitutes a benefit provided to a related party solely as a member of a class of the beneficiaries that the corporation intends to benefit as part of the accomplishment of its mission which benefit is available to all similarly situated members of the same class on the same terms.
    1 A “payment” does not include charitable contributions, dues or fees paid to the Corporation for services which the Corporation performs as part of its nonprofit purposes, or payments made by the Corporation at fixed or non-negotiable rates or amounts for services received, provided that such services by and to the Corporation are available to individual members of the public on the same terms, and such services received by the Corporation are not available from another source.


A “relative” includes spouses, ancestors, brothers and sisters (whether whole or half-blood), children (whether natural or adopted), grandchildren, great-grandchildren, and spouses of brothers, sisters, children, grandchildren and great-grandchildren.