internal-control-and-risk-management内部控制与风险管理--外文翻译.doc

1、Internal control and risk management 1. Internal control --, standard and legislation In 1985, the United States in order to curb the growing business of accounting fraud activities, formed a committee against financial fraud Treadway committee), (accounting fraud activities investigation led to

2、 reason and proposed solutions. The scheme emphasized the importance of internal control, requests and Suggestions of all listed companies should provide in the annals of internal control reports. The report shall include admit management authorities of financial reporting and internal control is re

3、sponsible, and discuss the implementation of these responsibilities. In The end The mission Treadway Committee after The five, The commission launched organization jointly established a new Committee - The Com - mittee COSO (Sponsoring Organizations of The Treadway of ordinary), namely The organizin

4、g Committee Treadway Committee launched. It consists of the American public institute of certified public accountants (AICPA), American accounting association (AAA), international financial management association (FEI), internal auditors association (type IIA), international accounting association (

5、NAA would) (a managerial accounting association jointly sponsored IMA predecessor). COSO continue to study and in 1992 it issued a programmatic document about the Internal Control, namely "Internal Control - the overall framework" (Internal Control - IntegratedFramework). The reports are put forward

6、 the COSO U.S. federal reserve, the United States securities and exchange commission, the Basel committee regulators or international organizations such as the recognition and adopted, many of these definitions, Suggestions and ideas absorbed into the legislation and regulations, worldwide has had a

7、 broad impact. Since THE end of 2001, THE United States broke with enron, worldcom, xerox and other companies financial cases of fraud as a representative of accounting scandals, hit U.S. capital markets and THE economy, also concentrated exposure for American companies in THE existing problem of in

8、ternal control, thus causing THE United States adopted THE "sasha class nice --, THE extension of THE law (SARBANES OXLEY ACT) -. The bill made clear company managers CEO and CFO finance director of internal control, and will be held directly responsible shall undertake economic and criminal consequ

9、ences; Greatly improve the punishment of accounting fraud; Strengthening the internal audit, external audit and audit supervision. This legislation represents a large capital market system, also make the progress of the importance of internal control people have more deeply. 2. The internal control

10、 and risk management comparison Internal control and risk management has the close relation. COSO internal control is that part of the risk management. Therefore, the committee in the whole framework of internal control - the basis of, and in 2003 issued a new report --, "enterprise risk management

11、 framework". At present the report was only a rough draft, in public, revised later, is expected to formally released this year. The enterprise risk management framework "inherit and contains the whole framework of internal control - the main content also expanded the three elements, added a goal, u

12、pdated some ideas for countries to provide a unified enterprise risk management terms and concepts of comprehensive application guide system. COSO internal control and risk management of the definition and elements were: Internal control: enterprise internal control is by the enterprise board of

13、 directors, managers, and other staff to implement, for financial reporting accuracy, business activity of efficiency and effect, the relevant laws and regulations such as the follow to achieve the goal of the process and provide reasonable assurance. It includes five elements: control environment,

14、risk assessment, control activities, information and communication, the surveillance. Risk management: enterprise risk management is a process of the board of directors, the management of enterprises and other personnel to implement, applied in strategy formulation and enterprise all levels of act

15、ivity, aims to identify possible influence enterprise various potential events, and according to enterprise's risk preference for enterprises to manage risk, to achieve the goal of providing reasonable assurance. It has eight elements: the internal environment, goal setting, event risk identificatio

16、n, risk assessment, countermeasures, control activities, information and communication, the surveillance. The two reports from the COSO perspective, the enterprise risk management and internal control has the following similar or different places: First, they are made by "enterprise board, manag

17、ement and other personnel to implement", emphasize the point, says the participation parties on the internal control and risk management has a corresponding roles and responsibilities. Second, they are all clearly is a "process", not as a static thing, such as system files, technical model and so

18、on, also not be alone or extra activities, such as inspection, evaluation is best placed inside enterprise daily management process, as a kind of routine operation mechanism to construction. Third, they are for the realization of the goal of enterprise provide reasonable assurance. Risk management

19、 objectives are four categories, including three categories and internal control collocated, namely report targets, business targets and follow the targets. But the report targets have expanded, it not only include financial report, also requires all the accuracy of internal and external non-financi

20、al class report issued by the accurate and reliable. In addition, risk management increased the strategic target, namely and enterprise vision or mission related high-level objectives. This means that risk management is not only ensure management efficiency and effect, and intervention in the enterp

21、rise strategy (including business objectives) formulation process. Fourth, risk management and internal control elements have five aspects, i.e. (overlap is control or internal) environment, risk assessment, control activities, information and communication, the surveillance. These coincide most o

22、f their goals and realization mechanism coincide of similar decision. Risk management increased goal setting, event identification and risk countermeasures three factors. Coincide elements, connotation, for example, has been extended internal control environment including honest character and moral

23、values, staff quality and ability, the board of directors and the audit committee, management philosophy and management style, the organizational structure, the power and the allocation of responsibility, human resource policies and practices seven aspects. Risk management "internal environment" in

24、addition to include these seven aspects outside, still include risk management philosophy, risk preference (appetite) and risks associated cultural three new content. In the risk assessment elements, risk management requires the consideration of the inherent risk and residual risk, with expectations

25、 worst case values or probability distribution measure risk and to consider time preferences and risk association between the role. In information and communication, risk management emphasized the past, present and future of the relevant data about obtaining and analysis, provides information of th

26、e depth and timeliness, etc. Fifth, risk management proposes risk portfolio and the overall risk management (in tegrated management) - are new idea. The enterprise risk management framework "in the theory of modern financial borrowing portfolio risk theory, this paper puts forward the concept of c

27、ombination and overall management from enterprise level, demanding dispersed in the overall grasp all levels and departments of enterprise, the risk exposure with overall consideration risk countermeasures, prevent dispersed consider and coping by department, such as will risk the risk in technology

28、 financial, separated by information technology, environment, safety, quality, auditing departments, and considering the interaction between risk events, prevent two tendencies: one is the department's risk in risk preference can withstand ability, but within the overall effect may be beyond sustai

29、ning limit, because individual risk influence is not always add, may be multiplied; Second is the risk of individual departments over its limits, but exposure to the overall risk level haven't beyond sustaining range, because sometimes has offset the effects of the event of the effect. At this time,

30、 and further, strive for higher return risk with room to grow. According to risk portfolio and the overall management point of view, need unification consideration risk events as risk countermeasures between interaction between, overall risk management plan formulated. 3. Internal control and risk

31、 management inner link Enterprise system evolution and risk associated with the development. The establishment of a limited liability system is running or partnership enterprise organization from the key turning into a modern shares, it enables shareholders steps possessions and enterprise propert

32、y and enterprise economic responsibility independent, shareholder transformation will no longer affect the enterprise credit capacity for equity transactions, expanded range and increased liquidity, which reduces the risk of investment and promoting enterprise financing, contributed to today a giant

33、 corporation. In order to make equity trading and the shareholders transform business continuity, influence and to make capital and management ability realize more optimal combination of ownership and management, enterprise in the modern enterprise of altitude, which also separate brings new risks

34、 namely professional operators might not perform its accountability and shareholders' expense. In addition, limited liability may also lure enterprise engaged in high risk and damage the project's creditors. Because in limited liability, the potential revenue mainly by the enterprise (shareholders)

35、 to obtain, and the risk of failure, the major that bankruptcy is borne by the obligee. The risk is not marketization, the market competition spontaneous constraints or market transactions, such as providing a hedge product quality or natural disasters, but mechanism, belongs to the organization or

36、trade in agency issues, need to regulate rules and system. These systems include corporate governance in the liability system, such as financial report, an internal control and audit, etc. Internal control and risk management is the fundamental role maintenance, security enterprise asset investor

37、interest, and create new value. Fama&Jensen (1983) analyzed under the board of directors of ownership and separation of the internal control functions; Jensen (1993) further analyzed the American board of directors in internal control with reasons for the failure of performance. Theoretically, the e

38、nterprise internal control is the enterprise system component, is in the enterprise management and ownership of the separation of investor benefit under the condition of the protection mechanism. Its purpose is to ensure the accuracy and reliability of the accounting information management, prevent

39、manipulation of statements and fraud and protect the company's property security, comply with the law in order to maintain the company's reputation and avoid incur pecuniary loss, etc. The historical origin of internal control, the requirements to earlier more basic, easier or appropriate rise to le

40、gislative level. Enterprise risk management is in the new technology and the market conditions of natural extension of internal control. COSO in the enterprise risk management framework of risk management of significance about when this is the case discussion: "enterprise risk management strategy an

41、d organization used in the various levels activities. It enables managers in the face of uncertainty can identify, evaluate and manage risk, play the role of creation and maintain value. Risk management can make risk preference and strategic keeps consistent, will risk and growth and return overall

42、consideration, promote the decision against risks and reduce the risk and losses, identify business management and enterprise crossover risk, for various risks to provide overall countermeasures, capture opportunities and make capital rationalization." COCO in explaining the generalized control and

43、risk discusses way: "' leadership 'in the face of uncertainty include choice." risk "refers to individuals or organizations are making choices adverse consequences after the possibility of suffering. The risk is opportunity counterparts." Obviously, these discussions have realized that enterprise ex

44、ists for shareholders or stakeholders (for nonprofit organization, etc.), and create value value creation is not only passive assets security, it should also include the use of opportunity. Moreover, the threat of shareholder value comes not from the operator internal factors such as accounting frau

45、ds, including from the market risk, etc. Technology and market conditions, promote the new progress of internal control to risk management. In advanced information technology conditions, accounting records realized the electronic control, real-time update, make traditional error-detection and prev

46、ent disadvantages accounting control seems outdated. However, the risk is often caused by trading or organization innovation, these innovation comes from emerging market practice, such as enron will energy trading large developed into similar financial derivatives trading. On the other hand, environ

47、mental protection and the enforcement of protection of consumer rights, strengthened the social responsibility of the enterprise, if an enterprise may have inadvertently, suffer from commodity market or capital market for the enterprise, and punish the performance brand value, or the capital market

48、capitalisation put-downs. Therefore, the enterprise need a daily operation function and structure to guard against risks, including abide by laws and regulations, and ensure the trust of investors and ensure financial information management efficiency, etc. Therefore, from maintenance and promote th

49、is basic function value creation standpoint, risk management and internal control target is consistent, just in new technology and the market conditions, in order to effectively protect the interests of investors need in the basis of the development of internal control more active and more comprehen

50、sive risk management. 4.From internal control to risk management There is a debate that risk management include internal control, or internal control contains risk management. The author thinks that what kind of conclusion that is not very important, the most important is to clear risk managemen