操作风险导向内部审计模式研究
|
摘要
21世纪是充满挑战和机会的新世纪,多样化和多变性的环境使企业的经营管理经历着实质性的变革。商业银行作为一个高风险行业,经营过程中的风险无处不在,近些年来发生的银行业操作风险问题已经引起了国内外的广泛关注。国际上大的银行机构和金融监管机构开始将风险管理的重点转到操作风险上来,并积极开展对操作风险的研究,包括操作风险的计量、控制和管理框架的建立。针对我国频繁爆发的银行业操作风险事件及其给银行造成的巨大损失,我国商业银行也迫切需要对操作风险进行研究和管理。
内部审计是确保受托责任有效履行的管理控制机制,作为企业管理中一个重要环节的内部审计也必须随之发展,才能成为企业价值链上一个必要的环节,为企业提供“增值”服务。企业内外部环境的特点以及经营管理的需求,与风险导向内部审计自身特点的完美契合,使得风险导向内部审计成为现代内部审计所不可替代的发展方向。本文通过分析西方商业银行的内部审计模式,学习借鉴先进的风险导向审计观念,试图以商业银行操作风险为切入点建立风险预警指标体系,探索操作风险导向内部审计模式在商业银行的应用,期望能对银行的风险防范和内部审计发展有所裨益。
第1章:导论。简要介绍了论文的研究背景及意义、使用的研究方法、论文结构。
第2章:西方商业银行内部审计的分析及借鉴。美国、英国、德国等典型的西方商业银行在各自公司治理结构下,经过长期的实践,摸索出了适合自身发展的、有效的内部审计运作规则和模式。美联储的外部监管对美国商业银行内部控制及内部审计都提出了具体明晰的要求,银行内部审计管理体制实行垂直领导保证了独立性和权威性,内部审计以防范风险为核心,对内部审计人员素质的要求较高;英国商业银行有较为完善的内部控制理论体系,合理的组织结构决定了内部审计具有很强的独立性,内部审计标准、方法、程序都以风险管理为中心,利用内部审计评估系统有效控制内部审计的工作质量和效果,广泛应用计算机技术;德国金融监管体系分工明确、互相协作,银行内部控制最突出的特点是“四只眼原则”,建立了包含内部审计机构在内的有效的内控机制。而我国银行内部审计还存在许多问题:风险管理机制不完善使内部审计缺乏良好的控制环境;独立性欠缺;审计观念及审计方法滞后;缺乏专业实务标准和审计条例。西方商业银行的许多先进理念、技术方法都值得我国学习借鉴:完善审计体系,建立相对独立、客观的内部审计机制;借鉴国际经验,健全内部控制体系和全面风险管理体系;遵循内部审计标准和程序,注重审计技术和方法;广泛使用计算机技术,提高内部审计的质量和效率。
第3章:风险导向内部审计模式。2003年国际内部审计师协会(IIA)对内部审计标准进行了修订,新的定义以风险为基础,对内部审计的对象、目标、职能等进行了重新定位,推动风险导向内部审计的进一步发展。本章首先分析了风险导向内部审计模式产生的必然性:加强风险管理是企业生存与发展的必然要求,改革传统内部审计模式的滞后性是内部审计发展的必然趋势,实行风险导向内部审计是内部审计职业生存与发展的保障。风险导向内部审计是目前西方最先进的内部审计阶段,关注的核心是企业的各类风险,遵循“目标——风险——控制”的逻辑顺序,内部审计能够直接针对高风险领域展开工作,从而管理风险、抓住机会以实现各类目标;在风险导向阶段,内部审计的本质发展成为确保受托责任有效履行的能动的管理控制机制,它用系统化的方法识别、评估风险并帮助改进风险和管理控制来支持组织目标的发展。IIA所述风险导向内部审计的三个对象——风险管理、控制以及治理程序实质上表现为广义的公司治理以及现代内部控制,而且风险导向内部审计能更好地促进二者之间的整合。风险导向内部审计首先确认目标,然后分析对这些目标产生影响的风险以及能够管理这些风险的控制,最后测试实际的控制考虑其能否切实管理这些风险;职能也从监督和评价转变为确证和咨询,这两项职能都是紧密结合内部审计的增值目标发展而来的。
第4章:操作风险导向内部审计模式的构想。首先介绍了操作风险的内涵,包括巴塞尔委员会以及我国银监会对操作风险的定义,巴塞尔将操作风险分为7大类:内部欺诈风险、外部欺诈风险、客户或产品与商业行为风险、执行交割和流程管理风险、经营中断和系统错误风险、雇员行为与工作场所管理风险、物理资产破坏风险;操作风险与信用风险、市场风险相比具有自身的特性:内生性、与预期收益弱相关、与其它风险强烈关联、表现形式的独特性、较强的人为性、较大的危害性、管理的复杂性。随后提出了构建操作风险预警指标体系,构建指标体系要遵循科学性、相关性、可控性等原则;与操作风险管理相关的指标主要有关键业绩指标(KPI)、关键控制指标(KCI)、关键风险指标(KRI),2007年6月中国银监会发布的《商业银行操作风险管理指引》定义了如下关键风险指标:每亿元资产损失率、每万人案件发生率、百万元以上案件发生比率、超过一定期限尚未确认的交易数量、失败交易占总交易数量的比例、员工流动率、客户投诉次数、错误和遗漏的频率以及严重程度等。操作风险预警指标体系将风险分为三级:总体操作风险、各商业银行的操作风险、商业银行各项关键操作风险;试图通过层次分析法来逐层确定各指标值的权重,确定临界值后设置合理的风险预警级别。在完成操作风险预警指标体系构想的基础上,提出了体系运行需要的前提:重视流程整理,确立关键风险指标、建立预警机制,规范数据收集标准、建立操作风险损失数据库等。
第5章:操作风险导向内部审计模式在商业银行的应用。首先是对商业银行应用操作风险导向内部审计模式进行可行性分析,有良好的计算机信息技术平台、较成熟的风险管理经验、国际知名会计师事务所在银行运用风险导向审计取得成功经验,说明银行应用该审计模式具备了一定条件。然后按照操作风险的识别、评估、实施审计程序、操作风险的控制或缓释等几方面对其在商业银行的具体应用进行了详细说明。此外,还说明了在应用过程中应该注意的问题,主要包括:培养操作风险意识、确定和划分部门职责并分离不相容岗位、全面建立风险的信息化控制、完善绩效考核及薪酬激励机制、建立危机事件处理机制等。
结语部分重申了文章的中心内容,在竞争与风险不断加剧的背景下,操作风险导向内部审计能够顺应风险管理的要求并为商业银行提供更多的服务,是内部审计不可阻挡的发展方向。
本文的贡献主要体现在:
第一,文章视角具有一定的新颖性和现实性。研究商业银行内部审计的文章比较多,但是从银行操作风险视角切入研究风险导向内部审计的文章还不多见,新的审计准则体系出台后,对风险导向审计理念更加重视,在此基础上研究操作风险导向内部审计具有一定的新颖性和现实性,对我国的内部审计实践也有一定的参考价值。
第二,提出了建立商业银行操作风险预警指标体系的构想,试图通过测度操作风险值,作为制订内部审计计划与审计程序的基础,使审计资源得到合理分配,为具体实施审计程序提供参考,为商业银行全面风险管理体系提供操作风险的专业服务。
本文不足之处在于:
在研究方法上仅采用规范研究方法,在研究内容上属于内部审计基本理论研究范畴,因此引用的案例、实务数据较少,文章不够丰富。未对中国商业银行的内部审计实务进行调查,仅基于理论层面分析操作风险导向内部审计的启示,未进行深入的实证检验,有一定局限性。另外,尽管试图结合其他学科知识进行综合研究,但可能无法透彻掌握这些学科的基本原理,也对本文产生一定影响。
The 21st century is a new century full of challenges and opportunities. In such a diversity and changing environment, the management of enterprises experience substantial revolutions. The operational risk of banking caused a wide concern in the whole world. A number of big banks and financial supervisory institutions begin to transfer the center of management to the operational risk, and develop wide research on operational risk, including the measurement of risks, risk control and the construction of mechanism of operational risk. According to a great number of accidents of operational risk constantly occurred in China’s commercial banks as well as the loss resulting from them, it is the high time we did something to do research on operational risk and reinforce our management.
As a managerial control mechanism that ensures effective accountability, internal audit has to change with it in order to become an essential part of the value chain and to provide“value-added”service to enterprise. The internal and external environment of enterprise and requirements of management perfectly consistent with the features of risk-oriented internal audit, which made risk-oriented internal audit become the developing direction of modern internal audit. The paper analyzes internal audit models of western commercial banks, learn from the concept of risk-oriented audit, try to establish a risk early warning indicator system based on commercial banks’operational risk, and explore the practice of operational risk-oriented internal audit in China’s commercial banks, which will benefit to risk prevention and the development of internal audit.
Chapter 1: Introduction. It mainly discusses the background, research method, structure of the paper.
Chapter 2: Western commercial banks internal audit analysis and reference. Under the corporate governance structures and through long-term practice, The United States, Britain, Germany and other typical western commercial banks explore suitable and effective rules and models of the internal audit. In American commercial banks, internal audit management system implemented vertical leadership ensured the independence and authority, internal audit at the core to prevent risk; British commercial banks have a more perfect system of internal control theory, internal auditing standards, methods, procedures are in the center for risk management, use computer technology extensively; Germany's financial regulator system is clear division of work and mutual cooperation, internal control has“Four eyes principle”. While China's banking internal audit still exist many problems: Imperfect risk management mechanism lead the lack of good internal audit control environment; the lack of independence; audit concepts and methods lags behind; lack of the professional practice standards and audit regulations. We should learn from western commercial banks: improve audit system; improve internal control system and a comprehensive risk management system; pay attention to audit techniques and methods; use computer technology extensively to enhance the quality and internal audit efficiency.
Chapter 3: Risk-oriented internal audit model. IIA revised the internal audit standards in 2003, the new risk-based definition re-position the objects, objectives, functions of the internal audit, which promoting the further development of risk-oriented internal audit. At first, we analyze inevitability of the risk-oriented internal audit: enterprise’s survival and development, the traditional internal audit’s shortcoming, internal audit professional survival and development. Risk-oriented internal audit is the most advanced stage of the western internal audit, which core concern is the risk of all types of enterprises. The essence is a dynamic management and control mechanism which ensuring the effective discharge of accountability, with its systematic approach to identify, assess risk, and control risk to support the development of organizational goals. The objects which IIA stated performance for broad essence of corporate governance and modern internal control. The Functions change from the supervision and evaluation into corroboration and counseling, which developed from the internal audit objectives of value-added.
Chapter 4: The conception of operational risk-oriented internal audit. First on the connotation of operational risk, including the Basel Committee and the China Banking Regulatory Commission on the definition of operational risk, Basel will be divided operational risk into seven major categories. Compared with credit risk and market risk, operational risk has its own characteristics. We try to build an operational risk early warning indicator system, while following the principles of scientific, relevance, controllability. The indicators that associated with operational risk management are key performance indicator (KPI), key control indicator (KCI), key risk indicator (KRI).“Commercial banks operational risk management guidelines”issued by China Banking Regulatory Commission in June 2007 gives the definition of 8 key risk indicators. Operational risk early warning indicator system will be divided into three tiers of risk: the overall operational risk, the total operational risk of each commercial bank, commercial bank’s key operational risk. Through Analytical Hierarchy Process to determine the value of the index weights, set reasonable level of risk warning according to the threshold.
Chapter 5: Practice of operational risk-oriented internal audit in commercial banks. First there is a feasibility analysis about practice of operational risk-oriented internal audit in commercial banks: good computer information technology platform, mature risk management experience, successful experience of international famous accounting firm using risk-oriented audit. Then we discuss operational risk identification, assessment, implementation of audit procedures, operational risk control or slow-release in commercial banks. In addition, it also shows that in the implementation process should pay attention to the issue: developing operational risk awareness, separation of departmental functions and incompatible positions, and the establishment of a comprehensive information risk control, improvement of the performance evaluation and pay incentive mechanism, the establishment of the mechanism for handling crises.
The conclusion reiterates the central elements of the article, while the growing competition and risks, the operational risk-oriented internal audit comply with the requirements of risk management and provide more services for commercial banks, which is an irresistible direction of internal audit development. The main contribution of this paper reflected in:
First, the article has some new perspectives and practical nature. There are more articles about commercial banks’internal audit research, but the paper from the perspective of banks’operational risk to study risk-oriented internal audit also rare. New audit guidelines pay more attention to risk-oriented concept, the research of operational risk-oriented internal audit has certain novelty and practicality.
Second, it proposes the establishment of commercial banks operational-risk early warning indicator system. It try to measure operational risk values, develop internal audit plan, and make sure rational allocation of audit resources, provide reference during the implementation of audit procedures, provide operational-risk information for comprehensive risk management system in commercial banks.
The shortcoming of this paper is:
Only use the standardized research methods. The contents belonging to the basic internal audit theoretical research areas, lack of cited cases and substantive data. The article only based on the theoretical level research issues but without empirical analysis, so it has a certain limitations.
内部审计是确保受托责任有效履行的管理控制机制,作为企业管理中一个重要环节的内部审计也必须随之发展,才能成为企业价值链上一个必要的环节,为企业提供“增值”服务。企业内外部环境的特点以及经营管理的需求,与风险导向内部审计自身特点的完美契合,使得风险导向内部审计成为现代内部审计所不可替代的发展方向。本文通过分析西方商业银行的内部审计模式,学习借鉴先进的风险导向审计观念,试图以商业银行操作风险为切入点建立风险预警指标体系,探索操作风险导向内部审计模式在商业银行的应用,期望能对银行的风险防范和内部审计发展有所裨益。
第1章:导论。简要介绍了论文的研究背景及意义、使用的研究方法、论文结构。
第2章:西方商业银行内部审计的分析及借鉴。美国、英国、德国等典型的西方商业银行在各自公司治理结构下,经过长期的实践,摸索出了适合自身发展的、有效的内部审计运作规则和模式。美联储的外部监管对美国商业银行内部控制及内部审计都提出了具体明晰的要求,银行内部审计管理体制实行垂直领导保证了独立性和权威性,内部审计以防范风险为核心,对内部审计人员素质的要求较高;英国商业银行有较为完善的内部控制理论体系,合理的组织结构决定了内部审计具有很强的独立性,内部审计标准、方法、程序都以风险管理为中心,利用内部审计评估系统有效控制内部审计的工作质量和效果,广泛应用计算机技术;德国金融监管体系分工明确、互相协作,银行内部控制最突出的特点是“四只眼原则”,建立了包含内部审计机构在内的有效的内控机制。而我国银行内部审计还存在许多问题:风险管理机制不完善使内部审计缺乏良好的控制环境;独立性欠缺;审计观念及审计方法滞后;缺乏专业实务标准和审计条例。西方商业银行的许多先进理念、技术方法都值得我国学习借鉴:完善审计体系,建立相对独立、客观的内部审计机制;借鉴国际经验,健全内部控制体系和全面风险管理体系;遵循内部审计标准和程序,注重审计技术和方法;广泛使用计算机技术,提高内部审计的质量和效率。
第3章:风险导向内部审计模式。2003年国际内部审计师协会(IIA)对内部审计标准进行了修订,新的定义以风险为基础,对内部审计的对象、目标、职能等进行了重新定位,推动风险导向内部审计的进一步发展。本章首先分析了风险导向内部审计模式产生的必然性:加强风险管理是企业生存与发展的必然要求,改革传统内部审计模式的滞后性是内部审计发展的必然趋势,实行风险导向内部审计是内部审计职业生存与发展的保障。风险导向内部审计是目前西方最先进的内部审计阶段,关注的核心是企业的各类风险,遵循“目标——风险——控制”的逻辑顺序,内部审计能够直接针对高风险领域展开工作,从而管理风险、抓住机会以实现各类目标;在风险导向阶段,内部审计的本质发展成为确保受托责任有效履行的能动的管理控制机制,它用系统化的方法识别、评估风险并帮助改进风险和管理控制来支持组织目标的发展。IIA所述风险导向内部审计的三个对象——风险管理、控制以及治理程序实质上表现为广义的公司治理以及现代内部控制,而且风险导向内部审计能更好地促进二者之间的整合。风险导向内部审计首先确认目标,然后分析对这些目标产生影响的风险以及能够管理这些风险的控制,最后测试实际的控制考虑其能否切实管理这些风险;职能也从监督和评价转变为确证和咨询,这两项职能都是紧密结合内部审计的增值目标发展而来的。
第4章:操作风险导向内部审计模式的构想。首先介绍了操作风险的内涵,包括巴塞尔委员会以及我国银监会对操作风险的定义,巴塞尔将操作风险分为7大类:内部欺诈风险、外部欺诈风险、客户或产品与商业行为风险、执行交割和流程管理风险、经营中断和系统错误风险、雇员行为与工作场所管理风险、物理资产破坏风险;操作风险与信用风险、市场风险相比具有自身的特性:内生性、与预期收益弱相关、与其它风险强烈关联、表现形式的独特性、较强的人为性、较大的危害性、管理的复杂性。随后提出了构建操作风险预警指标体系,构建指标体系要遵循科学性、相关性、可控性等原则;与操作风险管理相关的指标主要有关键业绩指标(KPI)、关键控制指标(KCI)、关键风险指标(KRI),2007年6月中国银监会发布的《商业银行操作风险管理指引》定义了如下关键风险指标:每亿元资产损失率、每万人案件发生率、百万元以上案件发生比率、超过一定期限尚未确认的交易数量、失败交易占总交易数量的比例、员工流动率、客户投诉次数、错误和遗漏的频率以及严重程度等。操作风险预警指标体系将风险分为三级:总体操作风险、各商业银行的操作风险、商业银行各项关键操作风险;试图通过层次分析法来逐层确定各指标值的权重,确定临界值后设置合理的风险预警级别。在完成操作风险预警指标体系构想的基础上,提出了体系运行需要的前提:重视流程整理,确立关键风险指标、建立预警机制,规范数据收集标准、建立操作风险损失数据库等。
第5章:操作风险导向内部审计模式在商业银行的应用。首先是对商业银行应用操作风险导向内部审计模式进行可行性分析,有良好的计算机信息技术平台、较成熟的风险管理经验、国际知名会计师事务所在银行运用风险导向审计取得成功经验,说明银行应用该审计模式具备了一定条件。然后按照操作风险的识别、评估、实施审计程序、操作风险的控制或缓释等几方面对其在商业银行的具体应用进行了详细说明。此外,还说明了在应用过程中应该注意的问题,主要包括:培养操作风险意识、确定和划分部门职责并分离不相容岗位、全面建立风险的信息化控制、完善绩效考核及薪酬激励机制、建立危机事件处理机制等。
结语部分重申了文章的中心内容,在竞争与风险不断加剧的背景下,操作风险导向内部审计能够顺应风险管理的要求并为商业银行提供更多的服务,是内部审计不可阻挡的发展方向。
本文的贡献主要体现在:
第一,文章视角具有一定的新颖性和现实性。研究商业银行内部审计的文章比较多,但是从银行操作风险视角切入研究风险导向内部审计的文章还不多见,新的审计准则体系出台后,对风险导向审计理念更加重视,在此基础上研究操作风险导向内部审计具有一定的新颖性和现实性,对我国的内部审计实践也有一定的参考价值。
第二,提出了建立商业银行操作风险预警指标体系的构想,试图通过测度操作风险值,作为制订内部审计计划与审计程序的基础,使审计资源得到合理分配,为具体实施审计程序提供参考,为商业银行全面风险管理体系提供操作风险的专业服务。
本文不足之处在于:
在研究方法上仅采用规范研究方法,在研究内容上属于内部审计基本理论研究范畴,因此引用的案例、实务数据较少,文章不够丰富。未对中国商业银行的内部审计实务进行调查,仅基于理论层面分析操作风险导向内部审计的启示,未进行深入的实证检验,有一定局限性。另外,尽管试图结合其他学科知识进行综合研究,但可能无法透彻掌握这些学科的基本原理,也对本文产生一定影响。
The 21st century is a new century full of challenges and opportunities. In such a diversity and changing environment, the management of enterprises experience substantial revolutions. The operational risk of banking caused a wide concern in the whole world. A number of big banks and financial supervisory institutions begin to transfer the center of management to the operational risk, and develop wide research on operational risk, including the measurement of risks, risk control and the construction of mechanism of operational risk. According to a great number of accidents of operational risk constantly occurred in China’s commercial banks as well as the loss resulting from them, it is the high time we did something to do research on operational risk and reinforce our management.
As a managerial control mechanism that ensures effective accountability, internal audit has to change with it in order to become an essential part of the value chain and to provide“value-added”service to enterprise. The internal and external environment of enterprise and requirements of management perfectly consistent with the features of risk-oriented internal audit, which made risk-oriented internal audit become the developing direction of modern internal audit. The paper analyzes internal audit models of western commercial banks, learn from the concept of risk-oriented audit, try to establish a risk early warning indicator system based on commercial banks’operational risk, and explore the practice of operational risk-oriented internal audit in China’s commercial banks, which will benefit to risk prevention and the development of internal audit.
Chapter 1: Introduction. It mainly discusses the background, research method, structure of the paper.
Chapter 2: Western commercial banks internal audit analysis and reference. Under the corporate governance structures and through long-term practice, The United States, Britain, Germany and other typical western commercial banks explore suitable and effective rules and models of the internal audit. In American commercial banks, internal audit management system implemented vertical leadership ensured the independence and authority, internal audit at the core to prevent risk; British commercial banks have a more perfect system of internal control theory, internal auditing standards, methods, procedures are in the center for risk management, use computer technology extensively; Germany's financial regulator system is clear division of work and mutual cooperation, internal control has“Four eyes principle”. While China's banking internal audit still exist many problems: Imperfect risk management mechanism lead the lack of good internal audit control environment; the lack of independence; audit concepts and methods lags behind; lack of the professional practice standards and audit regulations. We should learn from western commercial banks: improve audit system; improve internal control system and a comprehensive risk management system; pay attention to audit techniques and methods; use computer technology extensively to enhance the quality and internal audit efficiency.
Chapter 3: Risk-oriented internal audit model. IIA revised the internal audit standards in 2003, the new risk-based definition re-position the objects, objectives, functions of the internal audit, which promoting the further development of risk-oriented internal audit. At first, we analyze inevitability of the risk-oriented internal audit: enterprise’s survival and development, the traditional internal audit’s shortcoming, internal audit professional survival and development. Risk-oriented internal audit is the most advanced stage of the western internal audit, which core concern is the risk of all types of enterprises. The essence is a dynamic management and control mechanism which ensuring the effective discharge of accountability, with its systematic approach to identify, assess risk, and control risk to support the development of organizational goals. The objects which IIA stated performance for broad essence of corporate governance and modern internal control. The Functions change from the supervision and evaluation into corroboration and counseling, which developed from the internal audit objectives of value-added.
Chapter 4: The conception of operational risk-oriented internal audit. First on the connotation of operational risk, including the Basel Committee and the China Banking Regulatory Commission on the definition of operational risk, Basel will be divided operational risk into seven major categories. Compared with credit risk and market risk, operational risk has its own characteristics. We try to build an operational risk early warning indicator system, while following the principles of scientific, relevance, controllability. The indicators that associated with operational risk management are key performance indicator (KPI), key control indicator (KCI), key risk indicator (KRI).“Commercial banks operational risk management guidelines”issued by China Banking Regulatory Commission in June 2007 gives the definition of 8 key risk indicators. Operational risk early warning indicator system will be divided into three tiers of risk: the overall operational risk, the total operational risk of each commercial bank, commercial bank’s key operational risk. Through Analytical Hierarchy Process to determine the value of the index weights, set reasonable level of risk warning according to the threshold.
Chapter 5: Practice of operational risk-oriented internal audit in commercial banks. First there is a feasibility analysis about practice of operational risk-oriented internal audit in commercial banks: good computer information technology platform, mature risk management experience, successful experience of international famous accounting firm using risk-oriented audit. Then we discuss operational risk identification, assessment, implementation of audit procedures, operational risk control or slow-release in commercial banks. In addition, it also shows that in the implementation process should pay attention to the issue: developing operational risk awareness, separation of departmental functions and incompatible positions, and the establishment of a comprehensive information risk control, improvement of the performance evaluation and pay incentive mechanism, the establishment of the mechanism for handling crises.
The conclusion reiterates the central elements of the article, while the growing competition and risks, the operational risk-oriented internal audit comply with the requirements of risk management and provide more services for commercial banks, which is an irresistible direction of internal audit development. The main contribution of this paper reflected in:
First, the article has some new perspectives and practical nature. There are more articles about commercial banks’internal audit research, but the paper from the perspective of banks’operational risk to study risk-oriented internal audit also rare. New audit guidelines pay more attention to risk-oriented concept, the research of operational risk-oriented internal audit has certain novelty and practicality.
Second, it proposes the establishment of commercial banks operational-risk early warning indicator system. It try to measure operational risk values, develop internal audit plan, and make sure rational allocation of audit resources, provide reference during the implementation of audit procedures, provide operational-risk information for comprehensive risk management system in commercial banks.
The shortcoming of this paper is:
Only use the standardized research methods. The contents belonging to the basic internal audit theoretical research areas, lack of cited cases and substantive data. The article only based on the theoretical level research issues but without empirical analysis, so it has a certain limitations.
引文
1马克·洛尔、列夫·博罗多夫斯基,《金融风险管理手册》,北京:机械工业出版社,2002
2参见詹姆斯·罗瑟著,倪卫红、贾文勤译,《最佳实务——四个革新型审计部门的增值方法》,北京:石油工业出版社,2002
3 Flint D, Philosophy and Principle of Auditing [M], Macmillan Education Ltd.,1988
4 Munkman C.A, Accountability and Accounting [M],Hutchinson Technical Education,1971
5何林祥,《美国商业银行内部控制、风险管理与稽核制度》,北京:人民出版社,1999
6 Audit and Internal Review(International Stream):published by FTC Foulks Lynch, ISBN1843903628, 2004
7张进,《学习、比较、借鉴——英国商业银行内部审计调研心得》,武汉:湖北内审优秀论文集,2003
8王荔钦,《德国内部审计模式新发展》,武汉:财会月刊,2004(3)
9朱正平,《谈中央银行内审的的现状及发展取向》,北京:中国内部审计,2004(2)
10维纳著,郝季仁译,《控制论》,北京:科学出版社,1963
11郭胜利,《内部审计基本理论问题研究》,厦门:厦门大学博士论文,2003
12 McNamee D. and G Selim, Risk Management: Changing the Internal Auditor’s Paradigm[M], Altamonte Springs, FL:IIA Research Foundation,1998
13 Committee of the Sponsoring Organizations of the Tread way Commission, Enterprise Risk Management Framework, (Draft), New York: COSO, 2003
14 Chapman C. and U. Anderson, Implementing the Professional Practices Framework[M], Altamonte Spring FL:IIA,2002
15李海风编译,《面向信息时代的内部审计》,北京:地震出版社,2002
16汪健峰,《商业银行操作风险管理实务》,北京:中国工商出版社,2005
17 Hans-Ulrich Doering,Operational Risks in Financial Services[M],北京:中信出版社,2004年
18 Robert Hubner,Advance in Operational Risk: Firm-wide Issues for Financial Institution[C],李雪莲、万志宏译,天津:南开大学出版社,2005
20参考:朱君芝,《开放经济下我国商业银行风险预警评估:指标体系及其结构探析》,上海:同济大学硕士论文,2006
21马克·洛尔、列夫·博罗多夫斯基,《金融风险管理手册》,北京:机械工业出版社,2002
[1]何林祥,《美国商业银行内部控制、风险管理与稽核制度》,北京:人民出版社,1999
[2]张进,《学习、比较、借鉴——英国商业银行内部审计调研心得》,武汉:湖北内审优秀论文集,2003
[3]王荔钦,《德国内部审计模式新发展》,武汉:财会月刊,2004(3)
[4]朱正平,《谈中央银行内审的现状及发展取向》,北京:中国内部审计,2004(2)
[5]维纳著,郝季仁译,《控制论》,北京:科学出版社,1963
[6]郭胜利,《内部审计基本理论问题研究》,厦门:厦门大学博士论文,2003
[7]李海风编译,《面向信息时代的内部审计》,北京:地震出版社,2002
[8]朱君芝,《开放经济下我国商业银行风险预警评估_指标体系及其结构探析》,上海:同济大学硕士论文,2006
[9]马克·洛尔、列夫·博罗多夫斯基,《金融风险管理手册》,北京:机械工业出版社,2002
[10]盛军,《中国国有商业银行操作风险研究:制度归因、实证分析与对策设计》,上海:同济大学博士论文,2005
[11]严晖,《风险导向内部审计若干问题研究》,厦门:厦门大学博士论文,2004
[12]高延冰、纪红梅,《内部审计的国际发展及对我国的启示》,济南:山东经济,2003(1)
[13]刘秋明,《论风险基础内部审计》,北京:审计理论与实践,2003(10)
[14]王光远,《消极防弊·积极兴利·价值增值——20世纪内部审计的回顾与思考》,武汉:财会月刊,2003(2,3,4,5,6)
[15]詹姆斯·罗瑟著,倪卫红、贾文勤译,《最佳实务——四个革新型审计部门的增值方法》,北京:石油工业出版社,2002
[16]汪健峰,《商业银行操作风险管理实务》,北京:中国工商出版社,2005
[17]卢鸿,《现代商业银行内部控制系统论》,北京:中国金融出版社,2001.9
[18]杨凯生,《银行风险防范和危机化解国际比较研究》,北京:中国金融出版社,2000.8
[19]张彦,《内部审计》,上海:上海财经大学出版社,2003.3
[20]陈光,《现代商业银行外部审计与风险监管》,北京:中国发展出版社,2001.1
[21]胡春元,《风险基础审计》,大连:东北财经大学出版社,2001
[22]中国银行业监督管理委员会,《商业银行风险预警操作指引(试行)》,2005.4
[23]中国银行业监督管理委员会,《商业银行风险监管核心指标(试行)》,2006.1
[24]中国银行业监督管理委员会,《商业银行操作风险管理指引》,2007.6
[25]巴塞尔委员会,《巴塞尔银行监管委员会文献汇编》,中国金融出版社,2004.5
[26]巴塞尔委员会,《操作风险管理与监管的稳健做法》,2003.2
[27]Hans-Ulrich Doering,Operational Risks in Financial Services[M],北京:中信出版社,2004
[28]Robert Hubner, Advance in Operational Risk: Firm-wide Issues for Financial Institution[C],李雪莲、万志宏译,天津:南开大学出版社,2005
[29]Audit and Internal Review (International Stream): published by FTC Foulks Lynch, 2004
[30]McNamee D. and G Selim, Risk Management: Changing the Internal Auditor’s Paradigm [M], Altamonte Springs, FL: IIA Research Foundation, 1998
[31]Committee of the Sponsoring Organizations of the Tread way Commission, Enterprise Risk Management Framework, (Draft), New York: COSO, 2003
[32]Chapman C. and U. Anderson, Implementing the Professional Practices Framework [M], Altamonte Spring FL: IIA, 2002
[33]Flint D, Philosophy and Principle of Auditing [M], Macmillan Education Ltd.,1988
[34]Munkman C.A, Accountability and Accounting [M], Hutchinson Technical Education, 1971
[35]David McNamee, Risk-based Auditing [J], The Internal Auditor, 1997(8)
2参见詹姆斯·罗瑟著,倪卫红、贾文勤译,《最佳实务——四个革新型审计部门的增值方法》,北京:石油工业出版社,2002
3 Flint D, Philosophy and Principle of Auditing [M], Macmillan Education Ltd.,1988
4 Munkman C.A, Accountability and Accounting [M],Hutchinson Technical Education,1971
5何林祥,《美国商业银行内部控制、风险管理与稽核制度》,北京:人民出版社,1999
6 Audit and Internal Review(International Stream):published by FTC Foulks Lynch, ISBN1843903628, 2004
7张进,《学习、比较、借鉴——英国商业银行内部审计调研心得》,武汉:湖北内审优秀论文集,2003
8王荔钦,《德国内部审计模式新发展》,武汉:财会月刊,2004(3)
9朱正平,《谈中央银行内审的的现状及发展取向》,北京:中国内部审计,2004(2)
10维纳著,郝季仁译,《控制论》,北京:科学出版社,1963
11郭胜利,《内部审计基本理论问题研究》,厦门:厦门大学博士论文,2003
12 McNamee D. and G Selim, Risk Management: Changing the Internal Auditor’s Paradigm[M], Altamonte Springs, FL:IIA Research Foundation,1998
13 Committee of the Sponsoring Organizations of the Tread way Commission, Enterprise Risk Management Framework, (Draft), New York: COSO, 2003
14 Chapman C. and U. Anderson, Implementing the Professional Practices Framework[M], Altamonte Spring FL:IIA,2002
15李海风编译,《面向信息时代的内部审计》,北京:地震出版社,2002
16汪健峰,《商业银行操作风险管理实务》,北京:中国工商出版社,2005
17 Hans-Ulrich Doering,Operational Risks in Financial Services[M],北京:中信出版社,2004年
18 Robert Hubner,Advance in Operational Risk: Firm-wide Issues for Financial Institution[C],李雪莲、万志宏译,天津:南开大学出版社,2005
20参考:朱君芝,《开放经济下我国商业银行风险预警评估:指标体系及其结构探析》,上海:同济大学硕士论文,2006
21马克·洛尔、列夫·博罗多夫斯基,《金融风险管理手册》,北京:机械工业出版社,2002
[1]何林祥,《美国商业银行内部控制、风险管理与稽核制度》,北京:人民出版社,1999
[2]张进,《学习、比较、借鉴——英国商业银行内部审计调研心得》,武汉:湖北内审优秀论文集,2003
[3]王荔钦,《德国内部审计模式新发展》,武汉:财会月刊,2004(3)
[4]朱正平,《谈中央银行内审的现状及发展取向》,北京:中国内部审计,2004(2)
[5]维纳著,郝季仁译,《控制论》,北京:科学出版社,1963
[6]郭胜利,《内部审计基本理论问题研究》,厦门:厦门大学博士论文,2003
[7]李海风编译,《面向信息时代的内部审计》,北京:地震出版社,2002
[8]朱君芝,《开放经济下我国商业银行风险预警评估_指标体系及其结构探析》,上海:同济大学硕士论文,2006
[9]马克·洛尔、列夫·博罗多夫斯基,《金融风险管理手册》,北京:机械工业出版社,2002
[10]盛军,《中国国有商业银行操作风险研究:制度归因、实证分析与对策设计》,上海:同济大学博士论文,2005
[11]严晖,《风险导向内部审计若干问题研究》,厦门:厦门大学博士论文,2004
[12]高延冰、纪红梅,《内部审计的国际发展及对我国的启示》,济南:山东经济,2003(1)
[13]刘秋明,《论风险基础内部审计》,北京:审计理论与实践,2003(10)
[14]王光远,《消极防弊·积极兴利·价值增值——20世纪内部审计的回顾与思考》,武汉:财会月刊,2003(2,3,4,5,6)
[15]詹姆斯·罗瑟著,倪卫红、贾文勤译,《最佳实务——四个革新型审计部门的增值方法》,北京:石油工业出版社,2002
[16]汪健峰,《商业银行操作风险管理实务》,北京:中国工商出版社,2005
[17]卢鸿,《现代商业银行内部控制系统论》,北京:中国金融出版社,2001.9
[18]杨凯生,《银行风险防范和危机化解国际比较研究》,北京:中国金融出版社,2000.8
[19]张彦,《内部审计》,上海:上海财经大学出版社,2003.3
[20]陈光,《现代商业银行外部审计与风险监管》,北京:中国发展出版社,2001.1
[21]胡春元,《风险基础审计》,大连:东北财经大学出版社,2001
[22]中国银行业监督管理委员会,《商业银行风险预警操作指引(试行)》,2005.4
[23]中国银行业监督管理委员会,《商业银行风险监管核心指标(试行)》,2006.1
[24]中国银行业监督管理委员会,《商业银行操作风险管理指引》,2007.6
[25]巴塞尔委员会,《巴塞尔银行监管委员会文献汇编》,中国金融出版社,2004.5
[26]巴塞尔委员会,《操作风险管理与监管的稳健做法》,2003.2
[27]Hans-Ulrich Doering,Operational Risks in Financial Services[M],北京:中信出版社,2004
[28]Robert Hubner, Advance in Operational Risk: Firm-wide Issues for Financial Institution[C],李雪莲、万志宏译,天津:南开大学出版社,2005
[29]Audit and Internal Review (International Stream): published by FTC Foulks Lynch, 2004
[30]McNamee D. and G Selim, Risk Management: Changing the Internal Auditor’s Paradigm [M], Altamonte Springs, FL: IIA Research Foundation, 1998
[31]Committee of the Sponsoring Organizations of the Tread way Commission, Enterprise Risk Management Framework, (Draft), New York: COSO, 2003
[32]Chapman C. and U. Anderson, Implementing the Professional Practices Framework [M], Altamonte Spring FL: IIA, 2002
[33]Flint D, Philosophy and Principle of Auditing [M], Macmillan Education Ltd.,1988
[34]Munkman C.A, Accountability and Accounting [M], Hutchinson Technical Education, 1971
[35]David McNamee, Risk-based Auditing [J], The Internal Auditor, 1997(8)