公司治理、内部控制、风险管理的关系框架--基于战略管理视角

Corporate Governance,Internal Control,Risk Management: A Framework of Relations: Based on the View of Strategic Management

美国萨班斯法案的实施、金融危机的爆发以及《企业风险管理整合框架》的发布,使得内部控制、公司治理、风险管理成为社会公众、政府监管部门关注的焦点和学术界、实务界研究的热点。但时至今日,对三者的关系,理论界、实务界仍未达成共识,甚至存在一些模糊的、不正确的认识。从三者产生的根源入手,深入分析三者之间的区别和联系,并基于战略管理视角构建了三者的关系框架,既厘清了理论方面存在的误区,又为政府监管部门、企业制定和实施有关公司治理、内部控制和风险管理的规范和措施提供指导,为《基本规范》及其配套指引实施后的内部控制评价研究提供支持。

Implementation of the Sarbanes-Oxley Act in the United States,the breakout of financial crisis and the release of Enterprise Risk Management—Integrated Framework made internal control,corporate governance and risk management become focus of the public and government regulators and research focus in both academe and practice.But to this day,academia has not yet reached a consensus,and even there are some vague and incorrect understandings about the relationship of the three.This paper starts with the root causes of the three,deeply analyzes the differences and connections between them,and a framework of relations is established based on view of strategic management,which not only clarifies the misunderstanding existed in the theoretical aspects,but also provides guidances for government and enterprises developing and implementing norms and measures relating to corporate governance,internal control and risk management and support for internal control evaluation research after implementation of basic norms of enterprise internal control and its supporting guidelines.