A thesis submitted to
XIDIAN UNIVERSITY
in partial fulfillment of the requirements
for the degree of Master
in Business Administration
Study on internal audit from the view of risk
management in Harmony Group Suzhou
By
Chen Jun
Supervisor: Wen Xiaoni Title:Professor
June 2018
摘要
I
摘要
在新世纪背景下，现代化信息技术在国内得到迅猛发展，国民经济水平得到显著
提高，民营类企业在这一时期得到了突飞猛进的发展，民营企业迎来了前所未有的生
存和发展空间，但环境在发生日新月异变化的同时也给民营企业带来了诸多风险，且
呈多样化、复杂化趋势发展着。特别是在世界经济危机的影响下，国内民营企业在各
方面均面临着挑战。所以，为了避免或降低经济环境变化所带来的各类风险，不断强
化风险控制，民营企业必须结合自身特点，加强内部管理，构建起完善的现代企业制
度和内部风险审计控制机制。同时，内部审计工作是企业管理控制的重要部分。企业
内部审计应当进行适当的调整，从原来的仅重视操作层面的合规性，向重视现代企业
业务流程和企业管理制度的科学性和合理性转变；从原来的寻找管理层问题向现行的
协助管理层解决问题方面进行转变；作为企业管理控制机制，如何实现顺利转变需要
企业强化自身管理职能，才能最大程度地保证企业价值的提升，还能为企业发展提供
更多的便利。除此之外，还能够获得企业内部各部门以及管理层的大力支持，从而真
正解决了企业内部审计的根本性问题
而风险导向内部审计在我国起步较晚，从相关的文献资料分析，目前我国的研究
多在于理论分析和针对部分行业的案例分析。所以，笔者在对境内外相关理论成果进
行梳理和汇总之后，立足于内部审计和风险管理角度，以风险管理理论、内部审计的
基本内涵、内部审计参与风险管控的基本模式、程序、目标、内部审计与风险管控结
合的意义、其他理论，运用实例分析法对苏州圆融集团现阶段所存在的风险类型、内
部审计情况、面临的难题及其诱因等因素进行具体分析；同时，重点选取了国内外企
业在风险导向内部审计中的成熟管理模式予以研究，并提出有价值的解决方案；在以
上分析的基础上，结合集团发展现实情况，提出了基于风险导向的苏州圆融集团内部
审计控制路径设计及保障措施；以结论与展望为结尾，笔者在这部分对此次研究进行
总结，提出其中存在的缺陷并展望未来
总之，本文试图通过以苏州圆融集团为例，研究分析苏州圆融集团运营状况，借
助相关的理论概述和国内外企业成功经验，分析其实施风险导向内部审计过程中存在
的问题和原因，最后有针对性的提出苏州圆融集团今后的发展策略，不断完善研究内
容，希望能够对相关研究有参考价值，同时希望借助此文能够提升企业内部审计工作
成效性，为企业可持续发展奠定了坚实的基础，也可以对其他类型企业风险导向内部
审计建设提供一些启示
关键词：民营企业，风险管理，内部审计，控制路径
ABSTRACT
III
ABSTRACT
In the new century, national economic level is presenting remarkably higher while modern
information technology are developing rapidly, which has private enterprises
unprecedented developing and opportunities bringing in expanding growth. Meanwhile,
types of risks are showing up to private enterprises which are heading to trend of
diversities and complexities along with situation changed greatly. Especially with the
impact of world economy crisis, domestic private enterprises are facing challenges in all
aspects. To avoid or at least reduce risks brought about by changing economy situation and
enhance risk control constantly, that what should be laid emphasis on is private enterprises
stick to reinforce internal management with consideration of their own characteristics to
establish modern enterprise system and internal risk audit control system. For sure, internal
audit is quite an important part of enterprise management control, which should be
transferred properly from focusing on conforming to the standard operation only to
emphasizing rationality and health concept of modern enterprises business process as well
as enterprise management system; from focusing on digging out issues from management
team to assisting management team in issues solving. Regarding to enterprise management
control path, how to transfer is closely dependent on enterprise reinforced management
capability, which works to enhance enterprise value at the most, provide healthier
developing mode as well as gain great support from all departments and management.
Relatively speaking, risk-oriented internal audit initiates late in China. Analyzed from
literature documents, most of current studies are aiming at analysis of theories and cases in
partial industries. Thus, with clear-up and summary of domestic &international theory
analysis, researcher applies practical cases analysis with reference to risk management
theory, basic definition of internal audit, model, programming, target of internal audit in
risk control, combination of internal audit and risk management and other theories to set
forth types of existing risks, internal audit status, issues and inducement on Harmony
Group Suzhou on the basis of internal audit and risk management. Also mature
management mode of risk-oriented internal audit in domestic and international enterprises
are selected to study and provide valuable solutions. With analysis above, Harmony Group
Suzhou comes up with internal audit control concept design and supporting measures lead
by risk-orientation with combination of its current situation. Taking conclusion and
prospect as the end, researcher makes a summary of the study and puts forward
西安电子科技大学硕士学位论文
IV
shortcomings while shows expectation to the future.
In brief, the theory is taking Harmony Group Suzhou as an example to analyze its
operation performance, issues and root causes given rise by risk-oriented internal audit in
virtue of theory explanation and successful domestic &international enterprises practical
experiences. As the summary, the theory comes up with pointed future development
strategy for Harmony Group Suzhou and will perfects study continuously with the desire
of providing reference for relative study, enhancing the efficiency of internal audit, laying
foundation for sustainable development and offering hints for risk –oriented internal audit
system in other types of enterprises.
Keywords：Private enterprises, risk management, internal audit, control path。