财务内部控制论文的参考文献

制定一个危险源管理方案的参考文献

【摘要】文章对国内外企业风险评估的现状进行分析。根据企业的特点和发展趋势，指出进行内部控制风险评估的现实意义，并从全面风险管理目标、收集风险管理初始信息、风险识别、风险分析、风险评价、风险管理策略等方面，探讨了如何建立我国企业内部控制中的风险评估体系。 【关键词】内部控制；风险评估；管理策略为了加强和规范企业内部控制，提高企业经营管理水平和风险防范能力，根据国家有关法律法规，财政部会同证监会、审计署、银监会、保监会制定了《企业内部控制基本规范》。该规范自2009年7月1日起在上市公司范围内施行，鼓励非上市的大中型企业执行。我国《企业内部控制基本规范》提出我国内部控制的基本要素包括内部环境、风险评估、控制活动、信息与沟通和内部监督等五项，并在《基本规范》中单辟一章，就风险评估的有关内容进行了规定。这说明国家和企业已经意识到风险评估在企业内部控制中的重要作用，那么企业应该从哪些方面来加强识别企业风险，建立风险评估系统，进一步改善内部控制呢？ 一、国内外企业风险评估体系研究综述国外对内部控制的研究已有很长的历史。1988年美国注册会计师协会发布《审计准则公告第55号》，该公告提出内部控制结构的三个要素：控制环境、会计制度、控制程序。进入90年代以后，COSO提出《内部控制—整体框架》的报告，将内部控制分为控制环境、风险评估、控制活动、信息与沟通和监督五个部分，实现了内部控制由三要素向五要素的飞跃。自此风险评估被纳入内部控制系统之中。最新内部控制研究结果表明，内部控制与风险管理愈发趋向目标一致，某些内容也有较大重合，COSO也于2001年起着手进行风险管理研究，从最初的将风险评估作为一个要素纳入内部控制整体框架中到目前的着手进行风险管理研究，足可以看出内部控制与风险管理的趋同性和风险这一因素在内部控制中的作用和地位越来越重要。 近年，我国理论界和实务界越来越重视内部控制的研究和应用，学者们在理论观念的引进和研究方面做了大量的工作。由财政部、证监会等五部委联合发布的我国第一部《企业内部控制基本规范》就是很好的证明。 二、进行内部控制风险评估研究的现实意义史学家汤因比曾说过：“一个国家乃至一个民族，其衰亡是从内部开始的，外部力量不过是其死亡前的最后一击”。企业的存亡又何尝不是如此呢。既然一个企业的衰亡也是从其内部开始的，那若要寻求企业的生存发展之路就必须从其内部抓起，内部控制正是基于这一点才得到了世界各国理论界和实务界的重视。同时，市场经济从微观角度来说是一种风险经济，企业作为市场的基本单位时刻置身于风险之中，越是开放发达的市场经济，其中蕴藏的风险和不确定性越大。随着市场经济的发展成熟和市场开放程度的加大，风险己经成为企业关注和管理的焦点，作为企业内部管理核心的内部控制要想发挥其应有的作用，必须不断充实和发展，以求跟上市场发展的步伐，正是基于这个基础，风险的概念逐步进入了内部控制的范围。减轻或避免风险是内部控制活动的目标，各种风险因素是内部控制的对象。所以，企业要实施有效的内部控制，就要识别和衡量它所面临的风险及其风险因素，这是采取有效控制活动的依据和前提，这里的识别和衡量风险就是风险评估。目前COSO整体框架和我国《企业内部控制基本规范》把风险评估作为一项基础要素纳入到内部控制框架之中，这一发展是理论顺应客观实际发展的必然结果。 进行内部控制和风险评估研究具有重要的现实意义：内部控制的缺失和不健全是导致会计舞弊泛滥的根本原因之一；内部控制制度的极度缺失和对风险的忽视是导致我国企业生命周期短的根本原因； 国有企业改革的成功离不开健全的内部控制制度及风险的管理和控制；风险评估是内部控制制度设计控制活动和发挥应有作用的基础。 风险评估是内部控制系统的基础组成部分，要使控制制度发挥其应有的作用，企业必须清楚所面临的风险，并对整个企业的风险进行定性或定量的评估，然后针对风险评估的结果采取相应的控制活动。其实内部控制也就是风险的管理与控制活动，如果毫无风险，也就不需耗费大量的人力财力物力去搞什么内部控制。既然风险的存在是控制的原因所在，进行风险评估就成为整个内部控制制度的基础和关键。无论是从国际大环境来看还是从我国的具体情况出发，内部控制的研究和应用都是非常重要的。但是，作为有效实施内部控制的基础条件的风险评估却还没有得到足够的发展，研究会计和审计的人都早已熟知制度基础上的审计，但风险基础上的控制观念还是个新概念，还没有建立起比较完善的体系。因此，进行内部控制和风险评估研究无疑具有非常重要的现实意义。 三、风险评估体系的构建鉴于风险评估在我国内部控制中的运用，笔者认为可以通过以下几个步骤来建立风险评估系统。 (一)确定全面风险管理目标 风险是指企业在未来经营中面临的、可能影响其经营目标实现的所有不确定性。风险评估是企业及时识别、系统分析经营活动中与实现内部控制目标相关的风险，并合理确定风险应对策略。全面风险管理是指企业围绕总体目标，制定风险管理策略，在企业经营管理的各个方面和业务过程中的各个环节进行风险管理的基本流程，落实风险理财措施，培育良好的风险管理文化，建立健全风险管理的组织体系、信息系统和内部控制系统的过程和方法。 企业目标是企业宗旨的具体化，是企业各项业务和管理活动所指向的终点。企业风险管理的首要任务，就是确定目标。只有先确立了目标，管理层才能针对目标确定风险并采取必要的行动来管理风险。确定全面风险管理目标要做到：企业风险管理目标的确定应与员工沟通；企业计划和预算与风险管理目标、战略计划及当前情况具有一致性；业务活动风险目标要具体；领导层参与制定企业风险目标并对其负责。 (二)收集风险管理初始信息 实施全面风险管理，企业应广泛、持续不断地收集与本企业风险和风险管理相关的内部、外部初始信息，包括历史数据和未来预测。应把收集初始信息的职责分工落实到各有关职能部门和业务单位。 1.在财务风险方面，企业至少收集以下信息 (1)负债、或有负债、负债率、偿债能力。(2)现金流、应收账款及其占主营业务收入的比重、资金周转率。(3)应付账款及其占购货额的比重。(4)成本和管理费用、财务费用、营业费用。(5)成本核算、资金结算和现金管理业务中曾发生或易发生错误的业务流程或环节。 2.在市场风险方面，企业至少收集以下信息 (1)产品的价格及供需变化。(2)产品供应的充足性、稳定性和价格变化。(3)主要客户、主要供应商的信用情况。(4)潜在竞争者、竞争者及其主要产品情况。 3.在运营风险方面，企业至少收集以下信息： (1)新市场开发，市场营销策略。(2)企业组织效能、管理现状、企业文化，中、高层管理人员和重要业务流程中专业人员的知识结构、专业经验。(3)质量、安全、环保、信息安全等管理中曾发生或易发生失误的业务流程或环节。(4)因企业内、外部人员的道德风险致使企业遭受损失或业务控制系统失灵。(5)企业风险管理的现状和能力。 企业对收集的初始信息应进行必要的筛选、提炼、对比、分类、组合，以便进行风险评估。 (三)风险识别 企业风险的识别应当以一种系统方法来进行，以确保公司的所有主要活动及其风险都被囊括进来，并进行有效的分类。根据企业实际情况和技术水平，风险识别主要以定性识别方法为主，适当结合定量识别方法，同时根据业务发展和管理水平的不断提高，逐步引进和加大定量识别方法。 企业应选择适当的风险识别方法，保证风险识别的规范性和科学性，具体措施有： 1.建立科学的风险识别方法体系，对企业和各职能部门随时关注企业活动中存在的风险提供指导。 2.对风险识别方法进行规范化和制度化，确保企业和各职能部门使用统一的识别方法体系对风险识别结果进行描述。 3.利用历史事件诸如违约支付、产品价格变动等，关注未来事件诸如人口变动、新市场条件以及竞争者行为等对风险进行趋势分析和关注。 4.建立损失事件数据库，通过事件列表、事件分类、内部分析、推动讨论和会谈、流程分析等方法进行风险识别，确定风险因素发展趋势和根源。 (四)风险分析企业风险分析评估的方法多种多样，采用定量分析方法，特别是利用数学模型进行风险分析，可以使风险管理建立在科学的基础上，并为最终的决策提供可靠的依据。风险分析及度量，需要充分地获得企业在历史年度内发生的各种风险的次数以及所导致的损失，统计时段越长，风险评估的准确性越高。风险评估不仅要了解历史上各种风险发生的频率，还要充分考虑风险的客观环境是否改变，如果有变化，就要在历史数据的趋势分析上进行修正。在实际操作中，许多风险发生的可能性实际上难以量化，它们至多只能定性地被描述为“大的”、“中的”、或“小的”风险。 企业在分析风险发生的可能性(或频率、概率)和风险发生的条件方面，可采取如下措施： 1.企业基于风险识别的结果对风险的发生概率进行分析评估，选择采用诸如预期估计或情况评价等术语来表达潜在的可能性，或采用数据或图表的形式来描述和评价风险发生的概率。2.企业建立风险分析模型，通过关键风险指标管理方法、压力测试和情景分析等定量技术手段和会谈、工作组会议等定性评价技术对风险发生的条件因素进行分析，以确定风险发生的具体条件。 3.企业自查与外部检查、事前与事后检查相结合。 4.企业引进技术手段，由日常业务数据、财务数据入手，按照既定的模型做预警提示。 (五)风险评价企业风险评价是在风险识别、风险分析的基础上，评估风险对企业可能产生的影响以及确定风险的重要性水平的过程。企业风险评价包括两个方面的内容，即分析风险可能产生的影响和确定风险的重要性水平。企业风险评价通常是和风险分析同步进行的，因而其方法也和风险分析相同。 企业风险评价的控制措施有： 1.企业对于重要事项面临的重要风险可能带来的重大影响，应当通过定量分析技术，确定各种可能性造成影响的数量，从而为企业采取恰当的风险对策提供科学的依据。 2.企业应当按照风险可能带来的影响程度的大小，对风险进行排序，明确重要风险和一般风险。 3.企业应当对重要风险予以特别的关注，避免重要风险可能给企业带来的重大损失。 (六)风险管理策略一般情况下，对战略、财务、运营和法律风险，可采取风险承担、风险规避、风险转换、风险控制等方法。 1.企业针对各种风险建立确定风险应对措施的程序和方法，对具有较高发生概率、影响重大的风险优先考虑。 2.建立一套广泛适应的风险决策判断标准，即根据风险严重程度和企业的风险承受程度确定不同的决策。 3.企业对降低风险水平所需成本进行合理分析，评估风险应对措施的成本与效益。 4.企业选定风险处理措施后，根据剩余风险重新校订风险。 5.企业要持续获得风险变化信息，有效地控制、管理风险，防范新风险的产生。 6.对重要风险进行实时监控。 四、结论企业风险评估是一个持续反复的过程，一次风险评估并不能一劳永逸。企业应当结合不同发展阶段和业务拓展情况，持续收集与风险变化相关的信息，进行风险识别和风险分析，根据情况的变化及时调整风险应对策略，以避免由于原来选择使用的风险应对策略无效而影响内部目标的实现。特别是当企业经营活动所处的外部环境发生变化时，企业必须保持应有的灵敏度，针对变化的外部环境进行相应的风险评估，以使企业的目标在变化了的外部环境中得以实现。我国企业只有建立比较完善的风险评估系统，才能真正完善我国企业的内部控制，真正促进我国企业的进一步发展。【参考文献】[1] 李玉环.内部控制中的风险评估[J].会计之友，2008 (10). [2] 马宏杰.企业内部控制制度存在的问题与对策[J].财会研究，2007(4). [3] 印发《企业内部控制基本规范》的通知[J].安徽水利财会， 2008(4). [4] 王立勇.企业内部控制中的风险评估研究[J].交通财会，2002(2).

The enterprise internal control theory The internal control is an important symbol of modern enterprise management, through the practice of the conclusion is: to control is strong, weak, without control is controlled, disorderly. The new regulations "accounting law 27 units shall establish and perfect the system of supervision unit interior accountant. Unit interior accountant controls on the execution, the internal control is. What is the internal control The internal control is the formation of a series of measures to control functions, procedures, methods, and standardized and systematized, make it become a rigorous, relatively complete system. According to the control of the internal control can be divided into different purpose accounting control and management control. Accounting control and protection of assets is safe, the accounting information authenticity and integrity and financial activities related to the legitimacy of control, Management control means to ensure operation policy decision, implementation of business activities and promote the efficiency and effectiveness, and the effect of the relevant management to achieve the goals of control. Accounting control and management control and not mutually exclusive, incompatible, some control measures can be used for accounting control, and can also be used to control. The goal is to ensure that the internal control unit operations efficiency and effect, safety, economic information of assets and financial reports of reliability. Its main functions: one is to achieve target management policy and management, Second is the assets of safety protection unit is complete, prevent loss of assets, Three is to guarantee the business and financial accounting information authenticity and integrity. In addition, the legitimacy of the financial activities within the unit is the internal control goals. Good, although the internal control to achieve these goals, but whether the internal control design and operation, it is not how to eliminate its inherent limitations. This limitation must also be clear and prevention. Main show is: (1) the limited by cost benefit principle, (2) if the employee has different responsibility ignore control program, misjudgment, even the collusion, inside and outside, often cause in fraud internal control malfunction, (3) management personnel abuse, and to set up or Passover control of internal control ignored, also can make the establishment of internal control non-existing. Second, the basic structure of internal control The basic structure of internal control. Mainly includes control environment, accounting system and control procedures in three aspects: (a) control environment. Control environment refers to establish or implement a policy of various factors, which affect mainly reflects unit managers and other personnel to control the attitude, understanding and action. Specific include: management ideas and management style, unit organization structure, functions and managers of these functions, determine the powers and responsibilities of the manager monitoring and inspection method, the working personnel policy measures to control, and its implementation, this unit of various external business relations. (2) accounting system. Accounting system refers to establish accounting and accounting supervision procedure and method of business activities. Effective accounting system should do: 1, confirmed and record all real business, timely and detailed description of economic business, so in the financial and accounting reports of economic business appropriately classified. 2 and measurement value of economic business, so in the financial and accounting reports records in the appropriate monetary value. 3 and determine the time, business to business records in the appropriate accounting period. 4 in the financial and accounting reports, business and proper disclosure of expression related matters. (3) control procedures. Control program to formulate policy and managers to ensure a certain procedure. Specific include: business and economic activity approval, The relevant personnel division of responsibilities clear, and prevent fraud, The bill and certificates and use, should guarantee business activities and recorded properly, Property and its use to have documented exposure measures to protect, For registered business valuation, and to review, etc. Third, the basic way of internal control The basic way of internal control mainly has: organization planning control, authorized control, budget control, material control, cost control, risk control and audit control. (a) to organize the control. According to the internal control requirements, the unit in determining the organizational structure and improve the process, incompatible duties shall follow the principle of separation, the so-called incompatible duties, refers to those if by a man or a department, and may cheat yourself concealing its position of frauds. The economic activity of the unit can usually divided into five stages: namely, the approval issued by authorized, execution, and records. Normally, if each step by the relatively independent researchers (or department), can guarantee the separation incompatible duties, facilitating the function of the internal control. Organize and control mainly includes two aspects: 1 and incompatible duties of separation. If the accounting work of accountant and cashier incompatible duties, need to separate. Should be separate positions usually have an authorized: economic business duties to separation, Execute a business with the position of the post to review: Execution of an economic position and record the business to business position: Keep a record of the property of the position and position of property to separation etc. Incompatible duties separation is based on the assumption that two personal unconscious accomplice a possibility, but the possibility of a person gains more than two people. If this hypothesis, breakthrough incompatible duties of separation cannot play control function. [NextPage] 2, the organization's control. A unit of economic activities according to the needs of different departments and institutions set, the organization's set of responsibilities and should reflect the mutual control requirements. Specific requirement is: the responsibility and authority of the organizations must be licensed and guarantee the authority within the scope of authority without intervention, Each business must pass in operation of the department and guarantee in different departments concerned to check each other, In every business, should belong to was not inspectors, in order to ensure that the inspectors check out the problem was solved quickly. (2) authorized control. The authorized department of internal control unit to handle business or staff access control. Some departments or units within a clerk in the treatment of economic business, must be authorized or approved to, no approval. Authorized control unit can guarantee the implementation course and abuse. Authorized are generally authorized and particular authorized two forms: general mandate is to deal with average economic business level and the approval of the right conditions stipulated in the unit, usually in the internal control of clarifying, Special authorization of special economic business processing is the right level and approval conditions, such as when a prescribed amount exceeds the economic business department, only after approval within specific authorized to handle. Authorized the basic control requirement is: first, must be clear and specific license authorization of the general line and responsibility, Secondly, to clear the authorized business each program, Again, to establish the necessary examination system, to ensure that the processing after the authorized business working quality. Some current unit executes leadership "pen", with the approval of the internal control principles and requirements, should reform. Practice has proved, rights should be restricted, lose the right to restrict the corruption which easily. (3) budget control. Budget control is an important aspect of internal control, including financing, financing, purchasing, production, sales, investment and management activities. The economic business units to prepare detailed budget and plan, and through the authorized by relevant departments, the budget or plan implementation control, the basic requirements: first, the unit budget must reflect the management goal, and clear responsibility. Second, the budget shall be permitted by the authorized to budget adjustments to budget and more practical. Third, it shall timely feedback or regular budget implementation. (4) physical assets control. Physical assets control mainly include restrictions to control inventory control and regular two, this is the real assets of unit of safety control measures. There are two main: first, to limit to strictly control, to physical assets and the relevant documents of the physical assets, such as cash and bank deposit, securities and inventory, warehouse, the warehouser except cashier personnel and other personnel is limited, contact, to ensure the safety of assets. Second, regular physical assets inventory, guarantee the physical assets conform with the actual amount recorded book, such as accounts inconsistent, should investigate the cause and treatment. In addition to the above, physical assets control say from broad sense, also include the physical assets of purchase, storage, and shipping and sales process control. (5) cost control. Modern cost control can be divided into "extensive" and "intensive" two. Extensive cost control, refers to the production technology, product process under the condition of invariable, rely solely on reducing consumption materials, reasonable material to lower the cost of cost control, Intensive cost control, refers to raise the level of technology to improve the production technology, product process, thus reducing the cost control. These two kinds of methods, combining modern cost control. 1, extensive cost control, the cost of raw materials procurement control from the final product sold throughout, and is one of the most fundamental and most main control method. First, the raw materials procurement cost control. For bulk materials generally used to open ZhaoBiaoFa or according to manufacturer direct purchasing. Second, the use of materials cost control. Generally, there are two ways: one is the objective cost control, it is through the "target cost price - goals profits target =", which is obtained by cost method to control costs. Veto Second, it is the cost control of various assignments, and through the analysis of cost drivers, costs and expenses of the collection, not only more reasonable truly computational cost, and thus find income and cost ratio or not only put no gains, so can largely reduce costs. Third, product sales, cost control. Mainly propaganda cost control, notable is, advertising, promotional role played only product quality is the foundation of the user's trust. Therefore, we should grasp investment and expenses of the matching principle. [NextPage] 2 and intensive cost control. And can be divided into two types: one is to improve production technology by to reduce cost control. There are many ways to improve production technology, such as the introduction of new production line adopts high-tech products, etc. Two is improved by process to reduce the cost of cost control. Intensive cost control on intellectual achievements, it can make the excess profit achievements. (6) risk control. Risk is usually referred to as a result of the action, and the risk associated with another concept is uncertain. Some people only know beforehand action may result, but don't know they appear probability, or both all don't know, but only as a rough estimate. For example, enterprise test-manufacturing a new product, this product can certainly advance trial success or failure. But don't know these two consequences of possibility appeared. Business decisions are generally in uncertain circumstances. In practice, a result of action has many may not sure, risk, And as a result of the action, it is certainly not risk. The risk control is to prevent and avoid as far as possible adverse outcome. According to the reasons of the formation of risk and risk management can generally be divided into two categories: the financial risk, 1, management risk. Risk management refers to the production and business operation reasons for corporate profits to the uncertainty. Due to the production and operation of enterprises will be derived from many aspects of the external and internal factors, thus greatly, and the uncertainty of uncertainty, causes the enterprise profit margins or the changes, thus bringing risk. Operational risk changes from the external, nonetheless, enterprises should adopt the effective internal control measures to prevent. 2, financial risk. Financial risk and risk, it is to because debt and the enterprise's financial results for uncertainty. Companies operating in the capital, debt all except the part of self-capital, borrowed funds for enterprise self-capital affect profitability, At the same time, borrowed money to repay captital with interest, if unable to repay debts that are due, the enterprise will into financial difficulties or bankruptcy. When the enterprise rate than pre-tax profit margins funds borrowed funds rate, use borrowed money earn profits and residual interest except compensation and thus make the self-capital profitability improve. However, if the enterprise income tax profit margins than money borrowed funds, at this moment, use borrowed money to finance the profits are not pay interest, still need to use their own funds to pay interest on the part of the profit margins, thereby reducing the self-capital, make enterprise losses incurred, even the bankruptcy of the danger. The risk for financing risk. The size of the risk degree of self-capital by borrowing money, borrowed money ratio, the greater the risk degree proportion with smaller proportion, borrowed funds, risk degree also decrease. For financial risk control, the key is to ensure a reasonable capital structure, maintain the appropriate level of debt, should make full use of the debt management skill gain financial leverage income, improve the self-capital profitability, To avoid excessive debt caused by the financial risk, which is the important link of the enterprise internal control, must take the necessary measures to prevent fundraising risk. (7) auditing control. Audit control mainly refers to the internal audit, internal audit and control of accounting is to supervise. Accounting information to internal audit, internal control is an integral part of the internal control is a kind of special form. Internal auditing is an organization in all kinds of activities and the internal control system of independent evaluation to determine whether the policy implementation, establish the procedure is in compliance with the standard of resources utilization, whether reasonable, effective and unit of objectives achieved. Internal audit content is very extensive, generally include internal financial audit and internal management audit. Internal audit supervision of accounting information, and is not only the internal control is effective means to ensure that the accounting information is true and complete. According to the basic principle of internal control and accounting work in our country actual situation, the new "law" regulation, the unit shall in internal accounting supervision system of accounting information in the regular internal audit methods and procedures, in order to make the internal audit institutions or internal auditors of accounting information system and procedure of audit work. In addition to the above seven internal control, and documentation control. Performance control and worker quality control, etc. The new system of accounting supervision system on the unit interior, the main contents of the internal control system. Including: responsibilities, and strict procedures, truthfully record, regular check, etc. In practice, establishing and implementing internal control should also consider: enterprise scale, organizational system and the owners' rights and interests; etc. Business property, diversity and complexity, Transfer, processing, and the methods to information, Applicable regulatory requirements, etc. At present many enterprise internal control was not good, except knowledge level, the main reasons of the administration is to establish and implement effective internal control of power, pressure, coerce, enough. This change of the accounting law depends on the implementation of new science and the modern enterprise system and the establishment of corporate governance structure. To help enterprises to establish internal control, can consult other countries and regions, by the relevant departments of the internal control of some important industry and points for each unit, reference, and learning to use gradually perfect the internal control system, in order to promote the comprehensive enterprise in our country, and in essence.

我们也可以找到这样的参考文献，简单列举如下： 1 企业内部控制与企业档案管理的相关性分析——基于《企业内部控制基本规范》的档案话题 期刊：《档案学研究》 时间：2012年2期作者：覃兆刿；罗琴2，企业内部控制与财务危机预警耦合研究——一个基于契约理论的分析框架 期刊：《会计研究》 2012年5期作者：徐光华；沈弋 3，中国企业内部控制文化构建问题研究——详解《企业内部控制基本规范》中的文化因素 ,期刊：《会计之友》 2011年26期作者：彭妍喆；陈艺婷 5. 智能信息控制:物联网下企业内部控制的核心 期刊：《会计之友》 2012年7期作者：许金叶；韩玲 资料来源：学术资讯网希望能够帮到你。