我國國營事業與民營企業電腦內部稽核之研究 / The EDP Internal Auditing of a State-owned Enterprise and Privately-owned Enterprises

劉盈欒, Liu, Lin Luan

Unknown Date

國內目前經濟狀況呈現著多角化、國際化的趨勢，因此，自由競爭亦是未來導向，公營事業開放民營將是無法避免的現象。而電腦化作業亦是目前各公司極為普遍的現象，所以如何落實其作業系統之有效執行，則需仰賴公司內部控制及稽核制度。 　　故本論文之研究目的乃以經濟部所屬十單位之國營事業，以及依證券交易法及證券交易所規定之公開上市公司為對象，先明瞭國營事業與民營企業資訊部門及內部稽核制度，之後再介紹其使用電腦稽核之實施現況，並評估其相關問題，最後則提出改進意見。 　　本論文參閱了國內相關法令、規定與有關文獻，以及政府內部稽核制度，並採取調查問卷的方式，以能獲取國營事業與民營企業內部電腦稽核更進一步之攸關資料。最後再依據問卷整理彙總的結果，以單因子變異數分析、卡方檢定、T檢定及描述性等統計方法分析結果後，再提出結論與建議。

內部稽核

電腦稽核

internal auditing

EDP auditing

資訊科技對內部稽核業務影響之研究 / The impact of information technology on internal audit activities: An empirical study of Taiwan internal audit practices

鄭晴方

Unknown Date

企業利用資訊科技進行營運可能面臨相關風險，內部稽核人員在進行稽核作業時，應瞭解及運用資訊科技，以評估及確認各種資訊科技風險及企業相關控制之有效性，並提高其工作效率與效果。因此，本研究之目的在於瞭解我國內部稽核單位進行稽核作業時，使用資訊科技的程度以及施行資訊科技稽核的情形，並探討其可能的影響因素。 本研究調查顯示，國內公司內部稽核單位執行內部稽核作業時，其使用資訊科技及進行資訊科技稽核的情形已較過往普遍。超過七成的內部稽核單位已使用廣義的電腦輔助稽核工具，協助進行內部稽核作業，並有超過九成的內部稽核單位已在其年度稽核計畫中納入資訊科技稽核。經實證結果顯示，主要影響內部稽核單位使用資訊科技的程度及是否施行資訊科技稽核之因素為公司資訊環境的複雜程度。 / Information technology (IT) provides the opportunities for business growth and development, it’s usage also faces various threats such as disruption, deception, theft, and fraud. The proliferation and complexity of IT brings many organizational risks and IT-related risks. In order to assess and manage these risks, internal auditors need to utilize information technology when performing internal audit activities and should also include IT audit in their audit plans to ensure the effectiveness of the firm’s IT controls. This study examines IT usage and the performance of IT audit by the internal audit departments of Taiwan public firms. Our empirical results show that over 70 percent of the internal audit departments use computer aided audit techniques (CAATs) when performing their internal audit activities. We also find that over 90 percent of the internal audit departments have included IT audit in their annual audit plans. In addition, The IT sophistication of a firm is significantly and positively associated with the IT usage by its internal audit department. That is, the internal auditors facing a complex IT environment tend to use more IT when performing their audit activities.

資訊科技

內部稽核

內部稽核業務

資訊科技稽核

information technology

internal audit

internal audit activities

IT audit

內部稽核單位規模影響因素之研究

柯思豪, Ko, Szu-Hao

Unknown Date

本研究旨在探討內部稽核單位規模之影響因素，透過問卷調查方式向國內上市櫃公司的稽核主管蒐集相關資料，藉此瞭解內部稽核單位的運作情形與稽核主管對其單位規模未來變動的看法。本研究發現： 1.內部稽核之功能對稽核單位規模有正向顯著的影響，顯示我國上市櫃公司係依據其內部稽核功能之強弱，以決定其稽核單位的規模。 2.內部稽核功能的影響因素係以機構的內在管理因素為主，包括治理單位的重視與要求、公司之資訊透明度以及組織內其他部門的配合，而內部稽核的相關法令規範亦為影響稽核功能的因素之一。 3.上市櫃公司稽核單位的規模在近三年來大多為持平的狀態，而目前的員工人數，仍以1至2人的小規模單位為主。我國稽核單位普遍面臨人力不足的情況，主要原因為機構所設定的內部稽核功能超過稽核單位的人力，以及缺乏特定專長的人員。目前稽核單位多採取減少低風險項目的稽核、提昇稽核效率與加班等方式，以因應人力不足之限制。 4.非金融業稽核主管，其大多認為未來稽核單位規模將持平；而金融業稽核主管則有近半數認為其單位規模會逐步增加，顯示金融業對於內部稽核單位的擴充較具信心。 / This purpose of this paper is to investigate the factors that significantly influence the size of a firm’s internal audit department (IAD). This paper also reports the status of IAD operations and chief audit executives’ (CAEs) opinions regarding the possible change in size of their departments. A research questionnaire was sent to the CAEs of listed companies in Taiwan to collect data for empirical analysis. The main conclusions of this study are as follows. 1.Internal audit functions positively influence the size of IAD. Most organizations determine the size of their IADs in accordance with their expected functions of internal audit. 2.There are four factors affecting the functions of internal audit, namely, the board of directors’ emphasis on internal audit, corporate information transparency, other departments` cooperation and coordination with IAD, and the laws and regulations on internal audit. 3.The size of IAD remains stable for the past three years. The size of IAD is very small. For most IADs, there are only 1 to 2 auditors, and lots of IADs are experiencing shortage in manpower. The shortage is mostly due to the board’s expectation of IAD exceeds the current capability of IAD and its lack of specialty personnel. To overcome the constraint in manpower, most IADs decrease the audit of low-risk items, increase audit efficiency and/or work overtime. 4.Most CAEs believe that the size of their IADs will not change significantly in the near future. However, the CAEs in the banking industry generally believe that the size of their IADs will increase gradually.

內部稽核

單位規模

稽核功能

internal audit

internal audit department size

functions of internal audit

網路環境帳務稽核日誌系統之建置研究 / A Study on the Implementation of a model of Network Environment Accounting Auditing Log System

歐文純, Ou, Wen-Chueng

Unknown Date

網路環境中，電子商務上的帳務稽核系統，需要內部控制與內部稽核機制的輔助；尤其是在科技快速發展的今日，沒有人能保證百分百的安全，當安全的環境產生漏洞後，需要有一道最後的防線來偵測環境的漏洞，以減少公司的損失，Olden[2000] 認為稽核(Auditing)是網路環境下，電子商務安全基礎建設(Security Infrastructure)中最重要的功能，此稽核的工作包括：(1)促使公司追蹤網站上的活動。(2)產生交易日誌及相關的安全事件。(3)利用稽核日誌以證明某一活動或交易的執行，並且可以追蹤與重新建立因為安全入侵或詐欺等受到影響的事件。因此需要一個網路環境帳務稽核日誌系統，以利後續的審計軌跡的追蹤與查核。本研究試著提出適合在網路環境交易上的帳務稽核日誌系統架構，以解決網路環境交易上帳務稽核的需求，提供一個容易瞭解的稽核方式，幫助管理者更容易掌握網路上的相關問題，並且加以改進。對於日誌的稽核方面，提出重要的整體檢驗概念：(1)個別系統異常的檢查及異常的交互核對，以便找出不易發現的錯誤。(2)應用系統使用者主管角色檢查，以防止內部控制不當的缺失。 　在系統雛型建置上，由於各系統所產生的日誌並非為了帳務稽核之目的而設計，難免無法完全滿足帳務稽核日誌所需要的欄位，尤其是無法支援由任一日誌交叉查詢至其他三種日誌所需要的欄位，及受限於研究資源及時間的限制，在雛型系統的實作上，本研究只實作當交易日誌找出異常資料時，再交叉查詢到其他三種日誌。同時，因為重點是放在交叉查詢的檢查，為了減少資料量，因此交易日誌的檢查只舉出經過簡化的十個例子來示範。 / It is hard to implement perfect safe systems in network environment for electronic commerce, so we need internal control and audit mechanism to help detecting unsafe events or error events. Olden[2000] claims that auditing is one of the most critical functions of an e-commerce security infrastructure. The auditing component, which enables an organization to track a Website's activities, should generate logs of transactions and relevant security events. Audit logs serve as proof that an activity or transaction was performed. The logs are often the best way to track and recreate events leading to a security breach or fraudulent activities. In an effective e-commerce security infrastructure, every activity should automatically generate a log entry that can be accessed later. In this study, an implementation model of accounting auditing log system in network environment is proposed. It is essential for the auditing log system to integrate with, and leverage, existing technologies and environment platform logs for finding critical errors. The system should also perform user role conflict check for finding lack of user internal control. This research implemented a prototype system (Network Accounting Auditing log system, NAA) in the environment of NT windows and SQL server database system, in which NT system log, IIS log, FTP log, SQL server log, program maintenance log, five logs are assumed to be kept. For simplification, only 10 scenarios are checked whether there are any abcdrmal transaction events. If any abcdrmal event is found, the NAA system will further cross-check the above logs to find the possible reasons.

電腦稽核

電子商務

帳務稽核

網路管理

Computer Auditing

Electronic Commerce

Accounting Auditing

Network Management

臺灣企業內部稽核現況之探索與影響設立因素之研究 / An Examination of the existing Internal Auditing Practice and Factors Affecting the Formation of Internal Auditing Department in Taiwan

王國華, David Wang, Gwo Hwa

Unknown Date

本研究探索臺灣企業目前內部稽核實務現況，並研究影響臺灣企業自願設置內部稽核的因素。 　　經理人、股東、債權人都是與公司有利害關係的個體，唯各個體間的利害並不一致。股東人數愈多，股東與經理人間利害衝突的程度可能愈大；董監事持股比例愈低，股東與董監事經理人之間利害衝突的程度可能愈大；企業舉債愈多，債權人與股東之間利害衝突的程度可能愈大；此外，公司規模愈大，經理人、股東、債權人之間利害衝突的程度可能愈大。內部稽核調查、評估內部控制制度之缺失及衡量營運之效率，適時提供改進建議，確保內部控制制度得以持續有效實施，可協助管理階層（經理人）履行其責任，可降低他們與股東、債權人的利害衝突。故本研究調查內部稽核的現況，並探討其設置是否受經理人、股東、債權人之間利害衝突的影響，申言之，本研究探討股東人數的多寡、董監事持股比例、企業舉債情形及公司規模是否與企業自願設置內部稽核有關。 　　本研究運用代理理論，分析臺灣1993年的樣本上市公司及外商公司，經Mann-Whiney U及Logistic Regression檢定，發現：股東人數的多寡及企業舉債情形與公司自願設置內部稽核無關；董監事持股比例與公司自願設置內部稽核，存在反向相關，但並不顯著；而公司規模與公司自願設置內部稽核，存在顯著的正相關。此種現象顯示：公司規模是企業設置內部稽核最主要考量的因素。當公司規模增加時，可能的財富移轉金額增大，另一方面，許多建立內部稽核的成本是固定的，是以，相同之內部稽核的結構與功能下，因規模經濟而產生之效益對規模較大的企業而言是較大的。此外，當公司規模不斷擴張，業務日益複雜，高階管理當局有效掌握與控制各部門、各分支機構作業情況的程度，也往往日益降低，因此，設置一個地位超然，能幫助其了解，進而評估整個企業運作的內部稽核之需求，也就不斷升高。

內部稽核

內部稽核實務

代理理論

Internal Auditing

Internal Auditng Practice

Agency Theory

公司治理單位架構對公司內部稽核功能影響之研究 / The effect of corporate governance structure on the functions of internal audit activity

詹佳霖

Unknown Date

本研究旨在探討台灣上市、上櫃及公開發行及其他類型公司在不同治理單位架構下，內部稽核單位的角色是否會有所差異。本研究深入分析前項差異，藉以瞭解我國公司內部稽核之功能及其影響因素。本研究發現： 1.內部稽核協助「內部控制」、「風險管理」及「公司治理」之功能並未因公司治理單位架構的改變而有顯著差異。內部稽核功能已受到企業一定程度之重視，即使公司治理架構正處於轉型過程，內部稽核單位仍可發揮其功能。 2.設置審計委員會之公司提供較多預算及人力，有助於年度稽核計畫與業務的執行，顯示公司治理單位架構的改變，會影響稽核預算及人力配置。 3.公司設置審計委員會，有助於提升「內稽單位給予的建議更容易被採納」、「內稽單位與治理單位互動增加」、「內稽主管更多機會參與策略制定」、「內稽單位查核工作之執行更為順利」、「內稽單位獨立性增加」、「內部稽核預算增加」及「內稽單位更能協助企業進行風險管理」等七項內部稽核功能。 / This purpose of this research is to investigate the effect of a public company’s corporate governance structure on its internal audit activity’s role in Taiwan. This research analyzes the above effect to understand the functions of public companies’ internal audit activities and the factors affecting these functions. The main results of this study are as follows. 1.The internal audit’s functions of assuring "internal control", "risk management" and "corporate governance" do not show significant differences with changes in corporate governance structure. The internal audit functions are well recognized. Even if the corporate governance structure in Taiwan is in a transformation process, the internal audit activity can still fulfill its functions. 2.The company with an audit committee provides more budget and manpower to facilitate the performance of annual audit plan and related activities. That is, the changes in corporate governance structure do have an effect on the internal audit activity’s budget and staffing. 3.For the companies with audit committees, they have the following characteristics, i.e., ”internal audit activity’s recommendations are more likely to be accepted”, ”increased interaction between the internal audit activity and corporate governance members”, ”the chief internal auditor has more opportunities to participate in strategy formation”, ”the internal audit activity perform their works more smoothly”, ”higher independence for the internal audit activity”, ”higher budget for the internal audit activity”, and ”the internal audit activity can further assist the company in managing risks”.

內部稽核

公司治理單位架構

內部稽核功能

internal audit

corporate governance structure

internal audit functions

企業內部稽核人員與外部審計人員互動關係之研究

曾建銘, Tseng,, Chien-Ming

Unknown Date

本研究利用問卷調查內部稽核人員與外部審計人員兩者對於內部稽核功能之認知、雙方互動之情形、以及內部稽核功能與審計公費之關係。研究結果發現外部審計人員對於國內內部稽核功能能否有效發揮，仍有所保留，特別是在獨立性的部分，但對於內部稽核人員的專業能力則表示肯定。另外，大多數的填答者皆有與對方互動之經驗，但互動的程度並不高，以「偶而會」及「偶而詢問」為主。縱使互動程度不高，但是雙方皆認為互動對於外部查核工作或內部稽核工作是有助益的。此外，大多數的外部審計人員認為，內部稽核功能的好壞與審計公費有一定的關係存在，但其影響的比例以5%以下居多，這可能也是間接造成雙方互動不密切的重要因素之一。 / This thesis uses questionnaires to examine the external auditors’ perceptions of the internal auditing function, the level of co-operation between the internal and external auditors, and the relationship between internal audit function and external audit fees. The empirical findings indicate that external auditors expressed concern about the internal auditing function, independence especially. And the questionnaire responses show the lack of a close relationship between the internal and external auditors. They just occasionally co-operate with each other, but they consider that it is helpful to them. In addition, most external auditors are convinced of the existence of a direct link between internal audit function and external audit fees. But the percentage of external audit fee affected by internal audit function is below 5 percent, this may be one of the reasons why they lack a close relationship between each other.

內部稽核

內部稽核人員

外部審計人員

審計公費

Internal auditing

Internal auditors

External auditors

Audit fees

金融檢查制度之研究

王富美, WANG, FU-MEI

Unknown Date

在金融自由化措施目繼實施及新銀行開放設立的現況下，銀行經營的競爭性與風險性已大為提高。因而，金融當局必須盱衡實險情勢，參酌先進國家相關制度及其經驗，適度修正當前國內金融檢查制度，使其充分發揮應有功能，健全對銀行的經營監督。 就各主要國家的金融檢查制度言，中、美、日三國採取比較嚴格的檢查，且是監督管理的重心；英國金融當局則並未直接檢查；主要依賴報表資料整理及管理人員面談之方式監督；德國金融當局亦不自行檢查，而係透過查核人員向主管機關所提報告來監督。 目前，我國金融檢查制度由於金融檢查事權尚未統一、報表稽核制度績效不彰、金融機構內部稽核未受重視及缺少統一的銀行會計制度等原因，致使金融檢查之功能未能充分發揮。是以建立檢查事權統一的金融管理、借助外部稽核、改善現行報表稽核制度、提昇稽核人員素質、統一銀行會計制度，均為當務之急。此外，如循序推行財務報表的公開，以發揮市場監督力量，使銀行經濟人負法律責任，及資產負債表外交易風險的重視等，均為我國金融當局未來努力的方向。

金融檢查

金融稽核

銀行

BANK

論公司治理下內部控制與內部稽核之實現與變革－以金融機構為例

連煥明, LIAN, HUNNA-MING

Unknown Date

真誠落實履行公司治理的宣誓，承諾防止脫法行為的發生、強化對公司經營之管理權責，及確保所有與公司有關之實性事項等信息準確且即時地披露，是金融機構或企業體賴以永續經營、成長、茁壯及吸引廣大投資人及資金提供者的青眛和信心的基本條件及責任，故而，公司治理是金融改革中最重要的一環。 金融機構是為社會公器，作為經濟社會穩定與發展的基石，他的永續經營關係著存款大眾、投資人、債權人、及金融從業人員的正常生計，站在維護社會正義及經濟秩序，絕不容許其毫無預警式地發生財務劇變或惡性倒閉，因此，主管機關、金融機構之董監事、及高階經營管理階層有著更大的責任和義務，來維繫其正常運作，也因此，對金融機構之公司治理的落實及要求，亦將較諸其他各產業為嚴格。 本論文以參考文獻法，闡述公司治理、內部控制、及內部稽核的意義及架構、釐清其間之關係及分工與責任，並爰引文獻論述，擷取精要，提出淺顯易行可資應用之內部控制及內部稽核方法及策略，以期金融機構能藉由內部控制及內部稽核的檢核及驗證，達到自律及自檢，並以金融機構為社會公器，提出五點建言，以落實公司治理實務準則。

公司治理

內部控制

內部稽核

台灣金融機構落實內部稽核制度之研究-以本國銀行為例

方建軍

Unknown Date

本文爰於各國主管機關非常重視金融機構的內部控制與內部稽核制度，但是仍然無法避免各類舞弊情事發生，遂由金融主管機關金融檢查人員，本國銀行內部稽核人員及營業單位人員的觀點，分別探討台灣金融機構如何落實內部稽核制度。主要研究目的有下列三項：(一)以主管機關金融檢查人員的觀點，探討銀行應如何落實內部控制與內部稽核。(二)以個案銀行內部稽核人員的觀點，分析哪些因素會影響內部控制與內部稽核的實施。(三)以個案銀行營業單位人員的觀點，探討銀行實施內部控制與內部稽核有何缺失？並以描述性統計分析、信度分析、效度分析、獨立樣本t檢定、單因子變異數分析、Pearson積差相關分析等統計方法，檢視各變項間的相關性。實證研究發現：(一)內部稽核的中階主管，不論係經由金融監理機關或公營銀行、民營銀行的角度探討內部控制之落實，均居於相當重要的地位。 (二)金融監理機關檢查人員的角度觀之，本國銀行內部稽核與超然獨立性、保持客觀性方面的關係均較弱。又以本國銀行營業單位人員的觀點，認為內部稽核在具備超然獨立性的情況下，於實際執行稽核工作時較能確保克盡稽核職責。(三)組織一致性的需要對於內部稽核維持獨立性、保持客觀性、誠實正直有顯著相關性，其中內部稽核人員的維持獨立性則與保持客觀性，彼此間最為相關，形同一體兩面，並需要誠實正直，始能相輔相成；銀行經營要降低成本及為符合競爭的需要，均與專業技能較有顯著關係。(四)落實內部稽核與內部控制間，顯然為一體的兩面，兩者相輔相成，息息相關。 / Even though overseeing implementation of the internal control and internal auditing systems of financing institutions has been regarded as the top job priority of financial regulators in most countries, the occurrences of various wrongdoings and misconduct are still inevitable. This paper tried to discuss how to ensure that Taiwanese financial institutions effectively carry out their internal auditing systems through the viewpoints of financial inspectors of regulatory authorities, internal auditors and business units of financial institutions respectively. The main focus of this study had the following 3 perspectives: 1.From financial regulators’ viewpoint, what steps banks should take to reinforce their internal control and internal auditing? 2.From a bank internal auditor’s point of view, what kind of factors will influence the execution of internal control and internal auditing? 3.For staff in the bank business unit, what defects might be caused by the implementation of internal control and internal auditing? This paper adopted various statistical methods for empirical studies, such as descriptive statistics analysis, reliability analysis, validity analysis, t test of independence sample, one-way analysis of variable, pearson’s product moment correlation analysis, to examine correlations between each variables and found out: 1.The mid-ranking internal auditors, despite the perspectives of financial regulators, private-owned or government-controlled banks, play a very important role on the successful implementation of internal control. 2.Most of inspectors in the financial regulators discovered that it was very difficult for internal auditors in domestic banks to maintain their independence and objectivity. The staff in the bank business unit thought internal auditors only with greater independence could perform their jobs better. 3.Only with unanimous support of the whole bank, independence and objectivity of internal auditors could be well preserved. It was also obvious that independence and objectivity of internal auditors had to be closely connected to their integrity and honesty. In addition, cost reductions and competitiveness enhancement of a financial institution were much relied on the professional skills and experiences of its staff and management team. 4.Internal auditing and internal control are vitally related

內部控制

內部稽核

金融機構