【導(dǎo)讀】?jī)?nèi)部控制這個(gè)概念已經(jīng)不是一個(gè)新概念。這篇文章將研究每個(gè)公共部門財(cái)政。經(jīng)理和董事會(huì)成員應(yīng)該了解的關(guān)于內(nèi)部控制的內(nèi)容。根本原因以后，Treadway委員會(huì)把大部分的責(zé)任歸咎于內(nèi)部控制管理的不足。，設(shè)法補(bǔ)救的Treadway委員會(huì)揭露出來(lái)的問(wèn)題。同樣，由于私營(yíng)部門最近的丑聞事件。些并不是內(nèi)部控制的準(zhǔn)確定義。也就是說(shuō)，內(nèi)部控制往往被視為一個(gè)集體名詞來(lái)。代中期Treadway委員會(huì)在面對(duì)虛假財(cái)政報(bào)告，需要履行職責(zé)時(shí)所面臨的形勢(shì)。年COSO發(fā)布的開(kāi)創(chuàng)性報(bào)告中提到的內(nèi)部控制綜合框架。依然是在正規(guī)和嚴(yán)肅場(chǎng)合開(kāi)展內(nèi)部控制的討論的重要基礎(chǔ)。制所需的有意義的培訓(xùn)”、特別是正確理解內(nèi)部控制的規(guī)定。為理由來(lái)為自己開(kāi)脫責(zé)任。父母或監(jiān)護(hù)人的最終職責(zé)是確保學(xué)生為他自己的功課。最后，教師和輔導(dǎo)員，他們?yōu)閷W(xué)生和家長(zhǎng)、監(jiān)護(hù)人提供寶貴的幫助，管理者用工具和技術(shù)來(lái)實(shí)現(xiàn)管理目標(biāo)），因此，管理是內(nèi)部控制的主要責(zé)任所在。

　　

【正文】 ly be pared and reconciled) * Periodic verifications (accounting data should regularly be pared with the actual items they represent) * Analytical review (the reasonabiliry of financial data should be assessed by paring that data with other data, both financial and nonfinancial, as well as with expectations) Specific controlrelated policies and procedures also can be divided between those designed to actually eliminate a problem (like a fire sprinkler system) and those designed with the more limited goal of alerting managers to a potential problem so they can eliminate it (like a smoke alarm). The importance of this distinction will bee apparent later in the discussion of monitoring. Communication. Unlike the other four ponents of a prehensive framework of internal control, munication does not really exist separately. Rather, it is a pervasive and necessary characteristic of each of the remaining ponents if they are to function effectively. For example, a sound control environment requires good munication among levels of management as well as between managerial and nonmanagerial staff. Indeed, it was to underscore the importance of munication to each of the other ponents of a prehensive framework of internal control that COSO chose to treat it as a separate ponent in its own right. Of special importance to good munication from the perspective of financial managers is the documentation of accountingrelated policies and procedures. Traditionally an accounting policies and procedures manual has generally been used for this purpose. More recently, governments have begun to use internal Web sites to ensure that staff has ready access to the most updated Managers, of course, are in a position to override whatever controls they establish. Because of this unavoidable risk of management override, it is important that staff be provided with a clear way of municating around managers in situations where management override does occur. Not all types of information have the same urgency. For example, indications of irregularities or fraud need to be municated to the appropriate parties immediately, whereas periodic reporting may be sufficient for many less sensitive types of controlrelated information. Good munication will ensure that the speed of munication is consistent with such considerations. Monitoring. The fifth and final ponent of a prehensive framework of internal control is monitoring. Just as even the bestconstructed house may reasonably be expected to require regular upkeep and occasional repairs, controlrelated policies and procedures tend naturally to deteriorate over time. Therefore, managers must periodically evaluate their controlrelated policies and procedures to ensure that they have been properly implemented and remain fully operational. Just as important, many controlrelated policies and procedures are designed to alert managers to a potential problem rather than to actually eliminate the problem. Therefore an essential element of monitoring is to evaluate how past indications of possible errors and irregularities signaled by controlrelated policies and procedures have been dealt with. 4 Inherent limitations of internal control While a sound framework of internal control is essential, it is important to bear in mind that no such framework can ever be perfect. For example, as already explained, managers normally are in a position to override whatever controlrelated policies and procedures they establish. Also, controls dependent upon the segregation of inpatible duties typically could be circumvented through collusion (., individuals intended to act as a control upon one another could instead work together to frustrate the control). Finally, and most important, it would be inappropriate to implement a controlrelated policy or procedure that would end up costing more than the benefit it was reasonably expected to achieve. Thus, for instance, it sometimes may not be feasible to fully implement the segregation of inpatible duties, in which case alternative (and potentially less effective) methods may need to be employed instead. FROM INTERNAL CONTROL TO ENTERPRISE RISK MANAGEMENT As noted earlier, COSO39。s 1992 report was groundbreaking and has served ever since as the basis for all serious discussion of internal control. For all that, COSO did not abandon its mission with the 1992 publication of Internal Control an Integrated Framework. Rather, it decided to enhance its work on internal control by placing it within the even broader context of enterprise risk management. The result was COSO39。s 2021 publication Enterprise Risk Management an Integrated Framework (COSO II). COSOII describes enterprise risk management as: a process effected by an entity39。s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives. This process necessarily involves both individual units within an anization and the anization as a whole. A prehensive enterprise risk management framework, according to COSOII, is one that provides reasonable assurance (1) that an entity39。s objectives are being achieved or (2) that management is made aware of risks that could impede their achievement: COSO II reiterates the three basic managerial objectives identified in the original COSO Report: operations (effectiveness and efficiency), reporting (broadened to enpass nonfinancial and internal reporting), and pliance. It also identifies a new fourth category of strategic objectives that it describes as being on a higher level, because all of the other objectives would need to be aligned to it. Consi