【作者】 宋京津；

【导师】 刘骏；

【作者基本信息】 江西财经大学 ， 会计学， 2011， 博士

【摘要】 从2001年7月17日,秦川发展(000837)率先发布了第一份单独的内部控制自我评价报告,到2006年5月17日,证监会首次对上市公司内部控制提出具体要求,再到2006年6月5日的《上海证券交易所上市公司内部控制指引》、同年9月28日的《深圳证券交易所上市公司内部控制指引》出台,上市公司内部控制信息已由自愿披露过渡到强制披露。在这种制度变迁过程中,考察内部控制信息披露相关问题有着重要的现实意义。在宏观层次,可以作为监管机构制定相关政策、准则的参考；在中观层次,可以完善资本市场、优化投资环境；在微观层次,可以指导上市公司建立完善的内部控制体系、披露高质量的内部控制信息。内部控制信息已经成为公司报告的有机组成部分,它的发展关系到上市公司信息披露的未来。高质量的信息披露,无论是财务报告信息还是内部控制信息都是资本市场所需要的。然而,截止2010年4月30日上市公司2009年度报告披露结束,执行了四个会计年度的上海证券交易所所属上市公司和执行了三个会计年度的深圳证券交易所所属上市公司的内部控制信息披露状况仍不乐观。目前,在内部控制信息披露的状况分析方面,国内文献多以某一年或几年的上市公司年度报告为基础,虽从不同的视角进行了分析,但所提对策多侧重于完善相关法律法规等外部约束机制。缺乏理论体系的指导和制度环境的依托,单纯依靠外部约束机制,很容易产生这样的情况：一个极其中肯的建议、一个执法决心很大的政府和一个实施结果不佳的现实。文章借鉴财务会计概念框架的研究思路,构建了内部控制信息披露的一个分析框架,该框架包括什么是内部控制信息披露、向谁披露内部控制信息、披露哪些内部控制信息和如何披露内部控制信息等问题。围绕这一主线,文章采用了规范分析与实证分析相结合的研究方法进行论证。具体而言,运用比较研究法,对中美两国内部控制信息披露的法规建设情况和学术研究状况进行梳理,比较其发展的不同阶段；运用统计分析法,利用历史资料和统计数据,揭示了我国上市公司内部控制信息披露中出现的问题；运用文献研究法,归纳出内部控制信息披露的原则、内容与方式。内部控制信息披露,是指上市公司管理当局通过一定的媒介向外部投资人和其他利益关系人发表或发布公司内部控制设计、执行和评价情况的信息,是上市公司内部控制体系中的一项重要内容。文章明确提出,内部控制信息披露是一个经济信息系统,这个系统有助于上市公司管理当局解除受托责任；促使上市公司向市场传递有效信息；保护投资者的知情权。从更深层次上讲,内部控制信息披露是一个涉及到投资者、政府、规制机构(政府监管部门)、中介机构(社会监管部门)、上市公司及其内部成员之问有关各方的多重委托代理问题。内部控制信息及其披露具有经济后果,经济后果恰恰证明了资本市场并不是充分有效的。投资者是资本市场存在的基础,投资者信心和预期的形成又来自于对投资者利益的保护。内部控制信息的披露对象主要是投资者,其总体目标是保护投资者利益,但是,投资者保护观并不是一个独立的目标,而是受托责任与决策有用的一个交叉内容,或者说,受托责任与决策有用两种观点的结合点在于保护投资者利益。在此基础上,文章将内部控制信息披露的具体目标设定为基础目标：揭示经济与经营活动合法合规；核心目标：印证呈报的财务报告真实可靠；支持目标：表明经营效率与效果不断改进；拓展目标：反映战略规划保证可持续发展四个。内部控制信息披露目标不是单一的,而是一个目标体系。总体目标对具体目标起统驭作用,具体目标是总体目标的具体化。投资者保护的关键是提高上市公司信息披露的质量。内部控制信息披露原则,是从内容、形式、时间等方面对上市公司内部控制信息披露工作的要求。其中,成本效益既是一项基本原则,又是一个普遍性的约束条件,上市公司只有在确定了收益大于成本的条件下,才会“心甘情愿”地提供内部控制信息。可靠性原则包括准确性、中立性、完整性等方面的要求；相关性原则包括公平性、及时性、重要性等方面的要求；可比性原则包括企业间的可比与各期间的可比两个方面的要求；可理解性原则是针对上市公司与投资者双方提出的要求。基于信息披露视角,文章提出了“内部控制报告要素”的概念。组织结构、公司治理、企业文化和信息与沟通为企业内部控制信息披露限定了一个理想的“控制环境”,而理想的控制环境是内部控制得以建立与实施的基础,是内部控制报告的前提条件,应归属于假设层面,在内部控制报告之外披露。换句话说,如果连控制环境都存在问题或缺陷的话,高质量的内部控制信息披露就无从谈起,内部控制报告也失去了存在的意义。风险评估、控制活动、监督与修正三要素构成了内部控制报告的基本单位,文章将其称之为“内部控制报告要素”。其中,风险评估使经济利益能够在可接受的风险范围内流入企业；控制活动使经济利益能够在企业内部正常流动,而且控制活动是有联系地、有秩序地进行的；监督与修正则是对经济利益在企业中流动的效果进行评估的过程。风险评估、控制活动和监督与修正三要素也突出了事前、事中和事后控制的时间顺序,按照这种顺序进行披露,可以使内部控制报告的条理更为清楚。风险评估是内部控制报告的起点,控制活动是内部控制报告的核心,监督与修正则是对二者的总结与评价,三要素相互作用,勾勒出一个清晰的内部控制过程。内部控制报告要素的界定有助于上市公司提供高质量的内部控制信息,降低信息披露成本；同时,有助于投资者阅读更为明晰、简洁的内部控制报告,从而缓解投资者与管理当局的信息不对称程度。除内部控制报告之外,内部控制信息还包括内部控制自我评价意见、内部控制鉴证报告与其他内部控制信息。管理层披露的内部控制报告是内部控制信息的核心内容,独立董事发表的评价意见与注册会计师出具的鉴证报告很自然地形成内部控制报告的双重保障机制。内部控制信息按披露动机,可以分为自愿披露与强制披露；按披露渠道,可以分为公开披露与私下披露；按披露时间,可以分为定期披露与不定期披露；按详略程度,可以分为简单披露与详细披露等不同的披露方式。内部控制信息的定期披露主要指内部控制年度报告；如果上市公司认为必要,还可自愿披露内部控制临时报告,以使投资者更为及时地获得内部控制信息。内部控制临时报告主要包括发现缺陷时、计划整改时、完成整改后与其他情况下的内部控制临时报告四种形式。文章将Wallman彩色报告模式运用到内部控制信息披露之中,其具体思路为：第一层次,基础层,即合规目标方面的内部控制信息披露,如相关机构的设置、相关制度的建立、相关法规的遵循等,可简单披露,如果前期已经披露了该类信息,本期又无变化,也可不必再披露；第二层次,核心层,即财务报告与资产安全目标方面的内部控制信息披露,应详细披露,这样,也便于注册会计师今后出具审计报告；第三层次,支持层,即经营目标方面的内部控制信息披露,如有关经营风险的计量与分析,特别针对风险投资者的保护,应进行实质性披露,即将经营活动中的关键点披露出来；第四层次,拓展层,即战略目标方面的内部控制信息披露,如企业的战略发展规划,特别针对战略投资者的保护,应进行总括性披露。这种彩色披露模式能够提高内部控制报告的信息含量,满足投资者多层次的信息需求,又兼顾了上市公司的利益,为其节约了不必要的信息披露成本。文章提出,从保护投资者利益出发,内部控制信息披露应坚持自愿披露与强制披露相结合、年度报告与临时报告相结合的公开彩色披露方式。论文各章节之间的关系是：首先要明确研究对象区别于其他事物的特有之处,即内部控制信息披露的本质问题；为了达到预期效果,就要明确研究方向,即内部控制信息披露的目标问题；目标确定了,就开始寻找一条正确的路径,即内部控制信息披露的原则问题；按照既定的原则,究竟该披露哪些信息,即内部控制信息披露的内容问题；最后,是内部控制信息以何种方式进行披露的问题。由此可见,内部控制信息披露不是政府规制部门强加给上市公司的一套枷锁,而是一个水到渠成、自然而然的过程。然而,理论与实际是有差距的,只有观念上的改变才是最重要、最彻底的改变。如果上市公司意识到投资者提供了上市公司发展壮大所需的资源,是上市公司“生死与共”、“肝胆相照”的伙伴,向投资者披露高质量的信息是上市公司义不容辞的责任,不披露、选择性披露和虚假披露都是对投资者不负责任的态度,其披露高质量信息的动机便会加强。因而,上市公司披露政策的改变实际上是一种披露态度的转变,即从“被动遵从”向“主动服务”的转变。由于财务报告信息与内部控制信息在性质与作用等方面存在许多差异,文章在将财务会计概念框架的研究思路借鉴到内部控制信息披露的过程中,对一些概念的理解与运用不免有些片面,存在着考虑不周的问题。文章对内部控制信息披露的研究现状仅以美国为样本进行分析,未能结合更多国家的相关活动与经验,由此得出的结论可能带有片面性。由于内部控制信息属陈述性信息,很难建立起具有代表性的数学模型,故文章在实证研究过程中只运用了描述性统计方法进行分析,在解释力度方面略显不足。由于内部控制信息披露涵盖的内容较为广泛,而国内外关于内部控制信息披露的系统性研究较为缺乏,可直接参考的文献较少,文章也仅从有限的几个理论方面入手进行研究,而且这些研究还有待于进一步深化。需要指出的是,内部控制信息披露的发展与完善不应该是单独地、孤立地进行的,信息规范者的最终目标应该是建立一个趋同的完整的公司报告概念框架(报表编制框架+信息披露框架),而内部控制信息披露只是表外信息披露的一个重要组成部分。如果公司报告框架被有关各方广泛认可的话,未来公司报告将发生革命性的变化。首先,公司要编制两套同等重要的报告——财务报告与内部控制报告；其次,注册会计师要对两套同等重要的报告提供服务——财务报告审计与内部控制鉴证；最后,信息使用者特别是投资者要阅读两套同等重要的报告——财务报告与内部控制报告,在这两座“金山”中寻找“宝藏”。这将注定是一场轰轰烈烈的会计变革。更多还原

【Abstract】 The internal control information disclosure has transferred from voluntary disclosure to mandatory disclosure, from QinChuan Development (000837) firstly publishing the internal control self-assessment report on July 17th,2001 to China Securities Regulatory Commission firstly putting forward specific demands on the listed companies’ internal control on May 17th 2006 to two Stock Exchanges issuing ’Listed Companies’ Internal Control Code in ShangHai Exchange’on June 5th 2006 and ’Listed Companies’ Internal Control Code in ShenZhen Exchange’on September 28th 2006. It is very important to explore the relevant issues of internal control information disclosure during the process of the institutional transition. Internal control information disclosure can be a reference for policy makers or standard setters to formulate relevant regulations from the macro-level; it can promote the capital market and optimize investment environment from the meso-level; it also can be guidance for listed companies to improve internal control system and disclose high quality information from the micro-level. The internal control information has become the organic constitute part of a corporate report. Its development relates to the future of listed companies’ information disclosures. High quality information disclosure, whichever financial report information or internal control information, is essential for capital market. However, it is still not optimistic for listed companies in ShangHai Exchange and ShenZhen Exchange to disclose internal control information on April 30th 2010, i.e. as of date of listed companies’ 2009 annual report disclosure. At present, most of domestic Literature on the status of internal control information disclosure analyzes based on one or several years’annual reports and from different viewpoints. However, most of the countermeasures focus on external restraint mechanisms, for example, law and regulations. Lack of the theoretical system’s instruction and institutional environment’s support and relying solely on external restraint mechanisms is easy to result in such situation:a very fair proposal, a very ambitious government and a very inefficient result.This dissertation introduces the research thought of financial accounting concept framework (CF) to internal control information disclosure analysis framework, which includes some issues such as what the internal control information disclosure is, who needs the internal control information, which information must be disclosed, and how to disclose the internal control information. Around this main line, the dissertation combines normative analysis and empirical analysis methods. Specifically, it sorts out the situations of regulations’ building and academic research and compares different development stages of Chinese and American internal control information disclosures through the comparative research method; it reveals some problems of the internal control information disclosure based on historical and statistical data through statistical analysis method; it summarizes the principles, contents and manners of internal control information disclosure through literature research method.Internal control information disclosure, management of listed companies publish or release information on internal control design, enforcement and assessment to external investors and other stakeholders by given media, which is indispensable for an internal control system. The dissertation clarifies that internal control information disclosure is an economic information system, which helps listed companies’ management remove stewardship; deliver effective information to the market; protect investors’ informed right. Deeply, it is a multiple agent issue involved in investors, government, regulators, intermediary institutions, listed companies and their members. Internal control information and its disclosure can result in economic consequences, which verify the capital market is not full and effective. Investors are the foundation of a capital market. Their confidence and formation of expectations depend on the protection of investors’ interests.Internal control information is mainly disclosed for investors. Its overall objective is to protect investors’ interest. However, it is not an independent objective, but a common content of both stewardship and decision-usefulness. In another word, the link of stewardship and decision-usefulness is to protect investors’ interest. On this basis, the dissertation proposes four specific objectives, which include fundamental objective—to reveal that economic and business activities are legal; core objective—to prove that financial reports are true and reliable; supportive objective—to show that operating efficiency and effectiveness are continuously improving; and expansive objective—to reflect that strategic plans ensure sustainable development. The objectives of internal control information disclosure are not single, but a system. The overall objective controls the specific objectives, and the specific objectives enrich the overall objective.The key to investors’ protection is to enhance the information disclosure quality of listed companies. The principles of internal control information disclosure are the requirements for listed companies disclosing internal control infonnation from such aspects as contents, form and time. The cost-effective principle is also a general constraint. Only if effectiveness exceeds costs, are companies willing to provide internal control information. Reliability principle includes accuracy, neutrality and integrity requirements. Relevance principle includes fairness, timeliness and materiality requirements. Comparability principle includes requirements for comparison among companies and comparison over different periods. Understandability principle includes understandability of companies and that of investors.The dissertation puts forward the concept of’internal control report elements’from the perspective of information disclosure. Organization structure, corporate governance, enterprise culture and information and communication limit a company to an ideal ’control environment’. Control environment is a prerequisite of building and enforcing internal control. It belongs to a hypothesis level in nature. It should be disclosed outside the internal control report. In another word, if control environment exists problems or deficiencies, it is not possible to exist high quality internal control information, and internal control reports also lost the meaning of existence. Risk assessment, control activities and monitoring and amendment comprise basic module of internal control reports, which are called’elements of internal control reports’. Among of them, risk assessment can make economic benefits inflow the company. Control activities can make economic benefits flow normally within the company. And control activities should proceed relatively and orderly. Monitoring and amendment are the assessment process how economic benefits flow within the company. The three elements of risk assessment, control activities and monitoring and amendment also emphasize the time order of before, during and after an event. According to the disclosure order, internal control reports can be read more clearly than other arrangements. Risk assessment is the starting point of an internal control report. Control activities are the core of an internal control report. Monitoring and amendment is the summary and evaluation of risk assessment and control activities. Interaction of three elements outlines a clear process of internal control. Distinction of internal control report elements helps listed companies provide high quality internal control information and reduce disclosure costs. At the same time, it helps investors read clearer and more concise internal control reports. In this way, the information asymmetry between investors and management can be relieved. In addition to the internal control report, internal control information also includes internal control self-assessment comments, internal control attestation report and other internal control information. The internal control report disclosed by management is the core contents of internal control information. The assessment comments published by independent directors and the attestation report issued by CPAs naturally form a double security mechanism of the internal control report.Internal control information can be divided into voluntary disclosure and mandatory disclosure according to disclosure motivation. Internal control information can be divided into public disclosure and private disclosure according to disclosure channels. Internal control information can be divided into periodic disclosure and non-periodic disclosure according to disclosure time. Internal control information can be divided into simple disclosure and detailed disclosure according to levels of detail. The periodic disclosure mainly refers to internal control annual reports. If necessary, listed companies can also disclose voluntarily internal control temporary reports so as to help investors obtain more timely information. Internal control temporary reports mainly include the reports when finding deficiencies, planning to rectify and improve, after finishing rectifying and improving and that of reflecting other circumstances. The dissertation introduces Wallman’s ’colored reporting mode into the internal control information disclosure. Specifically, the first level, also called fundamental level, is internal control information disclosure related to legality objective, such as setting relevant bodies, building relevant systems, complying with relevant regulations, which can be disclosed simply. The company need not disclose once more if the information has been disclosed previously and there is no change during the reporting period. The second level, also called core level, is internal control information disclosure related to financial reporting and asset safety objective, which should be disclosed in detail. Detailed information also helps CPAs issue audit reports. The third level, also called supportive level, is internal control information disclosure related to operating objective, for example, measurement and analysis of business risks, which should be disclosed substantially, i.e. disclosure of key factors in the business activities. This level particularly protects risk investors. The forth level, also called expansive level, is internal control information disclosure related to strategy objective, for example, business strategic development plan, which should be disclosed generally. This level particularly protects strategic investors. The ’colored disclosure’ mode will be able to enhance the information content of internal control reports, satisfy investors’diverse demands, take into account listed companies’ interests, save unnecessary information disclosure costs. The dissertation advocates the combination of voluntary disclosure and mandatory disclosure, that of annual reports and temporary reports, publicly colored disclosure mode from the perspective of investors’protection. The relationship between chapters is as follows. Firstly, it clarifies that the research subject is different from other things, i.e. the essence of internal control information disclosure; secondly, it defines research direction in order to achieve the desired results, i.e. the objectives of internal control information disclosure; after that, it finds a correct path, i.e. the principles of internal control information disclosure; then, it demonstrates what information is key to investors according to the given principles, i.e. the contents of internal control information disclosure; finally, it specifies how to disclose the internal control information, i.e. the modes of internal control information disclosure.Thus, internal control information disclosure is not a shackles that government gives companies, but a natural process. However, there is a gap between theory and practice. Conceptual change is the most important and fundamental change. If listed companies are aware that investors provide the resources for growing and developing the companies and they are close partners. It is a bounden duty to disclose high quality information for investors. Non-disclosure, selective disclosure and false disclosure are irresponsible attitude. The motivation to disclose high quality information would be enhanced. Therefore, change in listed companies’ disclosure policy is actually change in disclosure attitude, i.e. from ’passive compliance’ to ’active service’.There are many differences between financial report information and internal control information in nature and functions etc. The dissertation can be inevitably one-sided and ill-considered on understanding and application of some concepts during the process of introducing CF’s research thought to internal control information disclosure. The dissertation takes a single sample—U.S. for analysis on the status of internal control information disclosures and does not link with relevant activities and experience of more countries. So the conclusion may be one-sided. Because internal control information belongs to declarative information, it is difficult to set up a representative mathematical model. The dissertation only adopts descriptive statistical method in the positive research, which maybe reduce explanatory power. Because the scope of internal control information disclosure is very extensive, the dissertation makes researches only from several theoretical aspects without many relevant systematic researches at home and abroad, and these researches need to be further deepened.It needs to be noted that the development and improvement of internal control information disclosure should not be individual and isolated. The ultimate goal of information regulators is to build a convergent integral corporate reporting conceptual framework (preparation framework of financial statements + information disclosure framework). While internal control information disclosure is only an important part of information disclosures outside financial statements. If the corporate reporting framework is widely recognized by the relevant parties, the future corporate reports will take place revolutionary changes. Firstly, companies need present two types of important reports—financial report and internal control report. Secondly, CPAs need provide services for the two types of important reports—financial report audit and internal control assurance. Finally, information users, especially investors, need read two types of important reports—financial report and internal control report and find out ’treasures’ in the two ’gold mountains’. This is bound to be a dynamic accounting change.更多还原