[摘 要] 內部審計風險成因包括內部審計機構的獨立性不夠,內部審計人員的業務不精,內部審計方法的科學性不強,內部審計管理的制度不健全。為了降低內部審計風險,應加強內部審計的法制建設,保證內部審計的獨立性,提高內部審計人員的素質,執行科學合理的審計工作程序,正確處理降低風險與經濟效益的關系,開展以風險為導向的風險基礎審計。
[關鍵詞] 審計 風險 管理
內部審計風險包括固有風險和控制風險。固有風險是指在假定與內部會計控制無關的情況下,被審計單位整體財務報表和各賬戶余額或某項業務發生重大差錯的可能性,即由於被審計單位經濟業務的特點和會計核算工作本身的不足而形成的審計風險。如某些企業缺乏對會計制度應有的重視,賬戶體系龐雜、會計信息明晰性降低,報表利用困難,成本、費用缺乏成本核算概念等。控制風險是指由於被審單位內部控制制度不夠健全完善,內部控制行為不力,不能及時發現和糾正某個賬戶或某種業務中的重大錯誤而形成的審計風險。有時即使審計人員確認被審計單位的內部控制制度不合理或在關鍵環節上失控,其提出的修正建議能否真正適合被審計單位的經營活動,也會形成壹種修正風險。
壹、內部審計風險形成的原因
1.內部審計機構的獨立性不夠
內部審計機構是單位內設機構,在單位負責人的領導下開展工作,為單位服務。因此,內部審計的獨立性不如社會審計,在審計過程中,不可避免地受本單位的利益制約。內審人員面臨的是與單位領導層之間的領導與被領導的關系以及與各科室、部門之間的同事關系,所涉及的人不是領導就是同事,非直接有關也是間接相關,審計過程及結論必然涉及到具體的個人利益,因而審計過程難免受到各類人員幹擾。
2.內部審計人員的業務不精
審計人員素質的高低是決定審計風險大小的主要因素。審計人員的素質包括從事審計需要的政策法規水平、專業知識、經驗、技能、審計職業道德和工作責任。
審計經驗是審計人員應有的壹種重要技能,審計經驗需要實踐的積累。我國的內部審計人員中不少人僅熟悉財務會計業務,壹些審計人員不了解本單位的經營活動和內部控制,審計經驗有限。另外,內部審計人員工作責任和職業道德也是影響審計風險的因素。由於我國內審準則工作規範和職業道德標準方面還有壹些空白,許多內審機構和人員缺乏應有的職業規範的約束和指導。總之,目前我國內審人員總體素質偏低,直接影響到內審工作開展的深度和廣度。面對當今內審對象的復雜和內容的拓展,內審人員勢單力簿,這將直接導致審計風險的產生。
3.內部審計方法的科學性不強
我國內審方法是制度基礎審計,隨著企業內部經營管理環境復雜化,這種審計模式不適應開展內部管理審計的需要,因為它過分依賴於對企業內部管理控制的測試,本身就蘊藏巨大的風險內部審計壹般采用統計抽樣方法,由於抽樣審計本身是以樣本的審查結果來推斷總體的特征,因此,樣本和總體之間必然會形成壹定的誤差,形成審計的抽樣風險。隨著信息化程度提高,被審計單位的會計信息資料會越來越多,差錯和虛假的會計資料摻雜其中,失察的可能性也隨之加大。雖然統計抽樣是建立在堅實的數學理論基礎之上,但其本身是允許存在壹定的審計風險的。同樣,大量的分析性審核也會產生相關風險,使審計風險的構成內容更為復雜。
4.內部審計管理的制度不健全
內部審計管理的制度建設及執行情況是內部審計的前提和基礎。健全有效的內部管理制度能及時發現和控制企業經濟活動中發生的各種差錯和舞弊。為保證內部審計質量,內審組織應建立完善的質量控制制度,但是,部分審計機構至今仍缺少事前的審計計劃、事中的審計程序和報告期的審計復核;審計工作底稿不完整,壹般僅記錄審計問題事項,而未記錄審計人員認為正確的審計事項,使得審計復核、審計質量控制無從入手;審計報告以協調關系為出發點,以肯定工作成績為基調,問題定性模棱兩可。以上現狀的存在,使得保證內部審計質量成為壹句空話,更談不上防範風險。
二、降低內部審計風險的途徑
1.加強內部審計的法制建設
完善和健全審計法規體系是內部審計風險控制的基礎措施。審計規範是審計人員的行為規範和工作準則,不僅可以控制和減少審計風險,而且也是衡量審計人員法律責任的標準。我國內部審計起步較晚,與西方國家相比,在相關制度建設上存在著許多不完善的地方。為了適應現代內部審計不斷發展的要求,就必須加強審計工作法制化、規範化建設,盡量減少審計工作的盲目性和隨意性。
2.保證內部審計的獨立性
獨立性可以使內部審計師提出公正的和不偏不倚的專業判斷,這對審計工作的恰當開展是必不可少的。內部審計機構獨立性的內涵應主要表現為形式上的獨立和實質上的獨立兩方面。形式上的獨立要求內部審計在組織內具有較高的組織地位,內部審計師的工作應能夠獲得高級管理層和董事會的支持。實質上的獨立是指內部審計人員在精神上必須保持必要的獨立性,應以公正的態度,避免利益沖突,在開展內部審計工作時,保持誠實的信念,遵守職業道德準則,在整個審計過程中不做出重大的妥協。
3.提高內部審計人員的素質
審計人員是審計工作的具體執行者,其業務素質的高低直接關系到審計項目質量的好壞和審計風險的大小。因此,提高審計人員的素質,對控制和防範審計風險,提高審計質量起著根本性作用。首先,應加強內審人員政治素質教育和能力的培養,樹立內審人員壹絲不茍的工作精神和紮紮實實的工作作風,對其進行定期與不定期的培訓,使其具備與其工作相適應的高尚品質,高度的事業心、責任感以及處理問題的能力;二是要引導審計人員通過工作實踐,及時總結內審工作經驗,不斷完善審計手段和方法,不斷提高運用理論知識解決實際問題的本領和應對復雜多變的工作局面的能力;三是要在進壹步完善審計隊伍準入制度,實行執證上崗的基礎上,建立科學的激勵機制,充分調動審計人員的積極性,激發其愛崗敬業的熱情,使審計工作隊伍在穩定的基礎上不斷發展壯大;四是要加強審計人員的業務培訓和繼續教育,使他們能熟練掌握審計的基本知識、基本技能和基本方法,熟悉會計、經濟管理、經濟法規等相關知識,提高內審人員的審計查證能力,以適應新形勢的需要。
4.執行科學合理的審計工作程序
科學的審計程序是圓滿完成各項審計任務、降低審計風險的重要手段。從審計任務的下達和審計工作方案的編制,到實施審計、編制審計工作底稿、出具審計報告整個工作流程必須有壹套規範的程序。在實施審計的工作中,要充分運用現代的及成熟的審計技術方法。從審計組提交審計報告到作出審計決定階段應有完善的“把關”程序。要抓好執法檢查和廉政回訪工作,要檢查審計人員在審計活動中,證據收集是否齊全,程序是否符合要要求,決定是否合法,發現問題要及時進行補救和糾正。審計人員應嚴格按照程序操作壹環扣壹環,並且對每個環節進行控制,將審計風險隱患消滅在審計的各個環節。
5.正確處理降低風險與經濟效益的關系
審計風險可以控制但不能完全消除,如果壹味降低審計風險,就可能違背成本效益原則。因此,在接受審計任務時,要認真評價被審計單位的風險程度,高風險單位應該選派經驗豐富,解決問題能力強的人員,並適當延長審計時間,而對低風險單位可以投入較少的人力,物力和時間,這樣就能使降低審計風險、提高效率和降低成本三者統壹起來。
6.開展以風險為導向的風險基礎審計
風險基礎審計是通過對審計風險進行系統的分析和評價,來確定審計風險是否可以控制在可以接受的範圍內。它主要運用分析性復核的方法,不僅對客戶的控制風險進行評價,同時更要對產生風險的各個要素進行分析和評價,以確定實質性測試的範圍和重點。這樣就使審計風險與整個審計過程密切聯系起來,以風險的分析與控制為出發點,以保證審計質量為前提,統籌運用符合性測試、實質性測試、分析性檢查等方法,綜合各種審計證據,以控制審計風險。近年來,風險基礎審計在世界各國已廣泛應用,其原因就在於它從審計準備階段開始就考慮審計風險。我國內部審計也應盡快實現向這種審計模式的過渡,以提高審計質量。
參考文獻:
[1]邱 嘉:試論內部審計與內部控制的關系.消費導刊,2008.2:84
[2]範太艷等:淺議內部審計的咨詢服務職能.網絡財富,2008.06:52~53
[3]段 琳:內部審計:風險管理的抓手.中國石油企業,2007.12:31~33
[4]劉 莉:企業內部審計風險分析與規避對策.商業會計,2008.12:46~47
[4]趙 菁:降低內部審計風險的途徑.西安建築科技大學學報,2008.02:17~20
[5]張孝蘭等:內部審計的風險與防範對策.樂山師範學院學報,2007.08:52~53
[6]周麗瓊:企業內部審計的風險管理.企業家天地,2007.10:77~80
Analysis of the causes of internal audit risk and its solution
[Abstract] internal audit risk factors include the independence of internal audit bodies enough, the internal audit staff ill-equipped business, internal audit of the scientific method is not strong, internal audit management systems. In order to reduce the risk of internal audit, internal audit should strengthen the legal system, guarantee the independence of internal audit, internal audit staff to improve the quality of the audit of the implementation of scientific and rational work processes, reduce risks and to correctly handle the relationship between economic efficiency and conduct a risk - oriented risk-based audit.
[Key words]Audit,Risk,Risk
Internal audit risks include the inherent risks and control risks. The inherent risks is the assumption that has nothing to do with internal accounting controls, the units being audited financial statements and the overall balance of the account of a business or the possibility of a major error, that is caused by the audit unit economic characteristics of business and accounting work itself the formation of the lack of audit risk. Some enterprises such as the lack of due attention to the accounting system, account system complex, reducing clarity of accounting information, reports, use of difficulty, cost, cost of lack of cost accounting concepts. Control risk refers to as a result of inadequate internal control system被審單位perfect, weak internal control behavior, not timely detection and correction of a business account or a major error in the formation of audit risk. Sometimes, even if the auditors audited units to confirm the internal control system is unreasonable or out of control in key areas, the amendments proposed by the audit can really suitable for operating activities, but will also create a risk amendment.
First, the internal audit risk causes
1. The independence of the internal audit agency enough
Internal audit body is set up units in institutions, in the unit under the leadership of the responsible persons to work as a unit of service. Therefore, the independence of internal audit as social audit, the audit process, inevitably affected the interests of the unit constraints. OIA staff faced with the unit leadership was among the leadership and the leadership of the relationship, as well as with various sections, the relationship between colleagues, people are not involved in the leadership of my colleagues is, non-directly related to also indirectly related to the audit process and conclusions will inevitably involve the interests of specific individuals, which inevitably affected the audit process for all categories of personnel interference.
2. Internal audit operations personnel ill-equipped
The quality of auditors is to determine the size of audit risk factors. The quality of the audit including those engaged in the audit of the policies and regulations need to level of expertise, experience, skills, audit professional ethics and work responsibilities.
Audit experience, the audit staff should have an important skill, the need for the audit practice of the accumulation of experience. China's internal audit staff, many people only familiar with the financial and accounting operations, some auditors do not understand the business activities of this unit and internal controls, audit limited experience. In addition, the internal audit staff responsibilities and professional ethics is the impact of audit risk factors. Because of China's internal guidelines for the work of norms and ethical standards still some gaps, and many internal organs and personnel lack of occupational norms bound and guidance. In short, China's overall quality of the low OIA staff and directly affected the internal audit work carried out by the depth and breadth. Faced with the complexity of today's OIA object and content development, internal audit staff and powerful single force book, which will directly lead to the selection of audit risk.
3. Internal audit of the scientific method is not strong
China's system of internal audit is the basis of the audit, with the internal operation and management of environmental complicated models are not suited to carry out this audit internal management audit of the needs, because it is overly dependent on the internal management of enterprises controlled test, in itself a huge potential the risk of internal audit generally use statistical sampling methods, as a result of the sample itself is based on a sample audit of the results of the review can be inferred from the general characteristics, therefore, between the samples and the overall form is bound to a certain degree of error, the formation of audit sampling risk. With the degree of information technology improved, the audited accounting information will be more and more errors and false accounting information doped them, and failed to investigate the possibility of also increasing. Although the survey sample is built on the solid foundation of mathematical theory, but its existence is to allow a certain degree of audit risk. Similarly, a large number of analytical review will also have associated risks, so that the composition of the contents of audit risk is more complicated.
4. Internal Audit management systems
Internal audit management system construction and implementation of internal audit is the prerequisite and foundation. Sound and effective internal management system to detect and control of enterprise economic activity occurring in a variety of errors and fraud. To ensure the quality of internal audit, internal audit organizations should establish a perfect quality control system, however, some audit institutions still lack of prior audit plan, a matter of auditing procedures and audit review of the reporting period; the audit working papers incomplete, generally only Records of audit matters, not the recording of audit staff that the correct audit matters, making the audit review, audit quality control no way; to coordinate the relationship between the audit report as a starting point to certain performance-based, qualitative ambiguous issues. More than the existence of the status quo, making the internal audit quality assurance become an empty talk, let alone ward off risks.
Second, reduce the risk of internal audit ways
1. Strengthen the internal audit of the legal system
Improve and perfect the legal system for the audit of internal audit is the basis of risk control measures. Audit norms, the audit staff code of conduct and guidelines, not only to control and reduce audit risk, but also to measure auditors liability standards. China's internal audit late start compared with Western countries in the relevant system-building there are many imperfections. In order to adapt to the continuous development of modern internal audit requirements, it is necessary to strengthen the audit work of legalization and standardization construction to minimize the audit work of blindness and randomness.
2. To ensure the independence of internal audit
The independence of the internal auditor can make a fair and impartial professional judgment, which is appropriate to carry out the audit work is essential. The independence of internal audit bodies connotation should be reflected mainly in the form of independence and de facto independence in two ways. Formal independence requirements of internal audit in the organization of organizations with high status, the internal auditor should have access to senior management and board of directors support. Essentially refers to an independent internal audit staff in the spirit of the need to maintain the necessary independence, should be a fair and just manner and avoid conflicts of interest, in carrying out internal audit work, to maintain an honest belief in compliance with the Code of Ethics for the entire audit process does not make a significant compromise.
References:
[1]Qiu Jia: On the internal audit and internal control relationship. Consumer Guide, 2008.2:84
[2]Fan Wen-Yan ,etc: On the internal audit function of the advisory services. Network wealth 2008.06:52 ~ 53
[3] Duan Lin: Internal Audit: Risk Management grasps. China's oil companies, 2007.12:31 ~ 33
[4] Liu Li: Corporate Internal Audit Risk Analysis and Countermeasures to circumvent. Commercial accounting, 2008.12:46 ~ 47
[4] Zhao Qing: Reduce the risk of internal audit ways. Xi'an University of Architecture and Technology Journal, 2008.02:17 ~ 20
[5]Zhang Xiao-Lan,etc: internal audit risks and preventive measures. Leshan Teachers College Journal, 2007.08:52 ~ 53
[6]Zhou Li-Qiong: enterprise internal audit risk management. Entrepreneurs world, 2007.10:77 ~ 80
僅供參考,請自借鑒
希望對您有幫助
補充:
由於篇幅限制,不是很完整,歡迎妳隨時給我留言。