Internal Control Based On Risk Management Research

Internal control is an important means of enterprise production and management. With the occurrence of the global economic crisis, a large number of well-known companies close down. So that internal control again brought the attention of various circles at home and abroad. Many scholars do further research and exploration about internal control. At present, the most scientific of the internal control theory from the COSO:Enterprise Risk Management Framework. It add the theory of risk management into the internal control, the enterprise identify the possible risk of the process of realizing enterprise's goals, and deal with risks. So the enterprise internal control becomes more concrete, more targeted.In order to adapt to the development of world economy and improve the ability of coping with risks, in order to achieve enterprise's long-term development. China has issued "internal control basic norms" in2008, and "internal control supporting guidelines" in2010. That marks the establishment of internal control, which fit of china's enterprises and with international standards. However, the implementation of internal control is not satisfactory in china. Regulations require listed enterprises take the lead in implementation, but many enterprise only to cope with requirements,so internal control become a mere formality, and did not really service to enterprise risk management. Regulations don't require Non-listed companies to implement internal control. So it is very important to make companies pay attention to internal control, to enhance risk management, and provide guidance for the construction and implementation of internal control.This paper uses theoretical study and practical research methods. This paper discusses the construction, implementation and operation of internal control based on the risk management, which take "Enterprise Risk Management Framework" as the foundation and combined with China's relevant provisions of the internal control. Firstly, this paper introduces the background of the subject and the significance of the research, describes five stages of the development of internal control and the research results at home and abroad. In addition, this paper introduces "the enterprise risk management framework", including the basic theory of the internal control, targets and eight elements. Then, this paper discuss how to construct the risk management of internal control based on "the enterprise risk management framework", and introduces implementation and operation of risk-oriented internal control by the internal environment and five business cycle the enterprise. Furthermore, introduces to the principles and procedures of internal control evaluation. In order to prove the feasibility and significance of the internal control, the paper takes Sinopec for example to describe the implementation and operation, because Sinopec earlier implement internal control in china. And to internal control level and enterprise's profit level of empirical analysis. Finally, this paper summarized the main achievements and shortages.