Deloitte Enterprise Risk - Issue 9

Internal control upgrade

Our series of Deloitte Enterprise Risk brings together Deloitte's leading knowledge, experience and distinctive insights through years of professional services in the area of enterprise risk.

Featured content

This issue of Deloitte Enterprise Risk focuses on the area of internal control, including a retrospect on the development of internal control in Chinese companies in the past 10 years, and sharing from Deloitte's experience in internal control, ERP system and its relation to internal control.

In addition, this issue also discusses the new roles of CFO, and the status of information security of subsidiaries of foreign companies in China.

Retrospect and outlook – Chinese companies' 10-year journey of internal control

It has been 10 years since US-listed Chinese companies had started to comply with Sarbanes-Oxley Act in 2004. This article reviews how Chinese companies had developed their internal control frameworks over the years, with analysis on the challenges and issues currently facing them, and advice for improvement.

How to build internal control in large state-owned conglomerates

Deloitte experts share their years' of experience in serving large state-owned conglomerates, providing the background to their internal control frameworks, their unique characteristics, and a case illustration to demonstrate how to effectively implement internal control in conglomerates in China.

How internal control interacts with strategy management

"Strategy" was a newly added element in the integrated framework for Enterprise Risk Management released by COSO in 2004, and has since become the key to a company's internal control. Through a case study, Deloitte experts introduce the role internal control plays in the realization of a company's strategy.

How internal control impacts a company's value

Is it only for compliance or for development in the long run, for companies, especially listed companies, to develop internal control? The ultimate objective of internal control is to maximize a company's value; however, most Chinese companies remain at the stage of "compliance" currently.  In order to achieve this goal, companies should focus on establishing a true internal environment, identifying the area for value improvement in the processes and implementing a monitoring and penalty mechanism.

Risk management and best practice of ERP system authorization

The authorization risk associated with ERP system is often neglected in the implementation phase but problems often emerge after the system is formally put into operation. This article analyzes the risk factors for ERP system authorization and provides suggestion.

ERP system audit and internal control

This article introduces how to effectively manage the security of an ERP system, so as to avoid mistake or fraud, and minimize unexpected loss.

Download (Available in Simplified Chinese only)

Study room

Finance transformation – The four major roles of CFOs

Within the context of this issue, CFOs are taking on more responsibility with additional roles playing the operator, steward, catalyst and strategist.

Survey: The status of information security of subsidiaries of foreign companies in China

This article looks at the major findings and observations of a survey related to the information security of subsidiaries of foreign companies in China.

Internal control practices

Topic covered:

Internal control practices (12) – Tax management

Did you find this useful?