我国保险公司内部审计参与风险管理探析

发布时间：2018-05-17 09:36

本文选题：内部审计 + 风险管理　；参考：《西南财经大学》2008年硕士论文

【摘要】： 风险管理越来越成为现代企业管理的核心,对以风险为经营对象的保险公司来说尤其如此。我国保险公司在混业综合经营的背景下面临着越来越多的风险因素,如何有效地进行风险管理成为一个热门的话题,很多研究者分别从不同的角度进行了探讨,丰富了风险管理的思想。其中一个广为流行和认可的思想就是要实行全面风险管理。2006年,国务院国有资产监督管理委员会出台了《中央企业全面风险管理指引》。尽管这是一个针对中央企业的风险管理指引,但其中的思想、方法、策略值得其他大型企业的借鉴。全面风险管理的思想认为企业的各个部门、各个员工都在风险管理中充当不同的角色。对保险公司内部而言,在内部控制、治理结构中起着重要作用的内部审计,亦应该在风险管理中发挥更大的作用。恰恰国际内部审计师协会赋予了内部审计参与风险管理的新职能,国内外的内部审计组织都不遗余力地宣传内部审计在风险管理中的作用,风险管理审计成为越来越重要的审计类型。本文就是在这样的背景下探讨保险公司内部审计参与风险管理这一问题。需要说明的是,文章没用直接用“保险公司风险管理审计”作为标题,一方面是为了更明确地突出两者的关系,突出“参与”的角色,另一方面也是淡化审计“监督”的色彩。在一些章节中为了使文句更简洁,则采用了“风险管理审计”的表述方式。本文首先对内部审计与风险管理进行了阐述。内部审计自产生以来,经历了财务审计阶段、业务审计阶段、控制审计阶段、管理审计阶段。90年代末期,为了适应新形势的发展,提升内部审计行业价值,国际内部审计师协会重新定义内部审计,赋予其风险管理的职能,延伸出了风险管理审计,并积极在全球倡导这一理念。在它的推动下,亚洲内部审计协会联合会、中国内部审计协会都在积极探讨、推动内部审计在风险管理中的作用,使内部审计向风险管理审计的方向发展。另一方面,全面风险管理思想在世界各地逐步运用,这一思想的有效实践也需要内部审计的参与。这样,两者找到了契合点,形成了风险管理审计,内部审计开始积极参与到风险管理中去。对于对风险格外注重的保险公司来说,风险管理更加需要内部审计的参与,因此内部审计参与风险管理也有了其必然性和可能性。其次,明确了保险公司内部审计参与风险管理的角色、职责和介入机制。一个完整的风险管理组织体系应该包括决策者、管理者、执行者和协助者。对于保险公司来说,风险管理的决策权往往掌握在董事会、高层管理或者风险管理委员会手中,风险管理部门则成为专门负责风险管理的管理者,风险管理的执行者主要包括各级销售部门、业务管理部门、财务部门、精算部门、投资部门等。由于独特的地位和优势,内部审计部门成为了风险管理协助者,或者说咨询者、顾问、参谋。角色的定位决定了它的基本职责:审查和评价风险管理组织体系的合理性;审查和评价风险识别的充分性;审查和评价风险衡量的恰当性;审查和评价风险防范的有效性,最终为董事会、管理层、其它各部门提供咨询、建议、开展风险管理培训等服务。明确了在风险管理中的角色和职责,内部审计部门参与风险管理也就名正言顺了,那么内部审计如何介入风险管理呢?这就需要内部审计根据自己的专业优势建立科学规范的风险评估监测指标体系,只有自己对风险和风险管理有充分的认识才能去监督评价其他部门的风险管理状况,才能为公司的风险管理提出富有建设性的意见。而在这个过程中,良好的信息交流和反馈机制是必不可少的。再次,文章尝试设计了保险公司内部审计参与风险管理的基本流程。该流程主要包括风险普查、初次评价与排序;年度审计计划;审计实施;审计报告;沟通、协调、建议;后续审计等。从该流程可以看出,和传统内部审计最大的不同在于风险普查、初次评价与排序,它以全面识别、评价企业的风险因素为出发点,通过对这些风险和风险因素进行排序,在此基础上制定审计计划,找出重点审计领域,分配审计资源,着重关注那些对企业影响重大的关键风险因素,实施审计。这样避免了平均用力的弊端,集中主要精力解决主要问题。在实施的过程中,利用内部审计技术的优势,进一步研究风险因素,与相关部门的结论进行对比,找出审计差异,得出审计结论,提出审计建议,并与各部门进行交流,探讨风险管理相关事宜,最终保证风险管理的有效性。最后,阐述在我国保险公司内部审计制度、实践现状的基础上,尝试性地探索了内部审计参与风险管理的对策。受传统计划经济体制的影响,我国保险公司内部审计存在诸多弊端,不能适应现代保险公司发展的要求。这些弊端主要体现在:审计观念落后、职能定位狭隘;在组织上缺乏独立性;内部审计人员知识结构单一、素质较低;审计手段、方法落后等。出于对内部控制、治理结构、风险管理的高度重视,保险监督管理委员会于2007年出台了《保险公司内部审计指引(试行)》,并于2007年7月1日起实施,这对促进保险公司内部审计的发展将起着重要的作用。该指引借鉴了《银行业内部审计指引》和国际内部审计理论和实务的经验,在诸多方面有了很大进步,同时也能寻找到风险管理审计的影子,内部审计参与风险管理受到了一定的重视。如何促进我国保险公司的内部审计在风险管理中的作用从而提高风险管理水平呢?第一,建立相对独立的内部审计组织体系,增强独立性。第二,改变观念,重塑职能体系,坚持“监督型”和“服务型”审计并举。在我国现有的背景下,保险公司内部审计的监督职能不能丢弃,甚至还要加强。但内部审计不只是监督,它更需要开展服务型的工作,参与风险管理就是非常重要的一种服务型工作。第三,改变内部审计人员知识结构,提高他们参与风险管理的能力,因此需要引进各种人才。第四,实现风险管理审计方法、技术的创新。内部审计要参与风险管理,涉及到对企业风险因素的识别、衡量等,信息量巨大,传统的一些手段方法是不可能帮助内审人员完成这些工作的,这就需要采用新的方法手段。文章的主要观点是:1.由于风险管理对保险公司的极端重要性,在全面风险管理的指引下,应该积极让内部审计部门参与到风险管理中来;2.保险公司内部审计在整个风险管理体系中的角色是风险协助者,其职能由这个角色决定;3.以《保险公司内部审计指引(试行)》为契机,赋予内部审计的独立地位,树立“服务型审计”意识,改变工作思路,提高内部审计人员风险管理能力,积极推动内部审计参与到风险管理中来。本文的创新之处有:1.研究视角的创新:从内部审计的角度来研究风险管理,从而丰富了保险公司风险管理理论;2.把一般的内部审计参与风险管理的理论运用到保险行业中,为该理论的发展和运用做出贡献。基于每个行业的特殊性,在企业具体运用时需要把这种一般的指导理论具体化。
[Abstract]:Risk management has become the core of modern enterprise management. It is especially true for insurance companies with risk management. In the context of mixed operation, China's insurance companies are facing more and more risk factors. How to effectively carry out risk management has become a hot topic, and many researchers are in different ways. The idea of risk management is enriched. One of the widely popular and recognized ideas is to carry out comprehensive risk management for.2006 years. The State Council state assets supervision and Management Commission issued the guidelines for the overall risk management of central enterprises. Ideas, methods and strategies are worthy of reference for other large enterprises. The idea of comprehensive risk management is that all departments of the enterprise and all employees act as different roles in risk management. Internal audit, which plays an important role in internal control and governance structure, should also play a greater role in risk management. The International Association of internal auditors has given the new function of internal audit to participate in risk management. Internal audit organizations both at home and abroad have spared no effort to publicize the role of internal audit in risk management. Risk management audit has become a more and more important type of audit. It is necessary to explain that the article does not use the "insurance company risk management audit" directly as the title. On the one hand, it is to highlight the relationship between the two and highlight the role of "participation", on the other hand, to weaken the color of the "supervision" of the audit. In some chapters, to make the sentence more simple. Jie uses the expression of "risk management audit".
This paper first expounds the internal audit and risk management. Since the internal audit has been produced, the internal audit has experienced the financial audit stage, the business audit stage, the control audit stage, the end of the.90 period in the management audit stage. In order to adapt to the development of the new situation and improve the internal audit industry value, the international internal auditor Association redefines the internal audit. The function of risk management extends the risk management audit and actively advocates this concept in the world. Under its impetus, the association of internal audit associations of Asia and the Internal Audit Association of China are actively exploring the role of internal audit in risk management, and the development of internal audit in the direction of risk management audit. On the one hand, the idea of comprehensive risk management is gradually applied in all parts of the world. The effective practice of this idea also requires the participation of internal audit. In this way, the two have found the agreement point, formed the risk management audit, and the internal audit began to actively participate in the risk management. For the insurance companies with special emphasis on the risk of wind, the risk management is even more. It is necessary for internal audit to take part in internal audit. Therefore, it is necessary and feasible for internal audit to participate in risk management.
Secondly, the role, responsibility and intervention mechanism of the insurance company's internal audit participation in risk management is clarified. A complete risk management organization system should include decision-makers, managers, executors and assisters. For insurance companies, the decision-making power of risk management is often controlled by the board of directors, senior management or risk management committee. The risk management department is a specialist in risk management. The executors of risk management mainly include sales departments at all levels, business management departments, financial departments, actuarial departments, investment departments and so on. Because of their unique status and advantages, the internal audit department has become a risk management assister, or a consultant, consultant, and counselor. Role positioning determines its basic responsibilities: review and evaluate the rationality of the risk management organization system; review and evaluate the adequacy of risk identification; review and evaluate the appropriateness of risk measurement; review and evaluate the effectiveness of risk prevention, and ultimately provide advice, advice, and risk management for the board, management, and other departments. Training and other services. The role and responsibilities of the risk management are clearly defined, and the internal audit department is well known to participate in risk management. How does internal audit intervene in risk management? This requires internal audit to establish a scientific and standardized risk assessment monitoring index system based on its own professional advantages, and only risk and risk. Management has a full understanding to monitor and evaluate the risk management of other departments in order to put forward constructive suggestions for the company's risk management. In this process, a good information exchange and feedback mechanism is essential.
Thirdly, the article tries to design the basic process of risk management in the insurance company's internal audit. This process mainly includes the risk survey, the initial evaluation and sorting, the annual audit plan, the audit implementation, the audit report, the communication, the coordination, the suggestion and the follow-up audit. It can be seen that the biggest difference from the traditional internal audit lies in the risk. The survey, the first evaluation and order, is based on the comprehensive identification and evaluation of the risk factors of the enterprise. Through the sorting of these risks and risk factors, the audit plan is formulated on this basis, the key audit fields are found, the audit resources are allocated, the key risk factors which have great impact on the enterprises are focused on, and the audit is implemented. Avoid the abuse of the average force, concentrate the main energy to solve the main problems. In the process of implementation, we use the advantages of the internal audit technology to further study the risk factors, compare with the conclusions of the relevant departments, find out the audit differences, get the audit conclusions, put forward the audit proposals, and communicate with various departments to discuss the related matters of risk management. It is appropriate to ensure the effectiveness of risk management in the end.
Finally, on the basis of the internal audit system and the current situation of the insurance companies in China, this paper tries to explore the Countermeasures of the internal audit participation in risk management. Influenced by the traditional planned economy system, there are many disadvantages in the internal audit of the insurance companies in China, which can not meet the requirements of the development of modern insurance companies. These drawbacks are mainly reflected in the following aspects: The audit concept is backward, the function is narrow, and the organization lacks independence; the knowledge structure of the internal auditors is single, the quality is low; the audit means and the methods are backward. The insurance supervision and Management Committee issued the internal audit guidelines of the insurance company (Trial) in 2007 out of the internal control, the governance structure and the risk management. It will play an important role in promoting the development of the internal audit of insurance companies, which will play an important role in promoting the development of the internal audit of the insurance companies. This guide draws on the experience of the internal audit guidelines of the banking industry and the theory and practice of international internal audit. It has made great progress in many aspects, and can also find the shadow of the audit of risk management, and the internal audit is involved in the risk. Management has received certain attention. How to promote the role of internal audit in insurance companies in risk management so as to improve the level of risk management? First, establish a relatively independent internal audit organization system to enhance independence. Second, change ideas, reshape functional systems, and adhere to the "supervised" and "service-oriented" audit. Under the current background of our country, the supervision function of the internal audit of the insurance company can not be discarded or even strengthened. But the internal audit is not only supervision, it needs to carry out the service type work more, and the participation in risk management is a very important service type work. Third, change the knowledge structure of the internal auditors and improve their participation in the risk management. Therefore, we need to introduce a variety of talents. Fourth, to realize the risk management audit method, the innovation of technology. The internal audit should participate in the risk management, which involves the identification and measurement of the risk factors of the enterprise. The amount of information is huge. The traditional methods and methods are not possible to help the internal auditors to complete these work. Methods and means.
The main points of the article are: 1. because of the extreme importance of risk management to insurance companies, under the guidance of comprehensive risk management, the internal audit department should be actively involved in risk management; 2. the role of internal audit in the whole risk management system is wind risk assistants, whose functions are determined by this role; 3. The internal audit guidance (Trial) is an opportunity to give the independent status of internal audit, to establish a sense of "service type audit", to change the thinking of work, to improve the risk management ability of internal auditors, and to actively promote the participation of internal audit in risk management.
The innovation of this article is: 1. the innovation of the perspective of the research: the study of risk management from the perspective of internal audit, thus enriching the risk management theory of insurance companies; 2. applying the theory of the general internal audit to the insurance industry to contribute to the development and application of the theory. When the industry is applied, it is necessary to make this general guiding theory concrete.
【学位授予单位】：西南财经大学
【学位级别】：硕士
【学位授予年份】：2008
【分类号】：F239.45

【参考文献】