When I was a full-time professor of accounting in the 1970s and 1980s, the industry was dominated by the "Big Eight" accounting firms. After a series of mergers and the 2002 Arthur Anderson collapse, we are now down to the "Big Four." And that's really a big danger.
Anyone who understands the implications of our legal system and who witnessed the end of Arthur Anderson knows that the "Big Four" could easily become the "Big Three" in a similar manner, but the truth is that such a shift would be much more damaging to our economy than most people might think. In fact, the dangers posed by this threat might just be serious enough to warrant a thoughtful attempt by policymakers to come up with a solution before a crisis hits.
Today, the Big Four accounting firms (namely Deloitte & Touche, Ernst & Young, KPMG and PricewaterhouseCoopers) do almost all of the public firm audits for the entire world. The reality is that the fifth largest global accounting firm is much, much smaller than the Big Four, so it is very unlikely that it could rapidly grow to their size.
Each of these four firms works with several hundred publicly traded companies, not just as auditors but in other functions as well. Current rules generally prohibit the same firm from serving multiple functions for a single client (so, for example, a company can't have a significant consulting job being done by its auditor) and the result is that many companies get a second firm for consulting, and perhaps even a third to handle tax issues.
If, for some reason, a company needs to find a new auditor, it may have only one other feasible choice at that point. This environment means that it is already difficult for our largest companies to retain an accounting firm that is not in some way connected to, or overlapping with, or auditing their biggest competitor. If the Big Four were to become the Big Three, finding independent auditors would, of course, be even more challenging.
In addition to the difficulties associated with maintaining independent accounting firms, there is a second serious risk of consolidation, which is the economic cost of the disruption. The problem is deeply connected to our whole reporting structure, which requires that publicly traded firms put out annual and quarterly reports audited by an independent firm.
If one of the Big Four were to go under, roughly one fourth of all publicly traded firms would be in a serious bind when it comes to meeting regulatory requirements. When Arthur Anderson collapsed, it took the market some time to deploy all of the professionals who were employed there to the other large firms, and, of course, that impact would only be bigger if one of the four remaining firms fell. Just the disruption alone would probably cost billions of dollars, in addition to the long-term structural problem.
The bottom line is that a Big Three scenario simply may not be viable in terms of our overall economy.
So, could it happen?
Given our legal system today, there is simply no way to make the Big Four accounting firms immune to collapse. Any firm can be sued for almost anything, and most firms simply don't have either the insurance or the capital to cover a billion-dollar judgment. The size of the lawsuit can be completely unrelated to the size of the original job, so an audit generating $10 million in fees could possibly produce a $2 billion lawsuit. Even in the case of Arthur Anderson, Enron was only a fraction of its total billing--certainly not big enough to lose the company over.
The Arthur Anderson case also demonstrated that a single felony indictment can start a devastating chain reaction. By law, if a firm is indicted, it can't audit governments or companies who have governmental clients. At the same time, many other clients will be scared off by the ensuing publicity. The result is a death spiral where the firm finds itself losing clients but not gaining any new ones. Arthur Anderson's conviction was ultimately overturned, but only after the firm had utterly collapsed.
This is a fundamentally risky business. That risk, combined with the potential economic cost of another Big Firm collapse, should give policymakers pause. If we're going to maintain the private system of audits the way it is now, then it seems the SEC needs to do something to create more viable firms. One approach would be to move toward a rational five-year plan designed to take us from four firms to eight firms. The largest firms could be motivated to divide into independent units, and new regulation could encourage this shift (for example, by limiting the overall percentage of any one industry that can be audited by a single firm). Other approaches could involve encouraging smaller firms to grow.
Ultimately, there is no one actor who benefits from this shift, except society as a whole. And that's why the SEC exists: to help protect our overall markets. Finding a way to spread risk across a larger number of big global accounting firms could avoid billions of dollars of economic disruption, and is at least worth a careful look.
Paul Danos is dean of the Tuck School of Business at Dartmouth.
http://www.forbes.com/opinions/2007/04/12/danos-accounting-bigeight-oped-cx_pd_0413danos.html
samedi 3 novembre 2007
New Rules May Ease Sarbanes-Oxley Audits
New guidelines for auditors of Sarbanes-Oxley compliance could take effect later this week, lowering the cost of SOX initiatives and reducing companies' dependence on auditors to interpret SOX requirements.
The Public Company Accounting Oversight Board (PCAOB) -- a private, nonprofit entity that gives guidance to the many auditors who evaluate SOX compliance -- on Thursday is scheduled to vote on a range of new recommendations, many of which will make it easier and less expensive for companies to meet the legal regulations.
"These changes could have a very profound effect on the whole compliance effort," says Chris Davis, manager of compliance knowledge management at Cybertrust, which offers security and compliance tools and services. "It's going to take some of the pain away. It's not morphine, but it could at least be Tylenol with codeine."
"If it passes, it will allow companies and auditors to worry more about the things that matter when it comes to financial fraud," says Patrick Taylor, CEO of Oversight, which makes software for analyzing the accuracy and security of financial transactions. "Companies will be able to focus their attention on the more common paths to fraud, such as changes to the general ledger and revenue recognition, and not worry about unlikely paths, like backup."
Since its passage in 2002, SOX has been an incredible drain on corporate IT and security resources. The chief problem is that the law, which is designed to keep public companies from cooking their own books, is extremely vague in its requirements, particularly with regard to IT.
"The original provision is only one paragraph long, which left it open for a lot of interpretation," Davis says. "Most people chose to interpret it very broadly and deeply, which made it a pretty expensive proposition." The question of compliance has been left largely to SOX auditors, who have developed their own methods and rules for determining a company's conformity with the law.
And up to now, auditors have been very strict. "For example, the current guidelines require the auditor do a walk-through of every transaction path that might result in a change to financial data," says Davis. "In a large company, you can imagine how many transaction paths there are."
But the PCAOB's proposed changes to the audit standards would allow companies to perform a risk assessment of their systems and practices, and then focus their efforts on the most likely paths of financial fraud, instead of trying to close every possible loophole.
"They're saying, 'let's stop and think about this,'" says Taylor. "Most financial fraud is going to occur in a rush, right at the end of a reporting period, when the company finds out that it's going to have some problems with its numbers," he says. "Those are going to be changes that somebody makes to the general ledger, which are relatively easy to detect.
"Contrast that with, say, backup," Taylor explains. "To commit financial fraud through a backup system, you'd have to gain access to the backup data, and then you'd have to have the knowledge to alter it. Then you'd somehow have to crash the operational systems so that the backup data would be put in place. That's a lot more complex, and a lot less likely, than making simple changes in the general ledger. And the audit process should reflect that."
The PCAOB's proposed changes could do just that. The governing body is proposing to allow companies to conduct a risk assessment, which will help them identify the most likely avenues for financial fraud. Auditors might then require more stringent compliance in those areas -- such as sophisticated forensics that allow auditors to find out who made changes to the general ledger and when -- while allowing less likely fraud avenues, such as backup tampering, to come under less scrutiny.
The PCAOB also is considering some other new guidelines, such as allowing auditors to accept compliance data from trusted third parties, rather than collecting it all themselves. "That's the kind of thing that could make the difference between an audit lasting two weeks or lasting two months," Davis says.
And the PCAOB is considering adopting more detailed guidelines for how SOX audits are conducted, Davis observes. "There have been some concerns because there's no real accreditation for SOX auditors, as there are for [Payment Card Industry] standards," he says. "This would help set some common standards for what a SOX audit entails and what qualifications an auditor has to have."
The proposed guidelines also relax the requirements for smaller companies that are subject to SOX. While it doesn't lift those requirements, it acknowledges that smaller companies have simpler processes and technologies and therefore should not be put through the same rigorous audit procedures.
Experts concede that even if the proposed guidelines do pass, they will still leave a lot of interpretation to auditors, particularly with regard to the IT security requirements. "We'll get a lot more specificity on the business requirements, but not on the IT requirements," Davis predicts.
— Tim Wilson
http://www.forbes.com/technology/2007/05/22/sarbanes-oxley-audits-cx_0522darkreading.html
The Public Company Accounting Oversight Board (PCAOB) -- a private, nonprofit entity that gives guidance to the many auditors who evaluate SOX compliance -- on Thursday is scheduled to vote on a range of new recommendations, many of which will make it easier and less expensive for companies to meet the legal regulations.
"These changes could have a very profound effect on the whole compliance effort," says Chris Davis, manager of compliance knowledge management at Cybertrust, which offers security and compliance tools and services. "It's going to take some of the pain away. It's not morphine, but it could at least be Tylenol with codeine."
"If it passes, it will allow companies and auditors to worry more about the things that matter when it comes to financial fraud," says Patrick Taylor, CEO of Oversight, which makes software for analyzing the accuracy and security of financial transactions. "Companies will be able to focus their attention on the more common paths to fraud, such as changes to the general ledger and revenue recognition, and not worry about unlikely paths, like backup."
Since its passage in 2002, SOX has been an incredible drain on corporate IT and security resources. The chief problem is that the law, which is designed to keep public companies from cooking their own books, is extremely vague in its requirements, particularly with regard to IT.
"The original provision is only one paragraph long, which left it open for a lot of interpretation," Davis says. "Most people chose to interpret it very broadly and deeply, which made it a pretty expensive proposition." The question of compliance has been left largely to SOX auditors, who have developed their own methods and rules for determining a company's conformity with the law.
And up to now, auditors have been very strict. "For example, the current guidelines require the auditor do a walk-through of every transaction path that might result in a change to financial data," says Davis. "In a large company, you can imagine how many transaction paths there are."
But the PCAOB's proposed changes to the audit standards would allow companies to perform a risk assessment of their systems and practices, and then focus their efforts on the most likely paths of financial fraud, instead of trying to close every possible loophole.
"They're saying, 'let's stop and think about this,'" says Taylor. "Most financial fraud is going to occur in a rush, right at the end of a reporting period, when the company finds out that it's going to have some problems with its numbers," he says. "Those are going to be changes that somebody makes to the general ledger, which are relatively easy to detect.
"Contrast that with, say, backup," Taylor explains. "To commit financial fraud through a backup system, you'd have to gain access to the backup data, and then you'd have to have the knowledge to alter it. Then you'd somehow have to crash the operational systems so that the backup data would be put in place. That's a lot more complex, and a lot less likely, than making simple changes in the general ledger. And the audit process should reflect that."
The PCAOB's proposed changes could do just that. The governing body is proposing to allow companies to conduct a risk assessment, which will help them identify the most likely avenues for financial fraud. Auditors might then require more stringent compliance in those areas -- such as sophisticated forensics that allow auditors to find out who made changes to the general ledger and when -- while allowing less likely fraud avenues, such as backup tampering, to come under less scrutiny.
The PCAOB also is considering some other new guidelines, such as allowing auditors to accept compliance data from trusted third parties, rather than collecting it all themselves. "That's the kind of thing that could make the difference between an audit lasting two weeks or lasting two months," Davis says.
And the PCAOB is considering adopting more detailed guidelines for how SOX audits are conducted, Davis observes. "There have been some concerns because there's no real accreditation for SOX auditors, as there are for [Payment Card Industry] standards," he says. "This would help set some common standards for what a SOX audit entails and what qualifications an auditor has to have."
The proposed guidelines also relax the requirements for smaller companies that are subject to SOX. While it doesn't lift those requirements, it acknowledges that smaller companies have simpler processes and technologies and therefore should not be put through the same rigorous audit procedures.
Experts concede that even if the proposed guidelines do pass, they will still leave a lot of interpretation to auditors, particularly with regard to the IT security requirements. "We'll get a lot more specificity on the business requirements, but not on the IT requirements," Davis predicts.
— Tim Wilson
http://www.forbes.com/technology/2007/05/22/sarbanes-oxley-audits-cx_0522darkreading.html
lundi 8 octobre 2007
Getting SOX Right
Recent talk of overhauling accounting regulations has the potential to turn the business world upside down.
Last week, Federal Reserve Chairman Ben Bernanke argued in favor of the U.S. developing a U.K.-style, principles-based, risk-focused approach in its financial market regulation. This comes only a few weeks after the chairman of the Securities and Exchange Commission, Christopher Cox, said the U.S. and Europe should be able to achieve a single accounting standard by 2009. But perhaps more urgent, on Wednesday the SEC is expected to release its final guidance to management for implementing Section 404 of the Sarbanes-Oxley Act of 2002.
The SEC is certainly keeping busy, but is it taking the right approach?
Let's back up for a moment. With the perpetual debate surrounding SOX, there's absolutely no question the legislation came about because we needed it. Enron, Tyco International (nyse: TYC - news - people ), Peregrine Systems and WorldCom are still the buzzwords for what can go wrong when American businesses are not held accountable to shareholders.
So when SOX came along, it was supposed to be The Answer that would restore shareholder confidence and make Corporate America a key global player again by emphasizing sound internal controls and honest financial reporting. But SOX was immediately controversial, and its implementation has been counterproductive and costly--and it has eroded, instead of enhanced, shareholder value.
The SOX debate has found passionate proponents and critics--all with the interest of helping Corporate America return to the business of creating economic value. Last December, the SEC and Public Company Accounting Oversight Board (PCAOB) finally acknowledged it was time to fix what went wrong. To help solve the problem, they introduced a draft of interpretive guidance for management's assessment of internal control--basically, a set of directions for better implementing SOX from inside a company.
Following nearly five years of confusion, the new SEC guidance is absolutely critical for American business and our economy as a whole. But the SEC needs to ensure that the "directions" match up to the level of investor protection, and that they will work for businesses of all sizes. To get it right, the SEC must establish practical implementation guidance to management, so that management truly is accountable for complying with SOX Section 404. The auditor's only job should be to verify that management has followed the guidance. This is consistent with auditing practices; it will never make sense to have the auditors telling management what the rules should be. That is what the standards setters, like the Financial Accounting Standards Board, and regulators, like the SEC, are there to do.
There's been much talk lately about how American regulation is affecting the nation's economic competitiveness and about the possibility of New York slipping behind London as the financial center of the world. So it's easy to see why the SEC is taking management guidance seriously. But we urge the SEC to get it right.
Issuing possibly inadequate guidance for management isn't in America's best interests and may not change the current state of inefficient SOX compliance practices. There still remain a number of key issues that have been highlighted by the Institute of Management Accountants (IMA), the U.S. Chamber of Commerce, the Small Business Administration Office of Advocacy and the Institute of Internal Auditors. To be effective, the SEC guidance needs to:
--Take a risk-based approach, according to globally recognized standards.
--Adjust current requirements in financial statements to achieve effective internal controls over financial reporting.
--Minimize use of the external audit opinion on management’s internal controls.
--Be scalable for use by small businesses.
To protect investors at reasonable cost and enable American businesses to remain competitive, the factors above must be resolved first. For this reason, it is essential the SEC postpone its final ruling. Since we've already waited this long, let's get it right before rushing to new, possibly again dysfunctional legislation. Instead, IMA believes the SEC ought to:
--Release a revised exposure draft of SOX guidance for management, addressing the additional compliance issues described above.
--Allow small-cap, non-accelerated filers an additional one-year extension for SOX compliance while the guidance draft is revised.
--Allow accelerated filers the benefits (i.e., reduction in compliance requirements) of the revised Audit Standard immediately.
Make no mistake: We applaud the SEC and PCAOB for their attempts to provide practical and appropriate guidance to management and external auditors. We're pleased the SEC recently recognized the need to align guidance for management with the PCAOB's proposed audit standard. This situation was the No. 1 SOX compliance issue and is the primary source of costly over-auditing practices.
However, more needs to be done to achieve cost-effective SOX compliance programs. And much more needs to be done to restore shareholders' confidence in U.S. businesses and ensure the future of America's economic competitiveness.
Paul A. Sharman is president and CEO of the Institute of Management Accountants.
http://www.forbes.com/opinions/2007/05/22/sarbox-sec-revamp-oped-cx_pas_0523sarbox.html
Last week, Federal Reserve Chairman Ben Bernanke argued in favor of the U.S. developing a U.K.-style, principles-based, risk-focused approach in its financial market regulation. This comes only a few weeks after the chairman of the Securities and Exchange Commission, Christopher Cox, said the U.S. and Europe should be able to achieve a single accounting standard by 2009. But perhaps more urgent, on Wednesday the SEC is expected to release its final guidance to management for implementing Section 404 of the Sarbanes-Oxley Act of 2002.
The SEC is certainly keeping busy, but is it taking the right approach?
Let's back up for a moment. With the perpetual debate surrounding SOX, there's absolutely no question the legislation came about because we needed it. Enron, Tyco International (nyse: TYC - news - people ), Peregrine Systems and WorldCom are still the buzzwords for what can go wrong when American businesses are not held accountable to shareholders.
So when SOX came along, it was supposed to be The Answer that would restore shareholder confidence and make Corporate America a key global player again by emphasizing sound internal controls and honest financial reporting. But SOX was immediately controversial, and its implementation has been counterproductive and costly--and it has eroded, instead of enhanced, shareholder value.
The SOX debate has found passionate proponents and critics--all with the interest of helping Corporate America return to the business of creating economic value. Last December, the SEC and Public Company Accounting Oversight Board (PCAOB) finally acknowledged it was time to fix what went wrong. To help solve the problem, they introduced a draft of interpretive guidance for management's assessment of internal control--basically, a set of directions for better implementing SOX from inside a company.
Following nearly five years of confusion, the new SEC guidance is absolutely critical for American business and our economy as a whole. But the SEC needs to ensure that the "directions" match up to the level of investor protection, and that they will work for businesses of all sizes. To get it right, the SEC must establish practical implementation guidance to management, so that management truly is accountable for complying with SOX Section 404. The auditor's only job should be to verify that management has followed the guidance. This is consistent with auditing practices; it will never make sense to have the auditors telling management what the rules should be. That is what the standards setters, like the Financial Accounting Standards Board, and regulators, like the SEC, are there to do.
There's been much talk lately about how American regulation is affecting the nation's economic competitiveness and about the possibility of New York slipping behind London as the financial center of the world. So it's easy to see why the SEC is taking management guidance seriously. But we urge the SEC to get it right.
Issuing possibly inadequate guidance for management isn't in America's best interests and may not change the current state of inefficient SOX compliance practices. There still remain a number of key issues that have been highlighted by the Institute of Management Accountants (IMA), the U.S. Chamber of Commerce, the Small Business Administration Office of Advocacy and the Institute of Internal Auditors. To be effective, the SEC guidance needs to:
--Take a risk-based approach, according to globally recognized standards.
--Adjust current requirements in financial statements to achieve effective internal controls over financial reporting.
--Minimize use of the external audit opinion on management’s internal controls.
--Be scalable for use by small businesses.
To protect investors at reasonable cost and enable American businesses to remain competitive, the factors above must be resolved first. For this reason, it is essential the SEC postpone its final ruling. Since we've already waited this long, let's get it right before rushing to new, possibly again dysfunctional legislation. Instead, IMA believes the SEC ought to:
--Release a revised exposure draft of SOX guidance for management, addressing the additional compliance issues described above.
--Allow small-cap, non-accelerated filers an additional one-year extension for SOX compliance while the guidance draft is revised.
--Allow accelerated filers the benefits (i.e., reduction in compliance requirements) of the revised Audit Standard immediately.
Make no mistake: We applaud the SEC and PCAOB for their attempts to provide practical and appropriate guidance to management and external auditors. We're pleased the SEC recently recognized the need to align guidance for management with the PCAOB's proposed audit standard. This situation was the No. 1 SOX compliance issue and is the primary source of costly over-auditing practices.
However, more needs to be done to achieve cost-effective SOX compliance programs. And much more needs to be done to restore shareholders' confidence in U.S. businesses and ensure the future of America's economic competitiveness.
Paul A. Sharman is president and CEO of the Institute of Management Accountants.
http://www.forbes.com/opinions/2007/05/22/sarbox-sec-revamp-oped-cx_pas_0523sarbox.html
vendredi 28 septembre 2007
Sarbox Peels Back The Onion
On a mission to make everyone in corporate America a Boy Scout, the Sarbanes-Oxley Act is now five years young and, for all intents, seems to be having the desired effect, according to one of its architects.
While some in the business community have ranted and raved about what was once a compliance debacle, the new regulatory environment is now becoming business as usual.
So where's it headed?
Michael Oxley, co-author of the controversial piece of legislation and a former U.S. congressman, discussed the law, commonly referred to as "Sox" or "Sarbox," at the third annual Gartner Financial Services Technology Summit in New York City. Oxley is the vice chairman of the Nasdaq.
He talked about the birth of Sarbox and the fact that corporate leaders at all levels now have a greater understanding of its purpose, not just in the U.S. but in countries in Europe and Asia as well.
The law was adopted in July 2002 to create "transparency and accountability," Oxley said. Following the Enron collapse in late 2001, Paul Sarbanes, a former Democratic U.S. senator, and Oxley, a Republican, drafted a bill that was intended to protect anyone with a vested interest in a public company--from employees to investors--from corporate corruption. Other widely publicized scandals at the time included those at WorldCom and Tyco International (nyse: TYC - news - people ).
"We tried to peel back the onion as best we could," Oxley said.
He said one consideration was the proportion of American households investing in public companies today, compared with 25 years ago. Oxley noted that in 1981 about 36% of households invested in the stock market. That number has shot up to 54%. Regardless, some contend that few investors even know this law has got their back, so to speak.
Oxley also said companies in Japan and China are now making the required investment to adopt these measures.
The amount of time Sanjay Anand, chairman of the Sarbanes-Oxley Institute, an independent consulting group, has spent abroad speaks to that. Anand serves as a consultant for companies seeking compliance guidance. He had said he spent 80% to 90% of his time consulting in a foreign country in 2006.
Oxley said that initially the law was "far too bureaucratic" and has since been ironed out by the U.S. Securities and Exchange Commission and the Public Company Oversight Accounting Board, which was created by Sarbox.
This compliance comes at a cost, one that few companies were fond of paying. That, Oxley admitted, was a misstep on the government's part. Companies thought they would have to spend only about $100,000 to comply with Section 404 of the law, which involves tighter auditing requirements.
"The estimates of cost were undeniably low," Oxley said.
According to Financial Executive International, a nonprofit advocacy group and research firm, companies with a market capitalization above $75 million spent an average of $2.9 million on Section 404 compliance in 2006.
http://www.forbes.com/leadership/governance/2007/08/27/sarbox-regulation-rules-lead-govern-cx_mk_0827oxley.html
While some in the business community have ranted and raved about what was once a compliance debacle, the new regulatory environment is now becoming business as usual.
So where's it headed?
Michael Oxley, co-author of the controversial piece of legislation and a former U.S. congressman, discussed the law, commonly referred to as "Sox" or "Sarbox," at the third annual Gartner Financial Services Technology Summit in New York City. Oxley is the vice chairman of the Nasdaq.
He talked about the birth of Sarbox and the fact that corporate leaders at all levels now have a greater understanding of its purpose, not just in the U.S. but in countries in Europe and Asia as well.
The law was adopted in July 2002 to create "transparency and accountability," Oxley said. Following the Enron collapse in late 2001, Paul Sarbanes, a former Democratic U.S. senator, and Oxley, a Republican, drafted a bill that was intended to protect anyone with a vested interest in a public company--from employees to investors--from corporate corruption. Other widely publicized scandals at the time included those at WorldCom and Tyco International (nyse: TYC - news - people ).
"We tried to peel back the onion as best we could," Oxley said.
He said one consideration was the proportion of American households investing in public companies today, compared with 25 years ago. Oxley noted that in 1981 about 36% of households invested in the stock market. That number has shot up to 54%. Regardless, some contend that few investors even know this law has got their back, so to speak.
Oxley also said companies in Japan and China are now making the required investment to adopt these measures.
The amount of time Sanjay Anand, chairman of the Sarbanes-Oxley Institute, an independent consulting group, has spent abroad speaks to that. Anand serves as a consultant for companies seeking compliance guidance. He had said he spent 80% to 90% of his time consulting in a foreign country in 2006.
Oxley said that initially the law was "far too bureaucratic" and has since been ironed out by the U.S. Securities and Exchange Commission and the Public Company Oversight Accounting Board, which was created by Sarbox.
This compliance comes at a cost, one that few companies were fond of paying. That, Oxley admitted, was a misstep on the government's part. Companies thought they would have to spend only about $100,000 to comply with Section 404 of the law, which involves tighter auditing requirements.
"The estimates of cost were undeniably low," Oxley said.
According to Financial Executive International, a nonprofit advocacy group and research firm, companies with a market capitalization above $75 million spent an average of $2.9 million on Section 404 compliance in 2006.
http://www.forbes.com/leadership/governance/2007/08/27/sarbox-regulation-rules-lead-govern-cx_mk_0827oxley.html
mardi 18 septembre 2007
Le Risk Management
Le Risk Management, une activité stratégique Le véritable objet du Risk Management, s'il ne peut être de supprimer les incertitudes, est bien d'intégrer la "science du risque" dans la gestion des entreprises pour mieux protéger leur capital humain, financier, technique et scientifique, commercial et communication.Le Risk Management participe à la stratégie de recherche de profit pour l'entreprise
en identifiant, quantifiant les risques et en mettant en place des outils de prévention et de protection
en réduisant les conséquences financières des aléas qui pèsent sur l'entreprise
en optimisant le coût du risque par une bonne gestion des dispositifs de prévention, et des programmes d'assurance. Une fonction globale à la croisée de toutes les informations de l'entreprise Définir la politique de gestion des risques dans l'entreprise, c'est :
avoir une bonne connaissance des données techniques commerciales et financières,
être un bon communicateur pour obtenir de ses responsables les informations essentielles à sa démarche.
www.imr.bordeaux-bs.edu/master-management-risques/mastere-management-risques.html
en identifiant, quantifiant les risques et en mettant en place des outils de prévention et de protection
en réduisant les conséquences financières des aléas qui pèsent sur l'entreprise
en optimisant le coût du risque par une bonne gestion des dispositifs de prévention, et des programmes d'assurance. Une fonction globale à la croisée de toutes les informations de l'entreprise Définir la politique de gestion des risques dans l'entreprise, c'est :
avoir une bonne connaissance des données techniques commerciales et financières,
être un bon communicateur pour obtenir de ses responsables les informations essentielles à sa démarche.
www.imr.bordeaux-bs.edu/master-management-risques/mastere-management-risques.html
samedi 25 août 2007
Le contrôle interne dans une organisation
Il s'agit de l'ensemble des systèmes de contrôle mis en place par les dirigeants, destinés à péreniser et à rendre l'activité de l'entreprise fluide, transparente et efficace.
La notion de contrôle interne touche aussi bien la sphère comptable et financière qu'opérationnelle. Il vise à renforcer les objectifs de stratégiques de l'entreprise tout en veillant à sauvegarder ses actifs.
Les 3 rôles majeurs du contrôle interne
La notion de contrôle interne touche aussi bien la sphère comptable et financière qu'opérationnelle. Il vise à renforcer les objectifs de stratégiques de l'entreprise tout en veillant à sauvegarder ses actifs.
Les 3 rôles majeurs du contrôle interne
- Le contrôle interne vise à ce que les décisions des organes dirigeants soient appliquées. En effet, les salariés agissent rarement au nom de l'entreprise, mais plutôt par rapport à leur environnement quotidien (service, département, branche d'activité...). Ainsi la distance les séparant des dirigeants font que less décisions des dirigeants ne sont pas toujours mises en application par l'ensemble des salariés. Le contrôle interne veille donc à ce que les employés qui réprésentent l'entreprise par rapport à l'exterieur agissent dans l'intérêt de celle-ci et non dans leurs propres intérêts. Il permet ainsi de vérifier que la coordination hierarchique fonctionne efficacement.
- Le contrôle interne s'assure aussi de la qualité des prestations et/ou des produits conçus. Il s'agit en fait de prévenir les défauts et imperfections ou plutôt de les détecter le plus tôt possible afin d'éviter que la firme continue à élaborer des produits non-conformes. Les opérations de rappel des produits afin d'effectuer des contrôles supllémentaires, voire le remplacement des pièces défectueuses, et les indemnisations qui s'en suivent font qu'aujourd'hui, la capacité de déceler le plus tôt possible les défauts de production est un enjeu majeur dans la performance des oragnisations.
- Le CI détecte les erreurs de fonctionnement, et qu'il s'agisse d'erreurs occasionnelles ou systématiques, les conséquences sont mulitiples et peuvent être très lourdes ( perte financière, perte de temps, service temporarierement figé,...).
- Les erreurs occasionnelles: Ce sont les erreurs humaines (saisie d'une mauvaise informations, prise d'une mauvaise décisions,...). L'informatique a considérablement réduit ces erreurs, comme par exemple en comptabilité, les logiciels refuse la saisie d'une écriture non soldée. Dans un processus de productio, une erreur humaines peut être le mauvais serrage d'une vis.
- Les erreurs systématiques: erreurs de programmation, problème informatiques, il s'agit d'erreurs provenant des processus d'automatisation. On se rend compte que si d'un coté la technologie a permit d'éviter certaine erreurs, elle en a créée d'autres.
Le CI décèle ces anomalies par la mise en place d'un système de contrôle périodique, par exemple verifer les réglages d'une machines indistrielles toutes les 100 pièces. Mais aussi par la formalisation des proédures, c'est à dire rédiger par écrit la liste des tâches à effectuer et à respecter pour telle ou telle opération.
samedi 18 août 2007
La revue de référence de l’audit et du contrôle internes
« Audit Interne » est la revue de référence en langue française de l’audit et du contrôle internes. Éditée 5 fois par an, elle est un vecteur d’orientation et de progrès. Elle traite de sujets allant de la maîtrise des risques au gouvernement d’entreprise en passant par tous les aspects techniques et méthodologiques.Elle accueille les articles en provenance de la communauté francophone de l’audit interne et reproduit les meilleurs articles de langue anglaise.Une fiche technique de présentation et d’illustration des normes est encartée en cahier central de chaque numéro.La revue Audit Interne est un outil indispensable pour qui veut mieux comprendre et maîtriser cette activité.
source: www.ifaci.com
source: www.ifaci.com
Inscription à :
Articles (Atom)
