( A ) to strengthen the audit team building, improve the professional quality of the audit and technical level
1 , the sensitivity of audit staff training , improve focus attention on the economy . Faced with the current complex economic situation , the auditor must broaden their horizons , to understand the operating conditions of various industries and economic policies , to determine the economic environment , concerned about the industry overall risk characteristics and operating conditions of domestic enterprises , analyzing credit risk characteristics presented , tracking economic hot spots , grasp the key risk points .
造就审批职员的敏感性,进步对于经济热门的关心度。面临于以后简单反复无常的经济情势,审批职员必需拓宽视线,理解各事业的运营情况以及经济制度,判别所处的经济条件,关心事业危险特色以及国际企业全体运营情况,综合存款出现的危险特色,追踪经济热门,掌握要害危险点。
2 , training auditors bigger picture, to improve the ability for the interpretation of macroeconomic policy . The face of the endless stream of macro-control policies , the auditors should have the ability through the phenomena of nature , to really understand the background and purpose of policy implementation , the correct interpretation of national policy , combined with characteristics of local economic development , banking development needs and external regulatory requirements , research and analysis of macroeconomic policies influence the development of the banking business , put forward to promote the healthy development of business advice.
造就审批职员的全局观,进步对于微观制度的解读威力。面临于屡见不鲜的微观调克制度,审批职员要存在透过景象看性质的威力,要真公理解制度出面的布景以及手段,准确解读国度制度,串联合外地经济停滞特性、银事业务停滞需求及内部羁系请求,钻研综合微观制度对于银事业务停滞的反应,提出推进营业衰弱停滞的提议或者看法。
3, strengthen business training , training auditors study habits , to keep up with the pace of business development . The bank's internal audit staff are not faced with a business or a business system, but all business and related systems , banking systems and therefore continual upgrading of management systems , product innovation, rapid development of electronic banking , forcing banks internal auditors must continue to learn , learn about new business, new systems and new products, to identify business processes, management or internal institutional problems or defects , make recommendations for improvement .
4 , training information environment auditors. Now every bank set up a science and technology department to ensure the bank's internal computer software, hardware, running, maintaining overall system security . But we also see as a result of bank audit department staff to understand the computer still not deep enough, and there is no corresponding computer professional senior talents , so be on the bank 's audit department is equipped to understand computer professional talent, but also will master computer knowledge and its application technology, able to operate audit software ; according to business needs from time to time of the audit department personnel training , especially nowadays the latest and most useful application of computer information technology , universal computer -related practical knowledge, so that staff learn to master data processing and management technology to enhance the level of the whole department computer , let it work faster and better ; addition to professional computer knowledge , but also let them learn to use the bank 's business processes, management and auditing at work of worthwhile knowledge . In short, so that all audit staff to gradually adapt and become competent information environment of auditors.
( Two ) to strengthen the audit technology development and upgrading
Currently , in order to cope with the huge amounts of data information , the bank's internal audit department audit techniques must be developed , and with the volume of business systems and business development and timely upgrade and maintenance .
1 , promoting off-site auditing techniques .
On -site audit of foreign banks has been widely adopted , such as the U.S. , Japan and other countries for many years of experience in off-site supervision , has formed a relatively mature -site audit approach , and the results are obvious, not only can quickly find the business processes within the system the possible risks or losses , but also effectively control the various branches of emerging risks , fraud and abuse and so on. In the UK -site audit also long existed, was originally the central bank supervision of commercial banks as one of the means , with the commercial banking business continues to develop, the four major state-owned banks and some large commercial banks have developed off-site audit techniques , However, given the level of off-site technician is different off-site audit technology applications also showed large differences . CCB -site audit technology is more mature , as CCB an internal audit staff , able to deeply appreciate the off-site audit techniques powerful role .
2, the proper use of audit sampling techniques .
In the early stages of the development of the internal audit , the auditor in the audit practice basically fully detailed investigation methods , but with the expansion of business scale , rapid growth in business volume in the case , whether it is from the time from the audit or audit costs to consider , fully scrutinizing audit approach is no longer applicable , so the auditors during the audit, audit sampling already has a prototype , but this audit sampling is often based on personal experience in auditing , and generally because of audit experience differences between subjects the audit results uncertain. The use of audit sampling techniques , on the one hand it is more in line with costs and benefits of audit principles , the audit may be based on the importance of auditing principles , through the partial review of selected samples collected sufficient appropriate audit evidence to conclude that the overall characteristics ; the other hand, the audit findings greatly improve the reliability , sampling is usually based on economic principles of probability theory, mathematical statistics to scientifically determine the sample size , the sampling risk is predictable , but also can be controlled , the sample selected by a random method , less subjective factors , the effectiveness of sampling results from audit staff 's experience and ability to influence professional judgment , and thus make the results more scientific and more reliable.
( Three ) business systems to strengthen their internal control audit
For the current bank's internal system is concerned, most of the internal audit are unfolding around information systems , especially in the era of the information superhighway , if an external computer hackers on the bank's internal financial, credit and other systems embedded in an illegal program modules caused by internal data moves , etc., resulting in the audit print out the data is not consistent with the actual data , so untrue data allows auditors to evaluate the error appears to increase the risk of audit risk . The bank's internal audit personnel must understand the real business data , and to ensure that these data are accumulated daily work , and in their audit, will it be possible to minimize the risk.
The first is to make people aware of the Audit Department of the Bank of computer information systems, business software and related operation , overall there is a framework ; second is to the bank 's business systems general controls audit , there are various control systems organizations, development , operation, management, and other system operating environment and related information, some of these are through rules and regulations, and procedures for network security software control to achieve, for example, the structure of the system platform, reasonable and norms, adopt multi against hackers or virus infestation measures, receiving and sending of data during the implementation of measures to prevent the illegal theft , tampering , password , security lock , signature verification technology to ensure data security, there are backup systems ensure that the original system hardware physically damaged in case of normal run , there are alternative energy sources to ensure the active power system normal system operation under abnormal conditions ) ; final step is to strengthen the banking system's internal control application control audit ( application control information system is a specific process control exerted , mainly in the form of a program embodied ) .
|