《cososinternalcontrol实用实用教案》由会员分享,可在线阅读,更多相关《cososinternalcontrol实用实用教案(16页珍藏版)》请在金锄头文库上搜索。
1、1WhatisCOSO?Who are the sponsors?第1页/共15页第一页,共16页。2WhatIsInternalControl?“Aprocesseffectedbyanentitysboardofdirectors,managementandotherpersonnel,designedtoprovidereasonableassuranceregardingtheachievementsofobjectivesinthefollowingcategories:Effectiveness&efficiencyofoperations.Reliabilityoffinanci
2、alreporting.Compliancewithapplicablelawsandregulations.”第2页/共15页第二页,共16页。3Internal control is a process. It is a means to an end, not an end in itself. Internal control is effected by people.Its not merely policy manuals and forms, but people at every level of an organization. Internal control can b
3、e expected to provide only reasonable assurance, not absolute assurance, to an entitys management and board. Internal control is geared to the achievement of objectives in one or more separate but overlapping categories. 第3页/共15页第三页,共16页。4ComponentsOfInternalControlControlEnvironment.RiskAssessment.
4、ControlActivities.Information&Communication.Monitoring.第4页/共15页第四页,共16页。5第5页/共15页第五页,共16页。6ControlEnvironmentSetsthetoneoftheorganization.Thefoundationforallothercomponents.Itincludestheintegrity,ethicalvaluesandcompetenceofthepeople.Reflects:managementsphilosophy&operatingstyle,thewaymanagementassi
5、gnsauthorityandresponsibilityandorganizesanddevelopsitspeople,andtheattentionanddirectionprovidedbytheboardofdirectors.第6页/共15页第六页,共16页。7RiskAssessmentEveryentityfacesinternal&externalrisks.Everyentitysetsobjectives.Riskassessmentistheidentificationandanalysisofrelevantriskstoachievementsoftheobject
6、ives.第7页/共15页第七页,共16页。8ControlActivitiesThepoliciesandproceduresthathelpensuremanagementdirectivesarecarriedout.Theyhelpensurethatnecessaryactionsaretakentoaddressrisks.Controlactivitiesoccurthroughouttheentityatalllevelsandinallfunctions.Theyincludeactivitiessuchasapprovals,authorization,reconcilia
7、tionsandsegregationofduties.第8页/共15页第八页,共16页。9Information&CommunicationRelevantinformationmustbeidentified,capturedandcommunicatedinaform&timeframethatenablespeopletocarryouttheirresponsibilities.Informationsystemsproducereportscontainingoperational,financialandcompliancerelatedinformationthatmakeit
8、possibletorunandcontrolthebusiness.Effectivecommunicationmustoccurinabroadersense,flowingdown,acrossanduptheorganization.第9页/共15页第九页,共16页。10MonitoringInternalcontrolsystemsneedtobemonitored.Typesofmonitoring:-ongoingduringthecourseofoperations.-evaluationforwhichthescopeandfrequencywilldependprimari
9、lyonanassessmentofrisksandtheeffectivenessofongoingmonitoringprocedures.第10页/共15页第十页,共16页。11ResponsibilitiesWhoisresponsibleforinternalcontrol?Everyone!BoardofDirectors:Governance,guidance&oversightManagement:CEOistheownerInternalAuditors:evaluate&monitorOtherpersonnel:informationandcommunication第11
10、页/共15页第十一页,共16页。12WhatInternalControlCanDoItcanhelpachieveperformance&profitabilitytargets.Itcanhelppreventlossofresources.Itcanhelpensurereliablefinancialreporting.Itcanhelpensurecompliancewithlaws.It can help an entity get to where it wants to go,and avoid pitfalls and surprises along the way.第12页
11、/共15页第十二页,共16页。13WhatInternalControlCannotDoItcannotensuresuccess.Itcannotensurethereliabilityoffinancialreporting.Itcannotensurecompliancewithlawsandregulations.Internalcontrols,nomatterhowwelldesignedandoperated,canprovideonlyreasonableassurancetomanagementregardingachievementsofanentitysobjectives.第13页/共15页第十三页,共16页。14LimitationsofInternalControlJudgement.Breakdowns.Managementoverride.Collusion.CostsVersusBenefits.第14页/共15页第十四页,共16页。15感谢您的欣赏(xnshng)!第15页/共15页第十五页,共16页。内容(nirng)总结1。Types of monitoring:。Costs Versus Benefits.。。感谢您的欣赏(xnshng)第十六页,共16页。
