风险管理外文翻译.doc

外文资料翻译Why the Mindset Matters More Than the Model.Peter BernsteinForecasting used to be straightforward. Over the years, by the end of the first quarter, managers usually had a fairly reliable sense of how the business was shaping up and whether targets would be met, missed or exceeded. Confidence in quarterly and annual predictions was so high that coming in above or below by even the smallest amount was considered a surprise and set off moves in stock prices. This year, however, things have changed. Companies like Unilever, Union Pacific and Visteon are declining to make any predictions at all for their performance over the months ahead. In other words, all bets are off.According to company reports, the problem is not that these firms are reluctant to provide a gloomy outlook. Instead, the companies say they just don't know which way the markets will go; it seems the global economy is so shaky that executives have little confidence in their projections. This means that more and more managers are growing unwilling, at least temporarily, to make judgments about the future and then to act on those beliefs. The danger is that these businesses will become paralyzed - and by extension, the global economy as well. The fundamental issue, of course, is understanding and managing risk. Any time a merger is considered, a new product concept funded or an investment made, success is never guaranteed. Over the years, business has become increasingly sophisticated in developing tools that can help in this analysis, especially in financial matters. Complex mathematical models were created to analyze potential outcomes and probabilities, based on past performance. Yet, as has been widely reported in the media, many of these same models failed spectacularly to predict or prepare companies for the current global economic crisis, and major efforts are underway on Wall Street to fix these systems. At the same time, experts at Wharton and elsewhere argue that too much blame is being placed on the risk management model and other tools of the trade, in banking and beyond. The models are not necessarily broken, but instead are only as good as the decisions that get made based on them, they say. As a result, the current crisis may represent an opportunity for companies to re-visit and re-think historical approaches to risk management. When it comes to planning for the future, the new thinking goes, it is not just the model that matters, it is the mindset.  "I think we've learned a lot recently about the limitations of models," says Richard J. Herring, a professor of international banking and co-director of the Wharton Financial Institutions Center. "We've also seen that the governance of risk is not as good as it ought to be." Herring notes that top managers in many companies need to understand what can happen when the assumptions that drive a model change, and then subsequently communicate these scenarios to their boards. Internal audit risks include the inherent risks and control risks. The inherent risks is the assumption that has nothing to do with internal accounting controls, the units being audited financial statements and the overall balance of the account of a business or the possibility of a major error, that is caused by the audit unit economic characteristics of business and accounting work itself the formation of the lack of audit risk. Some enterprises such as the lack of due attention to the accounting system, account system complex, reducing clarity of accounting information, reports, use of difficulty, cost, cost of lack of cost accounting concepts. Control risk refers to as a result of inadequate internal control system perfect, weak internal control behavior, not timely detection and correction of a business account or a major error in the formation of audit risk. Sometimes, even if the auditors audited units to confirm the internal control system is unreasonable or out of control in key areas, the amendments proposed by the audit can really suitable for operating activities, but will also create a risk amendment.Re-defining RiskThe first step is to get a fuller picture of risk. Most recent coverage of the global economic crisis and its origins, particularly from a risk perspective, has focused on the financial industry; the problems with identifying and measuring the risk in this sector kicked off the chain of events that brought the global economy to a near standstill. Some banks were dramatically more exposed to risks than they thought they were. Most others simply did not know; they could not assess with any confidence the value of their own or others' financial assets.But there is more than one kind of risk. U.S. food giant Cargill, for example, earlier this month suffered a blow related to what is typically called "sovereign risk." Accusing the company of having failed to lower food prices, Venezuelan President Hugo Chavez stunned Cargill by ordering the seizure of one of its rice plants in the country. Another category of risk that companies face - which is even more common - is operational. The delays Airbus encountered in the development of its 380 super-size jetliner are a perfect example. Over the course of 2005 and 2006, Airbus pushed back the launch of the new aircraft three times, ultimately leading to the departure of its CEO and a projected earnings shortfall of more than 4 billion euros. Iridium, a company backed by Motorola, experienced an infamous failure related to operational risk. The high-profile satellite phone venture was launched in late 1998 with widespread media coverage, yet it failed within a year. The company was not able to get enough satellites in orbit quickly enough, causing customer demand to fall far below expectations.These stories illustrate some key points about risk from a manager's perspective. The first is that traders, economists and academics think about risk very differently than do most business managers. For the former, the key issue in risk is variance - the expected spread of possible outcomes. But that is not how managers think about it. For them, the biggest issue in risk is the potential for loss. As a result, they ask, "What's the downside?" If the risk is too high - or even unknown - companies typically pull back.The second point is that risk management has no silver bullet. As a result, many companies need to develop a more integrated view of risk. "We have seen a tendency to separate risks into rigid silos - operational risk, market risk, credit risk and so on," says Wharton's Herring. "But what we have found is that major shocks and problems do not come that way. For instance, in the financial world, you would see trading desks staffed with people who were experts in market risk, but they were trading instruments that were laden with credit risk. The skills you need to think about each of those kinds of risk are very distinctive, and unless you have an integrated view of risk, you could encounter major problems."Nevertheless, risk taking remains what managing is all about, and not just in financial services but in every industry. Indeed, from an economic perspective, all firms fundamentally are in the business of taking risks based on their core capabilities. For the manager, then, the basic objective is simple: As one executive noted in Zur Shapira's 1995 book, Risk Taking: A Managerial Perspective: "You have to be a risk taker. But you have to win more than you lose." The catch is that managers are always attempting to win more than they lose in the face of uncertainty about which are the good risks and which are the bad. Constructing a New 'Risk Architecture'Given recent events, "What I see now is a new risk architecture emerging for organizations," says Erwann Michel-Kerjan, managing director of Wharton's Risk Management and Decision Processes Center. "Whatever industry you consider, it is always the same pattern. Things are getting faster, and therefore we need to make decisions faster, but based on information that we often don't have. Of course, we would like to have time to get all the information, but the reality is that managers have to make decisions under uncertainty, if not outright ignorance."To overcome the problem, Michel-Kerjan sees some companies moving beyond traditional risk management practices, which have largely been internally focused. Call it "Risk Management 1.0" - essentially, looking at a company's existing position or investments and analyzing what could go wrong.  However, organizations need to look beyond the boundaries of the firm and consider what is happening elsewhere. In recent years, businesses around the globe have become increasingly interdependent, which brings great benefits in both efficiency and innovation but also increases companies' exposure to risks - in many cases, risks that they don't even know about. Indeed, it is the systemic nature of the current crisis and how widespread the impact has been that caught most people by surprise. "We were trained to solve problems with clear questions and clear scientific knowledge," says Michel-Kerjan. "Knowing the historic risk profile, we made investment decisions. But historic data does not shape the future anymore, given how rapidly the world is changing. We usually look at the known issues and make a nice diagram with probability on one axis and impact on the other. That's Risk Management 1.0. Risk Management 2.0 is going beyond the known issues to look at the links and interdependencies. You can no longer look at the risks independently of each other."The key, Michel-Kerjan adds, is to have knowledgeable people in the organization who are looking broadly and challenging assumptions about the future. "Form a team of people and mandate that they come back with two or three major links that the company has not yet thought about," he suggests. "Not 25 links - three links that they believe are important but not fully visible. And then bring some data about that to prove to you that it is something the company has to think about." In addition, new techniques and technologies are now coming into the picture. For instance, so called "track-and-trace" technologies, integrating software and advanced scanning and identification technologies, are improving visibility across companies' supply chains, so they can precisely identify which components are coming from whom and where. Similarly, Michel-Kerjan is working on a project to identify the "DNA" of financial products, in an effort to provide more visibility into the components that go into a product and offer more effective tools for auditing. Consulting firms also are stepping up efforts to provide companies with a more holistic, multidimensional view of their risks. Even the definition of "business intelligence" is expanding from a focus on operating performance to increasingly include monitoring risks, both inside and outside the organization.  As the need of audit quality to the all social sectors have become more and more ,the audit risk has become higher and higher. Just under this background ，modern audit method made new headway and came to a new audit modelrisk-oriented audit. Risk-oriented auditing has many typical characteristics and rigorous audit procedure. It is also beneficial to assign audit resources and improve effectiveness and efficiency of audit. This article mainly elaborated the risk-oriented audit production, development and connotation. Audit mode have three stage : accounting number-based audit, system- based auditing, and risk-oriented auditing stage. In addition, the article deeply analyses the internal and external factors of risk-oriented auditing causing. Under risk-oriented auditing, the audit risk model has developed into Audit risk= material misstatement risks × detection risk. This paper also points out that the development present condition of risk-oriented auditing in our country and problems. Because risk-oriented audit came into effect form January, 2007, it belonged to a development stage. The most auditors understanding to this audit model is sill on the surface.We have to face some unavoidable problems in practice. In view of existing situation, this article gives some good suggestions and solutions to these problems. I believe application of risk-oriented auditing will come to more maturity, and used widely in China.Philippe Hellich, vice president of risks, control and audit at Danone, is already moving to the new model. "We use very few mathematical models," he says, although the organization is working on a small set of new ones for certain risks. "Instead, we rely much more on interviews and benchmarking with peers outside the group and between our subsidiaries around the world. Our approach is based on listening and challenging the operational management, common sense analysis, sound judgment and good governance at the top."Looking ahead, Hellich sees even more focus on risk from Danone's leadership, a consequence of the increasing volatility in markets and the potential severity of impact. "Top managers are convinced of the necessity to use enterprise risk management. We now have an effective working session with part of the executive committee twice a year. And we continue to rely on yearly updates of the risk maps of all major business units worldwide."reduce the risk of internal audit ways Strengthen the internal audit of the legal system Improve and perfect the legal system for the audit of internal audit is the basis of risk control measures. Audit norms, the audit staff code of conduct and guidelines, not only to control and reduce audit risk, but also to measure auditors liability standards. China's internal audit late start compared with Western countries in the relevant system-building there are many imperfections. In order to adapt to the continuous development of modern internal audit requirements, it is necessary to strengthen the audit work of legalization and standardization construction to minimize the audit work of blindness and randomness. To ensure the independence of internal audit The independence of the internal auditor can make a fair and impartial professional judgment, which is appropriate to carry out the audit work is essential. The independence of internal audit bodies connotation should be reflected mainly in the form of independence and de facto independence in two ways. Formal independence requirements of internal audit in the organization of organizations with high status, the internal auditor should have access to senior management and board of directors support. Essentially refers to an independent internal audit staff in the spirit of the need to maintain the necessary independence, should be a fair and just manner and avoid conflicts of interest, in carrying out internal audit work, to maintain an honest belief in compliance with the Code of Ethics for the entire audit pr