版權(quán)說明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請進(jìn)行舉報(bào)或認(rèn)領(lǐng)
文檔簡介
1、<p> 2200單詞,13500英文字符,4200漢字</p><p> 出處: Audrey.A. Gramling.Internal auditing's role in ERM.2004:2-4.</p><p><b> 外文文獻(xiàn)翻譯</b></p><p><b> 原文:</b>&l
2、t;/p><p> Internal auditing's role in ERM</p><p> Audrey.A. Gramling.</p><p> As organizations lay their enterprise risk groundwork, many auditors are taking on management's
3、 oversight responsibilities, new research finds.</p><p> Internal audit departments have played a variety of roles in their organization's enterprise risk management (ERM) activities since The Committee
4、 of Sponsoring Organizations of the Tread way Commission (COSO) released its Enterprise Risk Management-Integrated Framework in September 2004. An IIA position paper issued in the wake of COSO ERM, "The Role of Inte
5、rnal Auditing in Enterprise-wide Risk Management," indicates the roles that the internal audit function should and should not play throughou</p><p> A recent IIA Research Foundation study examined the
6、extent to which internal audit functions adhere to the ERM roles recommended in the IIA paper. During October 2005, researchers disseminated an online survey to 7,200 IIA members through The Institute's Global Auditi
7、ng Information Network. The survey generated 361 responses from a mix of large, mid-sized, and small organizations in a variety of industries, including businesses, government agencies, and not for profit organizations.
8、Nearly 60 pe</p><p> Respondents' organizations are at different stages of implementing ERM, as defined by COSO. More than 11 percent say their organization's ERM infrastructure is mature or relativ
9、ely mature, and 37 percent have recently adopted or are in the process of implementing ERM. Among all organizations surveyed, the internal audit function is primarily responsible for ERM-related activities in 36 percent
10、of respondents' organizations, while 27 percent say the primary responsibility belongs to a chief risk </p><p> The hours and dollars internal audit functions spend on ERM-related activities are minimal
11、 for many respondents. Nearly half say their audit department spent 10 percent or less of its hourly and financial budgets on ERM-related activities during fiscal year 2004. More than one-third of audit departments spent
12、 II percent to 50 percent of their time on ERM, and 28 percent spent n percent to 50 percent of their financial budgets, while less than 10 percent of departments Spent more than 50 percent </p><p> The IIA
13、 position paper categorizes 18 ERM-related activities according to the appropriate level of responsibility for the internal audit function. Survey respondents reported their current and ideal level of responsibility for
14、these activities: no responsibility, limited responsibility, moderate responsibility, substantial responsibility, and total responsibility.</p><p> CORE ACTIVITIES</p><p> Differences between
15、respondents' current and ideal responsibilities are greatest for the five core ERM assurance activities identified In the IIA paper. Respondents Indicated that their current responsibility for each of the core ERM re
16、lated activities is moderate, but they say they should have a substantial level of responsibility. These views agree with the IIA guidance. Additionally, roughly half of internal audit functions surveyed currently have s
17、ubstantial or full responsibility for at lea</p><p> Within the core category, the audit function's two highest levels of current responsibility involve reviewing management of key risks and evaluating
18、the risk management process. Evaluating the risk management process and giving assurance on risk management processes are the highest-rated ideal responsibilities. Conversely, giving assurance that risks are evaluated co
19、rrectly is the lowest-rated current and ideal responsibility.</p><p> The following respondent comments offer some insight into why audit departments are not currently involved in core ERM-related activitie
20、s at the level they deem appropriate;</p><p> "We have just recently begun implementing ERM activities in our company. We do not yet have complete understanding of the process and buy-in from managemen
21、t."</p><p> "The audit committee and management are not aware of what ERM is." </p><p> "The internal audit function has just initiated an awareness campaign among the audi
22、t committee members."</p><p> These comments suggest that educating management and the audit committee on ERM issues can be critical to ensuring that the audit function takes on an appropriate level of
23、 responsibility for ERM. </p><p> LEGITIMATE ACTIVITIES</p><p> The IIA paper prescribes seven legitimate ERM-related activities for which internal committee audit functions may be responsibl
24、e as long as safeguards are in place: facilitating the identification and evaluation of risks, coaching management in responding to risks, coordinating ERM-related activities, consolidating the reporting on risks, mainta
25、ining and developing the ERM framework, championing establishment of ERM, and developing risk management strategy for board approval. These activities a</p><p> Within the legitimate category, the highest l
26、evel of current internal audit responsibility involves facilitating the identification and evaluation of risks —the top-rated ERM-related activity, including core activities. This activity is also the highest-rated ideal
27、 activity among legitimate activities, suggesting that auditors consider it a core responsibility. This finding is not surprising. because risk detection and evaluation are traditional considerations in developing annual
28、 audit plans. T</p><p> The IIA guidance cautions that when internal auditors undertake these legitimate consulting activities, safeguards should be in place to ensure that they do not take on management re
29、sponsibility for actually managing risks. One possible preventive measure would include documenting the auditors' ERM responsibilities in an audit committee-approved audit charter. Further, if auditors take on any ER
30、M-related activities that fall within this consulting role, they should treat these engagements as con</p><p> INAPPROPRIATE ACTIVITIES</p><p> According to the IIA position paper. It is inapp
31、ropriate for internal auditors to be responsible for six ERM-related activities: setting the risk appetite, imposing risk management processes, providing management assurance on risks, making decisions on risk responses,
32、 implementing risk responses on management's behalf, and having accountability for risk management. Overall, audit functions in the survey have greater responsibility for these activities than the IIA paper recommend
33、s. However, audi</p><p> Within the inappropriate category, internal auditors' highest level of current and ideal responsibility is providing management assurance on risks, while their lowest level of r
34、esponsibility is for setting the risk appetite. Respondents' comments suggest that auditors currently have greater responsibilities in these areas because the audit function is playing a leading role during the early
35、 stages of ERM development.</p><p> ORGANIZATIONAL CHARACTERISTICS</p><p> The perceived current and ideal FRM roles for the internal audit function may vary across organizations, depending on
36、 the organization's industry, size, and audit department size, as well as the firm's need to comply with the U.S. Sarbanes-Oxley Act of 2002.</p><p> INDUSTRY Respondents work in a variety of sector
37、s, including financial services, manufacturing, transportation, communications, utilities, health care, retail and wholesale, government, and education. Researchers compared responses from the two largest industry groups
38、: financial services and manufacturing. On average, financial service industry audit departments have greater current responsibility for core activities than those from manufacturing. With respect to inappropriate activi
39、ties, manufa</p><p> ORGANIZATION SIZE Approximately half of respondents work in organizations that had 2004 revenues between US $500 million and US $5 billion. Nearly 25 percent of respondents work in orga
40、nizations that had revenues under US $500 million in 2004, while a similar number of respondents work in organizations that had more than US $5 billion in revenue that year. Researchers compared responses from organizati
41、ons with revenues of less than US $1 billion with organizations with revenues greater than US $</p><p> AUDIT STAFF SIZE More than half of respondents work in audit departments with 10 or fewer auditors, s
42、lightly more than one-quarter work in departments with between 11 and 50 auditors, and approximately one-tenth of respondents work in departments with more than 50 auditors. Internal audit functions with more than 10 aud
43、itors currently have somewhat more responsibility for core activities than audit departments with 10 or fewer auditors. Both large and small audit functions have roughly equal le</p><p> SARBANES-OXLEY Most
44、 respondents' organizations are required to comply with Sarbanes-Oxley Section 404. Researchers found few differences between those organizations and respondents from organizations that do not have to comply with the
45、 act. The primary difference related to core activities, where compliers report a higher level of current responsibility than non-compliers.</p><p> Although the IIA guidance is equally applicable to all or
46、ganizations, the research indicates that smaller internal audit departments and those from smaller organizations tend to take on ERM responsibilities that would be more appropriate for management. In these cases, interna
47、l auditing should work to develop an ERM implementation and maintenance plan that includes a stratcgy and timeline for migrating responsibilities for these activities to management</p><p> THE AUDITOR'S
48、 ROLE</p><p> Although the survey results suggest that the current levels of responsibility audit departments have may differ somewhat from that levels recommended by The IIA'S position paper, the respo
49、ndents' comments offer some evidence that auditors understand the underlying concepts of the guidance:</p><p> "There needs to be a shift in the 'doing' of the ERM to being an internal audi
50、t function that relies on and evaluates the ERM process. ERM should be in sync with the audit universe and plan,"</p><p> "In the past i8 months, the corporation has appointed a CRO to provide ove
51、rsight and guidance to evolving ERM processes. During this period, much of internal auditing's previous ERM roles have migrated to this officer." More importantly, respondents identified significant barriers in
52、their organizations to following the guidance:</p><p> "These ERM responsibilities and processes are not well defined in many organizations and should be more clearly articulated by senior management.&
53、quot;</p><p> 'There is not enough emphasis from the top that risk management is important and must be done effectively. Management is still trying to hide things from internal auditing. It's not th
54、em against us, we're all in it together."</p><p> "Most auditors and enterprise managers lack clarity on the distinction between responsibility for risk assurance implementation versus respons
55、ibility for risk assurance compliance and monitoring."</p><p> These comments stress that a key element to establishing a successful ERM program is education on the importance of ERM and the appropriat
56、e roles management and internal auditing have in the process. Internal auditors can play a key role in providing this education. The audit department, management, hoard of directors, and audit committee need to be clear
57、about which ERM related activities internal auditors should perform and which activities should always be performed by management. Relevant tr</p><p> Auditors should take steps to ensure that the board and
58、 audit committee are aware of the COSO ERM framework and are actively engaged in overseeing the ERM process. Additionally, auditors should consider training senior management, the board, and others throughout their organ
59、ization on COSO ERM and related guidance.</p><p> Responses to the survey provide useful insights into additional steps that the internal audit profession should take. Auditors whose organizations are in th
60、e early stages of adopting ERM or will be implementing ERM in the future have many opportunities to ensure that the process is effective and efficient. For example, audit departments that currendy perform ERM-related act
61、ivities that should be management's responsibility can take proactive steps to open up the lines of communication between in</p><p> With appropriate planning, communication, and education, internal aud
62、itors, management, the board, and external auditors should be ready to work together to achieve the many benefits of ERM. Ideally, this coordination will result in performing ERM-related activities at appropriate places
63、within the organization, management accepting its responsibility for ERM, and that audit function playing a role that is consistent with appropriate professional guidance.</p><p> 出處:奧德麗.格萊姆林.內(nèi)部審計(jì)在企業(yè)風(fēng)險(xiǎn)管理中的作
64、用.2004:2-4</p><p><b> 譯文:</b></p><p> 內(nèi)部審計(jì)在企業(yè)風(fēng)險(xiǎn)管理中的作用</p><p> 新的研究發(fā)現(xiàn):隨著企業(yè)以組織風(fēng)險(xiǎn)為基礎(chǔ),許多審計(jì)人員對管理層采取職責(zé)監(jiān)督措施。</p><p> 自2004年9月COSO組織發(fā)布的《企業(yè)風(fēng)險(xiǎn)管理的集成框架》起,內(nèi)部審計(jì)部門在組織的
65、企業(yè)風(fēng)險(xiǎn)管理中扮演管理的角色。在COSO發(fā)布企業(yè)風(fēng)險(xiǎn)管理文件之后,國際投資協(xié)定發(fā)布:內(nèi)部審計(jì)在企業(yè)風(fēng)險(xiǎn)管理中的作用。表明內(nèi)部審計(jì)的職能應(yīng)該在整個(gè)管理過程中發(fā)揮,從沒有充分參與到充分參與的過程。根據(jù)該文件,內(nèi)部審計(jì)人員應(yīng)該從五個(gè)參與風(fēng)險(xiǎn)管理有關(guān)的活動(dòng)中保證其核心作用:提供有關(guān)風(fēng)險(xiǎn)管理流程保證;使正確評估風(fēng)險(xiǎn)保證;評估風(fēng)險(xiǎn)管理流程;評估報(bào)告的主要風(fēng)險(xiǎn);以及檢討管理的主要風(fēng)險(xiǎn)。</p><p> 在IIA研究基金會(huì)最
66、新的一項(xiàng)研究報(bào)告審查中得出,有關(guān)內(nèi)部審計(jì)職能,堅(jiān)持以國際投資協(xié)議文件中的定義,以企業(yè)風(fēng)險(xiǎn)管理為主要職能。2005年10月期間,研究人員通過該研究所的全球?qū)徲?jì)信息網(wǎng)絡(luò),對7200位國際投資協(xié)定的成員作了一個(gè)在線調(diào)查。調(diào)查發(fā)現(xiàn):來自361個(gè)大型、大中型混合及部分小型營利組織(包括企業(yè)和政府機(jī)構(gòu))做出了積極的響應(yīng)。近60%的受訪者為首席審計(jì)執(zhí)行官或者是審計(jì)署署長,23%為審計(jì)經(jīng)理,7.8%為工作人員或者高級(jí)審核員。大約90%來自美國和加拿大。
67、</p><p> 受訪者在不同階段對組織實(shí)施企業(yè)風(fēng)險(xiǎn)管理,結(jié)果類似于COSO中描述的一樣。11%以上的人認(rèn)為,他們組織的企業(yè)風(fēng)險(xiǎn)管理基礎(chǔ)設(shè)施成熟或者相對成熟,有37%左右的人認(rèn)為,組織的ERM最近通過并在執(zhí)行中。在所有調(diào)查的組織中,有36%受訪者負(fù)責(zé)的企業(yè)反應(yīng)內(nèi)部審計(jì)職能主要是負(fù)責(zé)組織的風(fēng)險(xiǎn)管理,而27%的人認(rèn)為,主要的責(zé)任是屬于首席執(zhí)行官(CRO)的,他不屬于國家審計(jì)職能的一部分;將近三分之一的人反應(yīng),認(rèn)為
68、應(yīng)該由另一行政領(lǐng)導(dǎo)或職能部門監(jiān)督企業(yè)風(fēng)險(xiǎn)管理。</p><p> 大部分受訪者反應(yīng):對于時(shí)間和金錢,內(nèi)部審計(jì)職能風(fēng)險(xiǎn)管理活動(dòng)花費(fèi)是最少的。將近一半的人說,2004年他們花了審計(jì)部門在每小時(shí)企業(yè)風(fēng)險(xiǎn)管理和財(cái)政預(yù)算中的百分之十,甚至更少。三分之一的人員反映審計(jì)部門花費(fèi)僅20%~50%的企業(yè)風(fēng)險(xiǎn)管理時(shí)間,花了28%~50%的財(cái)政預(yù)算;少于10%部門金錢和時(shí)間花費(fèi)超過50%。</p><p>
69、 國際內(nèi)部審計(jì)師協(xié)會(huì)的立場文件歸類中18號(hào)文件指出,根據(jù)內(nèi)部審計(jì)職能的適當(dāng)水平明確企業(yè)風(fēng)險(xiǎn)管理有關(guān)活動(dòng)的責(zé)任。</p><p><b> 核心活動(dòng):</b></p><p> 目前受訪者之間的差異和理想的職責(zé)最顯著的是:在國際內(nèi)部審計(jì)師協(xié)會(huì)文件中,保證企業(yè)風(fēng)險(xiǎn)管理中的五個(gè)核心活動(dòng)是最大的。受訪者表示,根據(jù)國稅,他們對當(dāng)前每一個(gè)ERM核心活動(dòng)的責(zé)任是溫和的,但他們也
70、表示,他們應(yīng)該有一個(gè)責(zé)任重大的水平。這些意見是同意國際內(nèi)部審計(jì)師協(xié)會(huì)的指導(dǎo)的。此外,大約一半的人認(rèn)為,內(nèi)部審計(jì)職能目前調(diào)查的全部活動(dòng)或有重大責(zé)任,至少有一個(gè)核心,并且超過三分之二認(rèn)為他們應(yīng)該有全部或重大活動(dòng)的責(zé)任,至少有一個(gè)核心。</p><p> 在這一核心范疇,對審計(jì)職能的兩個(gè)最高級(jí)別的現(xiàn)時(shí)義務(wù)主要包括審查風(fēng)險(xiǎn)管理和評價(jià)風(fēng)險(xiǎn)管理過程。評估風(fēng)險(xiǎn)管理過程,并給予保證過程的風(fēng)險(xiǎn)管理是最高的理想責(zé)任。相反,給予保證
71、,正確評估風(fēng)險(xiǎn)是最低要求的理想責(zé)任。</p><p> 以下是申請人提供的一些說法,他們認(rèn)為目前審計(jì)部門在適當(dāng)?shù)幕顒?dòng)所涉及的洞察力,為什么沒有核心企業(yè)風(fēng)險(xiǎn)管理相關(guān)的水平:</p><p> “我們最近剛剛開始實(shí)施我們公司的企業(yè)風(fēng)險(xiǎn)管理活動(dòng)。我們還沒有完全理解和掌握風(fēng)險(xiǎn)過程中的管理?!?lt;/p><p> “審計(jì)委員會(huì)和管理是不知道什么是企業(yè)風(fēng)險(xiǎn)管理。內(nèi)部審計(jì)職能
72、在剛剛開始的審計(jì)委員會(huì)成員之間開展宣傳活動(dòng)?!?lt;/p><p> 這些言論表明,教育管理和風(fēng)險(xiǎn)管理問題是:審計(jì)委員會(huì)在企業(yè)風(fēng)險(xiǎn)管理問題上,可以確保審計(jì)職能在企業(yè)風(fēng)險(xiǎn)管理中發(fā)揮在一個(gè)適當(dāng)?shù)乃健?lt;/p><p><b> 合法活動(dòng):</b></p><p> 國際內(nèi)部審計(jì)師協(xié)會(huì)規(guī)定了七個(gè)文件,有關(guān)企業(yè)風(fēng)險(xiǎn)管理的合法活動(dòng),而內(nèi)部審計(jì)委員會(huì)可能
73、發(fā)揮職能,需要負(fù)責(zé)的地方,需要的保障措施是:便利的識(shí)別和風(fēng)險(xiǎn)管理評價(jià)和訓(xùn)練管理者應(yīng)對風(fēng)險(xiǎn),協(xié)調(diào)企業(yè)風(fēng)險(xiǎn)管理有關(guān)的活動(dòng),鞏固報(bào)告的風(fēng)險(xiǎn),維護(hù)和發(fā)展企業(yè)風(fēng)險(xiǎn)管理框架,倡導(dǎo)建立企業(yè)風(fēng)險(xiǎn)管理,并制定董事會(huì)批準(zhǔn)的風(fēng)險(xiǎn)管理策略。</p><p> 這些活動(dòng)被稱為“咨詢”活動(dòng),雖然受訪者目前的責(zé)任范圍有限,從這些合法活動(dòng)中可以看到,他們說自己的理想水平應(yīng)該是適度的,這是根據(jù)國際審計(jì)師協(xié)會(huì)文件指導(dǎo)意見確定的。在合法的類別的當(dāng)前
74、內(nèi)部審計(jì)責(zé)任的最高級(jí)別涉及:促進(jìn)識(shí)別風(fēng)險(xiǎn)和風(fēng)險(xiǎn)評估,一流的ERM 相關(guān)活動(dòng),包括核心活動(dòng)。 這項(xiàng)活動(dòng)也是最高要求,建議審計(jì)人員的核心職責(zé)是合法活動(dòng)中的理想活動(dòng)。 這一結(jié)果并不令人驚訝,因?yàn)轱L(fēng)險(xiǎn)監(jiān)測和評估是在制定年度審計(jì)計(jì)劃中的傳統(tǒng)因素。最低要求和理想的活動(dòng)是得到一個(gè)董事會(huì)的批準(zhǔn),這是一個(gè)可能由管理者處理企業(yè)風(fēng)險(xiǎn)管理活動(dòng)最好的管理策略。</p><p> 國際內(nèi)部審計(jì)師協(xié)會(huì)的指導(dǎo)告誡說,當(dāng)內(nèi)部審計(jì)人員進(jìn)行這些合法
75、的咨詢活動(dòng)時(shí),保障措施到位,確保他們在不承擔(dān)實(shí)際管理風(fēng)險(xiǎn)的責(zé)任。一個(gè)可能的預(yù)防措施將包括記錄在審計(jì)委員會(huì)批準(zhǔn)的審計(jì)章程中,審計(jì)師對企業(yè)風(fēng)險(xiǎn)管理的責(zé)任。此外,如果審計(jì)人員承擔(dān)任何風(fēng)險(xiǎn)管理責(zé)任,是從事有關(guān)屬于這一咨詢的活動(dòng)的作用,他們應(yīng)該把這些約定的咨詢業(yè)務(wù),應(yīng)用相關(guān)協(xié)會(huì)標(biāo)準(zhǔn),以確保其獨(dú)立性和客觀性。</p><p><b> 不當(dāng)行為:</b></p><p> 根
76、據(jù)國際內(nèi)部審計(jì)師協(xié)會(huì)的立場文件。這是內(nèi)部審計(jì)人員認(rèn)為的6中不恰當(dāng)風(fēng)險(xiǎn)管理有關(guān)的活動(dòng)職能:設(shè)置風(fēng)險(xiǎn)承受能力,實(shí)行風(fēng)險(xiǎn)管理流程,提供風(fēng)險(xiǎn)管理保證,使風(fēng)險(xiǎn)應(yīng)對決策,執(zhí)行有關(guān)管理部門的代表風(fēng)險(xiǎn)的反應(yīng),并且有風(fēng)險(xiǎn)的責(zé)任管理。總體而言,在調(diào)查審計(jì)職能的這些活動(dòng)有比國際內(nèi)部審計(jì)師協(xié)會(huì)文件建議更大的的責(zé)任。然而,審計(jì)人員說,他們應(yīng)該對一些不適當(dāng)?shù)幕顒?dòng)承擔(dān)有限責(zé)任。</p><p> 在不恰當(dāng)?shù)念悇e中,審計(jì)人員的內(nèi)部責(zé)任程度最高
77、水平和理想責(zé)任應(yīng)該是為當(dāng)前風(fēng)險(xiǎn)管理提供保證,而他們的責(zé)任程度最低要求是設(shè)置的風(fēng)險(xiǎn)。受訪者建議,審計(jì)人員目前已在這些地區(qū)承擔(dān)更大的責(zé)任,因?yàn)閷徲?jì)職能在企業(yè)風(fēng)險(xiǎn)管理發(fā)展的早期階段的中發(fā)揮著主導(dǎo)作用。</p><p><b> 組織特征:</b></p><p> 理解與理想的內(nèi)部審計(jì)職能在FRM組織中的角色可能各不相同,這取決于該組織的行業(yè)、規(guī)模、和審計(jì)部門的大小,以
78、及該公司的需要,和是否符合2002年美國薩班斯法案。</p><p> 工業(yè):工業(yè)被訪者中包括 金融服務(wù)、 制造、 運(yùn)輸、 通信、 公用事業(yè)、 衛(wèi)生保健、 零售和批發(fā)、 政府和教育的部門的各種行業(yè)。 研究人員比較了來自兩個(gè)最大的產(chǎn)業(yè)群體的響應(yīng): 金融服務(wù)業(yè)和制造業(yè)。當(dāng)前,金融服務(wù)行業(yè)審計(jì)部門平均有比從事制造業(yè)核心活動(dòng)更大的責(zé)任。 對不適當(dāng)?shù)幕顒?dòng),制造業(yè)審計(jì)部門往往說他們理想的參與應(yīng)高于其當(dāng)前的責(zé)任,而 金融服務(wù)
79、性行業(yè)審計(jì)部門表示其當(dāng)前和理想的責(zé)任,在同一級(jí)別。</p><p> 組織:大約一半的受訪者2004 年財(cái)政收入在5億美元和50億美元之間的組織工作。 近 25%的受訪者都是在2004年收入在500萬美元以下的組織,而在那一年的收入已超過50億美元的組織中工作的數(shù)目類似的被訪者在組織中的工作比例。 研究人員比較來自組織收入少于10億美元對組織的響應(yīng)遠(yuǎn)遠(yuǎn)比10美元更多。審計(jì)人員平均了這兩種類型的組織具有較同等級(jí)別
80、的核心活動(dòng)的當(dāng)前責(zé)任。 但是,在核心活動(dòng)中,較小的組織對他們理想的參與比這些較大型組織更加重視。 較小的組織對待當(dāng)前不恰當(dāng)?shù)男袨?、活?dòng)有比較大組織稍高級(jí)別的責(zé)任,他們認(rèn)為在這些地區(qū),他們應(yīng)該更加理想的參與。</p><p> 會(huì)計(jì)檢查:超過一半的受訪者在只擁有10名或更少的審計(jì)人員的審計(jì)部門工作,略高于四分之一受訪者在11~50名審計(jì)師的審計(jì)部門工作,大約十分之一的被訪者擁有50 多個(gè)審計(jì)人員的審計(jì)部門工作。
81、擁有10多個(gè)內(nèi)部審計(jì)人員的審計(jì)部門,在企業(yè)核心活動(dòng)中有著比僅擁有10人一下的審計(jì)部門更多的責(zé)任。在其他 的ERM 有關(guān)活動(dòng)中,這兩個(gè)大型和小型審計(jì)職能具有大致相同級(jí)別的責(zé)任。 不過,與大審計(jì)組織不同,小審計(jì)部門的受訪者想要組織承擔(dān)更多對不適當(dāng)活動(dòng)的責(zé)任。</p><p> 大部分被訪者組織都必須遵守薩班斯-奧克斯利法案第 404條。 研究人員發(fā)現(xiàn)這些組織和被訪者沒有遵守行為的一些差異。主要的不同在于遵守契約與不
82、遵守之間的一個(gè)一個(gè)較高水平的核心活動(dòng)的差異。</p><p> 盡管國際投資協(xié)定的指導(dǎo)是同樣適用于所有組織,但研究顯示較小的內(nèi)部審計(jì)部門和那些較小的公司往往要求有企業(yè)風(fēng)險(xiǎn)管理的責(zé)任,和會(huì)較為適當(dāng)?shù)墓芾怼?在這些情況下內(nèi)部審計(jì)應(yīng)制定一個(gè) ERM 實(shí)施和維護(hù)計(jì)劃,包括一些策劃和遷移的時(shí)間軸管理活動(dòng)的責(zé)任。</p><p><b> 審計(jì)師的角色:</b></p&
83、gt;<p> 雖然調(diào)查結(jié)果表明從當(dāng)前入世級(jí)別的國際投資協(xié)定的立場文件所建議的水平的責(zé)任審計(jì)部門有可能有所不同,但是受訪者的意見提供了一些證據(jù),讓審計(jì)師了解本指南的基本概念:</p><p> “需要能夠?qū)RM 的 ‘做’轉(zhuǎn)移到依賴內(nèi)部審計(jì)職能、ERM 過程中的計(jì)算結(jié)果,ERM 應(yīng)與審計(jì)范圍和計(jì)劃同步”</p><p> “過去18月中該公司已委任一個(gè) CRO 提供監(jiān)
84、督和不斷變化的 ERM 過程指導(dǎo)。 在這段期間之前內(nèi)部審計(jì)在ERM 角色中有很多已經(jīng)遷移到這位官員?!备匾氖潜辉L者確定在其組織中的重大障礙,遵循指導(dǎo)原則:</p><p> 這些 ERM 責(zé)任和進(jìn)程在許多文件中并沒有很好的定義,應(yīng)該通過高級(jí)管理人員表現(xiàn)的更清楚一些。</p><p> 沒有足夠的證據(jù)說明,管理是重要的并且必須有效率的完成。管理仍試圖隱藏內(nèi)部審計(jì)的東西。這并不是他們針
85、對我們,我們都是在一起的。</p><p> 大多數(shù)審計(jì)人員和企業(yè)管理人員缺乏明確責(zé)任,來保證法規(guī)遵從性風(fēng)險(xiǎn)責(zé)任與風(fēng)險(xiǎn)保證實(shí)施和監(jiān)測之間的區(qū)別。</p><p> 這些意見強(qiáng)調(diào)建立一個(gè)成功的 ERM 程序,其中一個(gè)關(guān)鍵因素是在這一進(jìn)程的適當(dāng)角色管理和內(nèi)部審計(jì)在ERM 中的重要性教育。提供這種教育,內(nèi)部審計(jì)人員可以發(fā)揮關(guān)鍵作用。 該審計(jì)部門管理,董事,和審計(jì)委員會(huì)需要明確有關(guān)的 ERM
86、活動(dòng),內(nèi)部審計(jì)員應(yīng)執(zhí)行和管理哪些活動(dòng)。 內(nèi)部審計(jì)可對整個(gè)ERM 進(jìn)行監(jiān)測或扮演多個(gè)咨詢角色,但管理審計(jì)部門如果要保持其獨(dú)立性和客觀性,最終決策當(dāng)局必須應(yīng)突出顯示相關(guān)的培訓(xùn)。</p><p> 審計(jì)人員應(yīng)采取一定步驟,以確保委員會(huì)和審計(jì)委員會(huì)都知道 COSO ERM 框架,并積極參與監(jiān)督 ERM 過程。 此外,審計(jì)人員應(yīng)考慮對高級(jí)管理人員、所有者和其他管理人員進(jìn)行 COSO ERM培訓(xùn) 和相關(guān)的指導(dǎo)。</p
87、><p> 這項(xiàng)統(tǒng)計(jì)調(diào)查的回應(yīng)為內(nèi)部審計(jì)行業(yè)應(yīng)采取的額外步驟提供了有益的見解。其組織處于早期階段采用 ERM 的或在將來實(shí)施 ERM 的審計(jì)人員有很多機(jī)會(huì),確保這一進(jìn)程是有效和高效率的。例如審計(jì)部門執(zhí)行 ERM 有關(guān)的活動(dòng),應(yīng)是管理層的責(zé)任,可以采取積極步驟,開放的內(nèi)部審計(jì)是管理層、董事會(huì)、審計(jì)委員會(huì)和外聘審計(jì)師是對風(fēng)險(xiǎn)之間這種情況的通信線路。 這種通信方式應(yīng)鼓勵(lì)采取適當(dāng)?shù)?ERM 責(zé)任管理。一個(gè)前進(jìn)的審計(jì)部門可采
88、取這樣一個(gè)措施來發(fā)展內(nèi)部審計(jì),制定開發(fā)描述如何管理,可以承擔(dān)的責(zé)任,應(yīng)負(fù)責(zé)任的 ERM活動(dòng)的業(yè)務(wù)計(jì)劃。 不過,內(nèi)部審計(jì)人員應(yīng)認(rèn)識(shí)到,完成這項(xiàng)計(jì)劃可能不會(huì)快速的令人信服并接受這些 ERM 責(zé)任管理。</p><p> 與適當(dāng)?shù)囊?guī)劃、溝通和教育、內(nèi)部審計(jì)人員、管理、老板及外聘審計(jì)師應(yīng)共同努力實(shí)現(xiàn) ERM 的很多好處。理想情況下,這種協(xié)調(diào)將使該組織管理接受其負(fù)責(zé)的ERM,在適當(dāng)?shù)奈恢脠?zhí)行 ERM 有關(guān)的活動(dòng),并使入世
溫馨提示
- 1. 本站所有資源如無特殊說明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請下載最新的WinRAR軟件解壓。
- 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
- 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁內(nèi)容里面會(huì)有圖紙預(yù)覽,若沒有圖紙預(yù)覽就沒有圖紙。
- 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
- 5. 眾賞文庫僅提供信息存儲(chǔ)空間,僅對用戶上傳內(nèi)容的表現(xiàn)方式做保護(hù)處理,對用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對任何下載內(nèi)容負(fù)責(zé)。
- 6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容,請與我們聯(lián)系,我們立即糾正。
- 7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時(shí)也不承擔(dān)用戶因使用這些下載資源對自己和他人造成任何形式的傷害或損失。
最新文檔
- 內(nèi)部審計(jì)在企業(yè)風(fēng)險(xiǎn)管理中的作用【外文翻譯】
- 內(nèi)部審計(jì)在企業(yè)風(fēng)險(xiǎn)管理中的職責(zé)與作用
- 外文翻譯--內(nèi)部審計(jì)在公司治理中的價(jià)值(節(jié)選)
- 內(nèi)部審計(jì)在風(fēng)險(xiǎn)管理、企業(yè)管理和內(nèi)部控制中的作用
- 內(nèi)部審計(jì)在企業(yè)風(fēng)險(xiǎn)控制中的作用
- 對內(nèi)部審計(jì)在企業(yè)風(fēng)險(xiǎn)管理中作用的探討.pdf
- 內(nèi)部審計(jì)在企業(yè)風(fēng)險(xiǎn)管理中的作用機(jī)制探討.pdf
- [雙語翻譯]內(nèi)部控制外文翻譯—內(nèi)部控制與企業(yè)風(fēng)險(xiǎn)管理透視(節(jié)選)
- 內(nèi)部審計(jì)在企業(yè)管理中的作用
- [雙語翻譯]內(nèi)部控制外文翻譯—內(nèi)部控制與企業(yè)風(fēng)險(xiǎn)管理透視(節(jié)選).DOCX
- 內(nèi)部審計(jì)在風(fēng)險(xiǎn)管理中的職責(zé)和作用
- 外文翻譯—企業(yè)風(fēng)險(xiǎn)管理、戰(zhàn)略靈活性、內(nèi)部審計(jì)質(zhì)量對企業(yè)績效的影響(節(jié)選)
- 淺談內(nèi)部審計(jì)在企業(yè)風(fēng)險(xiǎn)管理中的應(yīng)用
- 淺析內(nèi)部審計(jì)在企業(yè)管理中的作用
- 外文翻譯—中小企業(yè)內(nèi)部審計(jì)(節(jié)選)
- 企業(yè)風(fēng)險(xiǎn)管理中的內(nèi)部審計(jì)研究
- 淺析內(nèi)部審計(jì)在全面風(fēng)險(xiǎn)管理中的定位與作用
- 現(xiàn)代內(nèi)部審計(jì)在企業(yè)管理中的作用初探
- 關(guān)于內(nèi)部審計(jì)在企業(yè)財(cái)務(wù)風(fēng)險(xiǎn)控制中的作用研究
- 2017年內(nèi)部控制外文翻譯—內(nèi)部控制與企業(yè)風(fēng)險(xiǎn)管理透視(節(jié)選).DOCX
評論
0/150
提交評論