1、 1 Internal control and risk management 1. Internal control -, standard and legislation In 1985, the United States in order to curb the growing business of accounting fraud activities, formed a committee against financial fraud Treadway committee), (accounting fraud activities investigation led to r
2、eason and proposed solutions. The scheme emphasized the importance of internal control, requests and Suggestions of all listed companies should provide in the annals of internal control reports. The report shall include admit management authorities of financial reporting and internal control is resp
3、onsible, and discuss the implementation of these responsibilities. In The end The mission Treadway Committee after The five, The commission launched organization jointly established a new Committee - The Com - mittee COSO (Sponsoring Organizations of The Treadway of ordinary), namely The organizing
4、Committee Treadway Committee launched. It consists of the American public institute of certified public accountants (AICPA), American accounting association (AAA), international financial management association (FEI), internal auditors association (type IIA), international accounting association (NA
5、A would) (a managerial accounting association jointly sponsored IMA predecessor). COSO continue to study and in 1992 it issued a programmatic document about the Internal Control, namely Internal Control - the overall framework (Internal Control - IntegratedFramework). The reports are put forward the
6、 COSO U.S. federal reserve, the United States securities and exchange commission, the Basel committee regulators or international organizations such as the recognition and adopted, many of these definitions, Suggestions and ideas absorbed into the legislation and regulations, worldwide has had a bro
7、ad impact. Since THE end of 2001, THE United States broke with enron, worldcom, xerox and other companies financial cases of fraud as a representative of accounting scandals, hit U.S. capital markets and THE economy, also concentrated exposure for American companies in THE existing problem of intern
8、al control, thus causing THE United States adopted THE sasha class nice -, THE extension of THE law (SARBANES OXLEY ACT) -. The bill made clear company managers CEO and CFO finance director of internal control, and will be held directly responsible shall undertake economic and criminal consequences;
9、 Greatly improve the punishment of accounting fraud; Strengthening the internal audit, external audit and audit supervision. This legislation represents a large capital market 2 system, also make the progress of the importance of internal control people have more deeply. 2. The internal control and
10、risk management comparison Internal control and risk management has the close relation. COSO internal control is that part of the risk management. Therefore, the committee in the whole framework of internal control - the basis of, and in 2003 issued a new report -, enterprise risk management framewo
11、rk. At present the report was only a rough draft, in public, revised later, is expected to formally released this year. The enterprise risk management framework inherit and contains the whole framework of internal control - the main content also expanded the three elements, added a goal, updated som
12、e ideas for countries to provide a unified enterprise risk management terms and concepts of comprehensive application guide system. COSO internal control and risk management of the definition and elements were: Internal control: enterprise internal control is by the enterprise board of directors, ma
13、nagers, and other staff to implement, for financial reporting accuracy, business activity of efficiency and effect, the relevant laws and regulations such as the follow to achieve the goal of the process and provide reasonable assurance. It includes five elements: control environment, risk assessmen
14、t, control activities, information and communication, the surveillance. Risk management: enterprise risk management is a process of the board of directors, the management of enterprises and other personnel to implement, applied in strategy formulation and enterprise all levels of activity, aims to i
15、dentify possible influence enterprise various potential events, and according to enterprises risk preference for enterprises to manage risk, to achieve the goal of providing reasonable assurance. It has eight elements: the internal environment, goal setting, event risk identification, risk assessmen
16、t, countermeasures, control activities, information and communication, the surveillance. The two reports from the COSO perspective, the enterprise risk management and internal control has the following similar or different places: First, they are made by enterprise board, management and other person
17、nel to implement, emphasize the point, says the participation parties on the internal control and risk management has a corresponding roles and responsibilities. Second, they are all clearly is a process, not as a static thing, such as system files, technical model and so on, also not be alone or ex
18、tra activities, such as 3 inspection, evaluation is best placed inside enterprise daily management process, as a kind of routine operation mechanism to construction. Third, they are for the realization of the goal of enterprise provide reasonable assurance. Risk management objectives are four catego
19、ries, including three categories and internal control collocated, namely report targets, business targets and follow the targets. But the report targets have expanded, it not only include financial report, also requires all the accuracy of internal and external non-financial class report issued by t
20、he accurate and reliable. In addition, risk management increased the strategic target, namely and enterprise vision or mission related high-level objectives. This means that risk management is not only ensure management efficiency and effect, and intervention in the enterprise strategy (including bu
21、siness objectives) formulation process. Fourth, risk management and internal control elements have five aspects, i.e. (overlap is control or internal) environment, risk assessment, control activities, information and communication, the surveillance. These coincide most of their goals and realization
22、 mechanism coincide of similar decision. Risk management increased goal setting, event identification and risk countermeasures three factors. Coincide elements, connotation, for example, has been extended internal control environment including honest character and moral values, staff quality and abi
23、lity, the board of directors and the audit committee, management philosophy and management style, the organizational structure, the power and the allocation of responsibility, human resource policies and practices seven aspects. Risk management internal environment in addition to include these seven
24、 aspects outside, still include risk management philosophy, risk preference (appetite) and risks associated cultural three new content. In the risk assessment elements, risk management requires the consideration of the inherent risk and residual risk, with expectations, worst case values or probabil
25、ity distribution measure risk and to consider time preferences and risk association between the role. In information and communication, risk management emphasized the past, present and future of the relevant data about obtaining and analysis, provides information of the depth and timeliness, etc. Fi
26、fth, risk management proposes risk portfolio and the overall risk management (in tegrated management) - are new idea. The enterprise risk management framework in the theory of modern financial borrowing portfolio risk theory, this paper puts forward the concept of combination and overall management from enterprise level,
