產物保險業企業風險管理之實務探討：以A產物保險公司為例 / Objective Discussion for Risk Management of Property Insurance Corporation - Example to A company

許國棟

Unknown Date

鑑於內外環境瞬息萬變，各類風險不斷增加，銀行、投資公司及金融機構遂著手研究新法控制風險，而一連串重要的風險管理概念亦隨之出現，致使風險管理成為近年之顯學，且自從一些公司採用風險管理方法，作為一種有效的管理工具，以控制該行業營運活動的風險後，企業風險管理便逐漸成為一項具有關鍵作用的管理工作，也就是運用有效的風險策略及避免危機發生，進而爭取最多的機會，是唯一不變的法則。 企業風險管理工作必須由全體人員共同參與，不應被視為與其他管理工作無關，而應被視為與整個管理制度的邏輯架構融為一體，也就是一種管理態度，本研究檢視個案公司發現其原自發性建立之風險管理機制，以依其公司文化建立了風險管理三大控管機制，即日常監控、異常監控及風險管理考評準則。 後因「保險業風險管理實務守則」部分項目(「應」執行條文)須訂定相關控制作業處理程序並提報董事會通過，對其風險管理之提升有所影響，歸納影響結果如下；(1)提升董、監事之風險意識；(2)風險管理組織架構之進化，如設置董事會層級風險管理委員會、成立風險管理暨資產負債管理會議及成立風險管理部；(3)風險管理機制之精緻化，如經濟資本之評估、資本適足率之評估、整合稽核、法遵及風管功能、強化風險控管措施、整合業務單位風險管理資訊及損失事件通報流程；(4)修訂「風險管理考評準則」。

企業風險管理

日常控管機制

異常控管機制

風險管理考評準則

專案融資運用於一般產業之研究-以K集團公司為例 / The Study of general company Project Financing - take K group corporation for example

郭雨民

Unknown Date

近年隨著國內外經濟發展、企業營運規模擴大下，在企業發展過程中，資金充足係其發展成敗之重要關鍵。一般而言，企業資金來源可區分為內部資金與外部資金。就外部資金部分，雖目前企業以直接金融透過發行有價證劵之方式，向一般社會大眾募集資金之風氣日增，但透過間接金融向銀行融資借貸，因較具彈性，可針對個案之不同調整融資契約之內容，仍為企業獲取外部資金之重要管道。 因科技日益創新下，許多投資案的規模及複雜性亦日漸擴大，現行傳統融資方式逐漸無法滿足企業之需求，專案融資(Project Finance)之模式逐漸受到重視。但因過去研究中多以政府BOT專案融資案件作研究，鮮少有企業個案提供參考，故本次研究目的為提供較不易得取資訊之企業專案融資個案作參照。 本次研究個案之專案融資係以客製化方式，針對個案之特殊需求(非一般營運週轉金用途)，在個案進行輔導公開發行 (Initial Public Offerings，IPO)階段中提供融資進行財務結構調整之協助。並建置監控資金用途之控管機制(Milestone)，搭配完善的還款機制以保障債權。個案藉由本專案融資之進行，財務結構調整沖銷內部股東往來、與提高流速動比及負債比，目的為讓個案財務結構更加透明，以利後續IPO階段進行。 故不論在私人企業之投資計畫或於公私部門合作(BOT)之計畫案中，專案融資皆扮演相當重要之角色。然在我國法制上，就融資案中居於關鍵地位之擔保機制，並未為特殊之規範，而僅以銀行法之擔保授信作為規範依據。然細究該規定，其僅將民法或動產擔保交易法中早已明文規範用於一般交易行為之擔保機制羅列於條文中，無法完全滿足銀行於專案融資中對擔保機制之需求。本個案企業之融資需求與金額在一般銀行往來融資條件下，並不容易成就。故本專案融資中的研究主要係在說明如何加強擔保機制並作相關之防範功能，使在債務人違約時能有效保障銀行債權。 / The scale of operations continuously extend with the development of the domestic and international economic situation in recent years, capital adequacy is no doubt a key point in the process of enterprise development . In general, the corporate-owned fund of the source can be divided into internal capital and external capital fund. The current corporation use common way raising capital fund through the issuance of Market Securities to the general public. Though indirect financial way to the bank financing is more flexible and still an important channel for gaining access to external funds, bank can customize the conditions of the financing contract case by case. The traditional financing can’t meet the needs of corporation. Project finance model has to be taken seriously during innovation in technology, scale and complexity of the many investment cases. But most researches focus on BOT project finance of government in the past years, there are few references about single company. Our research provides single company project finance that is uneasy to get to be referred. This case study of project finance based on the way of customization for the special needs of the case (a non-operating revolving function) , and bank provides financial restructuring during IPO consulting stage. The Bank structures the Milestone mechanism to monitor the use of funds, with carefully repayment mechanisms to guarantee the debt. This case can use project finance to write off the account receivable of shareholders, and to improve the financial ratio such as flow rate ratio and liabilities. It can help financial statement more clear to follow-up IPO stage. Project finance plays a very important role in any investment case whether the Public sector or private corporation. Guarantee mechanism which is key position of financing case doesn’t be special limited in our legal raw. The technical regulation just bases on the security guarantee of credit in The Banking Act of The Republic of China. The rules of Banking Act of The Republic of China record security guarantee of general trading from Civil law and Personal Property Secured Transactions Act, but it can’t meet the project financial demand. It’s not easy to meet with success under the scale of this project finance and the limitation of general finance. The most important purposes of project finance strengthen guarantee mechanism and control credit risk when debtor defaults.

專案融資

客製化

公開發行

控管機制

擔保機制

Project Finance

Customization

IPO

Milestone

Guarantee mechanism

應用剖面導向技術研製網路應用程式之可設定式細緻化存取控管

林經緯, Lin,Ching Wei

Unknown Date

存取控管(Access Control)是網路應用程式(Web Applications)安全防護中的核心課題。貫徹存取控管的程式碼往往必須嵌入到應用系統的各個模組中，具有橫跨(cross-cutting)的特性，卻也因此常常造成系統中反覆出現類似的程式碼以及不同需求的程式碼夾雜不清的現象。所以學界業界紛紛提出了許多可設定式(configurable)的存取控管機制來解決此一問題。但這些機制都著重在一般功能性(function-level)的存取控管，對於較細緻化(fine-grained)的資料存取(data-level)控管，並未提供設定式的控管方式，還是得透過程式化(programmatic)的方式處理，所以仍然有程式橫跨性的問題。 最近興起的剖面導向程式設計(Aspect-Oriented Programming)基於關注分離的原則(Separation of Concerns)，針對像安全橫跨性的需求，倡議在原有的物件或函式模組外，另以剖面作為這些橫跨性需求的模組單位，既可集中開發又可依規則將安全程式碼整合至系統的各個模組。因此本研究將以AOP技術來設計與製作一套可設定式的細緻化存取控管服務與工具。 / Security is attracting more and more concerns in the development of Web applications. However, it is not easy to derive a robust security implementation for Web applications. The principle difficulty in designing security such as access control into an application system is that it is a concern that permeates through all the different modules of a system. As a result, security concerns in an application are often implemented with scattered and tangled code, which is not only error-prone but also makes it difficult to verify its correctness and perform the needed maintenance. Aspect-Oriented Programming (AOP) is a relative new design method that allows a programmer to isolate some of the code that crosscuts his program modules into a separate module, and thus realizes the concept of Separation of Concerns. AOP offers significant advantages to programming over traditional OO techniques in implementing crosscutting concerns such as access control. In this thesis, we define an XML schema for specifying fine-grained access control rules for Web applications in a configuration file and devise an aspect-oriented implementation scheme. Specifically, we develop an aspect synthesis tool that generates concrete access control aspects automatically from access control rules. These aspects, after woven into the base application, will enforce proper access control in a highly modular manner. As a result, we get a configurable implementation of access control that is not only adaptive but also effective.

網路應用程式

宣告式存取控管機制

以角色為基礎之存取控管

資料層次存取控管

剖面導向程式設計

web applications

data-level access control

Role-based access control

MVC

Aspect-oriented programming