会计学 外文翻译 外文文献 英文文献 审计风险管理.docVIP

PAGE 13 - 文献、资料题目：Auditing Risk Management: Fine in Theory but who can do it In Practice? 文献、资料来源：International Journal of Auditing 文献、资料发表（出版）日期：2006.6. 外文文献： Auditing Risk Management: Fine in Theory but who can do it in Practice? This paper investigates risk management structures in organizations and how these comply with best practice in corporate governance. We carried out an exploratory study (in 2001) of four large public and private sector organizations in the United Kingdom. Interviews were conducted with risk managers and internal auditors to ascertain the extent to which emerging structures complied with the Turnbull Guidance to the Combined Code. We found that structures are in place to deliver a sound system of internal control including risk management. Internal auditors and risk managers are both involved but their respective roles are often not sufficiently well to avoid overlaps and gaps. We also found that several of the organizations studied rely on external auditors to conduct the required annual review of risk management. Key words: business risk assessment, Combined Code, corporate governance, disclosure, internal audit, internal control, risk assessment, risk management. SUMMARY In the UK risk management has come to the fore in the wake of the Combined Code of best practice in corporate governance (1998,the Combined Code), as expanded by the Turnbull Guidance of 1999. From accounting periods ending on or after 23rd December 2000, UK listed companies are required to conduct a review of their procedures to ensure that any threats to the organization have been systematically identified, carefully evaluated and effectively controlled. They must make a statement to that effect in their annual financial statements. The Combined Code has also influenced statements of good practice in the public sector. Corporate governance is thus extended to consideration of all business risks – operational, financial and compliance – w