Dissertations / Theses on the topic 'COSO-framework'

Bakgrund och problemdiskussion: Under årens gång har det inträffat flera företagsskandaler. Det har sett bra ut på ytan men insidan har visat motsatsen. Fasaden kollapsar till följd av bristande kontroll. Intern styrning och kontroll och COSO:s Internal Controll – Integrated Framework blir allt mer aktuellt för att få ordning och reda. För börsnoterade företag är intern kontroll centralt eftersom intressenter kräver transparens. Utan intern kontroll finns det ingen rimlig försäkran att en organisation arbetar i linje med uppsatta mål, samt att eventuella risker och brister bemöts på lämpligt sätt.   Syfte: Syftet med denna studie är att beskriva och förklara i vilken uträckning två företag på två olika börser i praktiken tillämpar en intern styrning och kontroll som står i överensstämmelse med COSO:s Internal Control - Integrated Frameworks fem komponenter samt studera hur det påverkar verksamhetsstyrningen.   Metod: En kvalitativ fallstudiestudie genomfördes på två bolag med i huvudsak hermeneutisk tolkningsansats och abduktivt tillvägagångssätt. Empiriinsamlingen skedde genom semi-strukturerade intervjuer och relevant material. Teorin underbyggdes av litteratur, artiklar och internetkällor.   Teori: I kapitlet ingår Svensk Kod för bolagsstyrning, Intern Styrning och Kontroll och slutligen det studien lägger vikt vid som är COSO:s ramverk.   Slutsats: Fallföretagen tillämpar en intern styrning och kontroll som i hög utsträckning stämmer överens med COSO Internal Control – Integrated Frameworks fem komponenter men med små skillnader. Trots att de är storleksmässigt olika och verkar i skilda branscher.
Background and Problem Discussion: Over the years there have been several scandals. Companies have looked good on the surface but the inside has shown the opposite. The surface collapse due to lack of control. Internal control and the COSO Internal Control - Integrated Framework is becoming increasingly important to achieve a properly managed company. For listed companies, internal control is central as stakeholders demand transparency. Without internal control, there is no reasonable assurance that an organization is working in line with their goals, and that any risks are addressed in an appropriate manner.   Objective: The purpose of this study is to describe and explain to what extent two companies in two different stock markets effectively implement an internal control, consistent with COSO’s Internal Control - Integrated Frameworks five components and study how it affects operations management.   Method: A qualitative case study was conducted at two companies with essentially hermeneutic interpretation approach and abductive approach. Empirical data collection was through semi-structured interviews and relevant material. Literature, articles and internet sources supported the theory.   Theory: The chapter includes the Swedish Code of Corporate Governance, Internal Control and finally the COSO framework, which the study was mainly based on.   Conclusion: Both companies apply an internal control which largely matches the COSO Internal Control - Integrated Frameworks five components except marginal differences. Even though they differ in size and act on markets separated from each other.

Dissertação (mestrado)—Programa Multi-Institucional e Inter-Regional de Pós-Graduação em Ciências Contábeis da Universidade de Brasília, Universidade Federal da Paraíba e Universidade Federal do Rio Grande do Norte, 2014.
Submitted by Tania Milca Carvalho Malheiros (tania@bce.unb.br) on 2014-08-04T19:54:56Z No. of bitstreams: 1 2014_Jaqueline GomesRodriguesdeAraújo.pdf: 1757417 bytes, checksum: f92b86b186126929cc146270847bfa7c (MD5)
Approved for entry into archive by Patrícia Nunes da Silva(patricia@bce.unb.br) on 2014-08-05T13:08:28Z (GMT) No. of bitstreams: 1 2014_Jaqueline GomesRodriguesdeAraújo.pdf: 1757417 bytes, checksum: f92b86b186126929cc146270847bfa7c (MD5)
Made available in DSpace on 2014-08-05T13:08:28Z (GMT). No. of bitstreams: 1 2014_Jaqueline GomesRodriguesdeAraújo.pdf: 1757417 bytes, checksum: f92b86b186126929cc146270847bfa7c (MD5)
A presente pesquisa teve como objetivo investigar a percepção dos gestores de uma Instituição Federal de Ensino Superior quanto ao nível de alinhamento do sistema de controle interno institucional às recomendações contidas no framework COSO ERM (Enterprise Risk Management – Integrated Framework). O framework utilizado como referência para esta pesquisa é caracterizado pela abordagem voltada ao gerenciamento de riscos, um dos aspectos recomendados para inteirar a estrutura de controle interno das entidades do setor público e considerado base para a "boa" governança. Quanto à tipologia, trata-se de um estudo exploratório e descritivo, com abordagem quanti-qualitativa. As recomendações contidas no framework COSO ERM foram aplicadas para avaliar o sistema de controle interno da Universidade Federal da Paraíba. A amostra da pesquisa foi composta por 140 servidores, os quais exercem funções relacionadas com a gestão da instituição. Os dados foram coletados através de entrevistas estruturadas. Os procedimentos metodológicos adotados consistiram na análise da confiabilidade do instrumento de coleta de dados, análise descritiva, análise do nível de alinhamento às recomendações do COSO ERM e análise inferencial. O teste de confiabilidade (Alpha de Cronbach) demonstrou satisfatória a consistência interna do instrumento. Para mensurar o nível de alinhamento às recomendações contidas no framework, observou-se a um critério técnico, estabelecido a partir da percepção dos gestores e da ponderação de importância ao quesito, atribuída por especialistas na área de controle interno. Considerando o critério estabelecido, a pontuação que correspondeu ao nível geral de alinhamento do sistema de controle interno da UFPB aos aspectos preconizados pelo COSO foi 4,73 (observando como pontuação mínima 1 e máxima 10). Tal resultado correspondeu a um nível de alinhamento considerado regular. Em termos percentuais, o resultado representou um nível de alinhamento geral de 47,3%. Os componentes da estrutura de controle interno percebidos como mais alinhados foram a “Definição e Fixação de Objetivos” e a “Informação e Comunicação”. Seus respectivos percentuais de alinhamento foram 51,68% e 51,37%. Dentre os que se mostraram menos alinhados destacaram-se a “Avaliação de Riscos” e o “Monitoramento”, com percentuais de 43,73% e 44,47% respectivamente. Segundo o que preconiza o framework COSO ERM, um sistema de controle interno é considerado eficaz para o gerenciamento de riscos a partir da presença e adequado funcionamento dos oito componentes de sua estrutura. Entretanto, o próprio COSO reconhece que poderá haver algum desequilíbrio entre os componentes, como foi observado nesta pesquisa. Diante dos desequilíbrios, cabe à gestão avaliar se a deficiência é significante, ou seja, se impede o atingimento de seus objetivos, dentre eles, o de gerar valor à suas partes interessadas (premissa inerente ao gerenciamento de riscos), podendo adotar uma postura proativa frente às fragilidades detectadas. Esta pesquisa revelou ainda que a percepção dos respondentes quanto ao nível de alinhamento pode ser influenciada por fatores como tempo de serviço, formação e função administrativa desempenhada. Por fim, entende-se que estabelecer uma cultura de controle com enfoque no gerenciamento de riscos revela-se um desafio não só para a instituição pesquisada, mais para as demais instituições públicas. _________________________________________________________________________________ ABSTRACT
The present study aimed to investigate the perceptions of managers in a Federal Institution of Higher Education about the level of alignment of the institutional internal control system with the recommendations proposed by COSO in the framework COSO ERM (Enterprise Risk Management - Integrated Framework). The framework used as a reference for this research is characterized by an approach focused risk management, one of the aspects recommended to complete the internal control structure of public sector entities and considered basis for the "good" governance. Regarding the typology, it is an exploratory and descriptive study with a quantitative and qualitative approach. The recommendations contained in the COSO ERM framework were applied to evaluate the internal control system of the Federal University of Paraíba. The research sample consisted of 140 public servers, who exercise functions related to the management of the institution. The data were collected through structured interviews. The methodological procedures adopted consisted in the analysis of the reliability of the instrument of data collection, descriptive analysis, analysis of the level of alignment with the recommendations of COSO ERM and inferential analysis. The reliability test (Cronbach's alpha) showed the internal consistency of the instrument as satisfactory. To measure the degree of alignment with the recommendations contained in the framework, a technical criterion established from the perception of managers and from the pondering of importance to the question given by specialists in the area of internal control was observed. Considering the established criterion, the punctuation that corresponded to the overall level of alignment of the internal control system of the Federal University of Paraíba with aspects indicated by COSO was 4.73 (consideringing 1 as a minimum and 10 as maximum score). Such result corresponded to a level of alignment considered regular. In terms of percentage, the result represented a general level of alignment of 47.3%. The components of the internal control structure perceived to be more aligned were the "Definition and Fixation of Objectives" and "Information and Communication". Their respective percentages of alignment were 51.68% and 51.37%. Among those which showed themselves as less aligned, the "Risk Assessment" and "Monitoring" with percentages of 43.73% and 44.47% respectively are highlighted. According to what recommends the COSO ERM framework an internal control system is considered effective for the management of risks with the presence and adequate functioning of the eight components of its structure. However, COSO itself acknowledges that there might be an imbalance between the components as observed in this study. Facing this imbalance, it is up to management to evaluate whether the deficiency is significant, that is, if it prevents the achievement of their goals, among them, that of generating value to their interested parties (inherent premise to risk management) and thus being able to adopt a proactive posture towards the weaknesses detected. This research also revealed that the perception of respondents regarding the level of alignment may be influenced by factors such as service time, training and administrative function performed. Finally, it is understood that establishing a culture of control with a focus on risk management reveals itself to be a challenge not only for the researched institution, but to other public institutions.

Esta dissertação possui como objetivo oferecer uma contribuição para o estudo dos controles internos no setor público brasileiro, por meio de comparação entre os aspectos do sistema de controle interno de um órgão público com os conceitos disseminados pelo COSO e literatura correlata. O senso comum, apoiado em inúmeras denúncias veiculadas na mídia sobre superfaturamentos e fraudes ocorridas na Administração Pública, remete à ideia de que os órgãos desse setor não possuem mecanismos suficientes que visem evitar esses desvios de recurso do Erário. A pesquisa foi conduzida por meio de um estudo de caso, tendo como unidade de análise o processo de pagamento de pessoal de uma Organização Militar da Marinha. Para tanto, foi elaborado um instrumento de avaliação do controle interno, baseado no modelo COSO-I adequado à realidade da entidade estudada, para em seguida, com o apoio dessa ferramenta, verificar o nível de harmonização do sistema de controle interno da organização com a estrutura teórica, evidenciando as similaridades e diferenças entre eles. Os resultados apontam para um nível de harmonização de 76,58%. Das diferenças encontradas, 71% das diferenças podem ser explicadas por fatores externos à organização e 29% podem ser explicados pelo modelo interno de gestão, podendo ser convertidos em proximidades com ações executadas na própria organização.
This study aims to offer a contribution to the study of internal controls in the Brazilian public sector, by comparing aspects of public agency`s internal control system with concepts disseminated by COSO and related literature. Common sense, supported by numerous complaints aired in the media about overbillings and frauds in Public Administration, refers to the idea that this sector bodies do not have sufficient mechanisms aimed at preventing diversion of the public purse. This research was conducted as a case study method, having as unit of analysis the process of paying staff of a Brazilian Navy military organization. Therefore, it was designed a tool for internal control evaluation, based on the COSO - I, wich was model adapted to the reality of the studied organization, for then, check the harmonization level of the organizations internal control system with the theoretical structure, highlighting the similarities and differences between them. The results indicate a harmonization level of 76.58%. These founded differences can be explained and by external factors to the organization in 71% of the cases, and 29% can be explained by the internal model of management and may be converted into similarity with actions executed by the organization itself.

Business leaders of contracting companies in Qatar struggle to develop appropriate internal controls over revenue estimates to mitigate the risk of financial statement manipulation. Grounded in the internal control framework of the Committee of Sponsoring Organizations of the Treadway Commission, the purpose of this multiple case study was to explore strategies that business leaders responsible for financial reporting use to develop and implement effective internal controls for recognizing contracting revenues. Nine participants from 3 private contracting companies in Qatar who had implemented strategies to develop and implement effective internal controls for recognizing contracting revenues participated in face-to-face semistructured interviews. Through a process of methodological triangulation as described by Yin, observations and documentary evidence supplemented data collected through semistructured interviews. Different themes emerged through the analysis of data that involved coding narrative segments. The research findings included themes of control environment, control activities, systemized project budget, accounting standards compliance, and risk assessment and monitoring. Business leaders of contracting companies may benefit from the findings of this study by gaining awareness of the need to develop and implement effective internal controls for recognizing contracting revenues. Implications for positive social change could come from identifying internal controls that increase financial statement reliability, which could lead to increased access to capital and debt financing and improved employment opportunities in Qatar.

BackgroundToday’s competitive market forces companies to focus on their core processes. As a result, the number of outsourcing arrangements has grown and especially transactional processes outsourcing, which is clearly evident in Sweden. The lack of expertise and resources that characterizes SMEs makes outsourcing of transactional processes many times a necessity. However, little attention has been given the possible internal control risks associated with outsourcing (Christ et al. 2015). Moreover, frameworks such as the COSO-framework has also neglected to provide guidelines as to how companies should handle outsourcing arrangements. Although the COSO-framework argues that it can be applied to all companies, no matter the size, organizational structure or the choices management makes (COSO 2013). AimThe aim of this study is to identify and analyze internal control risks within Swedish SMEs when outsourcing transactional processes. Moreover, the study will try to provide recommendations to the COSO-framework about how outsourcing arrangements should be handled in order to maintain an effective internal control. MethodThe study uses a qualitative method where a multiple cases study is conducted. The study consists of three case companies where a total of four participants were interviewed through semi-structured interviews, where all participants has a managerial position at their respective company. ConclusionThe findings within the study indicates that outsourcing transactional processes has made the case companies more effective. Moreover, the performance and relational risks identified within the case companies align with previous research where multiple risks were identified. The authors also highlights the possibility of a new risk when outsourcing transactional processes. Furthermore, the authors suggest that the COSO-framework should be modified such that the outsourcing company is a part of the control environment within companies.

This research shed the light on regulations and their effects on operational risk management within the Swedish Swedish Banking Sector. The focus lies on operational risk management due to the introduction of new regulations such as FFFS 2014:1, FFFS 2014:4 and FFFS 2014:5. What could be found in the empirical analysis is that the regulations affected organizational changes.  Additionally, differences between large and small banks could be seen. All changes in terms of implementation of regulations are strongly performed throughout the Three Lines of Defence model where clear organization structure and work description are of importance. The Three Lines of Defence is tightly combined with the COSO framework and operational risk management to conduct compliant organization that is adaptable for any regulatory changes.

Efter 2000-talets stora skandaler fick den interna kontrollen en central roll på de flesta företagen. En stark intern kontroll kan enligt tidigare forskning skydda företag ifrån bedrägerier, fel och misstag. Denna studien syftar till att förklara variationen i företags upplysningar om intern kontroll. En kvantitativ metod har använts för att lyckas besvara detta syfte och empirin har insamlats ifrån 235 börsnoterade bolags årsredovisningar. Uppsatsen har en teoretisk referensram som är byggd på tidigare forskning samt flera olika teorier. De teorier som kommer att användas är legitimitetsteorin, agentteorin, positive accounting theory och institutionell teori. Utifrån denna referensram har fem hypoteser utvecklats. Dessa hypoteser har sedan testats med hjälp av olika statistiska analyser. Resultatet ifrån denna studien indikerar på att det finns flera faktorer som kan påverka företagens upplysningar om intern kontroll i årsredovisningarna. Slutsatsen påvisade att storlek, ägarstruktur samt tillämpningen av COSO: ramverket påverkar mängden upplysningar som anges i bolagens årsredovisningar. Studien indikerade vidare på att bransch och revisionsbyrå inte påverkar mängden upplysningar som anges i årsredovisningarna.
After the big scandals of the 21st century, internal control became a crucial role amongst most companies. According to previous research, strong internal control can protect companies from frauds, errors and mistakes. This study clarifies the variation in companies’ information concerning internal control. Furthermore, a quantitative method is used to successfully respond to this purpose and the information is composed from the annual reports of 235 listed companies in Sweden. This study has a theoretical framework that is based on previous research and several different theories. The theories that are used is legitimacy theory, agent theory, positive accounting theory and institutional theory. Consequently, based on this outline, five hypotheses are developed. Further, these hypotheses are tested using various statistical analyzes. The result of this study indicates that there are numerous of factors that may affect the company's information regarding internal control in the annual report. Conclusively, the study indicates that size, ownership structure and the application of the COSO framework affect the amount of disclosures in the company's annual reports. In addition, the study indicates that the quantity of information disclosed in the annual reports is not depended on the industry or audit firms used.

Bolagsstyrningen har förändrats på grund av vissa negativa företagshändelser som inträffade under 2000-talet. Det har blivit ett större fokus på internkontroll och etik. Som ett led i detta har även betydelsen av internrevision ökat. För att öka effektiviteten och kvaliteten på revisionen måste en samverkan mellan interna och externa revisorer äga rum. Förhållandet mellan parterna är avgörande för att fastställa styrningen av företaget. Denna bakgrund ledde oss fram till uppsatsens syfte som är att undersöka hur den externa revisionen påverkas av internrevision sett utifrån en externrevisors perspektiv. För att besvara uppsatsens frågeställningar har en kvalitativ fallstudie använts. Semistrukturerade intervjuer genomfördes med fem externa revisorer för insamlandet av data. Från fallstudien framkom det att internrevisionen påverkar externa revisorer. Ytterligare visade studien att det sker ett samarbete mellan den interna och externa revisionen. En bra internrevision leder till ett mer effektivt arbetssätt samt en mindre riskfylld revision. Resultatet som framkom i studien visar att externa revisorer använder den interna revisionens underlag om den bedöms som tillförlitlig. Samarbetet mellan revisorerna bidrar till en mer effektiv revision.

This master's thesis is focused on the system of internal controls which is, in some form or another, implemented in every organization. In the theoretical part, the internal controls are specified according to the worldwide accepted integrated COSO framework for internal controls. Furthermore, there is briefly characterized internal audit, its aims and relation to the system of internal controls. The practical part deals with internal controls implemented in a specific organization. There were analysed control mechanisms implemented into the basic enterprise's process, the Order to Cash process.

This thesis deals with the internal control concept according to the COSO Integrated Framework for Internal Controls. Internal control definition, objectives and components are reviewed and commented. The emphasis is put on the auditor's understanding the entity's internal control and his responsibility to identify and assess the risk of material misstatement in the financial statements.

碩士
國立臺灣科技大學
財務金融研究所
102
Taiwan's an export-oriented country. Under the waves of internationalization and globalization, the exchange rate risk creates one of the uncertainties for business, resulting in a direct or indirect impact on corporate profits. The listed company illustrated in the case is a computer components manufacturer in Taiwan. It has its own brand of computer system while facing with multi-currency global marketing income and exchange rate fluctuations. During the global financial crisis, their customers tended to transfer exchange rate losses to the company. This study is to explore the how did the company deal with the impact caused by exchange rate fluctuations with its financial. The company adopts its internal control framework to achieve the implementation of exchange rate management objectives, combined with the integration of enterprise ERP system, as the case company constructs a company-wide management platform to achieve its goals. In this study, through data collection and in-depth interviews, supplement of relevant literature as well as the company’s own FX management process, it has found that: 1. COSO ERM (Enterprise Risk Management) is applicable to the case company's foreign exchange risk management. 2. COSO ERM is more about controlling the risk. While setting up the internal control structure, it needs to consider how the management and board of directors view about setting operations, documenting and executing the process of the procedures. It enables the company to generate foreign exchange risk management and effective implementation of cross-departmental cooperation and to verify the integrity and effectiveness of the internal control system. 3. The company reduced foreign exchange gain/loss impact through business process integration, enhance product competitiveness, natural hedging, and financial derivatives hedging. 4. ERP systems enable companies to obtain real-time information and reduce management costs. 5. In this case, using professional knowledge, the financial officer could adjust the hedge ratios monthly. It’s recommended to establish trading risk assessment methods, such as the VaR to measure risk. The VaR to measure risk is to confirm the hedge ratios, then execute the hedging program with great discipline.

碩士
國立雲林科技大學
會計系
103
The domestic and foreign financial frauds have been frequently happened over the past decade. These scandals highlight the value and importance of bank's internal control system. Although the several occurrence of scandals in Taiwan, Taiwan financial market is still stable under the strict supervision and management of the Financial Supervisory Commission. Therefore, Bank’s internal control system plays an essential role in establishing and maintaining a stable financial market. On the basis of COSO report’s five constitutive factors in "Internal Control - integrated framework", "Implementation Rules of Internal Audit and Internal Control System of Financial Holding Companies and Banking Industries" was built by the Financial Supervisory Commission. And it turned out to be the regulatory basis (fundamental) of bank's internal control system. In this study, a questionnaire survey was designed for bank’s practitioners to analyze their cognition and execution satisfaction of the five basic elements of bank’s internal control system. The questionnaire was randomly sent to objectively selected eight H bank’s branch offices. A total of 98 effective copies were recovered. The result of this study revealed that the bank employees are higher in acknowledgement of the importance of bank’s internal control than their satisfaction in implementing of the system. In conclusion, the appropriate mechanism for coordinating and assisting the implementation of the bank's internal control system is obviously needed, that will facilitate its function to be more thorough and complete.

碩士
國立雲林科技大學
會計系
104
The purpose of this technical report is to demonstrate how to plan the internal control mechanism to reduce the risk of information reliability effectively and efficiently of agriculture E-Commerce platform under COSO:2013 framework. The agricultural output value was 33.4 billions in Yunlin country in 2013, but the operation model of agricultural industry was still in traditional model. Because of the above, the average annual revenue of each farmer was 21 thousands for 70,000farmers in Yunlin country in 2013. Our team tried to set up a serviceable E-Commerce platform to help farmers to reset up their agriculture business model. The most critical factor of success of this new E-Commerce platform is the reliable information of traceability of agriculture. To control the information risk, the agriculture E-Commerce platform setup internal control mechanism to mitigate the uncertainty under COSO：2013 framework. This practical study sets up a serious of internal control processes composed of five components of COSO:2013 framework：Control Environment, Risk Assessment, Control Activities, Information and Communication, and Monitoring. To change the future of agricultural industry, this agriculture E-Commerce platform is necessary. To obtain the sustainability of operation, internal control is one of key success factors.

碩士
國立雲林科技大學
會計系
104
This study investigated the relationship between corporate social responsibility and the loan flow of internal control mechanisms in the COSO framework. Through the subjective perception of the respondents in questionnaire investigation who are engaged in loan division, this study found out that internal control mechanisms of loan flow architecture in COSO mainly consisted of Risk Measurement, Monitoring Improvement, Control Processes, Relevance Information, Communication Channel, Incentive Measures, Risk Monitoring and Feedback of Management. At the same time, we also found that five elements for internal control and corporate social responsibility in the COSO control activities and supervision have significant positive correlation. Through variance analysis, this study found that male, people of 26-35 years old and junior workers would pay higher attention to internal control mechanisms. Through the findings of this study, the loan internal control and corporate social responsibility have significant positive correlation of financial institutions. Stable internal control mechanisms not only play an important role to strengthen corporate social responsibility, but also through more internal education and training for female, seniority and higher age financial credit practitioners to enhance the implementation of the responsibility of credit processes and internal control mechanisms may be due to negligence that could lead to internal operating crisis.

碩士
國立雲林科技大學
會計系
105
In the past several years, Taiwan’s public safety incidents occurred in a more alarming rate. For instance, torrential rain brought by a typhoon eroded the foundation of a well-known hotel in Taitung and washed it away after it collapsed into the river next to it; a wall of glass at a starred hotel in Hualien was shattered by a super typhoon; the disaster response of the staff to the fire outbreak at an underground boutique of a famous starred hotel in Taipei was inadequate. These natural disasters stress the value and necessity of an internal control system; and disaster prevention and response have become the most important part of internal control. The purpose of this practice-based technical report is to realize the internal control of the hospitality industry and the efficacy of disaster prevention and response within the COSO:2013 framework. Disaster prevention and response is a rigorous test for the hospitality industry’s organization operation and emergency response ability. This research identifies the insufficient part of the control system through the procedure of the COSO:2013 framework, obtains the control matrix to prevent disasters in advance, and conducts post disaster reviews. The goal is to ensure the security of people’s life and property to the greatest extent which is also the first priority of the hospitality industry. To control and reduce the risks resulted from the insufficient part of the disaster prevention and response, the hospitality industry establishes an internal control framework based on COSO:2013. There are five elements in the control procedure, environmental control, risk assessment, activity control, information and communication, and monitoring procedure. The internal control mechanism is an extremely pivotal factor for the hospitality industry to ensure public safety during operation. An effective internal control system is able to avoid and reduce the risks of losing life and property and the operational risk and loss induced by the defect of the enterprise internal control. The results revealed that any failure during disaster prevention and response engendered by the internal control defect is mainly caused by a lack of staff training and a lack of regular and irregular inspections and maintenance of physical facilities. These could lead to insufficient emergency response ability and then entail accidents and disasters. However, a more established hotel that requires a more regular training schedule and a fuller-ranged job practice seldom gives rise to this kind of phenomenon.

碩士
國立雲林科技大學
會計系
106
The purpose of this thesis is to reduce operational risk in the management process of the waste and reworked materials in the case-study company through the establishment and implementation of effective internal control under COSO： 2013 framework. Enhancing internal control of reworked materials and waste management can reduce business costs and the risk of being stolen. About 1,500 tons of valuable reworked materials and waste are produced by L Machinery Manufacturing Firm. Ltd. annually, and how to set up the effective internal control system to ensure the safety and recycling of these reworked materials and waste are important issues for the L Machinery Manufacturing Firm. To control the operational risk of reworked materials L Machinery Manufacturing firm develop a serious of processes under COSO 2013 framework. This study focus on the disposal of waste and reworked materials. The elements of internal control framework based on COSO： 2013 include environment control, risk assessment, information and communication, control activities, and monitoring for the sustainability of L Machinery Manufacturing Firm and effective internal control materials and waste plays and important role To be a sustainable company, reducing costs and operational risks will be the key to success and the internal control is one of the successful elements leading the company to increase its value.

碩士
國立雲林科技大學
會計系
105
The purpose of this technical report is going to demonstrate how to construct and implement effective internal control base on COSO：2013 framework to reduce the operation risks of destruction processes of F OEM/ODM shoes supplier. The Taiwan shoes manufacturing industries involved in the global economic activities by focusing Original Equipment Manufacturing (OEM) and Original Design Manufacturing (ODM) and gained the impressive achievement. In order to be more competitive, corporates have to shift to the service-dominate direction for international brands which will lead to value co-creation. This study finds that following the policy of brand and protect the brand equity is the way to obtain international brands customers’ trust. Therefore, it is important that implement effective risk management and internal control. To control the operation risks of destruction processes, the F OEM/ODM shoes supplier design internal control mechanism to mitigate the material weakness base on COSO：2013 framework. This practical study construct and implement a serious of internal control processes composed of five components of COSO:2013 framework：Control Environment, Risk Assessment, Control Activities, Information and Communication, and Monitoring. To obtain international brand customers’ trust to achieve the sustainability of F company and gain more business opportunities, internal control is the key factors, lead to the success of enterprise value. Keywords：COSO；Destruction processes；Internal Control；Risk Control Matrix.

Nos finais da década de noventa do século passado e inícios do século XXI, uma série de escândalos relacionados com fraudes financeiras emergiram, pondo em causa a credibilidade da informação divulgada pelas organizações. Neste contexto, foram-se desenvolvendo normas, códigos, diretrizes e modelos para ajudar as organizações no que diz respeito à gestão e ao governo das sociedades. Destes, destaca-se o modelo COSO, pela sua aceitação a nível mundial. Este estudo tem como objetivo, partindo de uma revisão de literatura sobre auditoria, controlo interno e modelo COSO, avaliar, à luz deste modelo, o sistema de controlo interno existente no departamento de fiscalidade, de um grande grupo português. Assim, a partir da observação e participação direta em atividades, reuniões, entrevistas e análise documental, procuraram-se evidências relativas à presença e funcionamento de cada uma das componentes e respetivos princípios de controlo interno, conforme definido no modelo COSO. Concluiu-se que, apesar da maior parte dos princípios estarem presentes, alguns riscos, materialmente relevantes para o departamento de fiscalidade, não tinham procedimentos de controlo associados. Também se constatou a existência de uma deficiência generalizada no que respeita à formalização da informação por escrito. Desta forma, expõe-se a análise efetuada ao sistema de controlo interno do departamento de fiscalidade e apresentam-se sugestões de melhoria.
In the late 1990’s and early 2000’s, a series of scandals related to financial fraud emerged, undermining the credibility of the information released by organizations. In this context, standards, guidelines and frameworks have been developed to help organizations in matters of corporate governance. From these, the COSO’s framework stands out for its worldwide acceptance. This study aims, through a review of the literature on auditing, internal control and the COSO’s framework, to apply this framework to the specific case of the tax department of a large Portuguese group. From the observation and direct participation in activities, meetings, interviews and documentary analysis, evidence was sought regarding the presence and functioning of each component, and respective principles of internal control. In conclusion, although most of the principles were present, some material risks had no associated controls. It was also found that there was a general deficiency in the documentation of the information. After the internal control system of the tax department analysis, based on COSO’s framework, suggestions were made.

Este estudo tem como objetivo compreender a perceção e importância considerada pelos Colaboradores face à temática de Controlo Interno, nomeadamente o framework que nomeia um conjunto de boas práticas destinadas ao desenvolvimento e execução de um Sistema de Controlo Interno (SCI) eficaz e deste modo auxiliar uma Instituição Financeira do Sector Bancário no desenvolvimento e melhoramento do seu Sistema de Controlo Interno. Para ir de encontro aos objetivos estabelecidos, foi elaborado um questionário destinado a compreender a perceção e a importância que os Colaboradores da Instituição referida atribuem à estrutura de Controlo Interno definida pelo COSO e aos seus conceitos fundamentais, sendo os seus resultados posteriormente analisados com recurso à ferramenta IBM SPSS Statistics 23. Os resultados obtidos permitem concluir que, em média, a importância que os indivíduos do género feminino atribuem ao framework, às noções fundamentais de controlo interno e aos elementos que poderão apresentar impacto na implementação e execução de Sistema de Controlo Interno é superior dos indivíduos do género masculino. Contrariamente ao indicado na literatura analisada que considera o Ambiente de Controlo como a principal componente de Controlo Interno (Wilson et al., 2014; Lightle et al. (2007), os inquiridos não consideram esta componente como particularmente relevante quando comparada com as restantes.
This study has the general objective to understand the perception and importance given by the employees of a Finantial Institution to the issue of internal control, more specifically the COSO framework, consisting of a set of best practices for the development and implementation of an effective Internal Control System (ICS), and with thisto assist a Financial Institution of the banking sector in the development and improvement of its internal control system. To meet the stated objectives, a questionnaire was drawn up to understand the perception and the importance that the institution's employees attribute to internal control structure defined by COSO and its fundamental concepts, and their results were later analyzed using the IBM SPSS Statistics 23 tool. The results showed that on average, the importance that the female gender individuals relate to the framework, the fundamental concepts of internal control and the elements that could have an impact on the implementation and enforcement of the Internal Control System is higher that the importance given by male individuals. Our results also show that, in contrary of what is stated in the literature analyzed that considered the control environment as the main internal control component (Wilson et al., 2014; Lightle et al. (2007), respondents did not considered this component as particularly relevant when compared with the rest.

The primary objective of this study was to develop an Enterprise Risk Management Maturity Framework (ERMMF) for use in the assessment of Enterprise Risk Management (ERM) maturity levels of the insurance industry in Botswana. The ERMMF incorporated elements from the Committee of Sponsoring Organisations of the Treadway Commission (COSO)’s ERM framework and the AON risk maturity model. Five criteria were utilised to define each of the eight components of ERM used to measure ERM maturity levels. The framework was developed qualitatively through literature review. The ERMMF was tested empirically to evaluate the ERM maturity levels of the insurance industry in Botswana. Data was collected from 12 respondents from long-term insurance companies, 15 from short-term insurance companies, 4 from reinsurers and 59 from brokerages. The findings revealed that the whole insurance industry is at the Defined stage of ERM maturity level as the responses bordered around 3 on the developed scale of measurement. The findings implied that the insurance sector in Botswana has generally implemented ERM but not enough follow-ups had been made to ensure that ERM became a continuous process. Results further indicated that although the whole sector was at the defined stage of ERM, the responses in each component differed per stratum. Literature indicates that insurance organisations, regardless of stratum within which they are, are faced with similar risks generally. The differing responses could be due to the magnitude of risks that could differ according to unique characteristics of each stratum. The study further recommended an enterprise risk management implementation procedure for the insurance industry in Botswana.
Business Management
D. Admin (Business Management)