内部控制、公司治理、风险管理:关系与整合

为了控制企业可能存在的风险,在企业的发展过程中,相继产生了内部控制、公司治理和风险管理等框架。关于三者关系理论界和实务界一直都在进行争论,但时至今日并未达成统一的认识,特别伴随COSO《企业风险管理——整体框架》的发布以及我国财政部《企业内部控制规范——基本规范》的出台,三者关系的讨论就不仅仅是理论问题,而是实践中必须要解决的问题了。本文从历史回顾和逻辑推理的角度,探讨了三者本质的相同性,以此为基础,对三者进行了整合,构建了基于风险管理的整合框架。这既避免了企业管理体系的交叉、重复,又实现了各种管理体系的一体化。

Internal Control, Corporation Governance and Risk Management: Relationship and Integration

In the developing process of the enterprises,internal control,corporation governance and risk management frameworks were produced in order to control the potential risks of the enterprises.As for the relationship among the three frameworks,the theoretical and the practical fields are always debating with on another.However,they do not achieve a common cognition even nowadays.Especially with COSO issuing the Enterprise Risk Management——Integrated Framework and MOF,PRC promulgating the Enterprise Internal Control Regulations——Basic Regulations,the discussion of the relationship among the three frameworks turns out to be not only a theoretical problem,but also a problem needs to be solved in practice.This article probes into the essential identity of the three frameworks above from the aspect of historical review and logical reasoning.On the basis of their essential identity,this article integrates three frameworks and constructs a risk controlling based integrated framework.This newly-built framework is able to avoid the overlaps or duplications of management systems and to implement the integration of varied management systems of the enterprises.