內部控制系统.pptVIP

東吳大學會計學系 謝 永 明 Why Controls? To ensure attainment of objectives To lessen risks of unwanted outcomes Heightened awareness of scandals Emphasis by stockholders on corporate governance Management’s legal responsibilities Highly publicized management and employee fraud 企業的威脅與控制 威脅係指不利的潛在事情或情況，若實際發生時，將對企業造成傷害及損失。 控制則是指對於物件、有機體或系統的活動加以限制或引導的過程。 企業在規劃及設計相關控制之前，應先了解其所面臨的威脅，才能制定出一套有效的控制制度。 企業的威脅與控制 威脅係指不利的潛在事情或情況，若實際發生時，會對於資訊系統或組織造成傷害及損失。 控制則是指對於物件、有機體或系統的活動加以限制或引導的過程。 風險(risk)係指威脅實際發生的可能性，可以0到1的機率值表示。 若威脅實際發生，企業因而可能產生的損失稱為暴險度(exposure)。 Fraud and Control Fraud: deliberate act (蓄意行為)or untruth intended to obtain unfair or unlawful gain. Management charged with responsibility to prevent and/or disclose fraud. Control systems enable management to do this job Common Business Exposures Erroneous recordkeeping Unacceptable accounting Business interruption Erroneous management decisions Fraud and embezzlement(盜用, 侵占) Statutory sanctions(罰則) Excessive costs Loss or destruction of resources Competitive disadvantage Efforts to Define IC Before mid-70s, principal definition came from AICPA (SAP 33 and before) Principal components were to: Safeguard assets achieve accurate reliable accounting data promote operational efficiency encourage adherence to prescribed managerial policies. Later efforts to define IC SAS 55 - 1988 INTERNAL CONTROL structure comprising three elements Control environment Accounting System Control procedures Most Recent from AICPA SAS 78 (1995) - adopted COSO definition: INTERNAL CONTROL is a process-effected by a an entity’s board of directors, management, and other personnel-designed to provide reasonable assurance regarding the achievement of objectives in the following categories: Effectiveness efficiency of operations Reliability of financial reporting Compliance with applicable laws regulations. 內部控制的定義 根據COSO(Committee of Sponsoring Organizations of Treadway Commission)研究報告，內部控制係指公司董事會、管理當局、及其部屬為了合理保證下列控制目標之達成，而採行的程序： （1）營運的效果與效率、 （2）財務報導的可靠性、以及 （3）相關法令