题名

金融企業利用電腦輔助內部稽核風險之研究

并列篇名

The Risks of Computer-Assisted Internal Audit in Banks

DOI

10.6295/TAMJ.2012.1202.03

作者

林靜雯(Ching-Wen Lin);王偉權(Wei-Chuan Wang);曾華封(Hua-Feng Tseng)

关键词

內部稽核 ; 電腦稽核 ; 決策實驗室 ; 網路程序分析法 ; internal audit ; IT auditing ; DEMATEL ; analytic network process (ANP)

期刊名称

台灣管理學刊

卷期/出版年月

12卷2期(2012 / 08 / 01)

页次

159 - 177

内容语文

繁體中文
中文摘要

本研究旨在建構銀行利用電腦輔助內部稽核時評估風險的架構,首先透過文獻分析,彙整定義評估風險準則,再經由專家問卷確定準則指標,並結合DEMATEL及ANP法,分析各項評估風險準則之間的因果關係與相對權重,建立一套具體的風險評估模式,以提供銀行評估利用電腦內部稽核風險時,明確的評估系統。研究結果顯示,降低銀行利用電腦輔助內部稽核風險,最重要的準則因素是「法令遵循」,而「組織的認同」因素,則可以檢定、觀測整體銀行利用電腦輔助內部稽核的風險管理能力之重要指標。改善銀行內部稽核的風險,將不再是單純的業務檢查及事後報告,必須具備電腦專業知識與技能,利用稽核檢查軟體,提升內部控制制度事前的風險判斷及預防之能力。本研究建議,銀行重視內部稽核人員職責,並重視與提升內部稽核人員電腦專業素養的養成,或晉用擁有電腦專業技能的稽核人員,將可有效降低改善銀行利用電腦輔助內部稽核之風險。
英文摘要

This study aims to construct a risk assessment framework for computer-aided internal auditing for the banking industry. Based on literature review, this paper first generalizes and defines the risk criteria. Then, by expert survey, it determines the criteria indicators, and then, employs DEMATEL and ANP to analyze the causal relationships and relative weights among the risk assessment criteria, in order to develop a concrete risk assessment model. This system can be used by banks to assess internal auditing risks.The results indicate that the most important risk criterion involved in lowering computer-aided internal auditing is ”legal compliance.” ”Organizational identification” is the main indicator for examining and observing the risk management abilities of computeraided internal auditing. Lessening internal auditing risks is no longer a simple administrative procedure and post hoc report, but requires computer knowledge and proficiency in order to enhance the prior risk judgments and prevention abilities of an internal control system.This study suggests that banks should concentrate on the job functions of internal auditors, enhance the computer proficiency of internal auditors, and recruit auditors with computer proficiency in order to effectively lower internal auditing risks of banks.
主题分类 社會科學 > 管理學
参考文献
  1. 施光訓、劉晏孜(2008)。金融專業人才應具備核心能力之研究。文大商管學報,13(2),47-70。
    連結:
  2. 審計準則公報之審計實務引導第五號,2003。
  3. 銀行法,2005,總統華總一義字第09400072481 號令公布修訂條文。
  4. Statements on Auditing Standards (SAS) No. 48. 1984.
  5. 審計準則公報第三十二號,1998。
  6. 審計準則公報第二十五號,1993。
  7. 銀行內部控制及稽核制度實施辦法,2007.09.06 金管銀(二)字第09620006295號令修正。
  8. Statements on Auditing Standards (SAS) No. 94. 2001.
  9. 財政部銀行稽核工作考核要點,2003/03/24 台財融 ( 六) 字第0926000085 號令。
  10. 審計準則公報第三十一號,1997。
  11. American Institute of Certified Public Accountants(1979).Computer-assisted audit techniques.New York:American Institute of Certified Public Accountants.
  12. Basel Committee on Banking Supervision(2003).Sound practices for the management and supervision of operational risk.Basel, Switzerland:Bank for International Settlements.
  13. Brazel, J. F.(2008).How do financial statement auditors and it auditors work together?.The CPA Journal,78(11),38-41.
  14. Cheng, E. W. L.,Li, H.(2005).Analytic network process applied to project selection.Journal of Construction Engineering and Management,131,459-466.
  15. Crouhy, M.,Galai, D.,Mark, R.(2000).Risk management.New York:McGraw-Hill.
  16. Curtis, M. B.,Payne, E. A.(2008).An examination of contextual factors and individual characteristics affecting technology implementation decisions in auditing.International Journal of Accounting Information Systems,9,104-121.
  17. Fernandez, A. I.,Gonzalez, F.(2005).How accounting and auditing systems can counteract risk-shifting of safety-nets in banking: Some international evidence.Journal of Financial Stability,1,466-500.
  18. Gabus, A.,Fontela, E.(1972).World problems, an invitation to further thought within the framework of DEMATEL.Geneva, Switzerland:Battelle Geneva Research Center.
  19. Hung, Y.-H.,Chou, S.-C. T.,Tzeng, G.-H.(2007).Knowledge management strategic planning.IEEE International Conference on Information Reuse and Integration,Las Vegas, NV.:
  20. Lee, J. W.,Kim, S. H.(2000).Using analytic network process and goal programming for interdependent information system project selection.Computer & Operations Research,27,367-382.
  21. Lin, C.-T.,Wu, C.-S.(2008).Selecting a marketing strategy for private hotels in Taiwan using the analytic hierarchy process.The Service Industries Journal,28,1077-1097.
  22. Liou, J. J. H.,Yen, L.,Tzeng, G.-H.(2008).Building an effective safety management system for airlines.Journal of Air Transport Management,14,20-26.
  23. Lovata, L. M.(1990).Audit technology and the use of computer assisted audit techniques.Journal of Information Systems,4(2),60-68.
  24. Meade, L. M.,Sarkis, J.(1999).Analyzing organizational project alternatives for agile manufacturing processes: An analytical network approach.International Journal of Production Research,37,241-261.
  25. Merhout, J. W.,Buchman, S. E.(2007).Requisite skills and knowledge for entry-level IT auditors.Journal of Information Systems Education,18,469-477.
  26. Ou Yang, Y.-P.,Shieh, H.-M.,Leu, J.-D.,Tzeng, G.-H.(2008).A novel hybrid MCDM model combined with DEMATEL and ANP with applications.International Journal of Operations Research,5,160-168.
  27. Saaty, T. L.(2001).Decision making with dependence and feedback: The analytic network process: The organization and prioritization of complexity.Pittsburgh, PA:RWS.
  28. Sarens, G.,Beelde, I. D.(2006).Internal auditors' perception about their role in risk management: A comparison between US and Belgian companies.Managerial Auditing Journal,21,63-80.
  29. Seyed-Hosseini, S. M.,Safaei, N.,Asgharpour, M. J.(2006).Reprioritization of failures in a system failure mode and effects analysis by decision making trial and evaluation laboratory technique.Reliability Engineering & System Safety,91,872-881.
  30. Shih, K.-H.,Chen, H.-J.,Chen, J. C. H.(2006).Assessment of sustainable development and knowledge of environmental management: internal auditors' perspectives.Industrial Management & Data Systems,106,896-909.
  31. Singleton, T.(2006).Generalized audit software: Effective and efficient tool for today's IT audits.Information Systems Control Journal,2,11-13.
  32. Tamura, M.,Nagata, H.,Akazawa, K.(2002).Extraction and systems analysis of factors that prevent safety and security by structural models.SICE 2002 Proceedings of the 41st SICE Annual Conference,Osaka, Japan:
  33. The Institute of Internal Auditors(2009).International professional practices framework.Altamonte Springs, FL:The IIA Research Foundation.
  34. Tzeng, G.-H.,Chiang, C.-H.,Li, C.-W.(2007).Evaluating intertwined effects in e-learning programs: A novel hybrid MCDM model based on factor analysis and dematel.Expert Systems with Applications,32,1028-1044.
  35. Vuchnich, A.(2008).Using CAATTs in preliminary analytical review to enhance the auditor's risk assessment.The CPA Journal,78(5),38-40.
  36. Wu, W.-W.(2008).Choosing knowledge management strategies by using a combined ANP and DEMATEL approach.Expert Systems with Applications,35,828-835.
  37. Wu, W.-W.,Lee, Y.-T.(2006).Developing global managers' competencies using the fuzzy DEMATEL method.Expert Systems with Applications,32,499-507.
  38. Wu, W.-W.,Lee, Y.-T.(2007).Selecting knowledge management strategies by using the analytic network process.Expert Systems with Applications,32,841-847.
  39. 吳琮璠(1997)。會計資訊系統與電腦審計。台北:智勝。
  40. 許林舜、江東儒、吳筱雯、鄭怡婷(2007)。,台北:金融監督管理委員會檢查局。
  41. 鄧家駒(2000)。風險管理。台北:華泰文化。
  42. 盧正宗、黃劭彥、陳育成(2003)。影響內部稽核生產力因素之探討─以企業主管之認知為例。第四屆管理學域學術研討會,台中:
  43. 鍾慧貞(2009)。以風險為導向之金融檢查談銀行內部稽核之重要性。內部稽核,66,20-24。
  44. 嚴永舜(2008)。碩士論文(碩士論文)。開南大學企業與創業管理學系。
print cancel