coso内部控制模型介绍(英文版)(doc 7页)
coso内部控制模型
The COSO Internal Control Model
The COSO internal control framework was first introduced in 1992, an d in 1994 a comprehensive four-ction report on internal controls was iss ued, consisting of an executive summary, a framework, guidance to public companies on reporting on internal controls to third parties, and evaluatio n tools to help a company comprehensively asss its current control envir onment.
The COSO framework is relevant to achieving company objectives in t hree areas:
Operational goals: The framework relates to the effective and efficient usage of all of a company's resources.
Financial reporting goals: The construct gives guidance on the consisten t production of reliable financial reports.
Compliance goals: The guidance creates a topology of the company’s co mpliance requirements as they relate to industry regulations or legal requi rements for public entities.
coso内部控制框架提出三大目标,即运营的效率和效果,财务报告的可靠性,以及遵守适用的法律和规章
五大要素
1。控制环境
不可思议意思Control Environment
淘宝抢红包攻略This element is the foundation of the COSO framework. It ts the ove rall tone of the organization with regard to the importance of internal con trols. Ethical values, leadership resource allocation, staff competence at all levels, the dynamics of authority and responsibility within the organization, and management philosophy are all parts of this critical component.
In a n, the control environment is the most difficult component to quantify, becau much of it relates to the overall culture of the organizati on. But there are a number of clear goals that an organization can work toward to ensure that the framework rests on a foundation exemplifying market leadership.
Board and leadership involvement is the most crucial element in an or ganization eking market lea
dership. As the board and leadership t expe ctations and measure progress against them, business units or department heads begin to assign internal controls the priority they require. The specif ic strategies that can be employed to move to a market-leader position wit hin an industry include the following:
•Conveying the importance of ethical values道德价值by tting an example and “walking the talk.” This includes relating stories of
integrity and ethical values through prentations, newsletter stories,
and any other means of getting the message to everyone that the
values are important to the organization. Public companies are now福建一本线
required to have a code of conduct for the board under the requir ements laid out by SOX. Nonprofits and private companies can also
色彩斑斓的拼音
benefit from a code of conduct. The organization cannot tolerate vi olations of this standard. There are financial benefits to this approa
ch as well. One rearch study performed by the Institute of Busine ss Ethics (“Does Business Ethics Pay?,” April 2003) found that com
panies displaying a clear commitment to ethical conduct consistently
outperform companies that do not display ethical conduct.
•Developing clear organizational guidelines relating to responsibil ity and authority with accountability checks is another clear hallmar k of an market leader. Within the organization, leadership typically
follows a distributed model, with individuals understanding the over
财务会计制度备案范本all organizational goals and how the goals of their department or b
usiness unit relate to them. Individuals should also understand their
responsibilities and the limit of their authority to ensure that the g
oals of the organization are achieved. When a leadership culture lik
e this is achieved, the whole organization is focud on organization
al objectives and committed to the maintenance of the control struct ure. A guiding coalition of leadership members believing in the need
for change is one of the first steps typically taken by organizations
that successfully make culture shifts, but changes will take effect sl owly and steadily over time.
•Embedding the internal control framework within the organizat ional culture将内部控制框架融入企业文化. Management must clearly
define roles and responsibilities for internal controls, including resp onsibility for the defining, documenting, testing, and monitoring of c ontrols and the remediating of problems. The organization must inc orporate the responsibilities into the responsible individuals’ perfor mance management goals.
•The internal controls environment is no longer viewed as par ate from the operating component of the business; controls are emb edded in process from the beginning. 内部控制环境不再独立于企业经营要素,要从一开始就执行This approach lowers the risk of inadeq uate controls and ensures that the control structure is in place from
滔怎么组词the outt of a process’s planning and launch.
•Supporting human resources policies and practices that pro vide clear corporate career paths. Human resources management pla ys a key role in ensuring that individuals are hired with the needed
financial competencies and that career growth supports an increa
夜晚照片d level of financial reporting competencies.对人力资源/人才的要求
2。风险评估
乘号的由来Risk Asssment
Leading companies take a risk-bad approach to SOX internal controls compliance as a key step in achieving a correct balance between costs an d benefits. Recent guidance from the Public Company Accounting Oversigh t Board (PCAOB) supports this approach with specific recommendations, i ncluding the u of a risk-bad method to determine which key controls are tested each year. The PCAOB also recommends that the viability of a company’s business model is an important consideration when evaluating risks. Companies that focus on the larger problems and risks will b
etter meet the needs of all their stakeholders, including investors and analysts.
Market leaders with respect to internal controls expand the risk focus started under internal compliance efforts to a broader venue. One popular concept that often precedes a mature enterpri risk management initiativ e is the formation of a risk council. This council is generally compod of
