Skip to main content
Contact Us
Search
Weaver Connect
Payment Portal Client Login Weaver Alumni
Home    /    Insights & Resources

Corporate Governance, Risk and Deal Activity Update

Executive Resource
Boards face rising complexity in 2026. Explore five emerging risk themes, from data governance to PCAOB oversight, to strengthen board and audit committee readiness.
April 7, 2026
Executive Resource
Alyssa G. Martin
Alyssa G. Martin
National Market Leader, Public Sector
Greg Englert
Greg Englert
Partner, Governance, Risk and Compliance Services
Phil Ilgenstein
Phil Ilgenstein
Partner, Audit - PCAOB
Julie Burkenstock
Julie Burkenstock
Partner, Audit - PCAOB

Related

Never miss a thing.

Sign up to receive our insights newsletter.

Subscribe

Business, charts and man with presentation, office and conversation for project, profit growth and meeting

With today’s business climate evolving at an unprecedented pace, coupled with increased uncertainty, boards are required to navigate more complex environments with greater oversight and agility. Technology is also reshaping business models, regulators are raising expectations, and capital markets are showing renewed momentum.

As a result of these dynamics, there are certain themes emerging across boardrooms that are influencing the risks being monitored as we move further into 2026, among them: data governance, enterprise risk management, deal making activity, board composition and understanding how audit firms are responding to Public Company Accounting Oversight Board (PCAOB) inspection findings.

Addressing these emerging risk trends will significantly help shape the next phase of board oversight and thought leadership. The questions and summaries below will help boards and audit committees focus their discussions on preparedness, accountability and the organization’s ability to respond effectively in an increasingly complex operating environment.

1. Do we have the right data governance to ensure our information is accurate, secure and used strategically?

As the volume and velocity of information accelerates, so do the related risks. Inaccurate data, weak governance or unclear ownership can expose companies to greater risk and heightened regulatory scrutiny. With more reliance on data and AI-driven tools, boards increasingly recognize that data governance is a strategic oversight responsibility. Directors should be asking whether the organization’s governance framework is strong enough to support both innovation and accountability with questions such as:

  • Does our data governance framework clearly define ownership, accountability and stewardship of critical data assets?
  • Do we have formal policies, standards and tested controls to ensure the quality of data across key systems?
  • Do we have processes to govern the way data is accessed, shared and used across the organization, including oversight of third-party data and AI-driven analytics?
  • Are there governance structures such as data councils, oversight committees or other reporting protocols to monitor data risks, performance and strategic data use?
  • Is management measuring the strategic value of data and ensuring it is being leveraged to drive growth and efficiency?

Board takeaway: Treat data governance as a strategic oversight priority with strong ownership, controls and governance structures are in place so that data is reliable, secure and effectively leveraged for decision-making.

Weaver’s related insights: Learn key steps to build a strong data governance framework, integrate data and foster a data-driven culture for AI success. Preparing Your Organization for the Drive for AI: Building a Foundation of Quality Data

 

2. Has our enterprise risk management (ERM) framework been updated to reflect the current risk environment, including cyber, AI, third-party data usage, geopolitical uncertainty and supply chain disruptions?

An effective ERM framework starts with clearly defined risk categories across the organization, such as strategic, operational, financial, regulatory, technology and environmental risks, and a structured process for identifying both entity-level and process-level risk events. When ERM is actively integrated into governance and decision-making, it will give better visibility into vulnerabilities, resilience capabilities and potential opportunities. This, in turn, will help boards guide the organization through uncertainty with greater confidence. Questions for board members include:

  • What emerging risks could materially impact our strategy in the next 2-5 years?
  • How effectively is our current ERM framework identifying and escalating new risks early enough for the board and management to respond proactively?
  • Are we incorporating forward-looking scenario analysis and stress testing to anticipate how emerging risks could affect our operations, capital and resilience?
  • How are we monitoring emerging risks tied to third-party ecosystems, data usage and technology dependencies across the organization?
  • Does our ERM framework encourage a forward-looking, adaptive approach to risk oversight rather than relying primarily on historical risk assessments?

Board takeaway: ERM must be dynamic, aligned with risk appetite, capable of identifying emerging risks and an ongoing process so the organization can anticipate disruption and strengthen resilience.

Weaver’s related insights: Drive stronger board discussions with key questions on cyber risk, AI oversight, crisis planning, M&A outlook and tax law changes. Shaping the Boardroom Agenda: Critical Questions on Risk, Cybersecurity, AI and Strategy

 

3. Are we evaluating deal-making opportunities using a disciplined approach that aligns with our strategy and value creation goals?

With new capital entering the market, strategic acquisitions, partnerships and divestitures are expected to increase. Given this current capital landscape, boards should be in tune with the way new opportunities are identified and how management monitors and pursues deal activity. Questions boards should be asking include:

  • Is management identifying and prioritizing M&A opportunities that directly support long-term strategy?
  • How does management determine when an acquisition, partnership or divestiture is the best path to advance our strategy versus investing organically?
  • What visibility do we have into competitor acquisitions or partnerships, and how these reshape our market position?
  • What valuation discipline and return thresholds are in place to ensure we avoid overpaying in a competitive deal environment?
  • How prepared are we to successfully integrate acquisitions and realize the expected transaction value?

Board takeaway: Boards and management should pursue M&A opportunities with strategic discipline, clear visibility into competitive deal activity and a focus on transactions that create sustainable value.

Weaver’s related insights: A reliable quality of earnings report can level the playing field between buyer and seller in M&A transactions. All About Quality of Earnings Reports and How to Read Them

 

4. Does our board’s composition reflect the skills, independence and perspectives needed to oversee the organization’s strategy, emerging risks and governance?

Strong boards recognize that director composition should evolve with the business. Thoughtful board self-assessment and succession planning helps ensure new perspectives, emerging expertise and diverse experiences are brought into the boardroom. Rather than viewing board composition as static, boards should continuously self-assess and adapt to support the organization’s strategy, risk landscape and governance needs. Questions that should be asked on a regular basis include:

  • As our strategy evolves, are we intentional about refreshing the composition of the board to ensure there is the right mix of industry knowledge, vision and financial and IT expertise?
  • Do we have a forward-looking board succession plan that anticipates retirements, future skill gaps and leadership continuity?
  • Do our board evaluations and skills assessments provide a clear view of where the board needs additional expertise or perspectives?
  • Does our board composition reflect the diversity of experiences, backgrounds and viewpoints needed to effectively challenge management and support better decision-making?
  • Do we provide training to sharpen the board’s skills in trending risk, regulatory, leadership and other areas pertinent to the organization’s strategy?
Board takeaway: Board composition should evolve with the organization’s mission, vision, strategy and risk landscape to ensure that members have the right skills, perspectives and expertise.

Weaver’s related insights: What are the qualities of a leader that set both companies and teams up for success? Weaving the Threads of Leadership: How Strong Leaders Create Success

 

5. Does the board understand how the organization’s audit firm is incorporating recent PCAOB inspection results to strengthen the quality of its audits?

Recent inspection reports from the PCAOB highlight recurring audit deficiencies across certain areas of the audit process, including complex estimates, internal controls over financial reporting and testing of significant risks. While findings are not uncommon and do not necessarily indicate material errors in financial statements, they may raise concerns about the rigor and consistency of audit procedures. Active dialogue between the audit committee and the external auditor regarding specific PCAOB inspection results can reinforce accountability and ensure that audits remain rigorous, independent and aligned with regulatory expectations. Questions to ask external audit firms may include:

  • What internal monitoring, root-cause analysis or remediation has the audit firm implemented to address recent PCAOB inspection findings and prevent similar issues going forward?
  • What lessons learned from PCAOB inspections are being applied to our engagement to strengthen audit quality, professional skepticism and consistency?
  • To what extent does the audit firm rely on offshore personnel in performing our audit, including how financial data is managed, and what safeguards ensure quality, confidentiality and regulatory compliance?
  • How does the audit firm govern the use of AI, advanced analytics and data tools in the audit process, and what controls ensure these technologies maintain audit integrity and independence?
  • What quality control measures or internal monitoring programs does the firm use to evaluate audit performance and maintain consistency across engagements?
Board takeaway: Seek clear visibility into how your external auditor is addressing PCAOB inspection findings including methodology changes, oversight of offshore resources and how AI and data is governed to ensure audit quality remains consistently strong.

Weaver’s related insights: Learn more about what recent SEC and PCAOB updates mean for public companies and auditors, including disclosure priorities, audit quality focus and emerging risks What Public Companies and Auditors Need to Know About Recent SEC and PCAOB Updates

 

Looking Ahead

Together, these five areas represent the intersection of strategy, risk and execution, where board oversight has the greatest impact. Boards that regularly revisit these questions are better positioned to anticipate disruption, reinforce accountability and support long-term organizational resilience.

Weaver offers ongoing insights to help boards strengthen oversight, anticipate regulatory change and identify emerging compliance blind spots before they escalate. Subscribe to our monthly insights for guidance on governance, risk and regulatory trends that shape board decision-making. Contact us to learn how Weaver can help your organization align compliance strategy with effective oversight and long-term resilience.

©2026

Featured
Strengthening Board Oversight in a Shifting Risk EnvironmentRead Article
 
Executive Resource
Strengthening Board Oversight in a Shifting Risk Environment