|
成為一個專業經理人是要擔負很多社會責任的。由於他們的行為,使得很多他們雇用的會計師被人視為是企業「資金維護、獲利與法規遵循的護法」,而非僅是提供財務報表給其使用者,像是銀行家、投資人、經理人、業主、股東及稅務機關的擔保責任提供者。嚴格說起來,所有企業的會計資訊應該要能夠「被稽核」才對,如此不良行為的發生機會才會減低。因此,我們需要一些人能夠獨立且從批判的角度,去取得並評估會計資料和資訊,以便對他們的使用者解釋這些資料,並確保他們的完整性、正確性、攸關性、即時性與真實性。
Economic agents are accountable. Many of their accountants prefer to be seen as “high priests of capital maintenance, profitability and compliance” rather than merely as accountable providers of economically relevant information to legitimate users such as bankers, investors, managers, owners, shareholders, and taxation authorities. As such, all accountants ought to be “auditable.” Someone else must be able to independently access and assess accounting data and information critically in order to explain it to its users and to assure them of its completeness, correctness, relevance, timeliness, and truth.
稽核audit這個字是從一個拉丁文的動詞audire而來,在早期為了稅收的工作,他們需要去評估專業經理人,而使用的方法就是從市場裡「聽」發生了什麼事。當時,買賣雙方間的交易很少被正式地記錄下來,是否看到現金支付的相關資訊也非必要。因此,那個時候不像現在,可以透過銀行紀錄或其他方式直接追蹤交易,除非他們已經可以像現在一樣,將所有的交易資訊以電子、人工、機械或光學等方式建檔。由於專業經理人並不希望他們的交易活動被聽到或看到,故我們需要一些方法去檢驗他們的商業活動紀錄,以確定他們有遵循法律規範與符合特定要求。舉例來說,經濟交易活動會持續地改變資產與負債,業主權益也會持續地影響銀行家、債權人、業主與稅務機關,這些人都需要正確且即時地收到和企業經營成效、生存能力有關的資訊。故現代的稽核很明顯地不再僅是「聽」,而是必須使用所有的感官以面對會計資訊接收者所帶來的挑戰。
The term audit is derived from the Latin verb audire, to hear what went on in the markets of former times in order to assess economic agents for taxes. Transactions between economic agents were not formally recorded and cash payments were not necessarily visible then. Nor are they now directly traceable via bank records or otherwise, unless all economical transactions are electronically, manually, magnetically, mechanically or optically documented. Since economic agents may not necessarily want all their activities to be heard or seen, it must at least be possible to test their records for compliance with legal regulations and requirements. For example, economic transactions change assets and liabilities continuously and owners’ equity is constantly affected such that bankers, creditors, managers, owners, and tax collectors need to be informed correctly and timely about the success and viability of an enterprise. Modern auditing is obviously not limited to hearing, but must employ all senses to meet the cognitive challenges faced by the recipients of accounting information.
不加思考即依賴書面紀錄是很不恰當的,更不用說依賴儲存在電腦、電子或電磁儲存裝置中的那些看不見的紀錄,並希望透過機械裝置來看它們了。我們都知道發出腐敗味道的食材、難以下嚥的食物無法被銷售;搖搖晃晃的建築和破破爛爛的機器無法長久支撐經濟活動。因而資產的品質需要經過嚴格的評估,這不僅要靠我們所有的感官,同樣也須要靠我們全部的智力與能力。譬如說,資產的原始價值可能與他們目前的市價有很大的差異,然而這是根據經濟條件與可靠的預測而評估出來的,所以我們可以相信這個資訊。企業有時需要償還債務或再融資,這些「協調工作」都有賴於資產的品質,以及資金的可用性。
It is also insufficient to rely uncritically on written records, much less on invisible ones inside computers or on electronic or electromagnetic storage media and dependent on machine instructions for visibility. Rotten inventories smell; badly tasting ones are no longer marketable; and shaky buildings or machinery cannot support economic activity for long. The quality of assets needs to be critically evaluated not only with all our senses but also with all our mental abilities and capabilities. For example, the original value of assets may be quite different from their current market value and is dependent on assessments of economic conditions and believable personal expectations. Enterprise obligations need to be repaid or refinanced and such “balancing acts” depend on the quality of assets and on the availability of capital.
為了能夠在個別環境中獨自或與人一同進行有智慧的行動,我們便需要「知識」,也就是可信任的資訊。資訊接收者需要得到「保證」,讓他知道自己可以信賴這些原始的資料和資訊。這意味著面對電腦化的會計作業時,我們需要會計師使用電腦程式搜集而得的資料作為證據,這些資料要能夠表示出真實的、誠實的經濟條件,而且也要能代表資產、負債和業主權益的價值。自從所有可靠的資料與資訊無法被直接存取、甚至被他們的使用者了解後,我們就需要獨立的第三方機構提供完整且強而有力的保證。
We need knowledge, understood as believable information, in order to be able to act intelligently within our respective environments individually or collectively. Legitimate recipients of information also need assurances that the original data and any derived information are believable. This means with respect to computer accounting that we require evidence that the data collected by accountants with computer programs represent really and truly the economic conditions or and their effects in terms of asset, liability, and owners’ equity values. Since all such accountability data and information is seldom directly accessible or even understandable by their legitimate recipients, an independent third party is needed to provide the required assurances competently and convincingly.
我們使用機器取代人搜集、處理、儲存電腦化的資料,對內要對經理人和業主負責,對外則要對銀行家、股東、稅務機關和其他受影響的利害關係人負責。
Computer-based data is collected, processed and stored by means of machines on behalf of persons with responsibilities for accountability internally towards managers and hands-on owners and externally towards bankers, investors, shareholders, tax collectors and otherwise affected stakeholders.
由於我們並無法明確地指出有哪些適用的技術甚至將之標準化,故適用技術的種類可謂相當的豐富與多元。若是缺少足夠的相關後設資料,將因此無法運用不同的對象語言(由會計師與電腦技術人員使用之)去了解並以批判的角度評估對象資料。尤有甚者,如果不了解「客觀的」會計交易資料,和為了確定週期性損益或評估市場價值而「主觀的」對交易資料做調整,這兩者之間的差異的話,也是同樣不可能了解會計報表,像是損益表、資產負債表、以及顯示於報表上之財務變化的意義。為了對我們取得的會計報表有充分地瞭解,我們便需要相關的後設資訊以協助我們評估其正確性與意義。
The applicable technology is not narrowly prescribed or standardized and therefore quite divers and varied. Without sufficient relevant meta-data it would therefore be impossible to understand and critically assess the object data expressed in the respective object languages that are used by accountants and computer technologists. Moreover, without understanding the differences between objective accounting transaction data and subjective adjustments to these for periodic income determination or market value assessments, it would also not be possible to understand the generated accounting reports such as income statements, balance sheets and statements of changes in financial position. Relevant meta-information is required to assess the correctness and meaning of any and all accounting reports.
不過會計資料並非一定使用特定、標準化、且易於讀取的會計檔案儲存之,例如儲存在日記帳、分類帳和子分類帳之中。他們可能被存在用於處理組織營運之交易活動的主檔和交易檔案中。同樣地,組織的交易資料、程序調整、與任何衍生資訊也不一定要儲存在標準化且透明的會計系統中。他們可能是資料庫中的一部份,而這個資料庫是由資料管理員組織化地處理,並且以資料庫管理系統(DBMS)或是企業資源管理系統(ERMS,如Oracle和SAP)科技化地管理之。
Accounting data are not necessarily contained and easily accessible in specialized and standardized accounting files such as journals, ledgers and sub-ledgers. They may be contained in master and transaction files that are needed to process economic transactions as part of organizational operations electronically. Similarly, original accounting transaction data and subsequent adjustments and any derived information are not necessarily contained in standardized and transparent accounting systems. They may be part of data banks “handled” organizationally by data administrators and “managed” technically by means of database management systems (DBMS) or enterprise resource management systems (ERMS) such as Oracle and SAP.
儘管資訊資源的安全是本體論的問題,包含能見到的保護措施、方法及流程,但他們可靠與否卻是認識論的議題,包含信念和足夠的保證。若沒有充分的證據顯示組織的資訊系統具有良好的防衛能力或保護措施,我們就會認為這種管理資料與資訊的方式是不安全的,也因而無法信任之。此外,若資料和資訊的保護僅是做做表面功夫,我們也同樣無法信任之。譬如說,無論使用何種資訊技術,管理者或會計師都可能藉由低估費用與負債、高估獲利與資產,來使短期獲利最大化,在這樣的情況下,即使他們對資料的保護做得再好再嚴格,我們還是無法相信他們提供的資料與資訊。
Whereas the security of these information resources is an ontological problem of observable protective measures, methods, and procedures, their credibility is an epistemological issue of belief and sufficient assurance. Insecurely administered or managed data and information cannot be believed without adequate relevant evidence about their invulnerability or protection. Seemingly secure data and information is not necessarily credible either. For example, short-term profit maximization objectives pursued by managements or accountants may be achieved by means of understated expenses and liabilities and overstated revenues and assets, regardless of the information technology employed.
電腦稽核不僅僅侷限於資料與資訊的內容稽核。為了評估不同資訊系統的品質,它同樣需要系統稽核。為了「安全」及「確保」這兩個目的,資訊系統的內部(品質)控制有賴於具攸關性且數量充足的後設資料及後設資訊。在擔負社會責任的情況下,電腦檔案中任何的位元都可能表示某種意義。電腦稽核人員因此需要運用後設語言,以獨立且批判角度去取得並評估會計資料和資訊。這些稽核人員必須是會計專家或是資訊技術專家,如此才有足夠資格對資料或資訊的可靠度(如同後設報告)表達信任意見。他們同樣需要保有好奇心、健康、想像力;在經濟上、心智上、社會上獨立;有條不紊且勝任愉快;在道德上承諾會對那些需要擔負責任的資料與資訊做誠實的評估。
Computer auditing is not limited to data and information content audits. It also requires system audits in order to assess the quality of the respective information systems. Internal (quality) control of information systems depends on relevant and sufficient meta-data and meta-information both for security and for assurance purposes. Any bit in a computer file can have any meaning depending on the accountability context. It may indicate the “suppression” of real transaction data or the “invention” of unreal ones for reporting purposes. Computer auditors therefore need a meta-language to access and assess accounting data and information independently and critically. In order to be able to express believable opinions about accountabilities (as meta-reports) they must be expert accountants and expert information technologists. They also need to be curious; healthy; imaginative; economically, mentally and socially independent; methodical and rationally competent; and ethically committed to truthful assessments of accountability data and information.
翻譯:中正會資所 汪修平
© Copyright 2009 by Hart J. Will |
(共有78人投票)
