内部控制自我评估专业资格CCSA考试大纲
P = Candidates must exhibit proficiency ( thorough understanding; ability to apply concepts ) in these topic areas.
P = 考生必须熟练掌握(完全理解,能够运用相关概念)这些主题的领域。
A = Candidates must exhibit awareness ( knowledge of terminology and fundamentals ) in these topic areas.
A = 考生必须基本了解(知道术语和基础知识)这些主题的领域。
Domain I - CSA Fundamentals(5-10%)
一、内部控制自我评估的基本原理(5-10%)
A. Code of Ethics(P)
职业道德规范(P)
B. Ownership and accountability for control(P)
控制的所有权和责任(P)
C. Reliance on operational expertise(P)
依赖业务专家(P)
D. Comparison to traditional techniques of risk and control evaluation(P)
与传统风险和控制评估方法的比较(P)
E. Control awareness and education(P)
控制意识和教育(P)
F. Cooperation, participation, and partnership(P)
合作、参与和伙伴关系(P)
Domain II - CSA Program Integration(15-25%)
二、内部控制自我评估的综合方案(15-25%)
A. Alternative approaches to CSA(A)
内部控制自我评估的方法(A)
B. Supporting technology alternatives(A)
辅助技术(A)
1. Database
数据库
2. Electronic voting
电子投票
3. Presentation software and hardware
演示软件与硬件
4. Project management software
项目管理软件
C. Cost∕benefit analysis for implementation of the CSA process(A)
实施内部控制自我评估流程的成本效益分析(A)
D. Organizational theory and behavior(A)
组织行为理论(A)
1. Structure
组织架构
2. Philosophy
理念
3. Culture
文化
4. Management style
管理风格
5. Governance
公司治理
E. Strategic and operational planning processes(A)
战略和业务计划流程(A)
F. Change management and business process reengineering(A)
变革管理和业务流程再造(A)
G. Presentation techniques for successful integration(A)
成功整合的演示技术(A)
H. Organizational risk and control processes(A)
组织风险和控制流程(A)
1. Quality management
质量管理
2. Risk management
风险管理
3. Safety audits
安全审计
4. Environmental audits
环境审计
5. Internal and external audit
内部审计与外部审计
I. Client feedback mechanisms(e.g., interviews, surveys)(A)
客户反馈机制(如面谈,调查)(A)
J. Strategic CSA program planning methodologies or techniques, including resource allocation(A)
战略性内部控制自我评估方案计划方法或技术,包括资源配置(A)
Domain III - Elements of the CSA Process(15-25%)
三、内部控制自我评估流程的要素(15-25%)
A. Management's priorities and concerns(P)
管理层的优先考虑和关注的问题(P)
B. Project and logistics management(P)
项目管理和后勤管理(P)
C. Business objectives, processes, challenges, and threats for the area under review(P)
评估领域的业务目标、流程、挑战和威胁(P)
D. Resource identification and allocation(A)
资源识别和配置(A)
1. Participants
参与者
2. CSA team
CSA团队
E. Culture of area under review(P)
评估领域的文化(P)
F. Question development techniques(P)
调查开发技术(P)
G. Technology supporting the CSA process(P)
内部控制自我评估流程的辅助技术(P)
H. Facilitation techniques and tools(P)
推动的技巧和工具(P)
I. Group dynamics(P)
团队活力(P)
J. Fraud awareness(A)
防范舞弊意识(A)
1. Red flags∕symptoms of fraud
红旗标志∕舞弊征兆
2. Communication and investigation channels
沟通和调查渠道
3. Responding to evidence
对证据的反应
K. Evaluation∕analytical tools and techniques(trend analysis, data synthesis, scenarios)(A)
评估∕分析性工具和技术(趋势分析、数据统计、情景推测)(A)
L. Formulating recommendations or actions plans(practical, feasible, cost-effective)(P)
形成建议或行动方案(可操作的、可行的、符合成本效益的)(P)
M. Nature of evidence(sufficiency, relevance, adequacy)(A)
证据的性质(充分性,相关性和适当性)(A)
N. Reporting techniques and considerations(types, audience, sensitive issues, access to information)(P)
报告技术和考虑因素(类型、受众、敏感问题、信息的使用)(P)
O. Motivational techniques(creating support and commitment for recommendations)(A)
激励技术(形成对建议的支持和承诺)(A)
P. Monitoring, tracking, and follow-up techniques(A)
监控、跟踪和跟进技术(A)
Q. Awareness of legal, regulatory, and ethical considerations(A)
法律、法规和道德观的意识(A)
R. Measuring CSA program effectiveness(A)
衡量内部控制自我评估方案的有效性(A)
Domain IV - Business Objectives and Organizational Performance(10-15%)
四、企业目标与组织绩效(10-15%)
A. Strategic and operational planning processes(A)
战略和业务计划流程(A)
B. Objective setting, including alignment to the organization's mission and values(P)
目标设定,包括对组织宗旨和价值观的协同(P)
C. Performance measures(P)
绩效评估(P)
1. Financial
财务指标
2. Operational
业务指标
3. Qualitative
定性指标
D. Performance management(P)
绩效管理(P)
1. Aligning individual, group, and organizational objectives∕goals
协调个人、团队和组织的目标∕目的
2. Designing congruent incentives
设计适当的激励方案
E. Data collection and validation techniques(e.g., benchmarking, auditing, consensus testing, etc.)(A)
数据收集和验证技术(如基准比较法、审计、一致性测试等)(A)
Domain V - Risk Identification and Assessment(15-20%)
五、风险识别和评估(15-20%)
A. Risk Theory(P)
风险理论(P)
1. Defining risk
风险定义
2. Relationship of risk to strategic, operational, or process objectives
风险与战略、业务及流程目标之间的关系
3. Risk tolerance, residual risk, and exposure
风险容忍度、剩余风险和风险暴露
4. Impact assessment
影响的评估
B. Risk models∕frameworks(including COSO's Enterprise Risk Management∕Integrated Framework)(P)
风险模型∕框架(包括COSO的全面风险管理整体框架)(P)
C. Understanding the risks inherent in common business processes(P)
理解蕴含在常见业务流程中的风险(P)
D. Application of risk identification and assessment techniques(P)
风险识别和评估技术的应用(P)
E. Risk management techniques∕cost-benefit analysis(P)
风险管理技术∕成本效益分析(P)
1. Transfer, manage, or accept
转嫁、管理或接受
2. Impact∕cost-benefit analysis
影响∕成本效益分析
F. Using CSA in enterprise risk management (P)
在企业风险管理中使用内部控制自我评估(P)
Domain VI - Control Theory and Application(20-25%)
六、控制理论及其应用(20-25%)
A. Corporate governance, control theory, and models(P)
公司治理、控制理论和模式(P)
1. Accountability and responsibility for control
控制的职责和责任
2. Defining control
控制定义
3. Relationship between risk, control, and objectives
风险、控制和目标之间的关系
B. Methods for judging and communicating the overall effectiveness of the system of internal control(P)
内控 该 内容由 中审 网 校所 属w ww . au ditcn .com系统整体有效性的判断和沟通方法(P)
1. Using CSA to support management's assertion on controls
运用内部控制自我评估技术支持管理层关于控制的声明
C. Relationship between informal and formal controls(P)
正式控制和非正式控制的关系(P)
D. Techniques for evaluating formal controls(manual or automated)(P)
正式控制的评估技术(人工的或自动的)
E. Techniques for evaluating informal controls∕control environment(P)
非正式控制∕控制环境的评估技术(P)
F. Control documentation techniques(P)
控制的文档技术(P)
1. Flowcharting
流程图
2. Business process mapping
企业流程图
3. Control charts
控制图表
4. Control questionnaires
控制调查问卷
5. Internal Control over financial reporting
财务报告的内部控制
G. Control design and application(P)
控制设计和应用(P)
1. Defining control objectives
控制目标定义
2. Control design(e.g., preventive, detective, corrective; informal, formal)
控制的设计(比如预防型、检查型、纠正型、非正式的、正式的)
3. Cost∕benefits
成本∕效益
H. Techniques for determining control track record for the organization(e.g., reviews, audits, other assessments)(A)
确定组织控制追踪记录的方法(如复核、审计、其他评价)
上一篇:CCSA学习卡