发布时间 : 星期一 文章我国内部审计存在的问题及对策研究更新完毕开始阅读4b9858aa336c1eb91b375dd6
北京科技大学远程与成人教育学院毕业设计(论文)
framework defines internal control as“a process,effected by an entity?s board of directors,management and other personnel,
designed to provide reasonable assurance regarding the achievement of objectives in (1)the effectiveness and efficiency of operations,(2)the reliability of financial reporting,and(3)the compliance of applicable laws and regulations”(COSO,1992).The term?process?is used in a broad
sense where it goes beyond procedures to include the corporate culture and related organisational policies.Further,through the inclusion of\achievement of objectives)into the ambit of internal control,COSO recognises the existence of business objectives and assists in aligning the definition with business risk approaches to audit(Spira and Page,2003). COSO?s Internal Control–Integrated Framework models internal control as comprising of five interrelated components, which are derived from the way management,runs a business.The components are: Control environment:this sets the tone for the organisation,providing the foundation for all other components of internal control, and influences the control consciousness of its people.It includes integrity,ethical values and the competence of all members of the entity,as well as management?s
philosophy and operating leadership style, which are dimensions associated with an ethical environment(Chen,Sawyer and Williams,1997). Risk assessment:this is the identification and analysis of relevant risks,internal and external,to the achievement of the objectives,forming a basis for determining how the risks should be managed. Control activities:these help ensure that the necessary procedures are taken to help ensure that an entity achieves its objectives. Control procedure activities occur throughout the organisation,at all levels and in all functions. Information and communication:internal and external information must be identified, captured and communicated in a form and timeframe that enables people to carry out their responsibilities.Effective communication also must occur in a broader sense,flowing down,across and up the organisation. Monitoring:internal control systems need to be monitored,a process that assesses the quality of the system?s performance over time.This is accomplished though ongoing
monitoring activities such as the internal audit activities. COSO argues that there is a synergy and
linkage among these components,forming an integrated system that reacts dynamically to changing conditions.The internal control system is seen to be intertwined with the entity?s operating activities and to exist for fundamental business reasons.In the following section, hypotheses for the present study are developed.Figure Two provides an overview of the various hypothesized relationships.
Hypothesis Development
Accounting Control Procedures Quality(ACPQ) Accounting control procedures aim to prevent and detect transaction errors and omissions,and to correct such errors and omissions,where possible.A recent CPA Australia?s survey indicated that about two- thirds of small businesses claim to have internal accounting controls in place in most transaction areas e.g.sales,purchases, accounts receivable,etc.(Hartcher,2003).
第 13 页 共 19 页
北京科技大学远程与成人教育学院毕业设计(论文)
Accounting control procedures include authorisation of transactions,record keeping custody,and segregation of duties. The quality of the various accounting control procedures(ACPQ)determines the timeliness and the accuracy of the detection
of errors and omissions.In general,there are two dimensions to ACPQ.The first refers to the quality of the design of the internal accounting controls e.g.the format of authorisation procedures relating to a given transaction.The second relates to the extent to which various employees within the organisation adhere to internal control policies and procedures(Marshall,1995).Thus,both the internal control design and employee adherence to the set procedures are critical for enhancing ACPQ.Therefore, the higher the ACPQ,the more likely that errors and misappropriations will be detected
Research Method Sample
Data collection was undertaken through a questionnaire survey distributed to financial controllers(otherwise termed chief accountants)of medium to large Australian firms.The sample population involved firms from a cross-section of industries such as manufacturing,retail,automotive dealerships,information technology, wineries and fisheries,and hotels.The database comprised two major sources.The first data set accessed the BRW list of 1000
largest Australian firms(September,2003) (www.brw.com.au).One hundred and sixty (160)firms whose revenues ranged from $20 million to$110 million per annum were selected randomly from the database for this study with the aim of accessing medium to large-sized firms.The second
database comprises one hundred and sixty (160)four and five star hotels in Australian capital cities derived from the Dawson?s (2003)hotel directory. Questionnaire Development A questionnaire was developed based a literature review of prior studies,and the research instrument was pre-tested using six participants:the financial controllers of two large locally based firms,three academics who had significant industry experience and one forensic accountant,whose firm specialised in forensic consulting.Face-to- face interviews were conducted,leading to minor changes to wordings in several questions. The questionnaire instrument included distinct sections for each of the four
variables and a section capturing participants?demographic information Questionnaire Administration
Financial controllers were chosen as survey participants for two key reasons.Firstly, they are in a senior position and thus,are expected to have a very good understanding of the quality of internal control procedures. Secondly,financial controllers are often actively involved in the oversight of any system reviews and changes,and thus would be aware of any control weaknesses or malfunctions of internal control procedures. The questionnaire was accompanied by a letter to introduce the purpose of the study along with a reply paid envelope for their responses.Follow up calls were made approximately two weeks after the questionnaires were sent out5.To test for non-response bias,responses from the first and last 20 surveys were analysed with no significant results6. Of the 320 questionnaires sent out to the organisations selected
第 14 页 共 19 页
北京科技大学远程与成人教育学院毕业设计(论文)
for participation,a total of 67 responses were received (approximately 21%response rate),of which 64 were useable(18.8%usable responses).Three of the returned questionnaires were discarded due to incomplete responses.As shown in Table One,nearly half the respondents were from large firms i.e.100 employees and above and about 28%from less than 49 employees. A range of industries was represented in this study.These were categorized into Manufacturing,Retail,Hotel and Other Services and no significant difference was found to exist between hotel and non-hotel participants?responses.
第 15 页 共 19 页
北京科技大学远程与成人教育学院毕业设计(论文)
风险管理与伦理环境:程序对内部审计和会计控制的影响
摘要
本文研究探讨了风险管理和道德环境对内部审计活动和会计质量控制程序(ACPQ)的影响。这项研究的概念框架借鉴了COSO关于内部审计和风险管理的框架,数据来自于对澳大利亚64个公司的问卷调查,分析采用了结构方程模型。研究的结果表明:(1)内部审计对风险管理和ACPQ的关系有重大的影响,(2)内部审计对道德环境和ACPQ的积极直接的关系有重大的影响。我们的研究结果表明,扩大了风险管理的活动范围不能直接改善ACPQ,但可以引导更广泛的内部审计活动,从而促进更好的ACPQ等活动。此外,结果表明,培养更多的道德环境直接导致更高的ACPQ。这些研究结果对内部审计控制产生了影响,也就是说内部审计活动和道德环境对ACPQ有加强作用。 简介
内部控制制度是公司治理的一个关键方面,近几年来引起了相当的重视COSO内部控制的综合框架由若干部分组成,包括控制环境,风险评估,控制领导,信息和沟通,控制活动。见图一,这些组件都源于业务的运营方式,它被认为是管理的过程和内部控制。最近,COSO的企业风险管理集成框架(也被称为企业风险管理框架),在先前内部控制框架的基础上发展,主要根据以下这四类组织目标:战略,运营,报告和顺应性(可以从不同实体层面的组织层面进行分析)。内部控制系统的设计和遵守既定的政策和程序是实施有效的风险管理的重要方面。目前的研究是以COSO的内部控制集成框架和企业风险框架为指导的,特别重视内部控制系统的四个关键组成部分。 背景:COSO的内部控制集成框架
内部控制集成框架的主要目标是提供一个共同的内部控制的定义,并提供一个标准来评估内部控制的有效性。内部控制框架定义为“由一个实体的董事会,管理层和其他人员设计提供的来保证实现目标的一个过程,它将影响(1)运作成效和效率,(2)财务报告的可靠性,(3)适用的法律和法规(COSO,1992年)的规定。”当涉及到企业文化和相关的组织政策是,这个过程被广泛的运用于各个领域,此外,通过把“效益”纳入内部控制范围内,COSO承认了经意目标的存在以及有助于业务风险的防范。COSO的内部控制,内部控制综合框架模型作为五个相互关联的组成部分,是从管理的方式中产生的,使业务得以运行。这些组件是:(1)控制环境:它是组织的基调,是所有其他内部控制组件的基础,并且影响其人民的控制意识。它包括诚信,道德价值观和所有成员的能力,以及管理层领导风格和经营理念,这些都与道德环境有关。(2)风险评估:这是鉴定和相关风险分析,内部和外部目标的实现,决定如何承担风险管理的基础。(3)控制活动:这些活动有助于确保采取必要的程序,保证目标的实现。控制过程发生在整个活动的各个组织中。(4)信息和通讯:内部和外部的信息必须被识别,捕获信息存在的形式和时限,使人们能够履行其职责沟通。有效的沟通还必须在更广泛的领域出现,贯穿整个组织。(5)监控:内部控制系统需要被监控,评估该系统在这段时间内的性能质量。这是一个持续的监视活动,就像内部审计活动。COSO 主张通过这些组件之间的协同和联动,形成一个综合系统,反应动态环境的变化。内部控制制度被认为是与该实体的经营活动和企业存在的根本原因交织在一起。在下面的部分中,假设目前的研究有了发展。图二提供了各种假设的关系概述。 发展假设
第 16 页 共 19 页