ERP and internal control system, enhance the management level of the former, the latter for the development of enterprises escort, two things are the most important task of the enterprise.
ERP is Enterprise Resource Planning Enterprise Resource Planning acronym. Enterprise Resource Planning system is built on the basis of information technology to systematic management thinking, decision-running means and staff for business decision management platform. ERP is not just a software , but more importantly is a management idea, which implements the integration of internal resources and external resources-related business. The software is tightly integrated enterprise of human, financial, material, production, supply, sales and the corresponding logistics, information flow, capital flow, flow management, and other value-added flow up, optimize and share resources.
Internal control is based on the company's development strategy to achieve the goal, to improve the economic efficiency, prevention and control of operational risks for the purpose of standardizing the various business processes as a set of content responsibility system established. Therefore, the internal control requirements of both strengthen basic management, but also enhance economic efficiency, it is a grand systematic project.
ERP and internal control system, enhance the management level of the former, the latter for the development of enterprises escort, two things are the most important task of the enterprise. As the two are still continuous development and improvement of systems engineering, ERP and internal cross together, bound to have close ties and far-reaching influence on each other, on-line ERP to the existing internal control system brought new shocks.
First, the impact of ERP on-line to the existing internal control system.
Set and check the internal control system under the ERP environment has its particularity, with traditional internal control has been very different. Already established a complete internal control system of enterprises, comprehensive on-line ERP system of internal control work means need to combine the characteristics of the ERP system to run the necessary adjustments and improvements. A new thing any, will impact both positive and negative aspects of the existing system, ERP is no exception. After the implementation of ERP system running, the role of the company's existing internal control of both its positive side, also has its negative side. Here we analyze the impact of ERP in two ways on the internal control system.
(A) the ERP implementation of internal control to achieve a positive effect
1.ERP integration consistent with the requirements of internal control. ERP implementation of enterprise production, supply, marketing, and so on all aspects of the costs incurred are integrated into a unified system, which is the comprehensive principles of internal control - "Internal controls should be run through the decision-making, execution and supervision of the whole process, covering a variety of business and corporate matters and their subordinate units "are consistent. From this point of view, ERP requirements and the basic norms of internal control is the same. It can be scattered in various aspects of the original information into an integrated system, it is beneficial for production and business activities of enterprises to conduct a comprehensive grasp and control, thus contributing to the development and examination of internal control processes.
2.ERP help optimize internal control processes. ERP process not only information, but also rational management process may be cured in the system. Through the implementation of ERP, improve processes within the enterprise, to promote more optimal corporate structure, reducing layers of management, increase efficiency, reduce costs and inventory, improve the management level of enterprises from all levels. This makes the company's internal control processes and more clear and effective, easy to sort out the process, identify critical control link.
3.ERP largely reduces interference "human factor". Since ERP can promote enterprise unified real logistics, information flow, capital flow, reduce human error and improve the efficiency and effectiveness of production and management, therefore, in the ERP system, some of the original very important, the need for manual reconciliation of work has lost its meaning, thus making the internal control points accordingly become more streamlined, internal control testing also spun off from the complex verification work, have more energy and can be placed on the test and evaluation process rights.
(B) the implementation of ERP has also brought some new problems for the internal control of the enterprise
1. Business Integration test result leads disappear. The interpretation of the five elements of internal control, inspection and evaluation of internal control are part of the framework. Here's inspection and evaluation in addition to the routine inspection and evaluation of each business enterprise operations, including inspection and evaluation of the internal control system being implemented. Therefore, an important part of self-examination of internal control, inspection and testing of the external auditors also internal control system. ERP system implementation from procurement to payment orders to get out invoices and other business integration, to achieve a cross-functional business processes. In this case, ERP systems in a single database, the approval process is simplified cross-sectoral past and compression. One result is caused by compression: for a number of internal control audit trail after the introduction of the ERP system disappeared, such as the reduction of paper documents, transfer of business operations and so on.
2.ERP system running brings new risks. ERP systems exist during the operation of the data conversion, secondary development, security and other risks; many data operating system is not intuitive, transparent error, risks of fraud; setting positions defined by the ERP operating authority to bring risk, and so on. Therefore, we must identify various risks during operation and give control to ensure safe and smooth operation of the system.
Second, improve the internal control system to meet the requirements of ERP management
As can be seen by the above analysis, ERP implementation , the levels of management and business processes have undergone great changes, we need to improve the internal control system from the following aspects, to make it better comply with new environmental control, to adapt ERP It needs to be managed.
(A) We should re-sort the existing internal control processes, classification
DETAILED from the internal process perspective, the implementation of the ERP, the internal control processes of the impact on existing divided into three categories: one is little or no effect on the influence of internal control processes. This mainly refers to non-integrated business processes, such as currency funds, contract management, financial reporting and other processes; the other is the greater impact of the internal control processes. This mainly refers to business process integration, business processes, such as procurement, sales, repairs, labor and other costs related to the cross-sectoral; third category is now no need to add the original internal control processes. Related processes such as information systems operating authority area.
1. The first type of process, we can continue to follow the established control points, and make the appropriate adjustments to the way to preserve electronic records according to the characteristics of information technology.
2. The second type of process, you need to delete control points have been merged or canceled in accordance with the relevant point of ERP business processes, increase control point and the point corresponding to the new business. With repairs process, for example, in the ERP system, repair of material recorded from the original financial plan supplies of materials and equipment by the department for approval in accordance with the workshop escalation, one-hand-man material equipment sector accounts directly change according to work order issued expect, formation expenses; likewise, repair services are also reviewed by the finance department by the device, the audit department audited books of accounts, invoices accounted for, according to the accounts of the book was changed to direct the audit, validation, invoice ERP management is performed by the device in the "receipt" operation, the formation of the cost of repairs. Therefore, the flow of control point "Recognition and accounting of repair costs" should make major changes, the original process is described as "all levels of the financial sector after the financial statements in accordance with project approval for reimbursement or other original documents, combined with the budget repair , review and preparation of accounting documents, reviewed by the person in charge of the finance department and correct registration accounted for, "the responsible departments for the" device management ", the implementation of the business to" integrate and generate the corresponding receipt voucher, "the persons responsible for reviewing the" device management department people ", and increase provisions for review by the finance department. After modification, the control point to the actual business processes and achieve consistent, really play a clear responsibility to control risk role.
3. For the third type of process, compared with a representative of the ERP system is the rights management business. Although currently there is no corresponding increase in the internal control system in the process, but external audit of internal control mechanism has been put walkthrough of the process as a key project, it shows the importance of ERP rights management has been more concern and attention. Under the management of the conditions originally only financial information systems, rights management range is narrow, but the operation of the financial staff input documents, books inquiry, the statements and other business controls; in the ERP system, a number of operational matters code constitutes a specific "role", a "role" would correspond to the reality of business in a specific job, which involves all aspects of business operations throughout the various levels of management and business, people involved in it is much broader; at the same time, through permissions and roles settings, you can clearly grasp each position, the business functions of each specific operator, contribute to a better set of incompatible positions, or timely detection of permissions for a given job unreasonable question. Therefore, increasing the rights management business processes in ERP management mode is very necessary. Specific control points can be set from the following aspects: the role of design, the corresponding roles and positions, specifically assigning roles, management privileges. Every major control point should be clear and specific business process execution, approval and review of departments and responsible people. Such as the role of design, first ERP modules according to the actual key user roles and corporate design standards, and then reviewed by the person in charge of the module, business unit responsible for approving determined; good character design submitted to the information management department, in charge of its management authority who, after the head of layers of approval, the final configuration of rights management in the system. Supplemented by a similar process, we will be able to bring a new ERP system better risk prevention and control.
(Ii) further strengthen accounting, business management and information archives
ERP for running a large number of paper documents no longer in use, the data stream to reflect the adverse effects of internal control directly in the system, we should pay attention to a variety of file retention, archiving, including integrated certificate and binding documents, database backup. It should also increase the number of files a written request and permission management. One advantage is that each ERP system operation will leave traces in the system. Such as the preparation of accounting documents, ERP systems can not make changes to the preparation of false documents, the method can only be written off by the wrong credentials and enter new credentials to be correct but relatively minor changes to the content document header data as the number of sheets accessories, summaries , but the changes will be recorded in the system when you change the user name and the contents of the operating personnel; creates change, etc. Another example is the cost center master data, internal order master data, allocation, and distribution cycle and other important data are in the system leaving traces, therefore, these changes in addition to the creation and strict access control, information about it should also be formed as a paper document and record-keeping to prevent arbitrary changes, the impact of accounting consistent and clear liability.
(C) to strengthen the training of internal control process owners and auditors ERP system applications
This is a very important content. Responsible for internal control processes, auditors only fully grasp the characteristics of the ERP system, all kinds of business data query method, a business in the ERP processes may generate business point of error or fraud, can be targeted to improve the internal control existing processes, identify problems. This requires not only the above-mentioned persons "will use" ERP, also asked them to "proficient" ERP, or internal control, testing simply can not be effectively carried out. In summary, ERP as part of the control environment, a profound impact on the various control elements within the enterprise to provide stronger technical support for control, bring some new control method, but also with the internal control of accounting information application of the emergence of many new issues, after information technology, internal control link, control points and risk characteristics will vary, thus corresponding to corporate internal control system would need to propose more higher requirements, and this process is complete the only way of internal control. We should make full use of the new means of control under the ERP, ERP while addressing new risks brought about by improving the internal control system, improve the management level, and build a strong foundation for enterprise development.
Reproduced in: https: //www.cnblogs.com/sinlang5778/p/3622388.html