1、Internal controlFrom Wikipedia, the free encyclopedia内部控制从“维基百科”,免费的百科全书In accounting and auditing, internal control is defined as a process effected by an organizations structure, work and authority flows, people and management information systems, designed to help the organization accomplish speci
2、fic goals or objectives.1 It is a means by which an organizations resources are directed, monitored, and measured. It plays an important role in preventing and detecting fraud and protecting the organizations resources, both physical (e.g., machinery and property) and intangible (e.g., reputation or
3、 intellectual property such as trademarks). 在会计、审计、内部控制被定义为一种过程影响一个组织的结构、工作流程和权威,人们和管理信息系统,用于帮助组织完成特定的目标或目的。1使用的一种方法,它是一个组织的资源是导演 ,被监测和测量。发挥了重要的作用,在预防和侦测诈骗和保护组织的资源, 包括生理的(例如,机械及财产)和无形的(如,声誉和知识产权的商标) 。At the organizational level, internal control objectives relate to the reliability of financial repo
4、rting, timely feedback on the achievement of operational or strategic goals, and compliance with laws and regulations. At the specific transaction level, internal control refers to the actions taken to achieve a specific objective (e.g., how to ensure the organizations payments to third parties are
5、for valid services rendered.) Internal control procedures2 reduce process variation, leading to more predictable outcomes. Internal control is a key element of the Foreign Corrupt Practices Act (FCPA) of 1977 and the SarbanesOxley Act of 2002, which required improvements in internal control in Unite
6、d States public corporations. Internal controls within business entities are also referred to as operational controls.Internal controls have existed from ancient times. In Hellenistic Egypt there was a dual administration, with one set of bureaucrats charged with collecting taxes and another with su
7、pervising them.3 In the Republic of China, the Control Yuan (監察院; pinyin: Jinch Yan), one of the five branches of government, is an investigatory agency that monitors the other branches of government. 在组织层次、内部控制目标与财务报告的可靠性,及时反馈中所取得的成果, 具体操作和战略目标和法律法规遵循情况。在特定的交易水平,内部控制是指采取的动作来达到特定的目的(例如,如何确保组织的付款给第三方
8、提供的服务是为有效。)内部控制程序2的基础上降低制程变异,导致更可预见的结果。内部控制是一种主要元素的海外反腐败法(涉外贪渎)于 1977 年和 2002 年的老朋友奥克斯 Sarbanes 行为,这要求改进内部控制在美国上市公司的数据。在事业单位内部控制也被叫作运行控制。DefinitionsThere are many definitions of internal control, as it affects the various constituencies (stakeholders) of an organization in various ways and at differ
9、ent levels of aggregation. 有许多的定义,因为它会影响内部控制,各选区(利益关系人)的一个组织以各种不同的方式和不同级别的集合体。Under the COSO Internal Control-Integrated Framework, a widely-used framework in the United States, internal control is broadly defined as a process, effected by an entitys board of directors, management, and other personn
10、el, designed to provide reasonable assurance regarding the achievement of objectives in the following categories: a) Effectiveness and efficiency of operations; b) Reliability of financial reporting; and c) Compliance with laws and regulations. COSO 内部 Control-Integrated 框架下,一种被广泛使用的框架在美国,内部控制是广义的定义
11、作为一个过程,受到一个实体的董事会、管理层和其他人员, 设计提供合理保证目标有关的成果在以下几类:1)的效果和效率业务;b) 可靠性的财务报告,和 c)符合法律法规,制定本办法。COSO defines internal control as having five components:1. Control Environment-sets the tone for the organization, influencing the control consciousness of its people. It is the foundation for all other componen
12、ts of internal control.2. Risk Assessment-the identification and analysis of relevant risks to the achievement of objectives, forming a basis for how the risks should be managed3. Information and Communication-systems or processes that support the identification, capture, and exchange of information
13、 in a form and time frame that enable people to carry out their responsibilities4. Control Activities-the policies and procedures that help ensure management directives are carried out.Monitoring-processes used to assess the quality of internal control performance over time. COSO 内部控制作为定义有五个组成部分:1。控
14、制 Environment-sets 基调为组织,影响控制意识的人。它是所有其它组件的基础的内部控制。2。风险识别和分析 Assessment-the 相应风险达成目标 ,形成了依据风险应如何管理3。信息和 Communication-systems 或过程, 支持识别、获取和交换信息在某种形式和时间框架,使人去执行他们的责任4。控制活动政策和手段 ,有助于确保管理指令执行。5。Monitoring-processes 用来评估你的内部质量,控制性能。The COSO definition relates to the aggregate control system of the organ
15、ization, which is composed of many individual control procedures.Discrete control procedures, or controls are defined by the SEC as: “.a specific set of policies, procedures, and activities designed to meet an objective. A control may exist within a designated function or activity in a process. A co
16、ntrols impact.may be entity-wide or specific to an account balance, class of transactions or application. Controls have unique characteristics for example, they can be: automated or manual; reconciliations; segregation of duties; review and approval authorizations; safeguarding and accountability of
17、 assets; preventing or detecting error or fraud. Controls within a process may consist of financial reporting controls and operational controls (that is, those designed to achieve operational objectives).“4COSO 定义与骨料控制系统的组织,它是由许多独立的控制程序。离散控制程序,或控件是确定的美国证券交易委员会(SEC)为:“一套特定的政策和程序,以及活动旨在满足客观。一种控制可能存在的战
18、区内功能或者活动的一个过程。一种控制的影响 entity-wide可能是一个帐户余额或特定的交易、阶级或应用程序。控制有独特的特征例如,他们可以自动或手动;对帐:;责任的划分 ;审查和批准授权;维护和问责的资产;预防或检测误差或欺诈的行为。在一个过程控制可由财务控制报告和日常运作的控制管理(也就是说,那些旨在实现经营目标”4)。edit ContextMore generally, setting objectives, budgets, plans and other expectations establish criteria for control. Control itself ex
19、ists to keep performance or a state of affairs within what is expected, allowed or accepted. Control built within a process is internal in nature. It takes place with a combination of interrelated components - such as social environment effecting behavior of employees, information necessary in contr
20、ol, and policies and procedures. Internal control structure is a plan determining how internal control consists of these elements.5The concepts of corporate governance also heavily rely on the necessity of internal controls. Internal controls help ensure that processes operate as designed and that r
21、isk responses (risk treatments) in risk management are carried out. In addition, there needs to be in place circumstances ensuring that the aforementioned procedures will be performed as intended: right attitudes, integrity and competence, and monitoring by managers.更普遍的是,设定目标、预算、计划和其他的期望建立的标准, 对控制。
22、要保持控制本身存在一场演出或事务的状态在什么是期望的,允许或接受。建在一个过程控制是内部的性质。它就发生相结合的方式把相关的信息,如社会环境影响员工的行为,必要的信息,在控制, 政策和程序。内部控制结构是一种计划如何决定内部控制由这些元素5。公司治理的概念也严重依赖于内部控制的必要性。内部控制帮助确保所设计过程操作风险,风险反应(治疗)在风险管理执行。此外,我们需要到位的情况下保证上述程序将履行的意向:正确的态度、完整性和能力的培养,而监测被管理者。Roles and responsibilities in internal controlAccording to the COSO Frame
23、work, everyone in an organization has responsibility for internal control to some extent. Virtually all employees produce information used in the internal control system or take other actions needed to affect control. Also, all personnel should be responsible for communicating upward problems in ope
24、rations, noncompliance with the code of conduct, or other policy violations or illegal actions. Each major entity in corporate governance has a particular role to play:Management: The Chief Executive Officer (the top manager) of the organization has overall responsibility for designing and implement
25、ing effective internal control. More than any other individual, the chief executive sets the “tone at the top“ that affects integrity and ethics and other factors of a positive control environment. In a large company, the chief executive fulfills this duty by providing leadership and direction to se
26、nior managers and reviewing the way theyre controlling the business. Senior managers, in turn, assign responsibility for establishment of more specific internal control policies and procedures to personnel responsible for the units functions. In a smaller entity, the influence of the chief executive
27、, often an owner-manager, is usually more direct. In any event, in a cascading responsibility, a manager is effectively a chief executive of his or her sphere of responsibility. Of particular significance are financial officers and their staffs, whose control activities cut across, as well as up and down, the operating and other units of an enterprise.内部控制的角色和责任根据 COSO 框架,每个人都在一个组织中,负责内部控制产生了一定的影响。几乎所有的员工提供相关信息使用的内部控制体系中缺少或者采取其他所需的行动影响控制。同时,所有人员应负责营运中, 向上问题交流不符合守则的规定,或者其他违反政策, 或非法行为。每个主要的实体公司治理中都有一个特殊的角色的扮演。
