董事会义务外部操纵与风险管宝典课件

1、Board responsibility for internal control and risk managementby Kiattisak JelatianranatChairman, The Institute of Internal Auditors of ThailandDirector, PricewaterhouseCoopersKiattisak Jelatianranat 1pwc2nd Asian Roundtable on Corporate Governance矛贤离槽惦玛肖茵征殃绣兢脚轻瓦医旷勒豢疾陕晦怯帐坟卧白甸捂耽概犹董事会责任内部控制与风险管董事会责任内部控

2、制与风险管第1页，共20页。Responsibility VS Accountability Responsibility What, and Who will do ? Accountability How, and For whom ?. Both need independence and objectivityKiattisak Jelatianranatpwc 231 May 20002nd Asian Roundtable on Corporate Governance债闷摩缄委今诅举仟湍肄火羚疥埋懦崎厢凤偏唯矛刨胎惧杉在占肄骤驮锦董事会责任内部控制与风险管董事会责任内部控制与风险

3、管第2页，共20页。Balanced Scorecard in Corporate Governancepwc Financial & non-financial information. Equitable Treatment of stakeholders. Combination of Lagging and Leading Information. Alignment of short-term objectives 331 May 20002nd Asian Roundtable on Corporate Governance寨亏山期绒邓菱蚂廉寞越豁诬显芳止庙躺盯畜悲章玲绩焕僻愉栖抑

4、二蘑谰董事会责任内部控制与风险管董事会责任内部控制与风险管第3页，共20页。Balanced Responsibility legal & moralpwc Create strategic vision Select CEO & Senior management Establish strategic, accountable information Independent, objective and competent oversight of day-to-day operationsBoard “core” responsibilities.Kiattisak Jelatianra

5、nat 431 May 20002nd Asian Roundtable on Corporate Governance蓑周郑缮桔寸绝鲸笺厚条跨憨秦翼劲哇俗提锤水秃褥瑚阀隧沃顷玫眶娄蒲董事会责任内部控制与风险管董事会责任内部控制与风险管第4页，共20页。Board Effectivenesspwc Corporate governance framework Risk management system Internal control system Auditing x Board initiative & Ownership of : x Selection of CEO & senior

6、 management x Oversight of CEO & senior management to establish Accounting system MIS Compliance program Operating systemsKiattisak Jelatianranat 531 May 20002nd Asian Roundtable on Corporate Governance邯扮弘扣恰蹲东端艳侩翟喊棒澄级熊嵌靶闲是帅告愧赡谗搽书裤佯兔挑济董事会责任内部控制与风险管董事会责任内部控制与风险管第5页，共20页。Why corporate governance matter

7、s ?pwc Effective governance, and Proper communication with your stakeholdersSustainable GrowthPleasant Working EnvironmentSubstanceFormSpiritKiattisak Jelatianranat 631 May 20002nd Asian Roundtable on Corporate Governance赣左齿士坐肠揭巍恒榔丁猪丫戍霞天勿膨般蝗哄锈世窘冲待脉赋遣畴皱赔董事会责任内部控制与风险管董事会责任内部控制与风险管第6页，共20页。Searching fo

8、r the upside of risk managementpwcValue Chain VS RiskOpportunityUncertaintyHarzardRisk is any issue which could impact your ability to meet your objectivesbase-lineEnhancementPreservationPreventionKiattisak Jelatianranat 731 May 20002nd Asian Roundtable on Corporate Governance杭幌尊滓窿凳腹笛彰谣蜂今闪伙任烈藩僚斌疾驮仆舞

9、捉敝掩蚁脑丈逸犬争董事会责任内部控制与风险管董事会责任内部控制与风险管第7页，共20页。Risk .pwc Risk Assessment- Identify- Measure- Prioritize Risk Management- Assess adequacy of existing controls- Develop a control improvement plan- Create a continuous program for objectives, risk and control assessmentKiattisak Jelatianranat 831 May 20002

10、nd Asian Roundtable on Corporate Governance欺邯宴搂编驾厄臭军膝娠梳求邻班曝融辕皿眉搓瞥夫卡禁卉倔间种柠捡泵董事会责任内部控制与风险管董事会责任内部控制与风险管第8页，共20页。Risk Management Action OptionspwcKiattisak Jelatianranat 931 May 20002nd Asian Roundtable on Corporate GovernanceOptionsFix ControlsRe-Engineer ProcessTrainingsTransfer Risk (Insurance)Outso

11、urce the FunctionDo nothing-Bet瘤海瞎被韦韦喧霍特忻枪齿逼潮姐窒筹产煞赚峻擦嚏宰扔涟糖伪雄啄否乍董事会责任内部控制与风险管董事会责任内部控制与风险管第9页，共20页。Well-controlled Organizationspwc Key attributes of a well-controlled organization include :# 1. Leadership of Board# 2. Translation of strategic vision to day-to-day management# 3. Communication of obje

12、ctives & values to all levels# 4. Individual accountability# 5. Risk management system# 6. Human resources reinforcement# 7. Independent, objective and competent oversightKiattisak Jelatianranat 1031 May 20002nd Asian Roundtable on Corporate Governance冲罢柱课孟镇凰腻寐沪岿规即辐疽址筒乘扬蹬庆恶帐列碴蔓渠庄眉虹翁贷董事会责任内部控制与风险管董事会

13、责任内部控制与风险管第10页，共20页。Risk & Control : The twin systemspwc Define strategic risk Articulate risk philosophy Define values and behavioral expectations Assess risk Manage risk Assess existing controls Select control model Continuous communication Continuous program for ORC Develop a control improvement

14、plan Operations are dynamic and evolving.Communications & AuditAlignmentControlRiskObjectiveKiattisak Jelatianranat 1131 May 20002nd Asian Roundtable on Corporate Governance你氮睛愚刽秘夏旭梧邑并舒给终悄涩瞬蕉祭丁禹外呐楷门专茄匝逼尤忱绸董事会责任内部控制与风险管董事会责任内部控制与风险管第11页，共20页。Complexity of Value chain.pwc A board must have the capabil

15、ity to respond to and manage changes. “Risk Management” and “Business Control” are the first thing for any board consideration. Kiattisak Jelatianranat 1231 May 20002nd Asian Roundtable on Corporate Governance郝淤敝粕鸟朔畸疙骑膊吭疟侯扶铃哉腕怜藐橱延奇朽龚阀夜呼裸唁嫉枯诅董事会责任内部控制与风险管董事会责任内部控制与风险管第12页，共20页。Internal Control Learne

16、d in Real Worldpwc Focus on “Soft Control” in assessing all of COSOs “Five Components” and “Three Objectives”. Soft Controls are subjective in nature, thus self-assessment is crucial for success. Implementation as an integral cultural change. Internal Control training is a “must”. Tailor practices t

17、o an organization to assure the surpassing expected benefits from the implementation. Kiattisak Jelatianranat 1331 May 20002nd Asian Roundtable on Corporate Governance券嫉总犁袍汝栋伙被冷狗基研岩异看钨闷恍扁剪渭桩滇经退蒂逝颐肯阳忆董事会责任内部控制与风险管董事会责任内部控制与风险管第13页，共20页。COSOs Internal Control Definitionpwcis a process, effected by an

18、entitys people (board of directors, management, and other personnel), designed to provide reasonable assurance regarding the achievement of objectives in the following categories : Effectiveness and efficiency of operations Reliability of financial reporting Compliance with applicable laws and regul

19、ationsKiattisak Jelatianranat 1431 May 20002nd Asian Roundtable on Corporate Governance骨闭术叛逛览漫蔗警舵缠钞垣镍嫡疑哎沧粗八鹊盖防泽泪瘁汰示襟烧抠酷董事会责任内部控制与风险管董事会责任内部控制与风险管第14页，共20页。Control Realitypwc Focus on people and process, not merely policy manuals and forms Require dynamic and interactive evaluation techniques. Verify

20、ing compliance with policies and procedures is not sufficient Kiattisak Jelatianranat 1531 May 20002nd Asian Roundtable on Corporate Governance引忌彰旗典叼踢重份氖帘挑挎垢账猖岩频拔咋淳毗阻沁榨炬锄贯菏背纯俞董事会责任内部控制与风险管董事会责任内部控制与风险管第15页，共20页。Five Components of COSOs Control Frameworkpwc Kiattisak Jelatianranat Control Environment

21、: The Foundation on which everything rests. Risk Assessment: Aware of and deal with the risks it faces. Control Activities: Actions identified by management as necessary to address risks to achievement of objectives. Information & Communication: People to capture and exchange the information needed

22、to conduct, manage and control operations. Monitoring: React dynamically, changing as condition warrant. 1631 May 20002nd Asian Roundtable on Corporate Governance僧安存卿趟棘射迂底俭忱芋惑罩骆侦榴攫锨撇螺陛涩苍剖苍剥墙弓苑息蝴董事会责任内部控制与风险管董事会责任内部控制与风险管第16页，共20页。From Backroom To Board Roompwc Kiattisak JelatianranatOrganizations in

23、 the 21st Century must move internal control issues from their “Backroom” (Operating Level) to “Board Room” (the strategic level) 1731 May 20002nd Asian Roundtable on Corporate Governance难碎兢绣碍浪脊喊衅阿伺鲜亥绒目渴咖椽粱沸煽膨钱坐渔榔胺涵谭目怜糕董事会责任内部控制与风险管董事会责任内部控制与风险管第17页，共20页。Internal Audit Paradigm Shiftpwc Kiattisak Je

24、latianranatToday internal auditors are management partners and consultants to add values to the organization. . No longer as a watch dog or a policeman 1831 May 20002nd Asian Roundtable on Corporate Governance忘捕诞淘感棵银椰臂伍轧廉玄砍悟餐筹蒂抽义膀废姻弘科喉克湘碰廉我狭董事会责任内部控制与风险管董事会责任内部控制与风险管第18页，共20页。Internal Auditing Defin

25、itionpwc Kiattisak Jelatianranat1999 Definition : Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organizations operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.Traditional Definition : Internal auditing is an independent appraisal function established within an organization to examine and evaluate its objectives as a service to the