外文翻译--企业内部控制的决定因素和后果

Internal management, establish a sound internal control system, enterprises and the needs for enterprises to face market risks and challenges. Only in accordance with the actual situation of their own, developed to meet the needs of internal management control system, and strictly follow the implementation can be sustained, steady and healthy development.内部管理，建立健全内部控制制度，企业和企业面临的市场风险和挑战的需要。

只有按照自己的实际情况，开发出满足内部管理控制系统的需求，并严格遵照执行能够持续，稳定和健康的发展。

The so-called internal control, the means by the enterprises board of directors, managers and other staff implementation, in order to ensure the reliability of financial reporting, operating efficiency and effectiveness of existing laws and regulations to follow, and so provide reasonable assurance that the purpose of the course. Internal controls related to enterprise production and management of the control environment, risk assessment, supervision and decision-making, information and transfer and self-examination, from a business perspective on the whole in all aspects of production. Their effective implementation will undoubtedly promote enterprise production and management to a new level, to promote the rationalization of business processes and standardization.所谓内部控制，董事会的企业董事会，经理和其他员工实施的，为保证财务报告的可靠性，现有的法律法规，经营的效率和效果跟踪，并提供合理的保证，本课程的教学目的。

A Clear Look at Internal Controls: Theory and ConceptsHammed Arad (Philae)Department of accounting, Islamic Azad University, Hamadan, IranBarak Jamshedy-NavidFaculty Member of Islamic Azad University, Kerman-shah, IranAbstract: internal control is an accounting procedure or system designed to promote efficiency or assure the implementation of a policy or safeguard assets or avoid fraud and error. Internal Control is a major part of managing an organization. It comprises the plans, methods, and procedures used to meet missions, goals, and objectives and, in doing so, support performance-based management. Internal Control which is equal with management control helps managers achieve desired results through effective stewardship of resources. Internal controls should reduce the risks associated with undetected errors or irregularities, but designing and establishing effective internal controls is not a simple task and cannot be accomplished through a short set of quick fixes. In this paper the concepts of internal controls and different aspects of internal controls are discussed. Keywords: Internal Control, management controls, Control Environment, Control Activities, Monitoring1. IntroductionThe necessity of control in new variable business environment is not latent for any person and management as a response factor for stockholders and another should implement a great control over his/her organization. Control is the activity of managing or exerting control over something. he emergence and development of systematic thoughts in recent decade required a new attention to business resource and control over this wealth. One of the hot topic a bout controls over business resource is analyzing the cost-benefit of each control.Internal Controls serve as the first line of defense in safeguarding assets and preventing and detecting errors and fraud. We can say Internal control is a whole system of controls financial and otherwise, established by the management for the smooth running of business; it includes internal cheek, internal audit and other forms of controls.COSO describe Internal Control as follow. Internal controls are the methods employed to help ensure the achievement of an objective. In accounting and organizational theory, Internal control is defined as a process effected by an organization's structure, work and authority flows, people and management information systems, designed to help the organization accomplish specific goals or objectives. It is a means by which an organization's resources are directed, monitored, and measured. It plays an important role in preventing and detecting fraud and protecting the organization's resources, both physical (e.g., machinery and property) and intangible (e.g., reputation or intellectual property such as trademarks). At the organizational level, internal control objectives relate to the reliability of financial reporting, timely feedback on the achievement of operational or strategic goals, and compliance with laws and regulations. At the specific transaction level, internal control refers to the actions taken to achieve a specific objective (e.g., how to ensure the organization's payments to third parties are for valid services rendered.) Internal controlprocedures reduce process variation, leading to more predictable outcomes. Internal controls within business entities are called also business controls. They are tools used by manager's everyday.* Writing procedures to encourage compliance, locking your office to discourage theft, and reviewing your monthly statement of account to verify transactions are common internal controls employed to achieve specific objectives.All managers use internal controls to help assure that their units operate according to plan, and the methods they use--policies, procedures, organizational design, and physical barriers-constitute. Internal control is a combination of the following：1. Financial controls, and2. Other controlsAccording to the institute of chartered accountants of India internal control is the plan of organization and all the methods and procedures adopted by the management of an entity to assist in achieving management objective of ensuring as far as possible the orderly and efficient conduct of its business including adherence to management policies, the safe guarding of assets prevention and detection of frauds and error the accuracy and completeness of the accounting records and timely preparation of reliable financial information, the system of internal control extends beyond those matters which relate to the function of accounting system. In other words internal control system of controls lay down by the management for the smooth running of the business for the accomplishment of its objects. These controls can be divided in two parts i.e. financial control and other controls.Financial controls:- Controls for recording accounting transactions properly.- Controls for proper safe guarding company assets like cash stock bank debtor etc- Early detection and prevention of errors and frauds.- Properly and timely preparation of financial records I e balance sheet and profit and loss account.- To maximize profit and minimize cost.Other controls: Other controls include the following:Quality controls.Control over raw materials.Control over finished products.Marketing control, etc6. Parties responsible for and affected by internal controlWhile all of an organization's people are an integral part of internal control, certain parties merit special mention. These include management, the board of directors (including the audit commit tee), internal auditors, and external auditors.The primary responsibility for the development and maintenance of internal control rests with an organization's management. With increased significance placed on the control environment, the focus of internal control has changed from policies and procedures to an overriding philosophy and operating style within the organization. Emphasis on these intangible aspects highlights the importance of top management's involvement in the internal control system. If internal control is not a priority for management, then it will not be one for people within the organization either.As an indication of management's responsibility, top management at a publicly owned organization will include in the organization's annual financial report to the shareholders a statement indicating that management has established a system of internal control that management believes is effective. The statement may also provide specific details about the organization's internal control system.Internal control must be evaluated in order to provide management with some assurance regarding its effectiveness. Internal control evaluation involves everything management does to control the organization in the effort to achieve its objectives. Internal control would be judged as effective if its components are present and function effectively for operations, financial reporting, and compliance. he boards of directors and its audit committee have responsibility for making sure the internal control system within the organization is adequate. This responsibility includes determining the extent to which internal controls are evaluated. Two parties involved in the evaluation of internal control are the organization's internal auditors and their external auditors.Internal auditors' responsibilities typically include ensuring the adequacy of the system of internal control, the reliability of data, and the efficient use of the organization's resources. Internal auditors identify control problems and develop solutions for improving and strengthening internal controls. Internal auditors are concerned with the entire range of an organization's internal controls, including operational, financial, and compliance controls.Internal control will also be evaluated by the external auditors. External auditors assess the effectiveness of internal control within an organization to plan the financial statement audit. In contrast to internal auditors, external auditors focus primarily on controls that affect financial reporting. External auditors have a responsibility to report internal control weaknesses (as well as reportable conditions about internal control) to the audit committee of the board of directors.8. Limitations of an Entity's Internal ControlInternal control, no matter how well designed and operated, can provide only reasonable assurance of achieving an entity's control objectives. The likelihood of achievement is affected by limitations inherent to internal control. These include the realities that human judgment in decision-making can be faulty and that breakdowns in internal control can occur because of human failures such as simple errors or mistakes. For example, errors may occur in designing,Maintaining, or monitoring automated controls. If an entity’s IT personnel do not completely understand how an order entry system processes sales transactions, they may erroneously design changes to the system to process sales for a new line of products. On the other hand, such changes may be correctly designed but misunderstood by individuals who translate the design into program code. Errors also may occur in the use of information produced by IT. For example, automated controls may be designed to report transactions over a specified dollar limit for management review, but individuals responsible for conducting the review may not understand the purpose of such reports and, accordingly, may fail to review them or investigate unusual items.Additionally, controls, whether manual or automated, can be circumvented by the collusion of two or more people or inappropriate management override of internal control. For example, management may enter into side agreements with customers that alter the terms and conditions of the entity’s standard sales con tract in ways that would preclude revenuerecognition. Also, edit routines in a software program that are designed to identify and report transactions that exceed specified credit limits may be overridden or disabled.Internal control is influenced by the quantitative and qualitative estimates and judgments made by management in evaluating the cost-benefit relationship of an entity’s internal control. The cost of an entity's internal control should not exceed the benefits that are expected to be derived. Although the cost-benefit relationship is a primary criterion that should be considered in designing internal control, the precise measurement of costs and benefits usually is not possible.Custom, culture, and the corporate governance system may inhibit fraud, but they are not absolute deterrents. An effective control environment, too, may help reduce the risk of fraud. For example, an effective board of directors, audit committee, and internal audit function may constrain improper conduct by management. Alternatively, the control environment may reduce the effectiveness of other components. For example, when the nature of management incentives increases the risk of material misstatement of financial statements, the effectiveness of control activities may be reduced.9. Balancing Risk and ControlRisk is the probability that an event or action will adversely affect the organization. The primary categories of risk are errors, omissions, delay and fraud In order to achieve goals and objectives, management needs to effectively balance risks and controls. Therefore, control procedures need to be developed so that they decrease risk to a level where management can accept the exposure to that risk. By performing this balancing act "reasonable assurance” can be attained. As it relates to financial and compliance goals, being out of balance can causebe proactive, value-added, and cost-effective and address exposure to risk.11. ConclusionThe concept of internal control and its aspects in any organization is so important, therefore understanding the components and standards of internal controls should be attend by management. Internal Control is a major part of managing an organization. Internal control is an accounting procedure or system designed to promote efficiency or assure the implementation of a policy or safeguard assets or avoid fraud and error. According to custom definition, Internal Control is a process affected by an entity's board of directors, management and other personnel designed to provide reasonable assurance regarding the achievement of objectives in the following categories namely. The major factors of internal control are Control environment, Risk assessment, Control activities, Information and communication, Monitoring. This article reviews the main standards and principles of internal control and described the relevant concepts of internal control for all type of company.内部控制透视：理论与概念哈米德阿拉德（Philae）会计系，伊斯兰阿扎德大学，哈马丹，伊朗巴克Joshed -纳维德哈尼学院会员伊斯兰阿扎德大学，克尔曼伊朗国王，伊朗摘要：内部控制是会计程序或控制系统，旨在促进效率或保证一个执行政策或保护资产或避免欺诈和错误。

企业内部控制中英文对照外文翻译文献(文档含英文原文和中文翻译)译文：内部控制环境外文翻译摘要：为了保证企业需求内部控制活动的有效性和信息的可靠性以及遵守法律的适用性，每个组织要选择最适合的控制系统。

因此，就必须考虑到意外事故的风险是否切合权变理论。

本文研究的是检视这些风险特点的选择是否适应他们公司内部控制结构和它是否会导致一些更加优惠的有效性的评估控制管理。

虽然内部控制的组成部分已进行单独控制，本文尝试阐明内部控制的关键点并将其放到更加广阔的背景中。

结果证明，基于对741家芬兰公司的调查研究，表明公司用内部控制结构来应对环境的不确定性，并观测控制的有效性的战略对其内部控制结构有着显著的效果。

关键词：内部控制、成效、权变理论、结构方块建模1.绪论人们普遍认为，一个内部控制系统可以帮助企业降低风险，并且使财务报表的可靠性得以保证。

因此，越来越多的企业在他们具体的操作环境下更多的关注自己的内部控制。

在巨大的管理压力下，如何提高内部控制的有效性以及董事会和股东之间的沟通效果，是目前企业亟待解决的重要问题。

由于内部控制可能会影响长期的报告，因此审计人员、供应商、客户都对内部控制关注相当。

Kinney在2000年指出，尽管内部控制对公司影响很大，但在组织环境中内部控制结构却无法实现。

虽然关于内部控制的文献在国际研究上已取得进展，但迄今为止，内部控制的研究数量有限。

在2004年Selte and Widener出版的专业文章中提出，在管理控制中研究较少的内部控制有着很强的实用性。

本文的研究结论有助于了解内部控制结构及其在公司环境中观察到对公司的效果。

即使内部控制结构框架中提出了一个标准化的结构和内部控制目标，但仍然需要注意的是，有效地内部控制是要根据公司的不同特点来制定的。

因此，即使是内部控制的框架中也无法提供一个企业的特点和其控制系统的关系。

因此，本研究利用一个应急方法，审查内部控制结构的设计，并且将其放到不同的环境下观察其效果。

Internal control and risk management1.Internal control --, standard and legislationIn 1985, the United States in order to curb the growing business of accounting fraud activities, formed a committee against financial fraud Treadway committee), (accounting fraud activities investigation led to reason and proposed solutions. The scheme emphasized the importance of internal control, requests and Suggestions of all listed companies should provide in the annals of internal control reports. The report shall include admit management authorities of financial reporting and internal control is responsible, and discuss the implementation of these responsibilities.In The end The mission Treadway Committee after The five, The commission launched organization jointly established a new Committee - The Com - mittee COSO (Sponsoring Organizations of The Treadway of ordinary), namely The organizing Committee Treadway Committee launched. It consists of the American public institute of certified public accountants (AICPA), American accounting association (AAA), international financial management association (FEI), internal auditors association (type IIA), international accounting association (NAA would) (a managerial accounting association jointly sponsored IMA predecessor). COSO continue to study and in 1992 it issued a programmatic document about the Internal Control, namely "Internal Control - the overall framework" (Internal Control - IntegratedFramework). The reports are put forward the COSO U.S. federal reserve, the United States securities and exchange commission, the Basel committee regulators or international organizations such as the recognition and adopted, many of these definitions, Suggestions and ideas absorbed into the legislation and regulations, worldwide has had a broad impact. Since THE end of 2001, THE United States broke with enron, worldcom, xerox and other companies financial cases of fraud as a representative of accounting scandals, hit U.S. capital markets and THE economy, also concentrated exposure for American companies in THE existing problem of internal control, thus causing THE United States adopted THE "sasha class nice --, THE extension of THE law (SARBANES OXLEY ACT) -. The bill made clear company managers CEO and CFO finance director of internal control, and will be held directly responsible shall undertake economic and criminal consequences; Greatly improve the punishment of accounting fraud; Strengthening the internal audit, external audit and audit supervision. This legislation represents a large capital marketsystem, also make the progress of the importance of internal control people have more deeply.2.The internal control and risk management comparisonInternal control and risk management has the close relation. COSO internal control is that part of the risk management. Therefore, the committee in the whole framework of internal control - the basis of, and in 2003 issued a new report --, "enterprise risk management framework". At present the report was only a rough draft, in public, revised later, is expected to formally released this year. The enterprise risk management framework "inherit and contains the whole framework of internal control - the main content also expanded the three elements, added a goal, updated some ideas for countries to provide a unified enterprise risk management terms and concepts of comprehensive application guide system.COSO internal control and risk management of the definition and elements were: Internal control: enterprise internal control is by the enterprise board of directors, managers, and other staff to implement, for financial reporting accuracy, business activity of efficiency and effect, the relevant laws and regulations such as the follow to achieve the goal of the process and provide reasonable assurance. It includes five elements: control environment, risk assessment, control activities, information and communication, the surveillance.Risk management: enterprise risk management is a process of the board of directors, the management of enterprises and other personnel to implement, applied in strategy formulation and enterprise all levels of activity, aims to identify possible influence enterprise various potential events, and according to enterprise's risk preference for enterprises to manage risk, to achieve the goal of providing reasonable assurance. It has eight elements: the internal environment, goal setting, event risk identification, risk assessment, countermeasures, control activities, information and communication, the surveillance.The two reports from the COSO perspective, the enterprise risk management and internal control has the following similar or different places:First, they are made by "enterprise board, management and other personnel to implement", emphasize the point, says the participation parties on the internal control and risk management has a corresponding roles and responsibilities.Second, they are all clearly is a "process", not as a static thing, such as system files, technical model and so on, also not be alone or extra activities, such asinspection, evaluation is best placed inside enterprise daily management process, as a kind of routine operation mechanism to construction.Third, they are for the realization of the goal of enterprise provide reasonable assurance. Risk management objectives are four categories, including three categories and internal control collocated, namely report targets, business targets and follow the targets. But the report targets have expanded, it not only include financial report, also requires all the accuracy of internal and external non-financial class report issued by the accurate and reliable. In addition, risk management increased the strategic target, namely and enterprise vision or mission related high-level objectives. This means that risk management is not only ensure management efficiency and effect, and intervention in the enterprise strategy (including business objectives) formulation process.Fourth, risk management and internal control elements have five aspects, i.e. (overlap is control or internal) environment, risk assessment, control activities, information and communication, the surveillance. These coincide most of their goals and realization mechanism coincide of similar decision. Risk management increased goal setting, event identification and risk countermeasures three factors. Coincide elements, connotation, for example, has been extended internal control environment including honest character and moral values, staff quality and ability, the board of directors and the audit committee, management philosophy and management style, the organizational structure, the power and the allocation of responsibility, human resource policies and practices seven aspects. Risk management "internal environment" in addition to include these seven aspects outside, still include risk management philosophy, risk preference (appetite) and risks associated cultural three new content. In the risk assessment elements, risk management requires the consideration of the inherent risk and residual risk, with expectations, worst case values or probability distribution measure risk and to consider time preferences and risk association between the role. In information and communication, risk management emphasized the past, present and future of the relevant data about obtaining and analysis, provides information of the depth and timeliness, etc.Fifth, risk management proposes risk portfolio and the overall risk management (in tegrated management) - are new idea. The enterprise risk management framework "in the theory of modern financial borrowing portfolio risk theory, this paper puts forward the concept of combination and overall management from enterprise level,demanding dispersed in the overall grasp all levels and departments of enterprise, the risk exposure with overall consideration risk countermeasures, prevent dispersed consider and coping by department, such as will risk the risk in technology, financial, separated by information technology, environment, safety, quality, auditing departments, and considering the interaction between risk events, prevent two tendencies: one is the department's risk in risk preference can withstand ability, but within the overall effect may be beyond sustaining limit, because individual risk influence is not always add, may be multiplied; Second is the risk of individual departments over its limits, but exposure to the overall risk level haven't beyond sustaining range, because sometimes has offset the effects of the event of the effect. At this time, and further, strive for higher return risk with room to grow. According to risk portfolio and the overall management point of view, need unification consideration risk events as risk countermeasures between interaction between, overall risk management plan formulated.3. Internal control and risk management inner linkEnterprise system evolution and risk associated with the development. The establishment of a limited liability system is running or partnership enterprise organization from the key turning into a modern shares, it enables shareholders steps possessions and enterprise property and enterprise economic responsibility independent, shareholder transformation will no longer affect the enterprise credit capacity for equity transactions, expanded range and increased liquidity, which reduces the risk of investment and promoting enterprise financing, contributed to today a giant corporation.In order to make equity trading and the shareholders transform business continuity, influence and to make capital and management ability realize more optimal combination of ownership and management, enterprise in the modern enterprise of altitude, which also separate brings new risks, namely professional operators might not perform its accountability and shareholders' expense. In addition, limited liability may also lure enterprise engaged in high risk and damage the project's creditors. Because in limited liability, the potential revenue mainly by the enterprise (shareholders) to obtain, and the risk of failure, the major that bankruptcy is borne by the obligee. The risk is not marketization, the market competition spontaneous constraints or market transactions, such as providing a hedge product quality or natural disasters, but mechanism, belongs to the organization or trade in agency issues,need to regulate rules and system. These systems include corporate governance in the liability system, such as financial report, an internal control and audit, etc.Internal control and risk management is the fundamental role maintenance, security enterprise asset investor interest, and create new value. Fama&Jensen (1983) analyzed under the board of directors of ownership and separation of the internal control functions; Jensen (1993) further analyzed the American board of directors in internal control with reasons for the failure of performance. Theoretically, the enterprise internal control is the enterprise system component, is in the enterprise management and ownership of the separation of investor benefit under the condition of the protection mechanism. Its purpose is to ensure the accuracy and reliability of the accounting information management, prevent manipulation of statements and fraud and protect the company's property security, comply with the law in order to maintain the company's reputation and avoid incur pecuniary loss, etc. The historical origin of internal control, the requirements to earlier more basic, easier or appropriate rise to legislative level. Enterprise risk management is in the new technology and the market conditions of natural extension of internal control. COSO in the enterprise risk management framework of risk management of significance about when this is the case discussion: "enterprise risk management strategy and organization used in the various levels activities. It enables managers in the face of uncertainty can identify, evaluate and manage risk, play the role of creation and maintain value. Risk management can make risk preference and strategic keeps consistent, will risk and growth and return overall consideration, promote the decision against risks and reduce the risk and losses, identify business management and enterprise crossover risk, for various risks to provide overall countermeasures, capture opportunities and make capital rationalization." COCO in explaining the generalized control and risk discusses way: "' leadership 'in the face of uncertainty include choice." risk "refers to individuals or organizations are making choices adverse consequences after the possibility of suffering. The risk is opportunity counterparts." Obviously, these discussions have realized that enterprise exists for shareholders or stakeholders (for nonprofit organization, etc.), and create value value creation is not only passive assets security, it should also include the use of opportunity. Moreover, the threat of shareholder value comes not from the operator internal factors such as accounting frauds, including from the market risk, etc.Technology and market conditions, promote the new progress of internal controlto risk management. In advanced information technology conditions, accounting records realized the electronic control, real-time update, make traditional error-detection and prevent disadvantages accounting control seems outdated. However, the risk is often caused by trading or organization innovation, these innovation comes from emerging market practice, such as enron will energy trading large developed into similar financial derivatives trading. On the other hand, environmental protection and the enforcement of protection of consumer rights, strengthened the social responsibility of the enterprise, if an enterprise may have inadvertently, suffer from commodity market or capital market for the enterprise, and punish the performance brand value, or the capital market capitalisation put-downs. Therefore, the enterprise need a daily operation function and structure to guard against risks, including abide by laws and regulations, and ensure the trust of investors and ensure financial information management efficiency, etc. Therefore, from maintenance and promote this basic function value creation standpoint, risk management and internal control target is consistent, just in new technology and the market conditions, in order to effectively protect the interests of investors need in the basis of the development of internal control more active and more comprehensive risk management.4.From internal control to risk managementThere is a debate that risk management include internal control, or internal control contains risk management. The author thinks that what kind of conclusion that is not very important, the most important is to clear risk management and internal control of the relation between the superposition place. Who's wider, may be with time, technology, market conditions, legal and regulatory practice and different, for example, in the early development of internal control, market risk management tools and technology conditions are not fully (such as computer systems, statistics theory, quantity model, hedge tools and insurance etc.), then the internal control contains (alternative) risk management function is very natural. Even in the same era, different industry their emphasis may also different, for example, in the financial industry regulatory strict or involving the people's lives and health pharmacy and medical industry, the urgency of risk management, enterprise stronger with risk management leading internal control may be more convenient. And in some other enterprise, in order to comply with information disclosure requirements of internal control reports with the internal control system, enterprise for leading, give attention to two ormorethings risk management may be more suitable.Because of the internal control and risk management is the intrinsic relation, countries with different ways were gradually integrate internal control and risk management connected. January 8, 2004, China's relevant aspects held the "commercial bank risk management and internal control BBS", this shows that our banking also began to internal control and risk management connected.The Basel committee "issued by the banking group of internal control system framework said:" the board of directors approved and regularly check the overall strategy, and important system, understand the main risk, the bank for these risks setting acceptable level, ensure management to take necessary steps to identifying, measuring, supervision and control these risks..." Here, the risk management is obviously the content into the internal control framework. In the UK the FSA comprehensive standards (TheCombined Code) about the internal control regulation, it is first in official documents containing definitely in risk management in internal under control. This code is that the board should keep sound internal control system to protect shareholders investment and enterprise assets (principle d. 2). The board of directors at least once a year, and check the effectiveness of enterprise internal control systems, and to shareholders and report. Reports should include all the control, such as financial, management, follow control and risk management (d. 2.1). This rule is listed on the London stock exchange enterprise must abide by.Canadian association of certified accountants control standards committee (COCO) think "control should include risk identification and reduce the risk of", in which not only include the risk of achieving specific goals related, but also include general, if can't identify and took advantage of the opportunity, cannot make enterprise in the face of not anticipate events and uncertain information while maintaining flexibility or resilient. In 1992 the COSO internal control - in the whole framework will risk assessment of the internal control as one of the five elements, in the latest on the introduction of the "enterprise risk management framework" and further integrate internal control expanded to risk management, clearly put risk management include internal control.The author believes that in the actual business process, risk management and internal control is inseparable in rule or legislative process, consideration scope and control strength, the requirements, the greater the control range will be weaker. For its core problems, such as financial reporting accurate and reliable, the most suitable forlegislation to form to constraint, and other more broad content may be more suitable for rules and guidelines. The different levels of the enterprise internal risk management and internal control, the leading relative order can also be different, for example, from the enterprise strategic risk in turn to the management risk, financial risk, and finally to the financial report, risk management and internal control the relative importance should vary. In strategic risk, the risk management should play a leading role play complexation and internal control. This role reversal to financial report, gradually level, should play a leading role is the internal control, risk management play complexation.Despite the risk management and internal control an inner link, but the reality of or on behalf of the current application level of internal control and risk management and lots of gap. The typical risk management attention in particular business with strategic choice or business decisions related to compare the benefits and risks of, for example, banking credit management or market (price) risk management such as exchange rate, interest rate risk, etc. The typical internal control refers to accounting control, audit activities, are generally confined to financial related department. What they all have in common is low level, small range, confined to a few functional departments, and no penetration or applied in enterprise management process and the whole management system, therefore, sometimes looks risk management and internal control or independent of each other two things. Along with the internal control and risk management constantly improve and become more comprehensive, they inevitably overlapping and fusion between until unity.内部控制与风险管理周兆生1、内部控制———标准与立法1985年美国为了遏制日益猖獗的会计舞弊活动,成立了一个反财务舞弊委员会(Treadway委员会),调查导致会计舞弊活动的原因,并提出了解决方案。

中文4500字本科生毕业设计（论文）外文原文及译文所在系管理系学生姓名郭淼专业会计学班级学号指导教师2013年6月外文文献原文及译文Internal ControlEmergence and development of the theory of the evolution of the internal controlInternal control in Western countries have a long history of development, according to the internal control characteristics at different stages of development, the development of internal control can be divided into four stages, namely the internal containment phase, the internal control system phase, the internal control structure phase, overall internal control framework stage.Internal check stages: infancy internal controlBefore the 1940s, people used to use the concept of internal check. This is the embryonic stage of internal control. "Keshi Accounting Dictionary" definition of internal check is "to provide effective organization and mode of operation, business process design errors and prevent illegal activities occur. Whose main characteristic is any individual or department alone can not control any part of one or the right way to conduct business on the division of responsibility for the organization, each business through the normal functioning of other individuals or departments for cross-examination or cross-control. designing effective internal check to ensure that all businesses can complete correctly after a specified handler in the process of these provisions, the internal containment function is always an integral part. "The late 1940s, the internal containment theory become important management methods and concepts. Internal check on a "troubleshooting a variety of measures" for the purpose of separation of duties and account reconciliation as a means to money and accounting matters and accounts as the main control object primary control measures. Its characteristics are account reconciliation and segregation of duties as the main content and thus cross-examination or cross-control. In general, the implementation of internal check function can be roughly divided into the following four categories: physical containment; mechanical containment; institutional containment; bookkeeping contain. The basic idea is to contain the internal "security is the result of checks and balances," which is based on two assumptions: First: two or more persons1西安交通大学城市学院本科毕业设计（论文）or departments making the same mistake unconsciously chance is very small; Second: Two or more the possibility of a person or department consciously partnership possibility of fraud is much lower than a single person or department fraud. Practice has proved that these assumptions are reasonable, internal check mechanism for organizations to control, segregation of duties control is the foundation of the modern theory of internal control.Internal control system phases:generating of internal controlThe late1940s to the early1970s, based on the idea of internal check, resulting in the concept of the internal control system, which is the stage in the modern sense of internal control generated. Industrial Revolution has greatly promoted the major change relations of production, joint-stock company has gradually become the main form of business organization of Western countries, in order to meet the requirements of prevailing socio-economic relations,to protect the economic interests of investors and creditors, the Western countries have legal requirements in the form of strengthen the corporate financial and accounting information as well as internal management of this economic activity.In 1934, the "securities and exchange act" issued by the U.S. government for the first time puts forward the concept of "internal accounting control", the implementation of general and special authorization book records, trading records, and compared different remedial measures such as transaction assets. In 1949, the American institute of certified public accountants (AICPA) belongs to the audit procedures of the committee (CPA) in the essential element of internal control: the system coordination, and its importance to management department and the independence of certified public accountants' report, the first official put forward the definition of internal control: "the design of the internal control includes the organization and enterprise to take all of the methods and measures to coordinate with each other. All of these methods and measures used to protect the property of the enterprise, to check the accuracy of accounting information, improve the efficiency of management, promote enterprise stick to established management guidelines." The definition from the formulation and perfecting the inner control of the organization, plan, method and measures such as rules and regulations to implement internal control, break through the limitation of control related to the financial and accounting department directly, the four objectives of internal control, namely the enterprise in commercial2外文文献原文及译文activities to protect assets, check the veracity and reliability of financial data, improve the work efficiency, and promote to management regulations. The definition of positive significance is to help management authorities to strengthen its management, but the scope of limitation is too broad. In 1958, the commission issued no. 29 audit procedures bulletin "independent auditors evaluate the scope of internal control", according to the requirements of the audit responsibility, internal control can be divided into two aspects, namely, the internal accounting control and internal management control. The former is mainly related to the first two of the internal control goal, the latter mainly relates to the internal control after two goals. This is the origin of the internal control system of "dichotomy". Because the concept of management control is vague and fuzzy, in the actual business line between internal control and internal accounting control is difficult to draw. In order to clear the relations between the two, in 1972 the American institute of certified public accountants in the auditing standards announcement no. 1, this paper expounds the internal management control and internal accounting control: the definition of "internal management control including, but not limited to organization plan, and the administrative department of the authorized approval of economic business decision-making steps on the relevant procedures and records. This authorization of items approved activities is the responsibility of management, it is directly related to the management department to perform the organization's business objectives, is the starting point of the economic business accounting control." At the same time, the important content of internal accounting control degree and protect assets, to ensure that the financial records credibility related institutions plans, procedures and records. After a series of changes and redefine the meaning of the internal control is more clear than before and the specification, increasingly broad scope, and introduces the concept of internal audit, has received recognition around the world and references, the internal control system is made.The internal control structure stage: development of the internal controlTheory of internal control structure formed in the 90 s to the 1980 s, this phase of western accounting audit of internal control research focus gradually from the general meaning to specific content to deepen. During this period, the system management theory has become the new management idea, it says: no physical objects in the world are composed of elements of3西安交通大学城市学院本科毕业设计（论文）system, due to the factors, there exists a complicated nonlinear relationship between system must have elements do not have new features, therefore, should be based on the whole the relationship between elements. System management theory will enterprise as a organic system composed of subsystems on management, pay attention to the coordination between the subsystems and the interaction with the environment. In the modern company system and system management theory, under the concept of early already cannot satisfy the need of internal control systems. In 1988, the American institute of certified public accountants issued "auditing standards announcement no. 55", in the announcement, for the first time with the word "internal control structure" to replace the original "internal control", and points out that: "the enterprise's internal control structure including provide for specific target reasonable assurance of the company set up all kinds of policies and procedures". The announcement that the internal control structure consists of control environment, accounting system (accounting system), the control program "three components, the internal control as a organic whole composed of these three elements, raised to the attention of the internal control environment.The control environment, reflecting the board of directors, managers, owners, and other personnel to control the attitude and behavior. Specific include: management philosophy and operating style, organizational structure, the function of the board of directors and the audit committee, personnel policies and procedures, the way to determine the authority and responsibility, managers control method used in the monitoring and inspection work, including business planning, budgeting, forecasting, profit plans, responsibility accounting and internal audit, etc.Accounting systems, regulations of various economic business confirmation, the collection, classification, analysis, registration and preparing method. An effective accounting system includes the following content: identification and registration of all legitimate economic business; Classifying the various economic business appropriate, as the basis of preparation of statements; Measuring the value of economic business to make its currency's value can be recorded in the financial statements; Determine the economic business events, to ensure that it recorded in the proper accounting period; Describe properly in the financial statements of4外文文献原文及译文economic business and related content.The control program, refers to the management policies and procedures, to ensure to achieve certain purpose. It includes economic business and activity approval; Clear division of the responsibility of each employee; Adequate vouchers and bills setting and records; The contact of assets and records control; The business of independent audit, etc. Internal structure of control system management theory as the main control thought, attaches great importance to the environmental factors as an important part of internal control, the control environment, accounting system and control program three elements into the category of internal control; No longer distinguish between accounting control and management control, and uniform in elements describe the internal control, think the two are inseparable and contact each other.Overall internal control framework stages: stage of internal controlAfter entering the 1990 s, the study of internal control into a new stage. With the improvement of the corporate governance institutions, the development of electronic information technology, in order to adapt to the new economic and organizational form, using the new management thinking, "internal control structure" for the development of "internal control to control the overall framework". In 1992, the famous research institutions internal control "by organization committee" (COSO) issued a landmark project - "internal control - the whole framework", also known as the COSO report, made the unification of the internal control system framework. In 1994, the report on the supplement, the international community and various professional bodies widely acknowledged, has wide applicability. The COSO report is a historical breakthrough in the research of internal control theory, it will first put forward the concept of internal control system of the internal control by the original planar structure for the development of space frame model, represents the highest level of the studies on the internal control in the world.The COSO report defines internal control as: "designed by enterprise management, to achieve the effect and efficiency of the business, reliable financial reporting and legal compliance goals to provide reasonable assurance, by the board of directors, managers and other staff to5西安交通大学城市学院本科毕业设计（论文）implement a process." By defining it can be seen that the COSO report that internal control is a process, will be affected by different personnel; At the same time, the internal control is a in order to achieve business objectives the group provides reasonable guarantee the design and implementation of the program. The COSO report put forward three goals and the five elements of internal control. The three major target is a target business objectives, information and compliance. Among them, the management goal is to ensure business efficiency and effectiveness of the internal control; Information goal is refers to the internal control to ensure the reliability of the enterprise financial report; Compliance goal refers to the internal controls should abide by corresponding laws and regulations and the rules and regulations of the enterprise.COSO report that internal control consists of five elements contact each other and form an integral system, which is composed of five elements: control environment, risk assessment, control activities, information and communication, monitoring and review.Control Environment: It refers to the control staff to fulfill its obligation to carry out business activities in which the atmosphere. Including staff of honesty and ethics, staff competence, board of directors or audit committee, management philosophy and management style, organizational structure, rights and responsibilities granted to the way human resources policies and implementation.Risk assessment: It refers to the management to identify and take appropriate action to manage operations, financial reporting, internal or external risks affecting compliance objectives, including risk identification and risk analysis. Risk identification including external factors (such as technological development, competition, changes in the economy) and internal factors (such as the quality of the staff, the company nature of activities, information systems handling characteristics) to be checked. Risk analysis involves a significant degree of risk estimates to assess the likelihood of the risk occurring, consider how to manage risk.Control activities: it refers to companies to develop and implement policies and procedures, and 6外文文献原文及译文to take the necessary measures against the risks identified in order to ensure the unit's objectives are achieved. In practice, control activities in various forms, usually following categories: performance evaluation, information processing, physical controls, segregation of duties.Information and communication: it refers to enable staff to perform their duties, to provide staff with the exchange and dissemination of information as well as information required in the implementation, management and control operations process, companies must identify, capture, exchange of external and internal information. External information, including market share, regulatory requirements and customer complaints and other information. The method of internal information including accounting system that records created by the regulatory authorities and reporting of business and economic matters, maintenance of assets, liabilities and owners' equity and recorded. Communication is so that employees understand their responsibilities to maintain control over financial reporting. There are ways to communicate policy manuals, financial reporting manuals, reference books, as well as examples such as verbal communication or management.Monitoring: It refers to the evaluation of internal controls operation of the quality of the process, namely the reform of internal control, operation and improvement activities evaluated. Including internal and external audits, external exchanges.Five elements of internal control system is actually wide-ranging, interrelated influence each other. Control environment is the basis for the implementation of other control elements; control activities must be based on the risks faced by companies may have a detailed understanding and assessment basis; while risk assessment and control activities within the enterprise must use effective communication of information; Finally, effective monitoring the implementation of internal control is a means to protect the quality. Three goals and five elements for the formation and development of the internal control system theory laid the foundation, which fully reflects the guiding ideology of the modern enterprise management idea that security is the result of systems management. COSO report emphasizes the integration framework and internal control system composed of five elements, the framework for the7西安交通大学城市学院本科毕业设计（论文）establishment of an internal control system, operation and maintenance of the foundation.In summary,because of social, economic and environmental change management, internal control functions along with the changes, in order to guide the evolution of the internal control theory. As can be seen from the history of the development of internal control theory, often derived from the internal control organizational change management requirements, from an agricultural economy to an industrial economy, innovation management methods and tools for the development of the power to bring internal controls.From the internal containment center,controlled by the internal organization of the mutual relations between the internal control of various subsystems and went to COSO as the representative to the prevention and management loopholes to prevent the goal, through the organization of control and information systems,to achieve the overall system optimization of modern internal sense of control theory, from Admiral time, corresponding to the two economic revolution.Therefore, in the analysis of foreign internal control theory and Its Evolution, requires a combination of prevailing socio-economic environment and business organization and management requirements, so as to understand the nature of a deeper internal control theory of development.8外文文献原文及译文译文：内部控制Ge.McVay一、内部控制理论的产生与发展演进内部控制在西方国家已经有比较长的发展历史，根据内部控制在不同发展阶段的特征，可以将内部控制的发展分为四个阶段，即内部牵制阶段、内部控制制度阶段、内部控制结构阶段、内部控制整体框架阶段。

LNTU---Acc附录A关于内部控制的意见 如果要证明功能扩展到包含内部控制的有效性，那么报告准则则必须制定，若干基本问题必须被解决。

随着日益频繁增长，审计员听取了他们应该发表的一个效力于客户的内部控制制度建议的意见。

这一证明功能扩展的主张者迅速指出，目前已经有了实例如独立审计师的报告公开他们的客户的内部控制制度和一些政府机构的成效，包括一些空置中的美国证券和交易委员会，都需要一个报告。

这些证实类型的反对者公布了任何关于内部控制的有效性，他们认为，目前有显着性差异监管机构的报告要求和提出意见的内部控制将会误导公众。

本文综述了目前报告的做法，考虑到理想状态相关的危害的特点，并最后提出了一些在任何给与最后判决之前必要的予以回答的问题。

现状报告 虽然审计员的报告中的一些情况提及了内部控制的性质，但作出的本质陈述还有很大不同的效应。

大型银行。

关于对内部控制的观点事实上出现在一些大型银行和看法发行的年度报告中。

有时这些意见是被董事会要求的。

例如，下面的主张出现在1969年年度报告的一个大型纽约银行中，作为第3款的独立会计师的标准短形式的报告： 我们的审核工作包括评价有效性，大块的内部会计控制，其中还包括内部审计。

我们认为，在于程序的影响下，再加上银行内部审计工作人员所进行的审核，这些构成一个有效的系统的内部会计控制。

意见被提供给几个其他银行，但它们基本上引用的意见是一样的。

美国证券交易委员会的规定。

美国证券交易委员会表格X-17A-5，要求独立审计师作出某些有关的内部控制陈述，并必须在每年的大多数成员国家与每一个证券经纪或注册的交易商根据1934年证券交易法第15条进行交流时。

此外，美国证券交易委员会的第17a-5(g)规定要求独立的核数师的报告要包含“一份如，是否会计师审查了程序，要安全措施保障客户的证券的声明中”此外，许多股票交易所要求该报告要表明审查已取得的“会计制度，内部会计控制和程序，是为维护证券，包括适当的测试它们对以后的期间，检验日期前”，很显然，美国证券交易委员会的工作人员更倾向于考虑，会计师包括了语言相似，所要求的所有报告的交流提交给证券交易委员会。

基于应急理论基础下的内部控制因素及其后果的形成Determinants and consequences of internal controlin firms: a contingency theory based analysis作者：Annukka Jokip i起始页码：1-12出版日期（期刊号）：March 2009,Vol. 1, No. 3(Serial No. 10)出版单位：Springer Science and Business Media, LLC. 2009外文翻译译文：摘要：为了保证企业需求内部控制活动的有效性和信息的可靠性以及遵守法律的适用性，每个组织要选择最适合的控制系统。

因此，就必须考虑到意外事故的风险是否切合权变理论。

本文研究的是检视这些风险特点的选择是否适应他们公司内部控制结构和它是否会导致一些更加优惠的有效性的评估控制管理。

虽然内部控制的组成部分已进行单独控制，本文尝试阐明内部控制的关键点并将其放到更加广阔的背景中。

结果证明，基于对741家芬兰公司的调查研究，表明公司用内部控制结构来应对环境的不确定性，并观测控制的有效性的战略对其内部控制结构有着显著的效果。

关键词：内部控制、成效、权变理论、结构方块建模1.绪论人们普遍认为，一个内部控制系统可以帮助企业降低风险，并且使财务报表的可靠性得以保证。

因此，越来越多的企业在他们具体的操作环境下更多的关注自己的内部控制。

在巨大的管理压力下，如何提高内部控制的有效性以及董事会和股东之间的沟通效果，是目前企业亟待解决的重要问题。

由于内部控制可能会影响长期的报告，因此审计人员、供应商、客户都对内部控制关注相当。

Kinney在2000年指出，尽管内部控制对公司影响很大，但在组织环境中内部控制结构却无法实现。

虽然关于内部控制的文献在国际研究上已取得进展，但迄今为止，内部控制的研究数量有限。

在2004年Selte and Widener出版的专业文章中提出，在管理控制中研究较少的内部控制有着很强的实用性。

内部控制【外文翻译】外文文献翻译译文一、外文原文原文：Internal controlIntroductionThe system of internal control over financial reporting in Japan under the Financial Instruments and Exchange Act (FIEA) was implemented as of the fiscal year starting on April 1 2008.Under this system, executive officers of listed companies are obligated to evaluate their company's internal control over financial reporting and to file the results of such evaluation in the form of an internal audit report with the Financial Services Agency (FSA). In this report, executive officers should state material weakness if they judge any material weakness exists in the company's internal control over financial reporting. The report should also be audited by outside accounting auditors before being filed with the FSA. Since most Japanese companies have a fiscal year that ends in March, June 2009 will be the first time most companies file such a report.When the internal control system was introduced, it made reference to the Sarbanes-Oxley Act of the US. Under the Japanese system, clear standards were set regarding the set-up of internal controls over financial reporting in an effort to prevent the creation of excessive documentation and to control costs, two issues which had occurred in the US. However, even with such standards, some uncertainty exists. In particular, uncertainty arises regarding the connection between this system under the FIEA and the rules of the Companies Act.Failure to submit the internal audit report or submission of false statements can lead to liabilities and criminal penalties under the Financial Instruments and Exchange Act (FIEA). However, if there is a material weakness in the company's internal controls over financial reporting and executive officers disclose such material weakness in theinternal audit report, no sanctions will be imposed under the Financial Instruments and Exchange Act, nor will it directly lead to the director's liabilities under the Companies Act. Rather, disclosure of such material weakness is thought to be desirable, because by disclosing such material weakness, a company can improve the quality of its internal control over financial reporting, which will enable the company to submit more accurate financial reports in the future.Internal control is a process-effected by an entity's board of directors, management, and other personnel--designed to provide reasonable assurance regarding the achievement of objectives in the following categories: reliability of financial reporting, effectiveness and efficiency of operations, and compliance with applicable laws and regulations. Internal control consists of the following five interrelated components.1、Control environment sets the tone of an organization, influencing the control consciousness of its people. It is the foundation for all other components of internal control, providing discipline and structure.2、Risk assessment is the entity's identification and analysis of relevant risks to achievement of its objectives, forming a basis for determining how the risks should be managed.3、Control activities are the policies and procedures that help ensure that management directives are carried out.4、Information and communication are the identification, capture, and exchange of information in a form and time frame that enable people to carry out their responsibilities.5、Monitoring is a process that assesses the quality of internal control performance over time.The interlaced audit issue is as follows: under the internal control system of the Companies Act, company auditors must audit the method and the results of the accounting audit conducted by outside accounting auditors. On the other hand, the internal control system of the FIEA requires the outside accounting auditors to auditthe company auditors' monitoring of internal financial controls. Therefore, company auditors that audit outside accounting auditors under the Companies Act are audited by the same outside accounting auditors under the FIEA. This interlaced audit however is expected to make each audit more effective because the company auditor and the outside accounting auditor will each monitor the audit of the other.The time lag issue is expected to arise due to the timing of the submissions of the various audit reports required under the FIEA and the Companies Act. Company auditors will need to prepare and submit audit reports regarding the execution of duties by directors for the fiscal year as required by the Companies Act. However, it is expected that these audit reports will be submitted before the internal audit report required under the FIEA is submitted and audited by the outside accounting auditors. Thus, if the internal audit report points out a material weakness that was not referred to in the audit reports prepared by the company auditor, the company auditor will be placed in a difficult position and will need to decide whether to amend andmake changes to the audit reports as such audit reports should also disclose such weaknesses. However, if the directors, the company auditors, and the accounting auditors are cooperating properly, this issue would not arise.It is expected that the system of internal control over financial reporting will prompt companies to build better control systems through cooperation between the directors, company auditors and outside accounting auditors.Connection between the two internal control systemsOn the internal financial controls and internal accounting control the similarities and differences.A difference between monitoring and control objectives.Reason for the difference between the two, simply because of financial supervision and control of the target company's material flow and cash flow, and accounting internal control object is the information flow. Understanding of Marx's words, “the production and the production of bookkeeping records are two different things after all, just to ship the same loading and shipping order are two differentthings.” Corporate material production process is based on the currency as the leading material movement, production and operation of the currency as the beginning and the end result, is achieving its goal of expanding the value of value. And accounting control is passed that have occurred in the material flow, capital flow formed by the flow of information to be the recognition, measurement, reporting. The former to productivity gains, the latter objective, the real target. However, operation of the accounting value of enterprise assets, after all, subordinate to the overall objective, we should also ask for the overall objective of internal control should also be an asset value of its end. Whyis this request? This is because the production activities of financial decisions and accounting need to subordinate corporate financial activities, accounting control objectives are to be subject to financial control target.Internal accounting control system is now setting goals, still remain in traditional accounting supervision and legal, reasonable levels, while ignoring the principles of economic efficiency, not subordinated to the overall goal of corporate finance. We know that even if the security integrity of corporate assets and personnel compliance. However, poor economic efficiency of enterprises can not continue to exist, then such an accounting internal control system, despite the integrity of the specification how beneficial for them? Accounting supervision, internal accounting controls, is the business management of the important part, if not for the continued survival and development of enterprises play a useful role, it is indeed sad . Although the internal financial control and internal accounting control objectives differ, but the overall goal should always be consistent. Accounting control objectives should always be subject to financial supervision and corporate goals. Accounting internal controls for business expenses from their own legitimacy and rationality to make judgments, give expenditure or expenditure not to start. This is the person in charge of the accounting organization's powers. The specific operation is completed by the cashier. Economic business is completed, signed by the person in charge, after verification of the accounting charge, the decision to grant or not to grant reimbursement claims. Practices through review of the original certificate and found areas of doubt or vulnerability. In acheck, be controlled when reimbursement. Another majoraccounting internal control task is to ensure that the accounting information provided by an objective, true, complete and timely.Financial internal control is based on the financial accounts of enterprises as the main target of supervision, to consider the legality of the decision-making costs, reasonable, and consistent with the principles of economic interests. The right balance of enterprises in the enterprise legal person units, in determining the expenditure, the accounting bodies and accounting personnel to provide business only the amount of funds available for expenditure obligations, and no decision-making rights. Usually the meeting was the participation by the general accountant, accounting bodies and accounting personnel did not participate in conference events. Therefore, the financial supervision to monitor the main orientation is very necessary. Financial supervision should be in advance of supervision as well, so that you can not burn in prevention. Matter of course, need supervision in order to promptly correct the error.From a doctrinal perspective the Catholic Church is highly centralized under the authority of the pope and his bishops. However, from an administrative perspective the church is quite decentralized with each diocese and each parish within the diocese having a fair amount of autonomy. Dioceses have virtually no external or regulatory oversight of their financial statements. Unlike corporations which provide quarterly financial statements to the SEC and hold quarterly conference calls with outside analysts, the church is subject to almost no recurring outside financial scrutiny. Many dioceses voluntarily post their audited annual financial statements on their website at the conclusion of the year-end audit. Additionally, many dioceses provide parishioners with an annual financial and administrativenewsletter which provides a highly summarized view of the cash flows for the year and the results of social and spiritual programs offered by the diocese. But many other dioceses do neither. Since they are not required by law to be transparent and accountable in their finances, they choose to keep their finances private.Corporate Financial Controls。

外文翻译原文Internal Control SystemsMaterial Source:Encyclopedia of Business Author:Audrey Gramling Internal control can be described as any action taken by an organization to help enhance the likelihood that the objectives of the organization will be achieved. The definition of internal control has evolved as different internal control models have been developed. This article will describe these models, present the definitions of internal control they provide, and indicate the components of internal control. Various parties responsible for and affected by internal control will also be discussed.THE COSO MODELIn the United States many organizations have adopted the internal control concepts presented in the report of the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Published in 1992, the COSO report defines internal control as:a process, effected by an entity's board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories:1.effectiveness and efficiency of operations2.reliability of financial reportingpliance with applicable laws and regulationsCOSO describes internal control as consisting of five essential components, include:1.The control environment2.Risk assessment3.Control activitiesrmation and communication5.MonitoringAs the base of the pyramid, the control environment is arguably the most important component because it sets the tone for the organization. Factors of thecontrol environment include employees' integrity, the organization's commitment to competence, management's philosophy and operating style, and the attention and direction of the board of directors and its audit committee.Risk assessment refers to the identification, analysis, and management of uncertainty facing the organization. Risk assessment focuses on the uncertainties in meeting the organization's financial and operational objectives. Changes in personnel, new product lines, or rapid expansion could affect an organization's risks.Control activities include the policies and procedures maintained by an organization to address risk-prone areas. An example of a control activity is a policy requiring approval by the board of directors for all purchases exceeding a predetermined amount. Control activities were once thought to be the most important element of internal control, but COSO suggests that the control environment is more critical since the control environment fosters the best actions, while control activities provide safeguards to prevent wrong actions from occurring.Information and communication encompasses the identification, capture, and exchange of financial, operational, and compliance information in a timely manner. People within an organization who have timely, reliable information are better able to conduct, manage, and control the organization's operations.Monitoring refers to the assessment of the quality of internal control. Monitoring activities provide information about potential and actual breakdowns in a control system that could make it difficult for an organization to accomplish its goals. Informal monitoring activities might include management's checking with subordinates to see if objectives are being met. A more formal monitoring activity would be an assessment of the internal control system by the organization's internal auditors.OTHER CONTROL MODELSSome users of the COSO report have found it difficult to read and understand.A model that some believe overcomes this difficulty is found in a report from the Canadian Institute of Chartered Accountants, which was issued in 1995. The report presents a control model referred to as Criteria of Control (CoCo). The CoCo model, which builds on COSO, is thought to be more concrete and user-friendly. CoCo describes internal control as actions that foster the best result for an organization. These actions, which contribute to the achievement of the organization's objectives, center around:1.Effectiveness and efficiency of operations2.Reliability of internal and external reportingpliance with applicable laws and regulations and internal policiesCoCo indicates that control comprises:those elements of an organization (including its resources, systems, processes, culture, structure and tasks) that, taken together, support people in the achievement of the organization's objectives.CoCo model recognizes four interrelated elements of internal control, including purpose, capability, commitment, and monitoring and learning. An organization that performs a task is guided by an understanding of the purpose of the task and supported by capability (information, resources, supplies, and skills). To perform the task well over time, the organization needs a sense of commitment. Finally, the organization must monitor task performance to improve the task process. These elements of control, which include twenty specific control criteria, are seen as the steps an organization takes to foster the right action.In addition to the COSO and CoCo models, two other reports provide internal control models. One is the Institute of Internal Auditors Research Foundation's Systems Auditability and Control (SAC), which was issued in 1991 and revised in 1994. The other is the Information Systems Audit and Control Foundation's COBIT (Control Objectives for Information and Related Technology), which was issued in 1996.The Institute of Internal Auditors issued SAC to provide guidance to internal auditors on internal controls related to information systems and information technology (IT). The definition of internal control included in SAC is:a set of processes, functions, activities, sub-systems, and people who are grouped together or consciously segregated to ensure the effective achievement of objective and goals.COBIT focuses primarily on efficiently and effectively monitoring information systems. The report emphasizes the role and impact of IT control as it relates to business processes. This control model can be used by management to develop clear policy and good practice for control of IT. The following COBIT definition of internal control was adapted from COSO:The policies, procedures, practices, and organizational structures are designed to provide reasonable assurance that business objectives will be achieved and that undesired events will be prevented or detected and corrected.While the specific definition of internal control differs across the various models, a number of concepts are very similar across these models. In particular, themodels emphasize that internal control is not only policies and procedures to help an organization accomplish its objectives but also a system affected by people. In these models, people are perceived to be central to adequate internal control.These models also stress the concept of reasonable assurance as it relates to internal control. Internal control systems cannot guarantee that an organization will meet its objectives. Instead, internal control can only be expected to provide reason -able assurance that a company's objectives will be met. The effectiveness of internal controls depends on the competency and dependability of the organization's people. Limitations of internal control include faulty human judgment, misunder -standing of instructions, errors, management override of controls, and collusion. Further, because of cost-benefit considerations, not all possible controls will be implemented. Because of these inherent limitations, internal controls cannot guarantee that an organization will meet its objectives.PARTIES RESPONSIBLE FOR AND AFFECTED BY INTERNAL CONTROLWhile all of an organization's people are an integral part of internal control, certain parties merit special mention. These include management, the board of directors (including the audit committee), internal auditors, and external auditors.The primary responsibility for the development and maintenance of internal control rests with an organization's management. With increased significance placed on the control environment, the focus of internal control has changed from policies and procedures to an overriding philosophy and operating style within the organization. Emphasis on these intangible aspects highlights the importance of top management's involvement in the internal control system. If internal control is not a priority for management, then it will not be one for people within the organization either.As an indication of management's responsibility, top management at a publicly owned organization will include in the organization's annual financial report to the shareholders a statement indicating that management has established a system of internal control that management believes is effective. The statement may also provide specific details about the organization's internal control system.Internal control must be evaluated in order to provide management with some assurance regarding its effectiveness. Internal control evaluation involves everything management does to control the organization in the effort to achieve its objectives. Internal control would be judged as effective if its components are present andfunction effectively for operations, financial reporting. The board of directors and its audit committee have responsibility for making sure the internal control system within the organization is adequate. This responsibility includes determining the extent to which internal controls are evaluated. Two parties involved in the evaluation of internal control are the organization's internal auditors and their external auditors.Internal auditors' responsibilities typically include ensuring the adequacy of the system of internal control, the reliability of data, and the efficient use of the organization's resources. Internal auditors identify control problems and develop solutions for improving and strengthening internal controls. Internal auditors are concerned with the entire range of an organization's internal controls, including operational, financial, and compliance controls.Internal control will also be evaluated by the external auditors. External auditors assess the effectiveness of internal control within an organization to plan the financial statement audit. In contrast to internal auditors, external auditors focus primarily on controls that affect financial reporting. External auditors have a responsibility to report internal control weaknesses to the audit committee of the board of directors.译文内部控制制度资料来源：商业百科全书作者：奥德丽·格拉姆内部控制被认为是任何能够提高组织目标完成效率的措施。

外文翻译--企业内部组织的决定因素和后果组织决策对企业的发展和运营至关重要。

本文旨在研究企业内部决策的因素和后果。

容易排除一些因素良好的组织决策，从而导致不利后果。

为了取得成功并实现可持续发展，企业应考虑以下几个重要因素：决策因素1. 内部资源企业内部资源是决策的重要因素之一。

这包括人力资源、财务资金、技术、设备设施等。

组织需要评估自身的资源状况，并根据资源的可用性和充足度做出决策。

资源的不足可能导致决策实施困难，影响企业运营和目标的达成。

2. 环境变化企业周围的外部环境变化对决策的影响也是不可忽视的。

市场需求、竞争态势、法规政策等外部因素的变化都可能影响企业内部的组织决策。

明确环境变化并及时做出相应调整的企业更有可能取得成功。

3. 组织文化和价值观组织文化和价值观对决策能力和效果有着重要的影响。

企业的文化决定了员工的态度、行为和决策方式。

有积极、开放的文化和价值观的企业更容易做出正确决策，并获得良好结果。

4. 利益相关方决策过程中的利益相关方也是重要的决策因素之一。

主要利益相关方包括股东、员工、客户和合作伙伴等。

企业决策需要充分考虑到各利益相关方的需求和期望，以实现共赢和稳定发展。

决策后果1. 绩效表现企业决策的结果反映了企业的绩效表现。

良好的决策通常会带来积极的后果，包括增加收入、提高生产效率、扩大市场份额等。

相反，错误的决策可能导致业绩下滑、资源浪费等不利后果。

2. 员工满意度组织决策的后果也会影响员工的满意度和参与度。

正确的决策可以增强员工的信任和参与感，提高工作动力和满意度。

相反，错误的决策可能引起困惑、不满和不稳定情绪。

3. 外部声誉企业的决策行为也会对外部声誉产生影响。

明智的决策能够建立企业的良好声誉，提升品牌形象和市场认可度。

相反，不当的决策可能导致声誉受损并影响企业形象。

总结企业内部的组织决策需要充分考虑内外部因素的影响。

资源、环境、文化、利益相关方等因素对决策的效果起到重要的作用。

外文文献及翻译THE CONCEPT OF INTERNALCONTROLSYSTEM: THEORETICALASPECTVaclovas Lakis, Lukas Giriūnas*Vilnius University, LithuaniaIntroductionOne of the basic instruments of enterprise control, whose implementation in modern economic conditions provide conditions for achieving a competitive advantage over other enterprises is the creation of an effective internal control system. In the industry sector, the market is constantly changing, and this requires changing the attitude to internal control from treating it only in the financial aspect to the management of the control process. Internal control as such becomes an instrument and means of risk control, which helps the enterprise to achieve its goals and to perform its tasks. Only an effective internal control in the enterprise is able to help objectively assessing the potential development and tendencies of enterprise performance and thus to detect and eliminate the threats and risks in due time as well as to maintain a particular fixed level of risk and to provide for its reasonablesecurity .The increasing variety of concepts of internal control systems requires their detailed analysis. A detailed analysis of the conceptions might help find the main reasons for their increasing number. It may also help to elaborate a structural scheme of the generalized concept of internal control. Consequently, it may help decrease the number of mistakes and frauds in enterprises and to offer the precautionary means that might help to avoid mistakes and build an effective internal control system.The purpose of the study: to compile the definition of the concept of internal control system and to elaborate the structural scheme of the generalized conception for Lithuanian industrial enterprises.The object of the research: internal control.To achieve the aim, the following tasks were carried out:to examine the definitions of internal control;to design a flowchart for the existing definitions of internal control;to formulate a new internal control system definition;? to identify the place of the internal control system in a company’s objectives and ? its management activities.Study methods: for the analysis of the conceptions of control, internal control, theconcept of internal control system, systematic and comparative means of scietific methods of analysis were used.1. Research of control conceptionAccording to J. Walsh, J. Seward (1990), H. K. Chung, H. Lee Chong, H. K.Jung (1997), control may be divided into two types – internal and external controls those might help to equalize authority or concerned party‘s attitudes to some certain organization control. Internal control involves the supreme enterprise control apparatus and enterprise shareholders, whereas external control might be defined as the power in the market or branch, competitive environment or state business regulation. Such analytical division is essential when analysing industrial or other enterprises, because this attitude to control makes it more specific and properly defined.The identification of an appropriate primary theoretical base is an important task in forming the structure of knowledge about the study subject. Appropriately selected conceptions enable to elucidate the essence of the processes, to characterize them and to realize their interplays and interaction principles. Conceptions may be defined as a summation of empirical cognition which transforms practically achieved results into conceptions. The above ideas might be taken as abstractions and lead to an ungrounded conclusion, and through conceptions the reality might be lost. Operating with more than one conceptions allows to form a universal opinion about the reality. Noteworthy, when operating with conceptions an optimal agreement might be found between theory and practice: using the common point of contact –conceptions –a theorist and a practician will always find the way and understand one another.The main problem of internal control is related to the definition of control conception and the identification of the place of internal control in an organization. Constant changes of the extent, functions and roles of internal control enable to form acommon definition of internal control and to identify its place in an organization.Analysis of the concept of internal control and its interpretation are essential for assessing the internal control system, because the conception of control is widely used not only in scientific research, but also in the daily activities of an enterprise; therefore the same conception might have a lot of various meanings and interpretations. Analysis of the concept provides conditions for the further research, because it is impossible to form a model of internal control assessment if the research object is unknown. A lot of definitions and variations of control can be found in thepublications by Lithuanian and foreign scientists and in public information sources. For example, in the Dictionary of International Words (2002), control is defined as: supervision, inspection of something; comparison of actual and required ? conditions; an enterprise or a group of people that control the work and responsibility of other ? enterprises or groups of people;maintenance of something.?In addition to the above seven internal control, and documentation control. Performance control and worker quality control, etc. The new system of accounting supervision system on the unit interior, the main contents of the internal control system.On the other hand, in the specialized Dictionary of Economic Terms (2005), control is defined as a performance with a definite influence on the management of an enterprise, as rights based on laws and contracts that involve proprietary rights to the whole property or its part, or any other rights that enable to exert a significant influence on the management and performance of an enterprise, or state supervision. Even in common information sources the definitions of control are formulated differently, although the common meaning is quite similar. Analysis and practical studies of Lithuanian scientists’ works enable to state that there is no one solid concept, definition or description of control. For example, E. Bu?kevi?iūt? (2008) says that when control is more particularly defined, its rules and requirements are described in more detail, it becomes more effective, more specific, more psychologically suggestive, it gives more freedom limits of choice for supervisors and less possibilities of lawlessness for people under control when. Identifying the object of the research, it should be noted that different definitions of control are given in scientific studies by Sakalas, 2000; Navickas, 2011; Katkus, 1997; Bu?kevi?iūt?, 2008; Drury, 2012; Bi?iulaitis, 2001; Lee Summers, 1991; Patrick, Fardo, 2009; Spencer, Pickett, 2010; Gupta, 2010 and other Lithuanian and foreign scientists (see Fig. 1).The different conceptions and their interpretations indicate that there is no solid opinion about how to define control, and even scientists and practicians themselves do not agree upon a unified definition or description of control or the conception of internal control and its interpretations. In scientific literature, different interpretations of control conceptions are usually related to different aspects of this conception, and their meaning in different situations may be defined in different ways depending on the situation and other external factors. According to A. Katkus (1997), C. Drury (2009), R. Bi?iulaitis (2001), D. R. Patrick, S. W. Fardo (2009), K. H. S. Pickett (2010), during a long-term period control is usually related to achieving the alreadysettled goals, their improvement and insurance. In other information sources (Dictionary of International Words, 2002; Sakalas, 2000; Bukeviiūt, 2008; Lee Summers, 1991) control is emphasized as a certain means of inspection which provides a possibility to regulate the planned and actual states and their performance. Despite these different opinions, control might be reasoned and revealed as a traditional function of any object of control, emphasized as one of the main self-defence means from the possible threats in the daily performance of an organization. There is also a more modern approach. For example, V. Navickas (2011) and P. Gupta (2010), presenting the concept of control, name it not only as one of the main factors that influence the organization’s performance and influences its management, but also as one of the assessment means of the taken decisions and achieved values. Such interpretation of the conception of control shows the main role of control. For example, R. Kanapickien? (2008) has analysed a big number of control definitions and says that only an effective and useful control should exist in an enterprise because each enterprise tries to implement its purposes and avoid the possible losses, i.e. mistakes and frauds. According to J.A. Pfister (2009), there are several types of control, and they can be grouped into strategic, management, and internal control. Thus, different researchers give different definitions of control, their descriptions have different goals, but different control definitions lead to numerous variations in the analysis of the conception of control. Thus, to create an effective control, the presence of its unified concept becomes a necessity and the basis for ensuring an effective control of the organization’s performance. The existence of different conceptions of control also indicates that there might be different types or kinds of control.2. The conception of internal controlHistorical development of internal control as individual enterprise system is not as broad as other management spheres in science directions. The definition of internal control was presented for the first time in 1949 by the American Institute of Certificated Accountants (AICPA). It defined internal control as a plan and other coordinated means and ways by the enterprise to keep safe its assets, check the covertness and reliability of data, to increase its effectiveness and to ensure the settled management politics. However, the presented definition of control concept has been constantly improved, and nowadays there is quite an extensive set of conceptions that indicates the system of internal control as one of the means of leadership to ensure safety of enterprise assets and its regular development. In 1992, the COSOmodelappeared; its analysis distinguished the concepts of risk and internal control. Nnow, the concept of internal control involved not only accounting mistakes and implementing means of their prevention, but also a modern attitude that might identify the spheres of control management and processes, and also a motivated development of their detailed analysis. The Worldwide known collapses of such companies as Enron, Worldcom, Ahold, Parmalat and others determined to issue in 2002 the Law of Sarbanes–Oxley in the USA, in which attention is focused on the effectiveness of the enterprise internal control system and its assessment. Such a significant law as that of Sarbanes–Oxley has dearly show that not only the internal control system must be concretized and clearly defined, but also the means of implementing the internal control system and assessing their effectiveness must be covered. The concept of internal control was further improved by such Lithuanian and foreign scientists as A.Сонин(2000), D. Robertson (1993), M.R. Simmons (1995), I. Toliatien? (2002), V. Lakis (2007), R. Biiulaitis (2001), J. Mackeviius (2001) and the international scientific organizations COSO, INTOSAI, CICA, IT Governance Institute.A comparative analysis of the introduced concepts of internal control shows that the usage of the concept of internal control is quite broad as it is supposed to involve the performance not only of the state, but also of the private sector. Although the conception of internal control is defined in different ways emphasizing its different aspects, the essential term still remains the same in all authors’ definitions: internal control is the inspection, observation, maintenance and regulation of the enterprise’s work (see Fig. 3.).It should be also be mentioned that the system of internal control may be defined in different ways every time. For example, R. T. Yeh and S. H. Yeh (2007) pay attention to the fact that usually such values as honesty, trust, respect, openness, skills, courage, economy, initiative, etc. are not pointed out, although they definitely can influence not only the understanding of the concept of internal control, but also its definition, because in different periods of time and in different situations it can obtain slightly different shades of meaning. Control and people, and values produced by people or their performance are tightly connected; consequently, internal control must be also oriented to the enterprise’s values, mission and vision; it does not matter how differently authors define the conception assessment limits: significant attention must be paid not to internal control itself, but to the identification of its functions andevaluation. Mostly internal control is concerned with authority management tools that help to control processes and achieve enterprise goals (COSO, 1992; Сонин, 2000; INTOSAI, 2004; CobiT, 2007; Toliatien?, 2002; Coco, 1995).C.J. Buck, J.B. Breuker (2008) declare internal control as a mistake detecting and correctingsystem; although J. Mackevi?ius (2001) and R. Bi?iulaitis (2001a) state that internal control is defined as a summation of certain rules, norms and means, actually such definitions are identical, but internal control must be related to safety, the rational use of property and the reliability of financial accounting.Results of a comprehensive analysis of internal control enable to state that, although different authors give different definitions of internal control, there are still some general purposes of the system of internal control, aimed, to ensure reliable and comprehensive information, to protect the property and documents, to enssure an effective economic performance, observation of accounting principles and presentation of reliable financial records, obeying laws and executive acts, enterprise rules and the effective control of risk. Analysis of concept of internal control, presented in both foreign and Lithuanian literature enables to formulate its generalized definition: the system of internal control is part of enterprise management system, which ensures the implementation of its goals, effective economic and commercial performance, observance of accounting principles and an effective control of risks, which enables to minimize the number of intentional and unintentional mistakes and to avoid frauds in the process of enterprise performance, made by its authority or employees.The internal control is an important symbol of modern enterprise management, through the practice of the conclusion is: to control is strong, weak, without control is controlled, disorderly. The new regulations "accounting law 27 units shall establish and perfect the system of supervision unit interior accountant. Unit interior accountant controls on the execution, the internal control is.The internal control is the formation of a series of measures to control functions, procedures, methods, and standardized and systematized, make it become a rigorous, relatively complete system. According to the control of the internal control can be divided into different purpose accounting control and management control. Accounting control and protection of assets is safe, the accounting information authenticity and integrity and financial activities related to the legitimacy of control, Management control means to ensure operation policy decision, implementation ofbusiness activities and promote the efficiency and effectiveness, and the effect of the relevant management to achieve the goals of control. Accounting control and management control and not mutually exclusive, incompatible, some control measures can be used for accounting control, and can also be used to control.The goal is to ensure that the internal control unit operations efficiency and effect, safety, economic information of assets and financial reports of reliability. Its main functions: one is to achieve target management policy and management, Second is the assets of safety protection unit is complete, prevent loss of assets, Three is to guarantee the business and financial accounting information authenticity and integrity. In addition, the legitimacy of the financial activities within the unit is the internal control goals.Good, although the internal control to achieve these goals, but whether the internal control design and operation, it is not how to eliminate its inherent limitations. This limitation must also be clear and prevention. Main show is: (1) the limited by cost benefit principle, (2) if the employee has different responsibility ignore control program, misjudgment, even the collusion, inside and outside, often cause in fraud internal control malfunction, (3) management personnel abuse, and to set up or Passover control of internal control ignored, also can make the establishment of internal control non-existing.The internal control system in a company must cover and help to properly organize and control the entire activity of the company; thus, according to majority of authors, internal control is all-inclusive activity in financial and management accounting, as well as in the strategic management of projects, operations, personneland the total quality management. However, the most important thing is that internal control should not only cover the entire activity of the company, but also take into account its objectives, goals and tasks in order to make its economic-commercial activity as effective as possible. Analysis of scientific literature in the field shows that it is important not only to predict the particular areas of internal control and interrelate them, but also to stress that the most important objective of internal control is the effective management of risk by identifying and eliminating errors and frauds inside the company. Therefore, the concept of internal control offered by the authors covers a company’s areas of activities, its tasks and objectives; also, it provides for the main goal – an effective risk management.Despite the quantitative indicators used for goal assessment, each enterprise and especially extractive industry enterprises where attention should be focused onavoiding mistakes and fraud should elaborate and introduce a really effective and optimal system of internal control and accounting so as to strengthen its position in the market and optimize profitability.ConclusionsThe analysis of control definitions has shown that rather wide variations of definitions and their interpretations prove control to be a wide concept, mainly due to the fact that control has quite many different aspects and its meaning in different situations may be also defined differently.Nevertheless, there are still some general aspects of the system of internal control, which include ensuring reliable and comprehensive information, protecting the property and documents, to ensure an effective economic performance, keeping to the principles of accounting and presenting reliable financial records, obeying laws and executive acts, enterprise rules and ensuring an effective control of risk.As a result of the study, the authors present an inclusive and generalizing definition of internal control: the system of internal control is part of the enterprise management system that ensures the implementation of the enterprise’s goals, its effect ive economic-commercial performance, observance of accounting principles and an effective control of work risks, which enables to minimize the number of intentional and unintentional mistakes, and to avoid frauds in the process of enterprise performance, made by its authority or employees.中文翻译：内部控制制度：理论研究拉基斯，卢卡斯维尔纽斯大学，立陶宛引言企业控制的基本工具之一，建立一个有效的内部控制制度，为现代经济条件下企业获得竞争优势提供了条件。

外文出处：Jokipii, A. (2010). Determinants and consequences of internal control infirms: a contingency theory based analysis. Journal of Management & Governance,14, 2, 115-144.附件1：外文资料翻译译文企业内部控制的决定因素和后果：一个权变理论为基础的分析1简介人们普遍认为，内部控制制度能帮助企业降低风险、保证财务报表的可靠性和加强对法律法规的遵守。

因此，一些企业的倒闭现象和一些欺诈行为的广泛宣传逐渐增加，针对企业特定的经营环境，从而使企业对内部控制制度更加重视。

有效地管理对加强企业内部控制的有效性，并有效地传达给董事会和股东具有更大的压力。

例如审计人员、供应商、顾客跟内部控制也有关系，因为它们可能影响长期财务报告的可信度、管理人员的责任和企业的组织形式。

尽管内部控制是影响公司的一个重要因素，证据表明，内部控制结构的实际表现在组织结构中是不存在的。

正如金尼所提到的那样，该议题还未被研究人员所开发。

关于内部控制的专业文献对于发展国际管制框架已经取得了一定的进展，但迄今为止，内部控制研究的数量是有限的。

Selto和Windener出版的研究和分析的专业文章，发现在管理控制的研究中，关于内部控制专题的文学比实际文学少。

人们越来越重视内部控制业务发挥的作用，缺乏现有的研究，所以建立新的研究需要和机会是当务之急。

这项研究有助于了解内部控制结构及其在公司环境中的成效。

即使内部控制框架提出了内部控制的一个标准化的结构和目标，他们认为根据公司的特点来判断内部控制的不同需要。

然而无论是框架还是先前的文学都不能提供一个适合于企业特点及其控制系统关系的图片。

因此，本研究利用一个应急的方法来审查内部控制结构的设计及其在不同环境下观察到的成效。

研究报告分析了结构方程关系模型和芬兰提出的741公司的实证结果。

The enterprise internal control theoryThe internal control is an important symbol of modern enterprise management, through the practice of the conclusion is: to control is strong, weak, without control is controlled, disorderly. The new regulations "accounting law 27 units shall establish and perfect the system of supervision unit interior accountant. Unit interior accountant controls on the execution, the internal control is.What is the internal controlThe internal control is the formation of a series of measures to control functions, procedures, methods, and standardized and systematized, make it become a rigorous, relatively complete system. According to the control of the internal control can be divided into different purpose accounting control and management control. Accounting control and protection of assets is safe, the accounting information authenticity and integrity and financial activities related to the legitimacy of control, Management control means to ensure operation policy decision, implementation of business activities and promote the efficiency and effectiveness, and the effect of the relevant management to achieve the goals of control. Accounting control and management control and not mutually exclusive, incompatible, some control measures can be used for accounting control, and can also be used to control.The goal is to ensure that the internal control unit operations efficiency and effect, safety, economic information of assets and financial reports of reliability. Its main functions: one is to achieve target management policy and management, Second is the assets of safety protection unit is complete, prevent loss of assets, Three is to guarantee the business and financial accounting information authenticity and integrity. In addition, the legitimacy of the financial activities within the unit is the internal control goals.Good, although the internal control to achieve these goals, but whether the internal control design and operation, it is not how to eliminate its inherent limitations. This limitation must also be clear and prevention. Main show is: (1) the limited by cost benefit principle, (2) if the employee has different responsibility ignore control program, misjudgment, even the collusion, inside and outside, often cause in fraud internal control malfunction, (3) management personnel abuse, and to set up or Passover control of internal control ignored, also can make the establishment of internal control non-existing.Second, the basic structure of internal controlThe basic structure of internal control. Mainly includes controlenvironment, accounting system and control procedures in three aspects:(a) control environment. Control environment refers to establish or implement a policy of various factors, which affect mainly reflects unit managers and other personnel to control the attitude, understanding and action. Specific include: management ideas and management style, unit organization structure, functions and managers of these functions, determine the powers and responsibilities of the manager monitoring and inspection method, the working personnel policy measures to control, and its implementation, this unit of various external business relations.(2) accounting system. Accounting system refers to establish accounting and accounting supervision procedure and method of business activities. Effective accounting system should do:1, confirmed and record all real business, timely and detailed description of economic business, so in the financial and accounting reports of economic business appropriately classified.2 and measurement value of economic business, so in the financial and accounting reports records in the appropriate monetary value.3 and determine the time, business to business records in the appropriate accounting period.4 in the financial and accounting reports, business and proper disclosure of expression related matters.(3) control procedures. Control program to formulate policy and managers to ensure a certain procedure. Specific include: business and economic activity approval, The relevant personnel division of responsibilities clear, and prevent fraud, The bill and certificates and use, should guarantee business activities and recorded properly, Property and its use to have documented exposure measures to protect, For registered business valuation, and to review, etc.Third, the basic way of internal controlThe basic way of internal control mainly has: organization planning control, authorized control, budget control, material control, cost control, risk control and audit control.(a) to organize the control. According to the internal control requirements, the unit in determining the organizational structure andimprove the process, incompatible duties shall follow the principle of separation, the so-called incompatible duties, refers to those if by a man or a department, and may cheat yourself concealing its position of frauds. The economic activity of the unit can usually divided into five stages: namely, the approval issued by authorized, execution, and records. Normally, if each step by the relatively independent researchers (or department), can guarantee the separation incompatible duties, facilitating the function of the internal control. Organize and control mainly includes two aspects:1 and incompatible duties of separation. If the accounting work of accountant and cashier incompatible duties, need to separate. Should be separate positions usually have an authorized: economic business duties to separation, Execute a business with the position of the post to review: Execution of an economic position and record the business to business position: Keep a record of the property of the position and position of property to separation etc. Incompatible duties separation is based on the assumption that two personal unconscious accomplice a possibility, but the possibility of a person gains more than two people. If this hypothesis, breakthrough incompatible duties of separation cannot play control function.2, the organization's control. A unit of economic activities according to the needs of different departments and institutions set, the organization's set of responsibilities and should reflect the mutual control requirements. Specific requirement is: the responsibility and authority of the organizations must be licensed and guarantee the authority within the scope of authority without intervention, Each business must pass in operation of the department and guarantee in different departments concerned to check each other, In every business, should belong to was not inspectors, in order to ensure that the inspectors check out the problem was solved quickly.(2) authorized control. The authorized department of internal control unit to handle business or staff access control. Some departments or units within a clerk in the treatment of economic business, must be authorized or approved to, no approval. Authorized control unit can guarantee the implementation course and abuse. Authorized are generally authorized and particular authorized two forms: general mandate is to deal with average economic business level and the approval of the right conditions stipulated in the unit, usually in the internal control of clarifying, Special authorization of special economic business processing is theright level and approval conditions, such as when a prescribed amount exceeds the economic business department, only after approval within specific authorized to handle. Authorized the basic control requirement is: first, must be clear and specific license authorization of the general line and responsibility, Secondly, to clear the authorized business each program, Again, to establish the necessary examination system, to ensure that the processing after the authorized business working quality. Some current unit executes leadership "pen", with the approval of the internal control principles and requirements, should reform. Practice has proved, rights should be restricted, lose the right to restrict the corruption which easily.(3) budget control. Budget control is an important aspect of internal control, including financing, financing, purchasing, production, sales, investment and management activities. The economic business units to prepare detailed budget and plan, and through the authorized by relevant departments, the budget or plan implementation control, the basic requirements: first, the unit budget must reflect the management goal, and clear responsibility. Second, the budget shall be permitted by the authorized to budget adjustments to budget and more practical. Third, it shall timely feedback or regular budget implementation.(4) physical assets control. Physical assets control mainly include restrictions to control inventory control and regular two, this is the real assets of unit of safety control measures. There are two main: first, to limit to strictly control, to physical assets and the relevant documents of the physical assets, such as cash and bank deposit, securities and inventory, warehouse, the warehouser except cashier personnel and other personnel is limited, contact, to ensure the safety of assets. Second, regular physical assets inventory, guarantee the physical assets conform with the actual amount recorded book, such as accounts inconsistent, should investigate the cause and treatment. In addition to the above, physical assets control say from broad sense, also include the physical assets of purchase, storage, and shipping and sales process control.(5) cost control. Modern cost control can be divided into "extensive" and "intensive" two. Extensive cost control, refers to the production technology, product process under the condition of invariable, rely solely on reducing consumption materials, reasonable material to lower the cost of cost control, Intensive cost control, refers to raise the level of technology to improve the production technology, product process, thus reducing the cost control. These two kinds of methods, combining modern cost control.1, extensive cost control, the cost of raw materials procurement control from the final product sold throughout, and is one of the most fundamental and most main control method. First, the raw materials procurement cost control. For bulk materials generally used to open ZhaoBiaoFa or according to manufacturer direct purchasing. Second, the use of materials cost control. Generally, there are two ways: one is the objective cost control, it is through the "target cost price - goals profits target =", which is obtained by cost method to control costs. Veto Second, it is the cost control of various assignments, and through the analysis of cost drivers, costs and expenses of the collection, not only more reasonable truly computational cost, and thus find income and cost ratio or not only put no gains, so can largely reduce costs. Third, product sales, cost control. Mainly propaganda cost control, notable is, advertising, promotional role played only product quality is the foundation of the user's trust. Therefore, we should grasp investment and expenses of the matching principle. [NextPage]2 and intensive cost control. And can be divided into two types: one is to improve production technology by to reduce cost control. There are many ways to improve production technology, such as the introduction of new production line adopts high-tech products, etc. Two is improved by process to reduce the cost of cost control. Intensive cost control on intellectual achievements, it can make the excess profit achievements.(6) risk control. Risk is usually referred to as a result of the action, and the risk associated with another concept is uncertain. Some people only know beforehand action may result, but don't know they appear probability, or both all don't know, but only as a rough estimate. For example, enterprise test-manufacturing a new product, this product can certainly advance trial success or failure. But don't know these two consequences of possibility appeared. Business decisions are generally in uncertain circumstances. In practice, a result of action has many may not sure, risk, And as a result of the action, it is certainly not risk. The risk control is to prevent and avoid as far as possible adverse outcome. According to the reasons of the formation of risk and risk management can generally be divided into two categories: the financial risk,1, management risk. Risk management refers to the production and business operation reasons for corporate profits to the uncertainty. Due to the production and operation of enterprises will be derived from many aspects of the external and internal factors, thus greatly, and the uncertaintyof uncertainty, causes the enterprise profit margins or the changes, thus bringing risk. Operational risk changes from the external, nonetheless, enterprises should adopt the effective internal control measures to prevent.2, financial risk. Financial risk and risk, it is to because debt and the enterprise's financial results for uncertainty. Companies operating in the capital, debt all except the part of self-capital, borrowed funds for enterprise self-capital affect profitability, At the same time, borrowed money to repay captital with interest, if unable to repay debts that are due, the enterprise will into financial difficulties or bankruptcy. When the enterprise rate than pre-tax profit margins funds borrowed funds rate, use borrowed money earn profits and residual interest except compensation and thus make the self-capital profitability improve. However, if the enterprise income tax profit margins than money borrowed funds, at this moment, use borrowed money to finance the profits are not pay interest, still need to use their own funds to pay interest on the part of the profit margins, thereby reducing the self-capital, make enterprise losses incurred, even the bankruptcy of the danger. The risk for financing risk. The size of the risk degree of self-capital by borrowing money, borrowed money ratio, the greater the risk degree proportion with smaller proportion, borrowed funds, risk degree also decrease. For financial risk control, the key is to ensure a reasonable capital structure, maintain the appropriate level of debt, should make full use of the debt management skill gain financial leverage income, improve the self-capital profitability, To avoid excessive debt caused by the financial risk, which is the important link of the enterprise internal control, must take the necessary measures to prevent fundraising risk.(7) auditing control. Audit control mainly refers to the internal audit, internal audit and control of accounting is to supervise. Accounting information to internal audit, internal control is an integral part of the internal control is a kind of special form. Internal auditing is an organization in all kinds of activities and the internal control system of independent evaluation to determine whether the policy implementation, establish the procedure is in compliance with the standard of resources utilization, whether reasonable, effective and unit of objectives achieved. Internal audit content is very extensive, generally include internal financial audit and internal management audit. Internal audit supervision of accounting information, and is not only the internal control is effective means to ensure that the accounting information is true and complete. According to the basic principle of internal control and accounting work in our country actual situation, the new "law" regulation, the unit shall in internal accounting supervision system ofaccounting information in the regular internal audit methods and procedures, in order to make the internal audit institutions or internal auditors of accounting information system and procedure of audit work. In addition to the above seven internal control, and documentation control. Performance control and worker quality control, etc. The new system of accounting supervision system on the unit interior, the main contents of the internal control system. Including: responsibilities, and strict procedures, truthfully record, regular check, etc. In practice, establishing and implementing internal control should also consider: enterprise scale, organizational system and the owners' rights and interests; etc. Business property, diversity and complexity, Transfer, processing, and the methods to information, Applicable regulatory requirements, etc. At present many enterprise internal control was not good, except knowledge level, the main reasons of the administration is to establish and implement effective internal control of power, pressure, coerce, enough. This change of the accounting law depends on the implementation of new science and the modern enterprise system and the establishment of corporate governance structure. To help enterprises to establish internal control, can consult other countries and regions, by the relevant departments of the internal control of some important industry and points for each unit, reference, and learning to use gradually perfect the internal control system, in order to promote the comprehensive enterprise in our country, and in essence.企业内部控制理论内部控制是现代企业管理的重要标志，通过了结论的做法是：以控制强，弱，无控制的控制，无序。

外文原文OPINIONS ON INTERNAL CONTROL If the attest function is extended to cover internal control effectiveness, guidelines for reporting must be formulated, and several fundamental questions must be resolved.With increasing frequency, auditors hear the suggestion that they should express an opinion on the effectiveness of a client's internal control system. Advocates of this extension of the attest function are quick to point out that there are already instances in which independent auditors are reporting publicly on the effectiveness of their clients' systems of internal control and that some government agencies, including the Securities and Exchange Commission in some eases, require a report. Opponents of attestation-type reports counter that any report on internal control effectiveness would be misleading to the public and they believe that there is a significant difference between present regulatory agency reporting requirements and an opinion on internal control. This article reviews the present reporting practices, considers the desirable features of the reports as well as the associated hazards, and, finally, proposes some of the questions which must be answered before any final judgment can be made.THE CURRENT STATUS OF REPORTSAlthough auditors' reports do in several circumstances contain references to internal control, the nature of the representations made concerning effectiveness differ significantly.Large banks. Opinions on internal control are, in fact, given in the ease of a few large banks and the opinions do appear in published annual reports. These opinions are sometimes requested by the board of directors. For example, the following opinion appears in the 1969 annual report of a large New York bank, as a third paragraph in the independent accountant's standard short-form report:Our examination included an evaluation of the effectiveness of the hunk's internal accounting controls, including the internal auditing. In our opinion, lie procedures in effect, together with the examinations conducted by the bank's internal audit staff, constitute an effective system of internal accounting control.Opinions are rendered for a few other banks, but they are essentially the same as the quoted opinion.SEC requirements. SEC Form X-17A-5, which requires that the independent auditor make certain representations concerning internal control, must be filed annually by most members of national securities exchanges and every broker or dealer registered pursuant to Section 15 of the Securities Exchange Act of 1934.In addition, the SEC's Rule 17a-5(g) requires that the independent auditor's report contain "a statement as to whether the accountant reviewed the procedures for safeguarding the securities of customers." Moreover, many exchanges require that the report indicate that a review has been made of "the accounting system, the internal accounting control and procedures for safeguarding securities including appropriate tests thereof for the period since the prior examination date," and, evidently, the SEC staff prefers that the accountant include language similar to that required by the exchanges in all reports filed with the SEC. The scope paragraph of the report usually reads as follows:We have examined the statement of financial condition of (name) as of (date). Our examination was made in accordance with generally accepted auditing standards, and accordingly included a review of the accounting system, the internal accounting control and procedures for safeguarding securities and such tests thereof since the prior examination dote, (date) and of the accounting records and such other auditing procedures as we considered necessary in the circumstances. (Emphasis added.)To avoid confusion as to the type of review made, it is related to "generally accepted auditing standards" by the word "accordingly." Note that the requirement is met without the expression of an opinion on adequacy since the report merely states that a review has been made.If there are material inadequacies in internal control, the independent auditor is required to report them to the SEC, but according to Rule I7a-5(b)(3) inadequacies may be reported in a confidential supplementary report. If no material inadequacies are found, a representation to that effect is neither required nor expected. Therefore reports to the SEC do not constitute the expression of an opinion on internal control effectiveness and, in this respect, differ significantly from the reports issued for a few large banks.Other government agencies. Government agencies differ widely in the type of report required on internal control. Perhaps the most stringent requirement is that administered by the Office of Economic Opportunity. Section 243 of the Economic Opportunity Amendments of1967 requires an auditor's appraisal of a grantee's accounting system and internal controls before a substantial amount of OEO grant funds have been expended . The auditor's report must include the following opinion:The accounting system and internal controls of the (grantee and delegate agencies) are considered (adequate, inadequate) to safeguard the assets of the grantee, check the accuracy and reliability of accounting data, promote operational efficiency and encourage adherence to prescribed management policies.Some agencies require a report very similar to that required by the SEC for brokers. The Federal Home Loan Bank Board, for example, requires that the auditor's report indicate that internal control has been reviewed and requires submission of a copy of the management letter containing comments about any weaknesses in the system and recommendations for their correction.THE DESIRABILITY OF REPORTING ON INTERNAL CONTROLThose who believe that reports on internal control are desirable do so primarily for two reasons. First, they believe such reports would be useful to the public in evaluating management's performance in this area of its responsibility. Some regard such reports as a feasible and logical first step toward reports on management's performance in other areas.The second reason advanced by advocates of reports on internal control is that these reports would provide an additional basis for reliance on unedited interim financial statements. In view of the increasing importance of quarterly and other interim statements, the advocates believe that such reports would provide a useful public service. Opponents, on the other hand, are concerned that such reports would be a disservice to the public because of the risk of misunderstanding and unwarranted reliance. Thus, the crux of the question concerning desirability of reporting on internal control turns on an evaluation of the potential benefits and hazards to the readers of such reports.HAZARDS OF REPORTING ON INTERNAL CONTROL If reporting on internal control holds potential benefit for the profession and report users, what has impeded wholehearted assumption of responsibility for reporting on internal control?First, there is really no such thing as an overall evaluation of internal control. An auditor views internal control in terms of specific types of errors and irregularities which may occur because of weaknesses in the procedures concerning specific classes of transactions and related assets. Unless internal control is excellent in every respect, generalizations about the adequacy of the overall system are extremely difficult to make. Strengths in one area of internal control do not normally offset weaknesses in another area. Weaknesses in cash receipts procedures are not mitigated by strength in handling of cash disbursements, and adequate collection procedures cannot substitute for ineffective control over billing procedures.Second and closely related to the difficulties of an overall evaluation, there is the incomparability of an opinion on the financial statements taken as a whole and an opinion on the internal control sys-tem taken as a whole. Weaknesses in internal control can have a potential material impact on operations, but their materiality cannot be evaluated in the same manner that a known dollar amount of error can be with respect to the financial statements taken as a whole. Therefore, it is difficult to formulate the language of a standard report from which deviations could be considered as having a special and known significance.Third, there are many inherent limitations on the effectiveness of any system of internal control. Certain actions are not subject to control within the scope of internal control systems. Control procedures that depend primarily on the separation of incompatible duties can be circumvented by collusion. Management officials who are charged with administering the internal control system are in a position to perpetrate intentional errors and irregularities in .spite of the controls that might prevent similar actions by lower ranking employees. Perhaps the most critical inherent limitation is the fact that performance of man> control procedures is dependent on human judgment and volition and there are many possibilities for error arising from misunderstandings, mistakes, carelessness, distraction or fatigue.Finally—partially as a consequence of the other problems-reports on internal control create a significant possibility of unwarranted and misleading inferences on the part of users. Prominent among possible misunderstandings is the unwarranted projection of the opinion into future periods and the concomitant undue reliance on unedited financial information. The review and tests of internal control pertain only to the period covered during the examination. In the future, conditions, procedures and compliance may change. Many changes may occur to causevariations in compliance with established procedures, including new employees or employees taking over new responsibilities, unusual fluctuations in business volume that cause employees to take short cuts, and innovations in operations which introduce new types of transactions. Further, the reliability of financial statements is significantly influenced by management judgments which are not subject to control by the system.In view of the significant hazards associated with opinions on internal control, such opinions should be expressed with care and caution. At present there is an absence of field work and reporting standards for expressing an opinion on internal control, and the CPA who renders a report is exposing himself to an undefined responsibility.Many questions must be answered before opinions on internal control should be issued on a regular basis. These questions may be divided into fundamental questions and reporting guideline questions.FUNDAMENTAL QUESTIONSDoes an opinion on internal control contain information important to anyone other than management?Letters to management recommending improvements in the internal control system are a traditional by-product of independent audits. While the value of these reports on internal control is acknowledged as an important service to management, opponents of opinions on internal control question their importance to parties other than management.Advocates of opinions on internal control hold that the report does, to a limited extent, increase the reliance which can be placed on unedited financial information in the future even though reliability is unaffected. At the present time, an unqualified opinion on financial statements may he based on an examination which includes a significant extension of auditing procedures necessitated by poor internal control, but the reader of the auditor's report has no way of knowing this. A report on internal control would highlight the weakness and the reader would know that substantially less reliance should be placed on the unedited financial information issued during the period between audited statements. In addition, and of more importance, is the fact that an opinion on internal control reports on management's significant fiduciary obligation to devise, install and supervise an adequate system of internal control.Would reporting, on internal control significantly extend the auditor's liability beyond that assumed when issuing an opinion on financial statements?Any suggested extension of the attest function raises apprehensions concerning a concomitant extension of legal liability. Although a definitive answer to the extent of legal liability assumed cannot be obtained prior to litigation, there arc several lines of speculation.One view is that the most likely cause of action will arise when an unreported weakness in internal control causes a material misstatement in financial position or in the results of operations in the period covered by the opinion. Under these circumstances the deficiency in the report is likely to receive widespread attention and people relying on the report arc likely to be damaged thereby. In this situation, the auditor would probably he involved in litigation anyway because of his opinion on the financial statements.There is also a possibility of material errors or irregularities caused by deliberate management misrepresentation or employee collusion, which no system of internal control can prevent. The auditor's responsibility for these items should be similar to his responsibility when the financial statements on which he renders an unqualified opinion are materially misleading because of deliberate management misrepresentation or employee collusion. As long as he complied with generally accepted auditing standards, he would not be responsible.Another view on legal liability is that the expression of an opinion on internal control will draw attention to present responsibilities and also increase those responsibilities. Plaintiffs in a ease against auditors will have a new alleged deficiency with which to charge the auditor. In addition, if the subject of internal control review and evaluation becomes a point of litigation, juries may have even more difficulties evaluating this technical subject than they do evaluating testimony concerning financial statement presentation.Should a report on internal control be required or should it be voluntary and issued at the discretion of management?It does not seem to be within the auditor's province to require a report on internal control. The report does not add any credibility to audited financial statements and, thus, is not required for a fair presentation of financial position and results of operations. Those opposed to opinions on internal control contend that only "positive" opinions that internal control is adequate will be issued. Management would have a natural reluctance to have significant inadequacies in internalcontrol exposed to public view and, consequently, would not allow unfavorable opinions to be issued.Those favoring opinions on internal control counter that new reporting practices must start somewhere. Voluntary reporting disclosures—if they contain significant information—have a way of becoming required either by public pressure or the force of custom.Can a report be prepared which will not be misleading to report users?Whether a report will be misleading is a function of both the accuracy and clarity of the report and the knowledge and understanding possessed by the users of the report. One of the most significant hazards of reporting on internal control is the possibility of unwarranted and misleading inferences on the part of users. Experience with the short-form report on financial statements indicates that it may be as important for a report on internal control to say what the report does not represent as it is to accurately state what is represented. Actually, the answer to this question depends, to a large extent, on the answers obtained from the reporting guideline questions.REPORTING GUIDELINE QUESTIONSShould the report on interned control be a separate report distinct from the opinion on financial statements?Although there is a definite relationship between the evaluation of internal control and the opinion on the financial statements, there is a significant distinction between audited financial statements and internal control evaluation. In forming his opinion on the statements, the auditors evaluation of internal control is only an intermediate step in his examination. The opinion on internal control adds no further credibility to the financial statements and any implication that this is true should be avoided.Of course, internal control evaluation must be mentioned in the report on the financial statements when internal control is so inadequate that compliance with generally accepted auditing standards is impossible. In the extreme case when internal control is virtually nonexistent, a disclaimer of opinion on the statements is appropriate. In these circumstances there is a significant probability of unrecorded transactions, documentary evidence examined is highly suspect, and post balance sheet events cannot be adequately reviewed.If the distinction between the opinion on financial statements and the opinion on internal control is to be made forcefully, the opinion on internal control should be a separate report. If the reports are not separated, the opinion on financial statements should precede the report on internal control to avoid implication that the latter is necessary for fair presentation of the financial statements.What is the appropriate scope of audit work necessary to support an opinion on internal control?There are no standards of field work for determining the scope of work necessary to support an opinion on internal control. An adequate description of the work performed in a scope section of the report could ser\'e the same function as the scope paragraph in the report on financial statements. An auditor should be responsible for failure to disclose a weakness in internal control only if his review and evaluation should have uncovered that weakness. The scope of audit work for opinions on internal control has two aspects—breadth of coverage and depth of investigation.Should the scope of the review be clarified by including a concise definition of internal control in the report?The breadth of coverage could be as broad as a special investigation of a management information system or as narrow as the accounting controls which must be reviewed to comply with the second standard of field work. No matter what breadth of coverage was, the scope paragraph could include a concise definition of the internal control system reviewed. Although a number of definitions would probably be equally suitable, some definition should be given to describe concisely the subject of the report. A phrase at the end of the definition introduced by the word "including" could be used to identify any aspect of controls requiring specific mention. For example, the board of directors may feel that evaluation of the internal auditing department is especially important.Is the scope of the examination necessary to support an opinion on internal control the same as that required to satisfy the second standard of field work?The second standard of Held work states:There is to be a proper study and evaluation of the existing internal control as a basis for reliance thereon and for the determination of the resultant extent of the tests to which auditing procedures are to be restricted.If the breadth of coverage of the opinion is the same as that required for an opinion on financial statements, then the depth of the investigation may be related to compliance with the second standard of field work. This aspect may be covered in a scope section of the report as follows:Our examination of the financial statements performed in act01 dance with generally accepted auditing .standards, accordingly included a review and evaluation of the accounting system and internal controls.In a large company with a high volume of clerical work, any degree of audit coverage beyond tests of a small percentage of total transactions would be prohibitively costly. Consequently, the auditor must review and test the internal controls and be satisfied with the adequacy of the system. In a small company this may not be true. In addition, accountants are not in complete agreement on the amount of audit work necessary to perform a review and evaluation of internal control which meets the second standard of field work. For these reasons, there is disagreement on the depth of investigation necessary to support an opinion on internal control.Should an opinion on internal control be expressed in terms of an overall measure such as adequacy or effectiveness?Several characteristics of internal control systems are relevant to this question. Weaknesses in internal control are not offsetting, all systems have inherent weaknesses, and cost acts as a constraint on the effectiveness of all systems. One view is that these characteristics are "understood" in a comprehensive expression such as adequacy or effectiveness. "Effective" in this context means appropriate for the particular situation, with each company regarded as a unique situation.Another view holds that experience with the short-form report on financial statements indicates that very little should be presumed to be "understood" and that, since the "adequacy" of the system is the auditor's representation, great care should be exercised in clearly stating what "adequate" means.Should an opinion on prescribed methods and procedures be separated from an opinion on compliance with those procedures?One suggested alternative to a comprehensive representation on effectiveness is the divisionof the opinion between the adequacy of prescribed internal control procedures and the adequacy of compliance with those procedures. A proper study and evaluation of internal control includes distinct phases.Adequate evaluation of a system of internal control requires (1) knowledge and understanding of the procedures and methods prescribed and (2) a reasonable degree of assurance that they are in use and operating as planned. (Numerals added.)Knowledge and understanding of the prescribed procedures are gained by a review of the system accomplished by inquiry, observation and review of documentation. On the other hand, assurance that the procedures are in use and operating as planned requires tests of compliance. By observation of personnel and examination of documentary evidence, the auditor determines, for the entire period covered by the examination, whether the necessary procedures were performed and, if so, by whom. Thus, the auditor may form different conclusions concerning the adequacy of die prescribed procedures and the degree of compliance with those procedures.Separation of the opinion on prescribed procedures from the opinion on compliance serves the further purpose of alerting the reader to some of the limitations inherent in any internal control system by giving notice that the existence of adequate procedures does not automatically assure satisfactory compliance.If a separate opinion is expressed on compliance, what period of time should be covered?Since one of the significant hazards of expressing an opinion on internal control is unwarranted projection of the representations to the future, the opinion should be expressed with respect to a point in time or a span of time. An opinion could be expressed on the internal control system in effect at the time of the completion of the review, which would normally coincide with the completion of field work. On the other hand, the opinion might be expressed for the period of time in the company's operations covered by the examination, which would normally coincide with the period covered by the financial statements. Another variation would limit the period of time for which the opinion was expressed to the time span of the review and evaluation of the internal control system which could be limited to a few months.Should additional cautionary language be added to the opinion to clarify the nature of the opinion and explain what it does not represent?Two hazards of reporting on internal control are especially relevant to this question: (1) Theeffectiveness of any system is subject to inherent limitations and (2) there is a danger that the system may change in the future, which makes projection of the opinion to the future unwarranted.An opinion on internal control could include a denial section which concisely explains the limitations of the opinion. Wording such as the following might be included in such a section: (1) The continuing effectiveness of the system as designed requires constant surveillance on the part of management and periodic review. (2) The effective functioning of any system of internal control depends on whether individuals continue to conform to prescribed policies and procedures. (3) We do not express an opinion on future compliance with prescribed procedures.(4) The system of internal control cannot prevent collusion or prevent intentional irregularities by the administrators of the system.What criteria should be used in determining whether exceptions to effective internal control should be reported?There arc two alternative, existing criteria which could be used as a basis for reporting exceptions. One criterion relates effectiveness or adequacy of internal control to financial statement presentation. Under this criterion an exception would be reported if controls would not, with reasonable promptness, prevent or detect material errors and irregularities, i.e., those which have a potential material impact on the financial statements. The other criterion would report exceptions on the same basis used to recommend improvements in internal control to management.How should exceptions be reported?This question is not so much one of format as it is a matter of degrees of opinions. Under one view exceptions would be introduced into the report by adding the phrase "except as noted below" to the appropriate opinion sentence. Exceptions would be listed after the opinion paragraph and classified by major class of transaction or asset and the relation to adequacy or compliance. If the exceptions were sufficiently material, the opinion would be expressed that internal control was inadequate. In other words, there would be three types of opinions equivalent to the unqualified, qualified and adverse types of opinions rendered on financial statements.Another view would limit the types of opinions to either "adequate" or "inadequate." Underthis view, weaknesses not considered sufficient to regard the system as inadequate might be included in a report on internal control. Further, some controls outside the scope of the review for internal control report purposes might be included in a report to management, which might very well be different from the report to others. This situation is analogous to the situation which exists for long form and short-form reports. The recommendations to management not contained in the report on internal control should not warrant reporting in the opinion on internal control, i.e., they should not support a contention that the report on internal control was misleading.How should the auditor comply with internal control reports prescribed by regulatory agencies?If the regulatory agency requirement is for a statement that the internal control system was reviewed as part of the examination and a copy of the recommendation letter to management, the requirement docs not expose the auditor to the hazards of expressing an opinion on internal control previously outlined. However, if the regulatory agency requires a positive expression of opinion on internal control effectiveness and, in addition, prescribes the form of report, the auditor should give careful consideration to whether the prescribed form sufficiently recognizes the reporting hazards.If the prescribed form is unacceptable to the auditor, he has two basic alternatives. He could attempt to persuade the agency to accept a substantially different report, which could take a variety of forms. On the other hand, he could modify the prescribed opinion to reduce the reporting hazards in a manner which meets the specific requirements of the agency.Consider the reporting requirement administered by the Office of Economic Opportunity, which is that "the auditor's appraisal regarding the accounting systems and internal controls must include the following words in order to be acceptable to OEO." In other words, their opinion paragraph must be used, hut they do not say that the opinion has to be confined to their wording.A possible modification of the prescribed form would be the addition of a scope paragraph to clarify the basis supporting the opinion and another paragraph to explain what the opinion does not include, which might be called a denial paragraph.Should an opinion on internal control he expressedWhen an audit is not performed? When the auditor is associated with financial statements which are unedited, a report on internal control is not in accordance with paragraph 8, SAP No.。

Private Enterprises of the intenal control issuesPulin ChangEconomic Review。

2008，（5)Third，the promotion of private SMEs in the internal control system strategy（A) change management and business owners the concept of development。

The majority of private small and medium enterprises in the family business，the success of these enterprises depends largely on internal control or entrepreneur leadership attention and level of implementation. Over the years，by traditional Chinese culture, business owners believe in Sincerity，fraternal loyalty permeate many aspects of enterprise management，strengthen internal controls that will affect the organization the members of distrust, resulting in internal control. Many private business owners that rely on business to do business benefits out of, rather than out of the internal financial management control；that the market is the most important internal control will be bound himself and staff development。

外文翻译--内部控制失败与公司治理结构的关系后萨班斯法案分析本科毕业论文(设计)文翻译外外文题目 Internal Control Failures and Corporate GovernanceStructures—A Post Sarbanes-Oxley Act (SOX)Analysis外文出处 Georgia Institute of Technology外文作者 Beng Wee Goh原文:Internal Control Failures and Corporate Governance Structures—A Post Sarbanes-Oxley Act (SOX) Analysis3.1 Relation between Internal Control Quality and Corporate Governance Structure3.1.1 Monitoring of Internal Controls by the Board of DirectorsThe findings that weak internal controls result in lower accruals quality and negative stock market reaction lend support to the regulators’ emphasis on internalcontrols to improve financial reporting quality. Weak internal controls, especially if disclosed and allowed to persist, can undermine users’ perception of the credibility of the firm’s financial reporting and harm the firm in the long run. Despite theimportance of internal controls, research on what corporate governance mechanisms can ensure effective internal controls is scant.Fama and Jensen (1983) contend that boards assume an important role in corporate governance. The modern large corporation is characterized by the absence of the classical entrepreneurial decision maker. Instead, in order to reap the benefits of risk shar ing, the company’s residual claims are diffused among many investors, whogenerally vest their decision rights in individuals with specialized knowledge. Agency theory predicts that such delegation of decision to management creates conflicts ofinterests between managers and residual claimants. Agency costs are created because the managers who initiate and implement important decisions are not the major residual claimants and therefore do not bear a major share of the wealth effects of their decisions.Without effective control procedures, such managers are likely to take actions that deviate from the interests of residual claimants. For instance, managers can manipulate financial reports or commit fraud to maximize their own self-interests, and to the detriment of shareholders.Fama and Jensen (1983) argue that agency costs can be reduced by institutional arrangements that separate decision management from decision control. Separate decision control is required to monitor the actions of the top managers, i.e. CEO or president, approving the corporation’s strategy, and monitoring the control systems ofthe firms. Within the large corporations, decision control rightsare delegated to the board, which represents the highest level of decision control. The board helps to reduce conflicts of interests between managers and residual claimants and ensure that management decisions are congruent with shareholders’ interest.Effective internal controls are part of the firm’s overall control system that can be used to mitigate agency conflicts and curb managers’ opportunistic behavior (Jensen and Payne 2003). A sound financial reporting system prevents managers from using aggressive accounting to inflate earnings and/or stock price, and effective internal controls are essential in ensuring the integrity of financial reporting system. For instance, the maintenance of proper accounting policies and procedures and adequate controls over non-routine transactions reduce ambiguities in the interpretation of accounting procedures. In turn, this can prevent managers from manipulating accounting rules to maximize their self-interests. Proper internal controls over financial statement closing procedures, timely preparation of account reconciliations, and account analysis all seek to reduce errors in financial accounting, thus ensuring accurate financial reporting.Effective internal controls such as the hiring of accounting personnel with high levels of accounting expertise and technical competence with financial accounting standards or SEC filing requirements can enhance the quality of accountinginformation (Jensen and Payne 2003). For instance, accounting personnel with high levels of accounting expertise are more likely to capture and report relevant financial information useful for decision making and prepare financial statements in conformance with generally accepted accounting principles (GAAP) for external parties. Highly competent and/or experienced accounting personnel are also better able to understand complex accounting issues and deal with non-routine accounting transactions.Another important internal control that curbs managers’opportunistic behavior isthe internal audit function. Many of the responsibilities ofinternal auditors are linked directly to the production and monitoring of accounting information. One of them is to test, evaluate, and make recommendations regarding an organization’s accountingsystem and internal controls over financial reporting. By doing so, internal auditors reduce the risk of fraud and protect assets from theft or loss, thus ensuring that accounting information generated by the firm is less susceptible to errors.The above discussions highlight the importance of internal controls as a monitoring mechanism that the board uses to reduce agency conflicts and managers’opportunistic behavior. Reputational concerns provide additional incentives for the board of directors to play a vigilant role in the monitoring of internal controls. Fama (1980) and Fama and Jensen (1983)contend that outside directors are generally highreputation members of the business community who view the directorate as a means of further developing their reputations as experts in decision control. Directors who demonstrate their superior ability in decision control are rewarded through additional directorships and prestige. Hence, directors have incentives either to protect or enhance their reputational capital. Because weak internal controls are likely to result in lower financial reporting quality (Ashbaugh et al. 2006a, Doyle et al. 2007b) and harm the directors’ reputation, the board is likely to play a vigilant role in themonitoring of internal controls and financial reporting.3.1.2 Monitoring of Internal Controls by the Audit CommitteeIt is common for the board to delegate duties to a subset of the board. The extant literature suggests that the board faces litigation risks for monitoring failures and thatdirectors can mitigate their liability through formation of an effective audit committee. Reinstein et al. (1984) posit that outside non-audit committee directors may be able to demonstrate fulfillment of their fiduciary duties by stating that they relied upon audit committee representations on issues regarding the adequacy of the firm’s financialreporti ng and the audit committee’s relationship with the external auditors. As such,non-audit committee directors effectively shift some of the risk of potential financial misstatement to the audit committee (Abbott et al. 2003). Consequently, audit committees would seek to mitigate risk by diligently performing oversight of the firm’s accounting functions. Studies with findings consistent with the quality of the audit committee being associated with financial reporting outcomes include Carcello and Neal (2003a) and Klein (2002b). Because internal controls over financial reporting might affect financial reporting outcomes, it is expected that more effective audit committees will seek to produce favorable financial reporting outcomes by maintaining effective internal controls.Further, the profession and regulators are both of the view that one of the duties of the audit committee should be to ensure effective internal controls. The Blue Ribbon Committee on Improving the Effectiveness of Corporate Audit Committees (1999) recommends that the audit committee encourage procedures that promote accountability and ensure that management properly develops and adheres to a sound system of internal control. The Commission on Public Trust (2003) advocates the requirements o f SOX that ―….the audit committee be responsible for the appointment, compensation, and oversight of the work of the auditors, and that the outside auditors and internal auditors report directly to the audit committee.‖ Under SOX 301, audit committees of p ublic companies are required to establish procedures for the ―receipt, retention, and treatment of complaints‖ regarding accounting, internal controls, andauditing.The importance of the audit committee’s role in the oversight ofthe firm’sinternal control system has also been highlighted by researchers. DeZoort (1997) surveys audit committee members to elicit perceptions of their responsibilities in areas related to financial reporting, auditing, and overall corporate governance.Members consistently rank internal control evaluation as the most important oversight area, with financial statement review and internal auditor/external auditor evaluation considered highly important. Hence, the audit committee is expected to play an important role in monitoring internal controls besides the board of directors. 3.1.3 Effectiveness of Governance Structures and Internal Control QualityStudies have shown that more effective boards and audit committeesare associated with stronger corporate governance. Dechow et al. (1996) and Beasley (1996) both find that firms with weak corporate governance characteristics, such as a lack of an audit committee, less independent boards, having a CEO who also serves as the Chairman of the board, etc., are more likely to be subject to fraudulent reporting. Klein (2002b) and Xie et al. (2001) find that more effective boards and audit committees, measured by their composition and activity, are associated with higher earnings quality. Last, studies have shown that more effective audit committees are associated with the hiring of external auditors who aremore independent (Carcello and Neal 2000) and auditors who have greater industry expertise (Abbott and Parker 2000).I expect firms with more effective governance structures to have higher quality internal controls. More effective audit committees and boards, comprised mainly of independent directors, are less likely to be influenced by top managers. As such, they are more likely to protect shareholders’ interests and implement effect ive internal controls to curb managers’ opportunistic behaviors. High-quality audit committees aremore likely to engage in discussions with the internal and external auditors about their assessment of internal control (Krishnan 2005). They are also more likely to follow up on concerns about the quality of internal controls by eliciting recommendations for improvement and ensuring that management carries out these recommendations. In addition, more effective audit committees or boards have higher levels of accounting and financial expertise that enable them to better understand complex internal control issues, which is important in attempting to achieve an effective overall internal control system. A detailed discussion on how I measure the effectiveness of the firm’s governance structure, i.e. the board of directors and audit committee, is found in Chapter 4.1 of this study.Only two studies directly explore the link between internal control quality and corporate governance structures (Krishnan 2005, Krishnan and Visvanathan 2005).Krishnan (2005) examines a sample of firms disclosinginternal control problems surrounding auditor changes during the period 1994-2000. She finds that these firms have audit committees that are more independent and have a higher level of expertise compared to a control sample of firms changing auditors but not disclosing internal control problems. However, because her sample was restricted to firms subject to auditor changes, the results may not be generalizable to all firms. Further, her study is conducted prior to SOX. Recent policy changes are likely to intensify the pressures for firms to improve their corporate governance mechanisms, making it important to examine whether the results in Krishnan (2005) hold in the post-SOX period.Perhaps more importantly, Krishnan’s study is focused on examining thecharacteristics of the audit committee. However, the effectivenessof the audit committee may depend on board characteristics. For instance, the report of the Blue Ribbon Committee on Improving the Effectivenessof Corporate Audit Committees (1999) states that ―audit committee performance relies on the practices and attitudesof the entire board.‖ Beasley and Salterio (2001) find that firms with strong board governance attributes are more likely to voluntarily form audit committees composed of members with relevant financial reporting and audit committee knowledge and experience. Klein (2002a) provides further evidence that audit committee independence increases with board size and board independence. Hence, failure to control for board characteristics when examining the relation between auditcommittee characteristics and internal control quality can potentially introduce an endogeneity problem in the regression results.Krishnan and Visvanathan (2005) examine the role of audit committees and auditors in the reporting of internal control deficiencies after the passage of SOX. The authors find that a higher number of meetings of the audit committee, smaller proportion of financial experts in the audit committee, and more auditor changescharacterize firms that report weaknesses in their internal controls compared to firms with no weaknesses. Prior restatements are also higher for firms not reporting such weaknesses. However, the study does notfind differences in the size of the audit committees between firms with and without weaknesses, and the authors do not examine the independence of the audit committee nor the board characteristics.Based on the discussions above, I complement Krishnan (2005) and Krishnan and Visvanathan (2005) by hypothesizing that less effective audit committees and boards of directors are associated with lower internal control quality. I examine firms that disclosed MW under SOX 302, which is a more representative sample than that used in Krishnan (2005). By using this sample of firms, I am also able to examine whether the results in Krishnan (2005) hold in the post-SOX period, and whether the results hold when I examine a more comprehensive set of corporate governance characteristics that include both the board and audit committee characteristics. Because the incidence of MW is an indication of lower internal control quality, I expect that firms with lesseffective audit committees and boards of directors to be more likely to have MW.Soure:Beng Wee Goh .Internal Control Failures and Corporate Governance Structures–A Post Sarbanes-Oxley Act (SOX) Analysis[D]. Georgia Institute of Technology，2007.24-27.译文:内部控制失败与公司治理结构的关系——后萨班斯法案分析 3.1内部控制质量与公司治理结构的关系3.11由董事会负责的内部控制监督内部控制薄弱导致应计质量较低和股市的消极反应，该调查结果表明，监管机构如果重视内部控制那么可以改善财务报告质量。

本科毕业论文外文翻译原文Determinants and consequences of internal control in firms: a contingency theory based analysisMaterial Source:Springer Science+Business Media Author: Annukka Jokipii AbstractIn order to ensure the efficiency and effectiveness of activities, reliability of information and compliance with applicable laws, firms demand adequate internal control. However, several frameworks (COSO, CoCo etc.) assume that the need for internal control varies according to a firm’s characteristics. This concurs with contingency theory, which claims that each organization has to choose the most suitable control system by taking into account contingency characteristics. This study examines which contingency characteristics firms choose to adapt their internal control structure and whether it results in a more favorable assessment of the effectiveness of control by the management. While the components of internal control have been examined individually in the control literature, this paper attempts to shed light on internal control and place it in a broader context. The results, derived from a web-based survey of 741 Finnish firms, indicate that firms adapt their internal control structure to deal with environmental uncertainty and to achieve observed control effectiveness. Also the strategy has statistically significant effects on internal control structure.Keywords Internal control Effectiveness Contingency theory Structural equation modeling1 IntroductionIt is generally believed that an internal control system reduces risks and helps firms ensure the reliability of financial statements and compliance with laws and regulations (Spira and Page 2003). So, an increasing number of business failures and some widely publicized frauds have encouraged firms to put more emphasis on their internal control systems, which are specific to their particular operating environment. Management is under increased pressure to enhance the effectiveness of internalcontrol and to effectively communicate this to the board of directors and shareholders (Sutton 2006). Reference groups like auditors, suppliers and customers are also interested in internal controls since they may affect long-term confidence in reporting, accountability and in the corporate form of organization (Rittenberg and Schwieger 2001).Despite the fact that internal control is an essential factor affecting the firm, the evidence of the actual performance of an internal control structure within the organizational environment is almost non-existent, and the topic relatively unexplored by researchers, as noted by Kinney (2000). The professional literature on internal control has made progress toward developing international control frameworks, but so far the amount of internal control research is limited. Selto and Widener (2004) analyze published research and professional articles and find that there were fewer internal control topics in the management control research literature than in practical literature. Increasing emphasis on the role played by internal control in business (Maijoor 2000), and the lack of existing research, creates new research needs and opportunities.This study contributes to the understanding of the internal control structure and its observed effectiveness in company contexts. Even though the internal control frameworks (COSO, CoCo etc.) present a standardized structure and objectives for internal control, they still advise that the need for effective internal control varies according to a firm’s characteristics. However, neither frameworks nor pr ior literature provide an adequate picture of the relationships between a firm’s characteristics and its control system. Therefore, this study utilizes a contingency approach to examine the design of the internal control structure and its observed effectiveness in different contexts. The study examines relationships using structural equation modeling (SEM) and presents empirical results from 741 firms in Finland.The results of this study add to the limited internal control research knowledge in several important respects. First, the study presents empirical findings using measurement models for internal control and its effectiveness in practice. There are organizations worldwide which have used internal control frameworks as a foundation for conducting activities. At any rate, there is little evidence about frameworks outside practice, and thus the models deserve more intensive research attention (COSO 1994; Selto and Widener 2004). With a few exceptions (e.g., Stringer and Carey 2002) earlier studies have usually concentrated on particular control elements, such as the control environment (D’Aquila 1998), communication(Hooks et al. 1994) or risk assessment (Mills 1997). In this study the internal control concept is examined as a whole in different contexts. Second, the action of contingency theory on internal control has not been examined sufficiently within the prior literature even though that relationship plays a critical role in better understanding internal control within organizations. Third, there is a lack of knowledge about internal control from the point of view of management. The literature has so far concentrated on the external parties’ view (Felix 1998), although organizing internal control in the organization is in fact the responsibility of management. Therefore, in this study the perceptions of the management of the surveyed firms are the focus.Fourth, this study examines important contingency characteristics that should be taken into account when focusing on the internal control in an organization. The aim is to determine which characteristics are helpful in explaining variations in an internal control system and its observed effectiveness. However, the model examined, yields different results when examined in a bivariate or in a multivariate setting. Therefore, this paper demonstrates how a contingency approach and SEM technique may be applied to internal control research. Understanding commonalities and differences in internal control structures and observed effectiveness in alternative contexts makes a significant contribution to the internal control discussion. Thus, the study provides a means to identify the special needs of different organizations.The rest of the paper is organized as follows. The next section presents a research framework and the following section presents definitions of constructs and the literature related to the research questions. The fourth section explains the survey design and measurement of variables. Following that, the paper elaborates on the empirical analysis using the SEM method based on data collected from 741 Finnish firms. The sixth section includes a discussion of the results. The last section ends with the conclusions and limitations of the study.2 Research frameworkControl systems are designed to assi st managers to achieve their firm’s goals and desired outcomes (Chenhall 2003). An internal control system potentially enhances a firm’s monitoring and reporting processes, as well as ensuring compliance with laws and regulations. In this way effective internal control has a critical role to play in a firm’s success. But, as we can see from the practical findings, internal control does not exist in vacuum. The COSO framework (1994, p. 18) statesthat two organizations should not have similar internal control system unless the organizations are identical. The need for, and the specifics of, internal control systems may vary in organizational contexts. This statement presented in the internal control framework (COSO 1994) is analogous to contingency theory that claims that each organization has to choose the most suitable control system by taking into account contingency characteristics (see reviews in Chapman 1997; Chenhall 2003; Fisher 1995; Luft and Shields 2003). The contingency approach therefore offers an explanation for the variety of internal control systems found in practice.However, contingency theory constitutes a novel approach to studying internal control and thus, theoretical fundamentals and chosen characteristics are derived from the contingency-based control literature. Consequently, management control is a major control sub-system in organizations which have been the subject of contingency theory research (Collier 2004). The research has mainly focused on the influence of contextual variables on management control system design (for example Langfield-Smith 1997; Chenhall 2003) and in this paper, the literature is reviewed along with an analysis of the research based on these studies. The aim is to use contingency theory to understand characteristics affecting internal control structures and its observed effectiveness rather than to elaborate on contingency theory as such.To summarize, this paper examines if contingency characteristics affect the internal control structure and further, whether the internal control structure will result in a more favorable assessment of effectiveness if applied in alternative contexts.3 Definition of constructs and research questions3.1 Internal control frameworkAccording to the broad view of internal control, it covers all aspects of an organization and there was a clear demand for a method of pulling together control concepts to form an integrated internal control framework. Well-known frameworks (COSO, CoCo, the Basle Framework, the Combined Code and the Turnbull Guidance) include a definition of effective internal control and present the components of the internal control structure. For example COSO (1994) states that internal control can be judged to be effective when the board of directors and management have reasonable assurances that they understand the extent to which the entity’s operational objectives are being achieved, the published financial statements are being prepared reliably, and the applicable laws and regulations arebeing complied with. Therefore, in this study effectiveness of internal control is defined in terms of management’s perceptions of how well these three internal control objectives are met.Similarly, in the frameworks a proper internal control structure is described in different terms, but the following five components can be identified:1. The control environment component defines the ethos of an organization and the way it operates. This component refers to the creation of an atmosphere in which people can conduct their activities and carry out their control responsibilities. It creates the overall control culture in the firm.2. The risk assessment component refers to the processes of dealing with the risks that pose a threat to achieving the firm’s objectives. It involves the identification, analysis and assessment of relevant risks.3. The control activities component refers to policies, procedures and practices that assure management that the objectives are achieved and the risk mitigation strategies are carried out effectively.4. The information and communication component ensures that relevant information is identified, captured and communicated in a form and time frame that allows personnel to carry out their duties and responsibilities effectively.5. The monitoring component refers to a process of assessing the quality of control. It covers ongoing and periodical evaluations of the external supervision of internal controls by management or other parties outside the process.In this research these five components define the internal control structure.2 It is stated in the frameworks (e.g., COSO 1994) that in order to have an adequate internal control system these components of internal control must be presented and function properly. Most of the research in this field focuses on examining particular control elements (D’Aquila 1998; Hooks et al. 1994; Mills 1997). Stringer and Carey (2002) examines all five components but use a qualitative approach and examine the components separately.In this study internal control components and observed effectiveness are used as latent variables in the analysis. It should be noted that the level of analysis is theoretical and specific individual controls or judgments are not the main focus of the study (see for example Felix and Niles 1988; Gadh et al. 1993). Furthermore, the level of analysis in the firms is at the corporate control level as applied by the CEO and other corporate officers (see e.g., Fisher 1998).3.2 Organizational structureOrganizational structure refers to an internal pattern of roles, communication, authority and relationships. Chenhall (2003) notes that organizational structure remains an important factor in understanding the design of internal control. When adopting particular structures, certain kinds of contacts and relationships are encouraged and others discouraged (Emmanuel et al. 1993, p. 52). Otley (1980) suggested that different forms of organizational structure would require different types of accounting information to be provided to enable them to operate effectively. For example, a mechanistic structure (more centralized, vertically differentiated and formalized than an organic structure) may facilitate internal control by reducing the variability and increasing the predictability of work behavior. However, a mechanistic structure may also reduce internal control effectiveness due to control loss in multiple hierarchies (Evans 1975) or alienation induced by centralization (Morris et al. 1979). In a centralized organization the decision-making authority sits high up in the structure: the need for monitoring and control activities in the decision-making process is reduced. Vertically differentiated organizations may have problems with the information and communication component because information has to flow through different levels of the organization (Gosselin 1997).A highly formalized organization has control activities, but a low reliance on formal rules and procedures implies greater personal discretion and a tendency to take more features into account when monitoring and controlling (Whitley 1999).3.2 Internal control structure and its observed effectivenessThe theoretical relationship between internal control structure and its effectiveness is based on the COSO (1994) framework that states that five properly functioning internal control components lead to effective internal control. COSO (1994) further states that there are differences in internal control effectiveness in different firms, but does not provide any exact explanation of why these differences exist. Therefore, contingency theory provides an applicable research approach (applied here in internal control) by stating that successfully tailoring a control system to a firm’s characteristics will result in better control effectiveness (Fisher 1998). For example Simons (1987) found that firms with different strategies used their control systems differently and this caused significant effects on firm performance. So, by having the observed internal control effectiveness as a dependent variable in the model, the adequacy of the control structure in practice can be assessed (e.g., Langfield-Smith 1997).The frameworks state that the effectiveness of internal control is a subjectivejudgment as to whether there is a reasonable assurance that the objectives of internal control are being met. Managers were the chosen observers of effectiveness in this study for three reasons: first, establishing, evaluating and supervising internal control is the responsibility of management (Krishnan 2005, p. 650). Second, management has immediate and detailed insight into the operation of the internal control system (Changchit et al. 2001, p. 439; COSO 1994). Thirdly, previous studies have mainly concentrated on the view of external parties (Felix 1998) despite the first point above. Thus, our managers provide new insights into this important area..To reiterate both an internal control framework (COSO 1994) and contingency based literature, presuppose that the need for internal control varies depending on the circumstances, but that the internal control components that are presented and function properly in that particular situation lead to observable internal control effectiveness.4 Research methodEmpirical data were collected through a web-based questionnaire (Jokipii 2006). This method made it possible to efficiently collect statistical information from numerous firms and make direct contact with management. This was important, because determining internal control effectiveness is subjective (Root 1998) and management has current and detailed insight into the operation of the internal control system (Changchit et al. 2001; COSO 1994). The information collected is not available from archival data used, for example, by external auditors.To check the relevance and the construct of the questionnaire (Diamond 2000; Dillman 2000) it was pre-tested with a small group of academics and CEOs, which resulted in some modifications to the wording and in the presentation of the questionnaire. The questionnaire consists of three parts (see Appendix 1). The first part includes questions on control variables and contingency characteristics. For example the existence of an internal auditor in the firm was used as a control variable; it may have influence on the quality of internal control (Fadzil et al. 2005). The variables in this part were adapted from earlier studies to enhance the validity and reliability of the measures. The second part focuses on the internal control structure and includes questions on the components of internal control; that is, the control environment, risks, control activities, information and communication, and monitoring. The third part examines management’s evaluations of internal control effectiveness and includes questions on the efficiency and effectiveness of activities,reliability and timeliness of financial and management information, and compliance with applicable laws and regulations.4.1 Variable measurementThe structure and effectiveness of internal control can be described theoretically, but both are difficult to quantify. Following the procedures described in Bollen (1989) the measurement for internal control was based on the control selfassessment (CSA) method, which is an application used in practice (see e.g., Adamec et al. 2002). The questionnaire asks respondents to give their opinions of the internal control structure and its effectiveness on a scale from 1 to 7 (1 being totally disagree and 7 being totally agree).4.2 Internal control structureThe structure of internal control (CONTROL) was defined by the following indicators adapted from internal control literature: control environment (COEN), risk assessment (RISK), control activities (COAC), information and communication (INFO) and monitoring (MONI). The study measures the indicators using 5-item questions and then uses the measures as factors in the latent variable.4.3 Internal control effectivenessInternal control effectiveness was defined on the basis of how well three objectives of internal control defined in the frameworks are met by the firms. The following indicators define the structure of internal control effectiveness (EFFE): efficiency and effectiveness of activities (EFFI), reliability, completeness and timeliness of financial and management information (RELI), and compliance with applicable laws and regulations (LAW). This study measures the indicators using 4-item questions and then uses the average score as a factor in the latent variable4.4 StrategyTo measure strategy, this paper uses the well-known Miles and Snow (1978) typology. To keep the questionnaire short, the measurement approach used was adapted from the studies by Guilding (1999) and Shortell and Zajac (1990). The respondents received a brief description of the strategies and they were then asked to select the one which best characterized their organization. The quantitative variables are created with two values corresponding to strategic types; coded as 1 for a prospector strategy and coded as 0 for a defender or analyzer strategy.5 ConclusionThis study focused on internal control and its effectiveness by using contingency theory. The present study is among the very few studies that set out toempirically examine the relationships between context and internal control suggested by the frameworks used in practice. Specifically, this quantitative study contributes to the existing internal control literature by scrutinizing the applicability of contingency theory providing a meaningful research approach. It is therefore directly responsive to claims for more research in this area (Selto and Widener 2004; Kinney 2000) where prior studies are mostly qualitative and focus on only one internal control element (D’Aquila 1998; Hooks et al. 1994; Mills 1997; Stringer and Carey 2002). This study developed measurement models for internal control and its effectiveness and used them as latent variables in a quantitative analysis. The study also uses the SEM approach to examine the research models. The model is able to predict 9% of an internal control structure and 82% of observed internal control effectiveness. The evidence it gathered upheld some of the research questions but also caused some to be rejected.According to the results of this study, it can be stated that a prospector strategy and high perceived environmental uncertainty do matter more in internal control than the other contingency characteristics examined. The suggested relationship between variables in the main model does not hold true in small firms (namely those with less than 50 employees). These results should be viewed in the light of the following shortcomings. First, although considerable care was taken to collect reliable data, measures for internal control structure and its observed effectiveness are novel and there is a need to refine and validate them in further research. It would be interesting to examine if studies of other reference groups, for example auditors, give similar results. Second, the examined relationships are tested using crosssectional data. However, if the assessed effectiveness of internal control is low at the moment of measurement, it will probably cause some effect on internal control in the future. Without longitudinal data this possibility cannot be conclusively ruled out, and this study does therefore support the premise that any longitudinal studies undertaken are likely to be fruitful. Third, in SEM technique it is not considered that the relationships between variables may not be linear or that the relationships exhibit linearity only within a limited relevant range.Despite the above limitations, this study contributes to enhancing our understanding of internal control in the company context. It empirically shows that contingency characteristics affect the internal control structure and its observed effectiveness. Additional empirical evidence is required to fully understand the effects of context on internal control. Therefore, future studies can add to ourunderstanding of the research issue by considering the role of additional contingency characteristics.译文公司内部控制的决定因素：权变理论为基础的分析资料来源: 施普林格科学+商业媒体公司作者：Annukka Jokipii 摘要为了保证活动的效率和有效性，可靠的信息和遵守适用的法律，企业需求严格的内部控制。

内部控制外文翻译外文翻译原文来源：Research Paper, July XXXX年月日A Clear Look at Internal Controls: Theory and Concepts内部控制透视：理论与概念The necessity of control in new variable business environment is not latent for any person and managementas a response factor for stockholdersand another should implement a greatcontrol over his/her organization. 环境需要新的业务控制变量不为任何潜在的股东和管理人士的响应因子为1，另外应执行/她组织了一个很大的控制权。

控制是管理活动的东西或以上施加控制。

思想的产生和近十年的发展需要有系统的商业资源和控制这种财富一个新的关注。

One of the hot topic a boutcontrols over business resource is analyzingthe cost-benefit of each control. 主题之一热一回合管制的商业资源是分析每个控制成本效益。

作为内部控制和欺诈的第一道防线，维护资产以及预防和侦查错误。

内部控制，我们可以说是一种控制整个系统的财务和其他方面的管理制定了为企业的顺利运行;它包括内部的脸颊，内部审计和其他形式的控制。

COSOdescribe Internal Control as follow. Internalcontrols are the methods employed to help ensure the achievement of an objective. COSO的内部控制描述如下。

内部控制是一个客观的方法用来帮助确保实现。

会计内部控制中英文对照外文翻译文献n:Internal control is an accounting re or control system ___ policies。

protecting assets。

and preventing fraud and errors。

It is an important component of nal management that includes planning。

methods。

and res used to meet tasks。

goals。

and objectives。

and in doing so。

supports performance-based management。

Internal control is equal to management control and can help managers achieve the expected effective management of resources。

However。

designing and establishing effective internal control is not a simple task and cannot be achieved through quick fixes。

This article discusses the different aspects of the concept of internal control and management.Keywords: internal control。

management control。

control environment。

control activities。

n2.Internal Control Perspective: ___The environment requires new business control variables that are not responsive to any potential ___ control。