内部审计企业风险管理中作用外文翻译.docx

《内部审计企业风险管理中作用外文翻译.docx》由会员分享，可在线阅读，更多相关《内部审计企业风险管理中作用外文翻译.docx（31页珍藏版）》请在淘文阁 - 分享文档赚钱的网站上搜索。

1、内部审计企业风险管理中作用外文翻译外文文献翻译原文：Internal auditings role in ERMAs organizations lay their enterprise risk groundwork, many auditors are taking on managements oversight responsibilities, new research finds. Internal audit departments have played a variety of roles in their organizations enterprise risk mana

2、gement (ERM) activities since The Committee of Sponsoring Organizations of the Tread way Commission (COSO) released its Enterprise Risk Management-Integrated Framework in September 2004. An IIA position paper issued in the wake of COSO ERM, The Role of Internal Auditing in Enterprise-wide Risk Manag

3、ement, indicates the roles that the internal audit function should and should not play throughout the ERM process, ranging from full involvement to no involvement. According to the paper, internal auditors should have a core role in five ERM-related assurance activities: giving assurance on risk man

4、agement processes, giving assurance that risks are evaluated correctly, evaluating risk management processes, evaluating the reporting of key risks, and reviewing the management of key risks. A recent IIA Research Foundation study examined the extent to which internal audit functions adhere to the E

5、RM roles recommended in the IIA paper. During October 2005, researchers disseminated an online survey to 7,200 IIA members through The Institutes Global Auditing Information Network. The survey generated 361 responses from a mix of large, mid-sized, and small organizations in a variety of industries

6、, including businesses, government agencies, and not for profit organizations. Nearly 60 percent of respondents identified themselves as a chief audit executive or audit director, 23 percent were audit managers, and 7.8 percent were staff or senior auditors. Approximately 90 percent were from the Un

7、ited States and Canada. Respondents organizations are at different stages of implementing ERM, as defined by COSO. More than 11 percent say their organizations ERM infrastructure is mature or relatively mature, and 37 percent have recently adopted or are in the目 前 ， 大 量 住 宅 中 的 低 水 平 配 电 线 路 达 不 到 国

8、 家 规 定 的 标 准 ， 消 费 者 在 购 房 和 装 修 时 对 电 气 线 路 这 类 隐 蔽 工 程 缺 乏 了 解 ， 致 使 安 全 隐 患 大 量 存 在 ， 电 气 火 灾 和 电 击 事 故 时 有 发 生 。专 家 提 醒 消 费 者 ， 在 购 房 前 先 问 电 ， 装 修 时 安 全 布 线 。目 前 ， 大 量 住 宅 中 的 低 水 平 配 电 线 路 达 不 到 国 家 规 定 的 标 准 ， 消 费 者 在 购 房 和 装 修 时 对 电 气 线 路 这 类 隐 蔽 工 程 缺 乏 了 解 ， 致 使 安 全 隐 患 大 量 存 在 ， 电 气 火 灾 和

9、 电 击 事 故 时 有 发 生 。专 家 提 醒 消 费 者 ， 在 购 房 前 先 问 电 ， 装 修 时 安 全 布 线 。process of implementing ERM. Among all organizations surveyed, the internal audit function is primarily responsible for ERM-related activities in 36 percent of respondents organizations, while 27 percent say the primary responsibility

10、belongs to a chief risk officer (CRO) who is not part of the audit function. Nearly one-third of respondents say another executive or function oversees ERM. The hours and dollars internal audit functions spend on ERM-related activities are minimal for many respondents. Nearly half say their audit de

11、partment spent 10 percent or less of its hourly and financial budgets on ERM-related activities during fiscal year 2004. More than one-third of audit departments spent II percent to 50 percent of their time on ERM, and 28 percent spent n percent to 50 percent of their financial budgets, while less t

12、han 10 percent of departments Spent more than 50 percent of their time and money. The IIA position paper categorizes 18 ERM-related activities according to the appropriate level of responsibility for the internal audit function. Survey respondents reported their current and ideal level of responsibi

13、lity for these activities: no responsibility, limited responsibility, moderate responsibility, substantial responsibility, and total responsibility. CORE ACTIVITIES Differences between respondents current and ideal responsibilities are greatest for the five core ERM assurance activities identified I

14、n the IIA paper. Respondents Indicated that their current responsibility for each of the core ERM related activities is moderate, but they say they should have a substantial level of responsibility. These views agree with the IIA guidance. Additionally, roughly half of internal audit functions surve

15、yed currently have substantial or full responsibility for at least one core activity, and more than two-thirds say they should have till or substantial responsibility for at least one core activity. Within the core category, the audit functions two highest levels of current responsibility involve re

16、viewing management of key risks and evaluating the risk management process. Evaluating the risk management process and giving assurance on risk management processes are the highest-rated ideal responsibilities. Conversely,目 前 ， 大 量 住 宅 中 的 低 水 平 配 电 线 路 达 不 到 国 家 规 定 的 标 准 ， 消 费 者 在 购 房 和 装 修 时 对 电

17、气 线 路 这 类 隐 蔽 工 程 缺 乏 了 解 ， 致 使 安 全 隐 患 大 量 存 在 ， 电 气 火 灾 和 电 击 事 故 时 有 发 生 。专 家 提 醒 消 费 者 ， 在 购 房 前 先 问 电 ， 装 修 时 安 全 布 线 。目 前 ， 大 量 住 宅 中 的 低 水 平 配 电 线 路 达 不 到 国 家 规 定 的 标 准 ， 消 费 者 在 购 房 和 装 修 时 对 电 气 线 路 这 类 隐 蔽 工 程 缺 乏 了 解 ， 致 使 安 全 隐 患 大 量 存 在 ， 电 气 火 灾 和 电 击 事 故 时 有 发 生 。专 家 提 醒 消 费 者 ， 在 购 房

18、 前 先 问 电 ， 装 修 时 安 全 布 线 。giving assurance that risks are evaluated correctly is the lowest-rated current and ideal responsibility. The following respondent comments offer some insight into why audit departments are not currently involved in core ERM-related activities at the level they deem appropr

19、iate;We have just recently begun implementing ERM activities in our company. We do not yet have complete understanding of the process and buy-in from management. The audit committee and management are not aware of what ERM is.The internal audit function has just initiated an awareness campaign among

20、 the audit committee members. These comments suggest that educating management and the audit committee on ERM issues can be critical to ensuring that the audit function takes on an appropriate level of responsibility for ERM.LEGITIMATE ACTIVITIES The IIA paper prescribes seven legitimateERM-related

21、activities for which internal committee audit functions may be responsible as long as safeguards are in place: facilitating the identification and evaluation of risks, coaching management in responding to risks, coordinating ERM-related activities, consolidating the reporting on risks, maintaining a

22、nd developing the ERM framework, championing establishment of ERM, and developing risk management strategy for board approval. These activities are described as consulting activities. Although respondents current responsibility for each of these legitimate activities ranges from limited to moderate,

23、 they say their ideal level should be moderate, which is consistent with the guidance. Within the legitimate category, the highest level of current internal audit responsibility involves facilitating the identification and evaluation of risks the top-rated ERM-related activity, including core activi

24、ties. This activity is also the highest-rated ideal activity among legitimate activities, suggesting that auditors consider it a core responsibility. This finding is not surprising. because risk detection and evaluation are traditional considerations in developing annual audit plans. The lowest-rate

25、d current and ideal activity is developing a risk management strategy for目 前 ， 大 量 住 宅 中 的 低 水 平 配 电 线 路 达 不 到 国 家 规 定 的 标 准 ， 消 费 者 在 购 房 和 装 修 时 对 电 气 线 路 这 类 隐 蔽 工 程 缺 乏 了 解 ， 致 使 安 全 隐 患 大 量 存 在 ， 电 气 火 灾 和 电 击 事 故 时 有 发 生 。专 家 提 醒 消 费 者 ， 在 购 房 前 先 问 电 ， 装 修 时 安 全 布 线 。目 前 ， 大 量 住 宅 中 的 低 水 平 配

26、 电 线 路 达 不 到 国 家 规 定 的 标 准 ， 消 费 者 在 购 房 和 装 修 时 对 电 气 线 路 这 类 隐 蔽 工 程 缺 乏 了 解 ， 致 使 安 全 隐 患 大 量 存 在 ， 电 气 火 灾 和 电 击 事 故 时 有 发 生 。专 家 提 醒 消 费 者 ， 在 购 房 前 先 问 电 ， 装 修 时 安 全 布 线 。board approval, which is an activity that might best be handled by management. The IIA guidance cautions that when internal

27、 auditors undertake these legitimate consulting activities, safeguards should be in place to ensure that they do not take on management responsibility for actually managing risks. One possible preventive measure would include documenting the auditors ERM responsibilities in an audit committee-approv

28、ed audit charter. Further, if auditors take on any ERM-related activities that fall within this consulting role, they should treat these engagements as consulting engagements and apply the relevant IIA standards to help ensure their independence and objectivity. INAPPROPRIATE ACTIVITIES According to

29、 the IIA position paper. It is inappropriate for internal auditors to be responsible for six ERM-related activities: setting the risk appetite, imposing risk management processes, providing management assurance on risks, making decisions on risk responses, implementing risk responses on managements

30、behalf, and having accountability for risk management. Overall, audit functions in the survey have greater responsibility for these activities than the IIA paper recommends. However, auditors say they should have some limited responsibility for the inappropriate activities. Within the inappropriate

31、category, internal auditors highest level of current and ideal responsibility is providing management assurance on risks, while their lowest level of responsibility is for setting the risk appetite. Respondents comments suggest that auditors currently have greater responsibilities in these areas bec

32、ause the audit function is playing a leading role during the early stages of ERM development. ORGANIZATIONAL CHARACTERISTICS The perceived current and ideal FRM roles for the internal audit function may vary across organizations, depending on the organizations industry, size, and audit department si

33、ze, as well as the firms need to comply with the U.S. Sarbanes-Oxley Act of 2002. INDUSTRY Respondents work in a variety of sectors, including financial services, manufacturing, transportation, communications, utilities, health care, retail目 前 ， 大 量 住 宅 中 的 低 水 平 配 电 线 路 达 不 到 国 家 规 定 的 标 准 ， 消 费 者

34、在 购 房 和 装 修 时 对 电 气 线 路 这 类 隐 蔽 工 程 缺 乏 了 解 ， 致 使 安 全 隐 患 大 量 存 在 ， 电 气 火 灾 和 电 击 事 故 时 有 发 生 。专 家 提 醒 消 费 者 ， 在 购 房 前 先 问 电 ， 装 修 时 安 全 布 线 。目 前 ， 大 量 住 宅 中 的 低 水 平 配 电 线 路 达 不 到 国 家 规 定 的 标 准 ， 消 费 者 在 购 房 和 装 修 时 对 电 气 线 路 这 类 隐 蔽 工 程 缺 乏 了 解 ， 致 使 安 全 隐 患 大 量 存 在 ， 电 气 火 灾 和 电 击 事 故 时 有 发 生 。专 家

35、 提 醒 消 费 者 ， 在 购 房 前 先 问 电 ， 装 修 时 安 全 布 线 。and wholesale, government, and education. Researchers compared responses from the two largest industry groups: financial services and manufacturing. On average, financial service industry audit departments have greater current responsibility for core activ

36、ities than those from manufacturing. With respect to inappropriate activities, manufacturing audit departments tend to say their ideal involvement should be higher than their current responsibility, while financial service industry audit departments rate their current and ideal responsibilities at t

37、he same level. ORGANIZATION SIZE Approximately half of respondents work in organizations that had 2004 revenues between US $500 million and US $5 billion. Nearly 25 percent of respondents work in organizations that had revenues under US $500 million in 2004, while a similar number of respondents wor

38、k in organizations that had more than US $5 billion in revenue that year. Researchers compared responses from organizations with revenues of less than US $1 billion with organizations with revenues greater than US $1 billion. On average, auditors from both types of organizations have relatively equa

39、l levels of responsibility for current core activities. However, smaller organizations rated their ideal involvement for these core activities higher than large organizations. Smaller organizations have a slightly higher current level of responsibility for inappropriate activities than larger organi

40、zations and say their ideal involvement in these areas should be higher. AUDIT STAFF SIZEMore than half of respondents work in audit departments with 10 or fewer auditors, slightly more than one-quarter work in departments with between 11 and 50 auditors, and approximately one-tenth of respondents w

41、ork in departments with more than 50 auditors. Internal audit functions with more than 10 auditors currently have somewhat more responsibility for core activities than audit departments with 10 or fewer auditors. Both large and small audit functions have roughly equal levels of responsibility for al

42、l other ERM-related activities. However, unlike large audit organizations, respondents from small audit departments want to have more responsibility for activities in the inappropriate category. SARBANES-OXLEY Most respondents organizations are required to comply with Sarbanes-Oxley Section 404. Res

43、earchers found few differences between those目 前 ， 大 量 住 宅 中 的 低 水 平 配 电 线 路 达 不 到 国 家 规 定 的 标 准 ， 消 费 者 在 购 房 和 装 修 时 对 电 气 线 路 这 类 隐 蔽 工 程 缺 乏 了 解 ， 致 使 安 全 隐 患 大 量 存 在 ， 电 气 火 灾 和 电 击 事 故 时 有 发 生 。专 家 提 醒 消 费 者 ， 在 购 房 前 先 问 电 ， 装 修 时 安 全 布 线 。目 前 ， 大 量 住 宅 中 的 低 水 平 配 电 线 路 达 不 到 国 家 规 定 的 标 准 ，

44、消 费 者 在 购 房 和 装 修 时 对 电 气 线 路 这 类 隐 蔽 工 程 缺 乏 了 解 ， 致 使 安 全 隐 患 大 量 存 在 ， 电 气 火 灾 和 电 击 事 故 时 有 发 生 。专 家 提 醒 消 费 者 ， 在 购 房 前 先 问 电 ， 装 修 时 安 全 布 线 。organizations and respondents from organizations that do not have to comply with the act. The primary difference related to core activities, where compl

45、iers report a higher level of current responsibility than non-compliers. Although the IIA guidance is equally applicable to all organizations, the research indicates that smaller internal audit departments and those from smaller organizations tend to take on ERM responsibilities that would be more a

46、ppropriate for management. In these cases, internal auditing should work to develop an ERM implementation and maintenance plan that includes a stratcgy and timeline for migrating responsibilities for these activities to management THE AUDITORS ROLE Although the survey results suggest that the curren

47、t levels of responsibility audit departments have may differ somewhat from that levels recommended by The IIAS position paper, the respondents comments offer some evidence that auditors understand the underlying concepts of the guidance: There needs to be a shift in the doing of the ERM to being an

48、internal audit function that relies on and evaluates the ERM process. ERM should be in sync with the audit universe and plan, In the past i8 months, the corporation has appointed a CRO to provide oversight and guidance to evolving ERM processes. During this period, much of internal auditings previou

49、s ERM roles have migrated to this officer. More importantly, respondents identified significant barriers in their organizations to following the guidance: These ERM responsibilities and processes are not well defined in many organizations and should be more clearly articulated by senior management.There is not enough emphasis from the top that risk management is important and must be done effectively. Management is still trying to hide things from internal auditing. Its not them