Keywords: risk, enterprise risk management, enlightenment
The global financial crisis triggered by the subprime mortgage crisis in the United States has made people question whether the internal risk management mechanism of enterprises really works.
In fact, after the Asian financial crisis,
Countries all over the world have realized the importance of risk management.
And established various risk management mechanisms,
But the wind
However, it is difficult for insurance management to really integrate into the daily operation and management of enterprises.
So that it can't fully play its role. From this perspective,
This financial crisis is correct.
The existing risk management model has brought unprecedented challenges. As an important part of risk management, enterprise internal control is very important to enterprise risk management.
Efficiency and effect have important practical significance. This paper aims to explore enterprise risk management and internal control, in order to improve enterprise risk.
Management level,
Establish a sound internal control system to provide reference.
One,
Significance of internal control and risk management
From a normative point of view,
Internal control plays an important role in regulating organizational behavior.
Strengthening enterprise management is of great significance;
The internal control system is an enterprise group.
Knitting system,
Corresponding to the property right structure of enterprises,
By establishing appropriate
"Principal-agent"
Contractual relationship,
Ensure the interests of external investors of enterprises.
Can be effectively maintained by agents in the enterprise,
It has two layers:
(
1
)
Internal control is the management system of an enterprise,
Through inspection and improvement, it has been
Customs management policies and procedures,
Effectively control the operation of enterprises,
Continuously improve the operating efficiency and benefit of enterprises,
Realize the preservation and appreciation of the capital invested by investors.
Value.
(
2
)
Internal control is the accounting system of enterprises,
It through the appropriate business permissions setting and authorization,
Accurate accounting records,
Timely physical inventory
Fair reporting procedures and methods,
Ensure the reliability of information on business and financial status of enterprises,
Guarantee the property safety of investors. The same is true of risk management.
Department control,
Also by
"the board of directors of the enterprise,
Management and other personnel * * * with the implementation "
Emphasize the viewpoint of full participation;
Apparently, it's also one.
individual
"process"
Things that can't be considered static,
Such as system files,
Technical model, etc.
Nor is it a separate or additional activity,
Such as inspection and evaluation,
most
Good is established in the daily management process of enterprises.
As a regular operation mechanism;
Provide reasonable guarantee for the realization of enterprise goals.
Second,
Related theoretical connotation
( 1)
Connotation of risk management
Risk refers to the uncertainty of events that may affect the realization of goals. For enterprises, risk is a disadvantage.
And cause actual losses, so that the enterprise goals can not be achieved or reduce the possibility of achieving them. Risk management means taking certain measures.
Detect and evaluate risks,
Reduce the risk to an acceptable level,
And control it at an acceptable level.
COSO
(one by
American information industries association (information industries association)
and
American institute of public accountants American institute of accountants
A professional alliance composed of many organizations) defines risk management as follows:
"
Total risk management is a process. this
The procedures of the board of directors,
The influence of management and other personnel. This process runs through all the activities of the enterprise from the formulation of the enterprise strategy.
be used for
Identify potential events and management risks that may affect the enterprise,
Make it within the risk preference range of the enterprise,
So as to reasonably ensure that the enterprise obtains the established
Target "
. According to some economists in China,
Risk management is that enterprises identify potential accidents or losses,
Measurement and analysis,
on this basis
Implement effective control,
Deal with risks in the most economical and reasonable way,
In order to achieve maximum security and scientific management methods. Can be understood as:
wind
33
1.
Enterprise managers and related personnel have weak risk awareness.
Strengthen enterprise environmental control and risk assessment,
It is to improve the efficiency and effectiveness of enterprise risk management.
The top priority of fruit. At present, China enterprises lack an identifiable,
Mechanism for analyzing and managing risks,
It often seems to blindly pursue high returns.
Investment and other risks.
2.
The existing risk management institutions are not enough to deal with enterprise risks.
Due to the late design of enterprise risk management mechanism in China,
The same is true of existing rules and regulations.
It has been implemented in recent years, but the external environment faced by enterprises changes rapidly. The rapidly changing business environment may make the risk management mechanism full of risks.
The coping ability is weakened,
Even failed.
3.
The organizational construction of risk management institutions is not perfect.
2006
year
six
moon
six
Issued by the State-owned Assets Supervision and Administration Commission of the State Council
central enterprises
Guide to comprehensive risk management in the industry "
sequence
Forty two.
The terms clearly stipulate that:
"Enterprises should establish and improve the risk management organization system,
It mainly includes the company law that regulates people.
Structure,
Risk management functional departments,
Internal Audit Department, Legal Affairs Department and other relevant functional departments,
Organization and leadership of business units
Structure and its responsibilities.
"
4.
Risk management institutions lack real independence.
As a part of enterprise internal audit,
Risk management institutions have the problem of insufficient independence.
Especially in China, most enterprise risk management departments are not well established.
Not systematic,
The responsibilities of auditors are not clear,
Unclear attribution of enterprise risk responsibility
I see,
All these make risk management unable to play a real supervisory role.
Five,
Constructing a new internal control mechanism embodying comprehensive risk management
1.
Constructing innovative risk management concept with the characteristics of this enterprise
Taking total risk management as a part of corporate culture is a brand-new concept. This concept was put forward and finally established as corporate culture.
There is another process,
It requires the joint efforts of all staff under the concept of comprehensive risk management. Therefore,
We should learn more about the risk management of other enterprises.
Technology and experience,
Actively explore new methods of internal control management suitable for this enterprise,
Only in this way,
The concept of total risk management can be truly integrated.
Into practical work,
Create an excellent risk management culture,
Improve the internal environment,
A comprehensive risk management system can be developed.
2.
Constructing a feasible internal control evaluation mechanism
In the traditional mode,
Due to the lack of unified risk management decisions,
Each functional department becomes the authority of risk management,
Long-term stability of post management responsibilities
Will become the first priority to ensure authority,
There is a serious lack of active tracking and evaluation system for each post responsibility.
It is often an accident that makes up for it. be like
The post responsibility supervisor of the audit department is only
"routine inspection"
Therefore,
Enterprises should, according to their own actual conditions,
By determining the risk control link,
Implement the post management responsibilities of various departments,
And regularly check the control status of each department,
Evaluation and evaluation,
Strengthen the responsibility of risk management,
Improve the whole
Awareness and ability of risk prevention,
So as to effectively promote overall risk management,
Realize the transformation from the risk prevention department to the whole enterprise,
All employees remain vigilant,
will
Internal control management is promoted from individual behavior to the overall behavior of enterprises.
Make the internal control management level of enterprises continuously improve.
3.
Principles of constructing a brand-new internal control organization system
(
1
)
The principle of comprehensive risk management,
Namely:
Principle of total staff management,
Realize the strengthening of the risk awareness of all staff.
realize
"Crossing to the edge,
Vertical to the end "
Jiangfeng
Risk awareness,
It's imprinted on my mind,
Implement in action;
Principles of whole process management,
For the development of enterprises,
Implement risk control in the whole process of business operation;
Fang Quan
Risk management principles,
Including business risks,
There are investment risks,
Credit risk,
Contract risks, etc.
(
2
)
Principles of hierarchical management. that is
Risk management decisions,
Management,
Business functions are entrusted to different levels of institutions,
Form a pyramid-shaped organizational structure.
(
three
)
Risk management gateway
The principle of progress. Set the daily risk monitoring function directly to the business operation department,
Make risk management closer to the market,
It is conducive to finding the wind in time.
Risk,
Control risks,
It embodies the characteristics of parallel operation of risk management and business management.
(
four
)
Principle of coordination and efficiency. It is necessary to ensure the division of powers and responsibilities between departments
I see,
I see,
Simple operation;
Ensure convenient information communication between departments,
Come on,
Accurate,
Ensure the effective operation of enterprise management system.
4.
Construct a new business management system that meets the requirements of internal control
Unde that traditional decentralized risk management mode,
In order to ensure the smooth development of various businesses and guard against various risks,
Various functional departments have developed a large number of research institutes.
say
"comprehensive"
System.
But once many systems are formed,
It lost its practical significance,
It has become a system posted on the wall and written in books.
The effectiveness of the system operation is poor. Investigate its reason,
The most important thing is that the formulation of the system lacks systematic and scientific planning. Therefore,
Meet internal control requirements
On the premise of seeking,
Comprehensively sort out the existing rules and regulations,
Further improve the supply and marketing business,
Accounting business,
Intermediate business and other business management system,
Correction/wholeness
Combined with various business operation links,
Establish a business-oriented,
An internal control management system covering all business types and involving the whole business process,
Realize business development
Synchronization of development and risk management.
Grassroots units should strengthen the self-examination of the implementation of rules and regulations and risk control.
Form a long-term system of regular inspection.
The internal audit department should give full play to the role of audit,
Encourage enterprises to gradually establish management that abides by rules and regulations,
Unified standards shall be implemented for business assessment.
New management system.