|
知識是種合理且堅定的信念,理論上,它會是對的。沒充分理由就相信某件事情,會被認為是不理性的,且可能是不道德的。然而,我們不是每次都能夠取得足夠的證據,協助我們相信某個資訊是對的。因此,懷疑我們知識的品質,懷疑知識是以何種方式產生或推斷出來的,便成了找尋知識品質確保的理由。
Knowledge is justified firm belief and, ideally, true. To believe something without sufficient reason is considered unreasonable and may even be unethical; however, we do not always have sufficient evidence to believe information as being true. Doubt about the quality of our knowledge and about the ways in which it is derived or inferred is therefore the reason for seeking assurances about knowledge, especially of successes or failures.
取得確保也許就等於得到「較好的」知識。然而,確認性服務常藉由他人取得額外證據並獨立的去評估,因此它擴大了概念上所獲得的見解,更勝於擴大個人所獲得的見解。舉例來說,專業經理人提供給委託人的資訊,或是職員提供給專業經理人的資訊,可以經由稽核人員 ( 第三方單位 ) 確認其資訊品質後提供我們保證。
Receiving assurances may be equivalent to gaining ‘better’ knowledge; however, assurance extends conceptually beyond personally gained insights since it is often provided by other persons with access to additional evidence and independent assessments of it. For example, we may be assured by auditors (as a third party in the accountability triangle) of the quality of the accountability information provided by agents to principals or by subordinates to agents.
確保 – 在事發之後 ( 事後 )、事發當時 ( 事中 )、與行動之前 ( 事前 ) – 是根據在認知迴圈中,預期與觀察在真實世界中的行動所產生之影響。在這個迴圈中,懷疑與錯誤可能發生在任何一個階段:(1) 我們針對有目的的活動進行實驗、測量、與觀察,進而創造實驗數據,並將這些數據做為文件紀錄;(2) 我們藉由篩選工具的運用取得資訊,或是將資訊丟入模型中以獲得新的資訊;(3) 我們使用批判性思考來分析資訊,並運用獨立的邏輯推理去評斷相關資料與證據,進而取得所需的知識;(4) 我們運用知識協助我們採取新的行動。
Assurance - after the fact (ex post), concurrently (ex nunc), and before acting (ex ante) - is based on expectations and observations of the effects of actions in the real world within a cognitive loop where doubts and errors can occur at each phase: (1) We conduct experiments, make measurements and observations to create empirical data as documented records of purposeful activities; (2) we gain information by applying filters to the data or by feeding them into models; (3) we gain knowledge by means of critical thinking about the information and independent logical reasoning with relevant data and other evidence; and (4) we apply the knowledge to take new action.
與成功的行動有關之證據可以在事後提供保證,但它們依然無法保障未來的成功,因為所有後天與先天的條件都可能改變。相反地,與不成功的行動或重大失敗相關之證據則可以提供事後的消極保證,它能指出我們缺乏哪些知識,並了解事發當時的情況。與失敗相關的知識可以對我們的學習有所幫助,它能夠建議我們進行新的觀察、以批判的角度去評估觀察結果、並重複執行上述的動作。知道「我們為什麼失敗」,很明顯地遠比知道「我們失敗了」更重要。
Evidence of successful actions can provide assurances after the fact (ex post), but they are still no guarantee for future success since the conditions and pre-conditions may change. In contrast, evidence of unsuccessful actions or major failures may provide ex post negative assurance and indicative a lack of sufficient and true knowledge and understanding ex ante. Knowledge of failure can contribute to our learning by suggesting that we make new observations and evaluate them critically and cyclically as sketched above. To know why we failed is obviously more important than knowing that we failed!
在此並不是說我們對風險與不確定性很高的事件採取行動前 ( 事前 ),都要擁有積極或消極的資訊確保。風險在傳統上是以自由意志論定義的:有些先決條件會產生許多種可能的結果,所以某個事件的發生,並不表示其先決條件僅會產生這單一種可能的結果。這個事件只是眾多可能結果中的其中一個,其出現是符合機率法則的 ( Fetzer and Almeder, 1993, p.38 )。不確定性的意思就是缺乏可信賴的知識或資訊,這些知識或資訊是關於:(1) 所有相關的先決條件;(2) 所有可能的結果;(3a) 可能是通則 ( 支配確定的結果以作為唯一可能的結果 );(3b) 機率法則 ( 支配非確定的/隨機的一組可能產出 )。我們需要區分自然法則與文化的不同,以便能夠找出存在於我們知識 ( 通常是統計的知識 )中的重大疑點,以及能讓我們對手中跟確保相關的資料,提出關鍵性的問題。
Instead of having positive or negative assurances about information before we act (ex ante) we are commonly faced with risks and uncertainties. Risk is traditionally defined by means of indeterminism: Some events that occur are not the only possible outcomes of their antecedent conditions. They occur as one among various possible outcomes within a fixed set in accord with probabilistic laws (Fetzer and Almeder, 1993, p.38). Uncertainty is lack of believable knowledge or information about (1) all relevant antecedent conditions; (2) all possible outcomes; and (3a) either universal laws (governing deterministic outcomes as the only physically possible ones) or (3b) probability laws (governing indeterministic/stochastic sets of outcomes). We need to distinguish between laws of nature and those of cultures in order to identify both serious doubts about our (often only statistical) knowledge and the corresponding demand for assurances.
我們不能夠隨時隨改變與違反自然法則:除非我們經由嚴謹地測驗後發現它是錯的。舉例來說,一旦我們知道做為法定貨幣的物質是金屬,而且原子量是196.97或107.85,那麼它就是金或銀;然而做為一種商品,它的經濟價值是不穩定的,除非透過法律 ( 可以更改 ) 規定它的價格。電子鈔票或紙幣同樣也是建立在文化或社會中的契約上。法律文化是一種被創造出來的規範 ( 例如透過協商的方式,制訂可接受或允許的經濟與社會行為 )。它們可以被更改或廢除 ( 解除管制 ),而且它們必須被強制執行 ( 否則會被認為是不必要的、無關緊要的、或即將廢除的 )。若無強制,則這些法規將無法對抗非法行為與違法人士,而且可能會增加不確定性,如此便無法使用統計來衡量。當執法的力量被授權給致力於「共同利益」之當權者,而非無執法權力的民團組織 ( 如義警 ) 時,「解除管制」或「放寬管制」的可能會使某些「特殊利益團體」得到好處。
Laws of nature are discovered, cannot be changed and cannot be violated anywhere or at any time: Until they are falsified by serious testing they are assuring. For example, once we know that the substance serving as legal tender is malleable and has atomic weights of 196.97 or 107.85 then it is gold or silver; however, its economic value as a commodity is not stable, unless tied to legal ( but changeable) exchange rates. Electronic or paper money is likewise based on contract laws of or within cultures or societies. Laws of cultures are regulations that have been created (e.g., formulated by consensus about acceptable or allowable economic and social behavior); they can be changed or repealed (“deregulated”); and they must be enforced (or commonly believed to be unnecessary, to be irrelevant or to be repealed). Without enforcement these laws are not effective against violations and violators and may actually increase uncertainties in ways that statistics cannot (yet) measure. While the powers of enforcement are delegated to a higher author-ity dedicated to “the common good” rather than left to unlawful vigilantes, the effects of “de-regulation” or “unnecessary regulation” may serve mainly “special interest groups.”
我們需要證據以建立法律契約,並監控其效果,因為它們時常是個人或團體行動、目的、目標與政策的圭臬。目的與目標 ( 在德文或拉丁文中,他們的意思是相同的 ) 是一種期望的狀態,而政策是事件導向的程序,在特定的條件下,它會使初始狀態變成期望的狀態。如果我們不知道我們在哪、想要到哪、往哪個方向前進,那麼我們就不能夠理性地行動。然而,理性並不代表合法性,合法或管制的行動與行為也不一定具有道德。積極的遊說當局廢除法規或制訂模稜兩可的法律並非伸張正義,在組織是如此,在社會中也是如此 (John Rawls, 1999),且無論在法律上或是道義上,這種行為都是無法被接受的 (A. Sen, 2009)。
We need evidence to establish legal contracts and to monitor their effects, since they often are the causal foundation for individual or collective actions, goals, objectives, and policies. Goals and objectives (words of Germanic or Latin origin with the same meaning) are desired states whereas policies are events-oriented procedures to reach these states from initial states under specific conditions. If we don’t know where we are and where we want to be or go, we cannot act rationally; however, rationality does not guarantee legality, and legal or unregulated actions and behavior are not necessary ethical. Aggressive lobbying for deregulation or for more ambiguous laws are not necessarily serving justice, neither of institutions and societies (John Rawls, 1999) nor as a condition of legally or morally acceptable (just) behavior (A. Sen, 2009).
因此,遵循法律契約、政策、與規範並無法保證所有「一字不差地」符合全球或地區法規要求的行動或行為,都能成為一種有效的保護與公平正義 (c.f. Joseph Stiglitz on Globalization and Amartya Sen on Justice)。舉例來說,合約 (1) 僅是方便貪婪的投資銀行家使用荒謬的「紅利」與「津貼」去對沖「風險」,這些風險可能擴張至全球,且最糟的情況是讓企業倒閉;(2) 有誤導或拉攏評鑑機構之意圖;(3) 使用偽造的標籤、不實的解釋來詐騙天真無知的投資人;(4) 是由公司設立之,該合約最終會掌握納稅人的「責任」,去救助一些不受管制的金融體系。以上這些合約通常很難會讓人覺得是公正的、道德的、並值得使用法律保護或遵循之。使用這類的合約來證明企業有遵循法規,甚至可能會違反稽核道德。
Compliance with contract laws, policies, and regulations is therefore no guarantee that actions or behavior that are meeting the demands of global or local laws “to the letter” are also effective as protection and just (c.f. Joseph Stiglitz on Globalization and Amartya Sen on Justice). For example, contracts made (1) solely to facilitate absurd “boni” and “premiums” of greedy investment bankers hedging against “risks” while spreading them globally at the ultimate risk of corporate demise; (2) with the intention of misleading or co-opting rating agencies; (3) to defraud naïve investors with false labels and deceiving explanations of “securities;” and (4) with “corporate setups” that are ultimately holding taxpayers “responsible” for the bailout of the largely unregulated financial system can hardly be considered just, moral and worth any legal protection or compliance. To “cert-ify” compliance with such contracts under such conditions may even violate audit ethics.
第一份風險管理國際標準的提案是「ISO31000」,它將風險重新定義為「因為目標的不確定性所產生的影響」。由於目標是描述產出的最好方式,所以這僅能代表「風險管理」關心的是組織的先天條件,以及與因果關係、機率結果、和社會協商相關的定律。有時我們無法直接觀察到組織中,一些原本可被觀察的相關目標、主體、與系統狀態,更不用說一些根本無法被觀察的個別狀態。管理風險表示使用有效率且可稽核的內控系統,提早辨識並監控組織在某一時點的表現。
The new proposal for the first international standard for risk management [ISO 31000] reframes risk as “the effect of uncertainty on objectives.” Since objectives are best defined as desirable outcomes, this can only mean that “risk management” is concerned with antecedent organizational conditions and with laws (of universal causation, of probabilistic outcomes, and of societal consensus). While antecedent organizational conditions are not all directly observable as attributes of observable relevant objects, subjects and system states, but also unobservable as their respective dispositions, managing risks means identifying these ahead of time and monitoring the organizational behavior concurrently by means of effective and auditable internal control systems.
稽核以批判且獨立的角度去評估社會責任的關係,它是種在道德上與精神上都有很高要求的工作。即使稽核人員取得他人對於法規遵循程度所出具的意見,也應抱持懷疑的態度,並且嚴肅看待提供企業與投資者可靠且誠實的資訊確保這回事。
Auditing as critical and independent assessment of accountability relationships is clearly an ethically and mentally very demanding task if auditors are not content with seemingly coherent opinions about degrees of legal compliance but serious about providing credible and truthful assurances for business and investors in search of indubitable knowledge.
© Copyright 2009 by Hart J. Will
翻譯:中正會資所 汪修平
|
(共有75人投票)
