JP4821736B2 - Risk control device in internal control - Google Patents

Description

  The present invention relates to a risk in internal control in which the status of internal control in a company or the like is monitored, a risk obtained as a result is identified, the risk is determined by a workflow device, and risk control is efficiently performed based on the determination result. It relates to a control device.

  Generally speaking, internal control has been thought of as an activity that ensures the appropriateness of financial accounting. However, in the 1990s, in addition to the appropriateness of financial accounting, compliance, compliance with management policies and business rules, improvement of management and business effectiveness and efficiency, risk management (risk management), etc. The scope is targeted, and it has come to have functions and roles for corporate governance (corporate governance). And now, internal control establishes predetermined standards and procedures for each business so that the organization can be operated soundly, effectively and efficiently without any illegal activities, fraud, mistakes or errors inside the company. It is defined as management, monitoring and assurance based on that.

  An information system using IT (Information Technology) is an indispensable element in realizing internal control. In general, the conventional internal control is based on the premise of "mutual check through people" where one person's work is checked by another person. Today, however, business process tools such as a workflow system. The information system is indispensable for internal control so that operations cannot be performed without input to the information system (or approval by the authorized person through the information system). Content management and document management tools that support business records and their reporting and reference, and security tools that prevent unauthorized access and information leakage, etc., have also been incorporated into internal controls. The Sarbanes-Oxley Act (SOX Act) was enacted in the United States in 2002 in order to prevent the occurrence of the settlement due to the breakdown of bankruptcy by a large company exposed in the United States. The management system is obliged to build and operate a control system, and the audit and audit opinion is the responsibility of an external auditor. In June 2006, the Financial Instruments and Exchange Act (Japanese version of the SOX Act) was enacted, and since the fiscal year ended March 2009, listed companies are obliged to submit internal control reports and be checked by a certified public accountant. Regardless of whether it is unfavorable or not, there is an obligation to submit an internal control report. Therefore, establishing and operating an internal control system and realizing internal control is an urgent issue for companies.

Under such circumstances, by defining in advance the authority grade held by the approver in accordance with the content of the transaction requiring approval, the amount of money, the degree of risk such as creditworthiness, etc. Objective and appropriate approver selection is automated in the system, and requests are approved in real time if the manager logs on to the server regardless of the store location, terminal location, or dynamically changing the terminal location. A transaction approval device has been disclosed that knows the occurrence of occurrence and enables a quick approval determination operation.
JP 2005-222243 A

In the transaction approval device disclosed in the above-mentioned Patent Document 1, the authority grade that the approver holds is defined in advance according to the transaction content that requires approval, or the amount of risk such as the amount, credit rating, etc. In the system, the selection of an objective and appropriate approver is automated in the system, but the authority held by the approver according to the content of the transaction that requires approval, the amount of risk such as the amount, credit rating, etc. There is a problem that risk control in internal control may not function if the grade is simply defined in advance.

  Therefore, in the present invention, the internal control state is monitored in a company or the like, the risk obtained as a result is identified, the risk is determined by the workflow device, and the risk control is efficiently performed based on the determination result. The purpose is to provide a risk control device.

In order to solve the above problems, the risk control device in the internal control of the present invention performs risk monitoring on the logged information by the internal control monitoring system, and if the result identifies the risk related to fraud or error in the internal control, Risk management means for outputting the identified risk from the internal control monitoring system and storing it in the risk list table as a case for risk identification, and reading the case stored in the risk list table on the person in charge screen On the screen that is transitioned by creating a risk list by generating a record with a request number and type added to each displayed case and selecting a case to be processed from the created risk list in, to start the request of risk judgment by instructing the forwarding to the personnel side Kufuro means The risk determination request means, and the risk of the individual case requested by the risk determination request means is displayed on the screen, the content is determined from the viewpoint of the person in charge, and the result is sent to the next terminal as a risk including the risk determination result. Workflow means for transmitting to the risk management means together with the risk judgment result of each person in charge who has been forwarded the risk judgment result of the person in charge at the end of judgment of the person in charge who is located at the end of the forwarding It is characterized by providing.

  According to the present invention, the risk identified by the internal control monitoring system is determined from each viewpoint by the workflow device, and risk control is efficiently performed based on the determination result. And can be controlled efficiently.

Hereinafter, embodiments of the present invention will be described with reference to the drawings.
FIG. 1 is a conceptual diagram showing an overall configuration of a risk control device in internal control according to an embodiment of the present invention. In FIG. 1, the risk control device in internal control according to the embodiment of the present invention requires risk monitoring by an internal control monitoring system as a premise for performing risk control. Therefore, the outline of the internal control monitoring system which is the premise of the present invention will be described first, and then the risk control device in internal control according to the embodiment of the present invention will be described.

  FIG. 2 is a conceptual diagram showing the overall configuration of the internal control monitoring system as a premise of the present invention. In FIG. 2, the internal control monitoring system which is the premise of the present invention is an unclear (clear risk) generated by miscellaneous operations 10 such as maintenance / asset management such as master update 11, login 12, license management 13, and proxy setting 14. The risk of fraud / error is stored in the first log file 40 as the operation log 41, and the clear log / error risk 15 generated by the miscellaneous operation 10 is used as an alarm for the second log file 16. At the same time, alarm notification (described later) is performed. A log corresponding to the alarm collected in the second log file 16 is sent to the first log file 40 and stored as an alarm log 43. In addition, unclear (clear risk) arising from the workflow 20 that forms the core part of the workflow, which is a mechanism for business processing and efficiency improvement, including the application (draft) 21, the approval 22 for the application, and the settlement 23 for the approval. The risk 24 of fraud / error / effectiveness / efficiency is stored in the first log file 40 as the project log 24. Further, in the performance management 31 in the workflow management department settlement 30, fraud / error risks 33 (serious risks) that may occur when linking with other systems 32 are stored in the first log file 40 as an item log 42 and an alarm log 43.

The matter log 42 and alarm log 43 obtained by monitoring the status transition of the matter in the core part of the workflow, from drafting and approval to linkage with other systems, are stored in the first log file 40 by the matter monitor 50 Search is possible with a setting key (also called a fixed key). Various master operations, login operations, import operations, export operations, proxy settings, and other operations are monitored and obtained. The operation log 41 and alarm log 43 stored in the first log file 40 are set by the operation monitor 60 as user settings. It is possible to search with the key of (fixed key).

  When it is desired to refer to the details of the monitored contents using the item monitor 50 and the operation monitor 60, the tracking function 70 is used to grasp the details of individual items and operations across processes. Information that links the recognized risk to the next action (Action: improvement, for example, risk management) if the tracking function 70 is used to identify the risk related to fraud / error related to internal control as risk identification. Store as 80 and use this information to perform the next action (eg risk control). The monitoring conditions that the user has recognized as risks related to fraud and errors using the Item Monitor 50 are registered in the monitor definition table (described later), and an alarm is sent to the system administrator etc. when an event registered for monitoring occurs. Notification (to be described later) can be made.

FIG. 3 is a block diagram showing a hardware configuration of the internal control monitoring system as a premise of the present invention. In FIG. 3, the internal control monitoring system which is the premise of the present invention includes (A) master definition information table group, (B) log information table group, (C) display format information table group, (D) configuration management table, ( E) A database 1 having various tables such as a risk list table and a database access module 2 for accessing the database 1 to manage information and the like are provided. Information is exchanged between the user terminal 4 and the user terminal 4 via a network (not shown). It comprises a Web server / IIS (Internet Information Services) server 3 that performs exchanges, and a plurality of user terminals 4 that are connected to the Web server / IIS server 3 via a network (not shown) and perform tasks related to internal control. . The business related to internal control is a series of work that is structured so that the PDCA (Plan Do Check Action) cycle functions effectively and efficiently and is supported by IT technology. The The database access module 2 is realized by executing software on the Web server / IIS server 3, manages the various information stored in the database 1, communicates with the user terminal 4, and performs internal control. Supports the work related to and the monitoring (monitoring operation) of the work. The database 1 is realized by a storage device well known in the information processing field. The (A) master definition information table group includes, for example, a monitor definition table, a target matter log definition table, an operation log definition table, and the like ( B) The log information table group includes, for example, a matter log table, an operation log table, a matter log table specification (destination log table), and the (C) display format information table group includes, for example, a monitor display field. A definition table is included, and information necessary for monitoring in internal control can be logged. Further, (D) the configuration management table defines alarms that are permitted and not permitted for each user terminal in advance, and is referred to when collecting operation logs and alarms related to miscellaneous operations of the user terminal. The (E) risk list table stores important risks brought about by the internal control monitoring system, and is an indispensable component of the risk control apparatus for internal control according to the embodiment of the present invention, and will be described in detail later. The user terminal 4 is realized by a personal computer (PC) or the like and has a client function for the server. Then, the Web server / IIS server 3 is accessed via a network (not shown), and communication with the database access module 2 is performed to exchange necessary information with the database 1. As for communication between the user terminal 4 and the Web server / IIS server 3, and communication between the user terminal 4 and the database 1 via the database module 2 of the Web server / IIS server 3, known protocols are used. Since it is realized using technology, it will not be mentioned in the present invention. In FIG. 3, only one Web server / IIS server 3 is shown, but a plurality of Web servers / IIS servers may be provided and distributedly installed on a network (not shown). The database 1 can also be distributed on a network (not shown). Further, the user terminal 4 shown in FIG. 3 is merely an example, and the number of the user terminals 4 can be arbitrarily increased or decreased. Further, as the network not shown, various existing networks such as LAN, WAN, and the Internet can be used as appropriate.

  4 to 7 are diagrams showing structural examples of (A) master definition information table groups T1 to T4 in the database shown in FIG. 3. First, FIG. 4 shows an internal control monitoring system as a premise of the present invention. It is a figure which shows the data structure of the monitor definition table T1 to be used. The monitor definition table T1 is a table that defines the contents of the item monitor. The item name field includes a monitor ID, a monitor name, a type, a built-in definition flag, an SQL statement, a definer's personal UID, a full disclosure flag, Items relating to alarm registration, alarm notification type, alarm notification destination, etc. are provided, and the monitor ID is set as the primary key. These items will be described in related sections described later.

  FIG. 5 is a diagram showing a data structure of the selected category master T2 used in the internal control monitoring system as a premise of the present invention. Selection category master T2 is a master table that defines the contents of list selection and display wordings at the time of workflow approval. The item name field includes items related to selection category, selection item, processing name term name, etc. All of these are set as primary keys.

  FIG. 6 is a diagram showing a data structure of the target case log definition table T3 used in the internal control monitoring system as a premise of the present invention. The target matter log definition table T3 is a table that defines the matter log monitoring target, and the item name field includes an internal control key (= AN), format number, format name, user company code, user company name, user group. Items related to code, usage department signature, update date, monitor flag, etc. are provided, and the internal control key (= AN) and format number are set as the primary key.

  FIG. 7 is a diagram showing a data structure of the target operation log definition table T4 used in the internal control monitoring system as a premise of the present invention. The target operation log definition table T4 is a table that defines the operation log monitor target. The item name field includes an internal control key (= OP), a category ID, a category name, a module ID, a module name, an item ID, and an item. Items relating to name, operation ID, operation name, monitor flag, update date, and the like are provided, and an internal control key (= OP), category ID, module ID, item ID, and operation ID are set as main keys. These items will be described in related sections described later.

  FIGS. 8A to 22 and FIGS. 25 and 26 are diagrams showing structural examples of (B) log information table groups T5 to T20 and T22 to T23 in the database shown in FIG. FIG. 8C is a diagram showing a data structure of a case log table T5 used in the internal control monitoring system as a premise of the present invention. The matter log table T5 is a table that collects and stores matter logs. The item name field contains a WPI ID (Workflow Process Item ID) that defines the unique ID of the matter, and a serial number that manages the processing order (sequence Number, processor personal UID, ..., processor personal code, processor personal name ..., submission time, ..., submitter personal UID, ..., submitter personal code, processing Individual name, ..., presence / absence of proxy, ..., personal UID of agent, ..., agent name, agent title / role / authority G name, reason for proxy, proxy setting time, ..., processing Setter personal UID, ..., proxy setter personal code, proxy setter name, proxy setting reason, destination change presence / absence, destination change reason, route change presence / absence, route change reason, batch presence / absence, batch sequence number, matter correction presence / absence , Attachment update presence / absence, ..., alarm registration Lugs, and a large number of items is provided that includes a risk registration flag, WPI ID, through number (sequence number) is set as the primary key. These items will be described in related sections described later.

FIG. 9 shows an operation log table used in the internal control monitoring system as a premise of the present invention.
It is a figure which shows the data structure of T6. The operation log table T6 is a table for collecting and storing the operated logs. The item name field includes a serial number (OPERATE_LOG_NO), a log type, a log collection time, a module, which is a serial number assigned by the numberer. Many items including ID, execution file name, screen ID, update contents, ..., operator personal code, operator personal name, ..., operation reason, parameter details, file details, alarm flag, risk flag An item is provided and the serial number (OPERATE_LOG_NO) is set as the primary key. These items will be described in related sections described later.

  FIG. 10 is a diagram showing a data structure of the screen I / FDB control data (log) T7 used in the internal control monitoring system as a premise of the present invention. Screen I / FDB control data (log) T7 is an additional table related to log acquisition of control data. In the item name field, the WPI ID that defines the unique ID of the matter, the serial number that manages the processing order (sequence Number), format name, proxy reason, destination change reason, route change presence / absence, route change reason, batch presence / absence, batch sequence number, attachment update presence / absence, matter reference presence / absence, etc. are provided. The serial number (sequence number) is set as the primary key.

  FIG. 11 is a diagram showing a data structure of screen I / FDB control data (destination log) T8 used in the internal control monitoring system as a premise of the present invention. Screen I / FDB control data (destination log) T8 is an additional table related to log acquisition of control data. In the item name field, the WPI ID that defines the unique ID of the matter and the serial number that manages the processing order ( (Sequence number), WPI ED indicating the branch number of the WPI ID, and items regarding whether or not to change the destination are provided, and the WPI ID, serial number (sequence number), and WPI ED are set as primary keys.

  FIG. 12 is a diagram showing a data structure of a case log table item T9 used in the internal control monitoring system as a premise of the present invention. The matter log table item T9 is a table that collects and stores work item items in the matter log. In the item name field, the WPI ID that defines the unique ID of the matter, the serial number that manages the processing order (sequence Number), items 1,..., Item 30 indicating the contents of the settlement items at the time of the processing are provided, and the WPI ID and serial number (sequence number) are set as the main key.

  FIG. 13 is a diagram showing a data structure of the case log route master T10 used in the internal control monitoring system as a premise of the present invention. The item log route master T10 is a table that stores route information. The item name field includes items such as a route code, a serial number (sequence number), a route update date, and a route name. The serial number (sequence number) is set as the primary key.

  14A and 14B are diagrams showing the data structure of the case log route detail master T11 used in the internal control monitoring system as the premise of the present invention. The item log route detail master T11 is a table that stores route information details. The item name field includes a route code, serial number (sequence number), piece type, status name, conference type, rejection type, and timer monitoring days. , Destination change authority, route correction authority, correction approval authority, collective approval authority, collective delegation authority, related party notification flag, ..., condition item key, data type, etc., route code, serial number (Sequence number) and status name are set as the primary key.

  FIG. 15 is a diagram showing a data structure of the case log route condition master T12 used in the internal control monitoring system as a premise of the present invention. The item log route condition master T12 is a table that stores conditions related to route change. The item name field includes a route code, a serial number (sequence number), a piece type, a status name, a detail (index) number, and a condition type key. In addition, items such as condition values are provided, and a route code, a serial number (sequence number), a status name, and a detail (index) number are used as main keys.

  FIG. 16 is a diagram showing a data structure of the case log route destination master T13 used in the internal control monitoring system as a premise of the present invention. The item log route destination master T13 is a table that stores information about the route destination, and the item name field includes a route registration type, a route code, a serial number (sequence number), a piece type, a status name, and a sender type. , Sender details number, ..., Sender post role code, Sender post role name, etc. are provided. Route code, serial number (sequence number), status name, sender type, sender details The number is set as the primary key.

  17A and 17B are diagrams showing the data structure of the case log route conversion master T14 used in the internal control monitoring system as a premise of the present invention. Matter log route conversion master T14 is a table that stores information related to route conversion, and the item name field includes company UID, type, serial number (sequence number), current status, routing type, next status, conditional expression, comparison Items such as target, condition parameter, result, destination type, notification department, notification destination are provided, and the type, serial number (sequence number), and current status are set as the primary key.

  FIG. 18 is a diagram showing a data structure of the case log route specified value T15 used in the internal control monitoring system as a premise of the present invention. The Item log root default value T15 is a table that stores default values related to route information, and the item name field includes items such as type, serial number (sequence number), current status, key type, key value, and memo. The type, serial number (sequence number), current status, and key type are set as the primary key.

  FIG. 19 is a diagram showing a data structure of the case log copy conversion master T16 used in the internal control monitoring system as a premise of the present invention. The item log copy conversion master T16 is a table for storing information related to copy conversion of route information. The item name field includes the company UID, type, serial number (sequence number), current status, serial number, destination type, and notification department. , Notification department code, notification address, etc. are provided, and the type, serial number (sequence number), current status, and serial number are set as the primary key.

  FIG. 20 is a diagram showing a data structure of a case log file table T17 used in the internal control monitoring system as a premise of the present invention. The matter log file table T17 is a table that stores work item binary data that is added at the time of drafting and approving corrections. The item name field contains the WPI ID that defines the unique ID of the matter, and the processing order Items such as serial number (sequence number), file number (0: work item, 1-: attached file), file name, file extension, file size (byte), file update time, etc. are provided. The WPI ID, serial number (sequence number), and file number (0: work item, 1 to: attached file) are set as the primary key.

  FIG. 21 is a diagram showing a data structure of a case log table (memo) T18 used in the internal control monitoring system as a premise of the present invention. The case log table (memo) T18 is a table for storing a memo at the time of sending a case.

  FIG. 22 is a diagram showing a data structure of the operation log file table T19 used in the internal control monitoring system as a premise of the present invention. The operation log file table T19 is a table for storing files generated at the time of operation. The item name field includes a log table serial number, a file number, a division serial number, a file name related to the division of the file generated during the operation, Items such as file extension, file size (byte), and file update time are provided, and the log table serial number, file number, and division serial number are set as the primary key.

  FIG. 23 is a diagram showing a data structure of the operation log parameter table T20 used in the internal control monitoring system as a premise of the present invention. The operation log parameter table T20 is a table for storing parameters generated during operation. The item name field includes items related to the log table serial number, parameter serial number, parameter, etc., and the log table serial number and parameter serial number are mainly used. The key is set.

  FIG. 25 is a diagram showing a data structure of a case log table specification (destination log table) T22 used in the internal control monitoring system as a premise of the present invention. The matter log table specification (destination log table) T22 is a table that displays owner information on the matter log detail screen (see FIG. 32), and the item name field is processed with the WPI ID that defines the unique ID of the matter. Serial number (sequence number) to manage the order, WPI ED indicating the branch number of the WPI ID, destination change presence / absence, destination post / role / authority G type, destination personal UID, ..., destination personal code, ... , Destination name, destination processing status flag, etc. are provided, and WPI ID, serial number, and WPI ED are set as primary keys.

  FIG. 26 is a diagram showing a data structure of a case log root coordinate master T23 used in the internal control monitoring system as a premise of the present invention. The item log root coordinate master T23 is a table that defines the coordinate display of the route display. The item name field includes a route code, a serial number (sequence number), a piece ordinate, a piece abscissa piece type, a piece picture type, Items relating to the number of piece branches, piece width, and the like are provided, and the route code, serial number, piece ordinate, and piece abscissa are set as primary keys.

  FIGS. 24, 27 and 28 are diagrams showing examples of the structure of (C) display format information table groups T21, T24 to T25 in the database shown in FIG. 3, and FIG. 24 is a premise of the present invention. It is a figure which shows the data structure of the monitor display field definition master T21 used with the internal control monitoring system used. The monitor display field definition master T21 is a table that defines the contents to be displayed on the monitor. The item name field includes a monitor ID, a serial number, a display field, a field type, a selection category, a limited number of characters, a search method, and a search condition value. , Display field values, item arrangement order, etc. are provided, and the monitor ID, serial number, and display field are set as the primary key.

  FIG. 27 is a diagram showing a data structure of the format file master T24 used in the internal control monitoring system as a premise of the present invention. The format file master T24 is a definition table that stores electronic application forms. Format management number, form version, master type for records, detail (index) number, file entity concatenation number, file name, file size, file creation date and time Items such as format management number, form version, master type, and detail (index) number are set as primary keys.

  FIG. 28 is a diagram showing a data structure of a format file entity T25 used in the internal control monitoring system as a premise of the present invention. The format file entity T25 is a table that stores the entity file of the electronic application form. The entity file is a binary data that contains the entity connection number of the attached file, the form version, and the details (index) number for dividing the attached file as the primary key. It is trying to express.

FIG. 29 is a diagram showing a case monitor screen in the internal control monitoring system as a premise of the present invention. This item monitor screen is a screen that changes by selecting 'anchor' as the menu screen displayed upon login to the internal control monitoring system. The item monitor screen 250 shown in FIG. 29 has screen names in order from the upper left of the center of the screen. 251, department name 252 and user name 253 are displayed. It can be seen from the contents of the displayed screen name 251 that it is internal control: matter monitor. Then, the monitor condition defined in the list box 254 is displayed, and the number of cases for each type of display cases is displayed as the number of cases 255 below that. In addition, the processing start date and time of the search target item is displayed in the processing period from (256), and the processing end date and time of the search target item is displayed in the processing period to (257). A definition update button 258 is provided, and monitoring conditions can be registered by pressing this button. Also, a definition deletion button 259 is provided, and the monitor condition can be deleted by pressing this button. In the required time entry field, the stay days (260) and stay time (261) regarding the search target item can be entered. In this case, the number of days elapsed from the draft is determined by checking the check box 262. Further, by pressing the search button 263, it is possible to search the log with the target condition. By pressing the CSV output button 264, the displayed matter can be output to a CSV file (not shown). In the display item 265, the arrangement of items is set in the label display order. Here, display items of WPI ID (Workflow Process Item identification), format name, processing time, processing type, processing status, processing department code, and processing personal code are listed. The search method radio button 266 displays the complete match search as “complete” and the partial match search as “part”. The search value input field 267 is used to input search conditions for each item in text or list format. When the item is changed, the change flag 270 becomes valid. Input control (number of characters, forbidden characters) is set by the master (monitor display field definition master T21 shown in FIG. 24). In the list list 268, display cases that match the number of cases 255 are displayed. Then, by pressing the detail button 269 shown at the left end of each list item, the item monitor details screen shown in FIG. 30 is displayed. The change flag 270 defines a parameter change (the initial value is invalid). The previous / next page button 271 displays the next (previous) page that could not be displayed, and cannot be pressed when there is no previous / next page.

  FIG. 30 is a diagram showing a case monitor detail screen in the internal control monitoring system as a premise of the present invention. This item monitor details screen is changed by pressing the detail button 269 shown at the left end of each list item in FIG. 29. The item monitor details screen 300 shown in FIG. A department name 302 and a user name 303 are displayed. The return button 304 is used for an operation for transitioning to the item monitor screen of FIG. The history label 305 displays the approval history in the workflow. The history detail button 306 transitions to a detail screen (not shown) of the content at the time of approval when the button is pressed. In the processing / change item list 307, “◯” is displayed for a portion where processing / change has occurred, and a blank is displayed if there is no change. The owner label 308 displays the current owner of the workflow. When the owner detail button 309 is pressed, the screen changes to a detail screen (not shown) at the time of the operation.

FIG. 31 is a diagram showing an operation monitor screen in the internal control monitoring system as a premise of the present invention. This operation monitor screen is a screen in which the “anchor” menu screen displayed upon login to the internal control monitoring system is selected and transitioned. The operation monitor screen 340 shown in FIG. , Department name 342 and user name 343 are displayed. It can be seen from the contents of the displayed screen name 341 that the internal control is an operation log monitor. Then, the monitor condition defined in the list box 344 is displayed, and the number of cases for each type of display case is displayed as the number of cases 345 below that. In addition, the processing start date and time of the search target item is displayed in the processing period from (346), and the processing end date and time of the search target item is displayed in the processing period to (347). A definition update button 348 is provided, and monitoring conditions can be registered by pressing this button. Also, a definition deletion button 349 is provided, and the monitor condition can be deleted by pressing this button. In addition, by pressing the search button 350, the log can be searched with the target condition. By pressing the CSV output button 351, the displayed matter can be output to a CSV file (not shown). In the display item 352, the arrangement of items is set in the label display order. Here, display items such as operation log numbers, operation types, operation times, and update contents are listed. The search method radio button 353 indicates the complete match search as “complete” and the partial match search as “part”. In the search value input field 354, search conditions for each item are input in text format. When the item is changed, the change flag 357 becomes valid. Input control (number of characters, forbidden characters) is set by the master (monitor display field definition master T21 shown in FIG. 24). In the list list 355, operation cases that match the number of cases 345 are displayed. Then, by pressing a detail button 356 shown at the left end of each list item, a transition is made to the operation log detail screen (see FIG. 32). The change flag 357 defines a parameter change (initial value is invalid). The previous page / next page button 358 displays the next (previous) page that could not be displayed. If there is no previous page / next page, it cannot be pressed.

  FIG. 32 is a diagram showing an operation monitor detail screen in the internal control monitoring system as a premise of the present invention. On the operation monitor detail screen 380 shown in FIG. 32, a screen name 381, a department name 382, and a user name 383 are displayed in order from the upper left of the center of the screen. The return button 384 is used for an operation for changing to the operation monitor screen of FIG. The operation content label 385 displays details of the operation content of the operation. The operator information label 386 displays details of the operator who performed the operation. The parameter label 387 displays the parameter used when the operation is performed. If there is no parameter, it is not displayed. The operation file label 388 displays a file used when the operation is performed. If there is no operation file, it is hidden. The operation file detail button 389 pops up a file that is operated at the time of the operation when the button is pressed. Note that the items displayed on the labels 385 to 388 and the contents thereof are displayed with reference to the target case operation log table T6 shown in FIG. 9 and the operation log definition table T4 shown in FIG.

Having thus described the outline of the internal control monitoring system which is the premise of the present invention, the outline of the risk control device in internal control according to the embodiment of the present invention will be described next with reference to FIG. The risk control device of the present invention supports the efficiency of risk control of internal control using the workflow device from the risk identified by the internal control monitoring system. As described in FIG. Information linked to (risk management) is monitored by the internal control monitoring system shown in Fig. 1 for risk monitoring 110, which is identified by the risk and the person in charge in the supervisory department and audit department (see the database shown in Fig. 3). ) And the information stored in the risk list table constitutes a serious risk related to fraud / error related to internal controls, so the risk management unit 120 forwards the risk stored in the risk list table to the risk management workflow 130. Manage risks by adding comments, importance, and priority (response priority) from each perspective. To. In the risk management workflow 130, as in the normal workflow, the application (report) 131 by the person in charge, confirmation 132 by the supervisor, rule confirmation 133 by the audit department, instruction 134 by the management, etc. Degree 135 and priority (response priority) are determined 135 and returned to the risk management unit 120. Then, the risk management unit 120 urgently responds and if it is a serious risk, immediately transmits it to the control (control instruction) department 160, and entrusts the handling of the serious risk. If the risk is serious but not urgent, the risk report function 140 creates a risk list, prints related documents such as regulations, and creates data. After that, if necessary, risk audit is entrusted to the external audit department 150, and if the external audit department 150 reports a serious risk, it is communicated to the control (control instruction) department 160 and the handling of the serious risk is entrusted. The control (control instruction) department 160 is the best decision-making body for internal control in a company, and has established a budget for avoiding major risks, revised regulations, modified systems, changed system settings, etc. Although control is intended, it is out of the matters to be dealt with by the system proposed in the present invention, so no further explanation will be given. As described above, the risk control device of the present invention is able to provide a comment from each viewpoint through forwarding to the risk management workflow a serious risk related to fraud / error related to internal control identified by the person in charge and stored in the risk list table. Risks are managed with importance and priority (response priority), and support for efficient risk control of internal controls.

FIG. 33 is an operation flow diagram for explaining the operation of the risk control device in the internal control according to the embodiment of the present invention, which corresponds to a more detailed version of FIG. 1 and shows the operation transition as the information flow (bold line) and This is represented by the flow of processing (thin lines). 33, in the internal control risk control apparatus according to the embodiment of the present invention, the operation log, case log, and alarm log stored in the log table 420 are stored in the risk monitoring unit 422 of the internal control monitoring system shown in FIG. The risk is monitored by the supervising department 424 and the management department 426, and if it is identified as a risk relating to fraud / error related to internal control, the risk identified risk is stored in the risk list table 405 of the risk management section 400. The risk stored in the risk list table 405 of the risk management unit 400 is transferred to the table management unit 410 because it is necessary to confirm whether the risk is a serious risk related to fraud / error related to internal control. The table management unit 410 manages the risks stored separately in the matter risk list 412 related to matters and the operation risk list 414 related to operations, and forwards them to the risk management workflow 500 described later for each matter to table the risk judgment results. Save in the details for each case in the management unit 410.

  As described above, the risk management workflow 500 is for confirming whether the risk is a serious risk related to fraud / error related to internal control. The item risk list 412 and the operation risk list 414 managed by the table management unit 410 are used. A user (user) selects 430 on the screen and first displays the risk for each case on the screen of the person in charge. If the person in charge views the risk on the screen 440 and recognizes that the content is a serious risk, the person in charge creates a risk report 441. In that case, the person in charge fills in the necessary items in the comment 443, the importance 444, and the priority 445 while viewing the contents 442 regarding the case, and submits a risk report to the superior. The supervisor sees the risk applied by the person in charge on the screen 450 as a risk report, adds a comment if there is no place to be corrected, reports it to the audit department, and if there is a place to be corrected, the same as the person in charge In addition, a risk report 451 was created, and the senior manager entered the comments 453, severity 454, and priority 455 while reviewing the content 452 related to the matter, and revised the risk report to the audit department. Report approval. In the same manner, the audit department views the risk report on the screen 460 and creates a risk report 461 if there is a place to be further revised. Fill out the required information for degree 464 and priority 465, and report the revised risk report to the executives who are management. If there is no place to revise, add a comment and report to the officer. Executives who are in management view the risk report on the screen 470, create a risk report 471 if there are any points to be revised, and the officers see comments 473 on the matters 472 and the importance 474 and the priority 475 are filled in, and the risk management unit 400 is instructed to approve the risk report. If there is no place to be corrected, a comment is attached and an approval instruction is given to the risk management unit 400. In the above, the importance and priority in each layer are entered by selecting the contents previously defined in the table from the pull-down menu.

  The management's approval instruction or correction approval instruction for the risk report that has gone through the risk management workflow 500 is returned to the risk management unit 400, so that the risk judgment result for each case is stored in the details for each case in the table management unit 410. It will be. That is, in the table management unit 410 of the risk management unit 400, importance, priority, and comments in each layer are stored in the details of the case risk list 412 or the details of the operation risk list 414. Then, the risk judgment result is displayed on the risk judgment result display screen 480. Of course, the user who can display the risk determination result on the risk determination result display screen 480 is a user who has been given a use authority in advance. On the risk judgment result display screen 480, for each Item 481, there are predetermined items in the fields of person in charge 482, person in charge 483, person in charge priority 484, person in charge comment 485, manager name 486, manager importance 487,. A list of risk judgment results filled with is displayed. If users who have been given authority to use the risk determination results in advance are listed, it is possible to immediately determine who made what kind of risk determination. It is possible to activate the risk report function 490 from the risk management unit 400 to generate a risk list, related documents, and data as a risk report, and to transmit the risk report to the control instruction unit 495 outside the system. Further, the risk management unit 400 can directly transmit a serious risk that should be promptly dealt with to the control instruction unit 495 outside the system.

34 to 39 are diagrams showing screen transitions of persons in charge in the risk management workflow shown in FIG. First, FIG. 34 is a diagram showing a login screen for transitioning to the monitor screen in the person in charge of the risk management workflow according to the embodiment of the present invention. That is, in the screen 500 shown in FIG. 34, the person in charge performs the initial screen selection 503 (here, the approval screen) that can be selected by the user ID 501, the password 502, and the pull-down menu, and clicks the login button 504. Thereby, it is possible to transit to the initial screen 510 shown in FIG.

  FIG. 35 is a diagram showing an initial screen in the risk management workflow of the person in charge according to the embodiment of the present invention. In the screen 510 shown in FIG. 35, the person in charge confirms that the screen name 511 is “approval”, and then selects “risk monitor” 512 in the internal control of the menu screen as “anchor”. By doing so, a transition can be made to a screen 520 shown in FIG.

  FIG. 36 is a diagram showing a risk monitor screen in the risk management workflow of the person in charge according to the embodiment of the present invention. In the screen 520 shown in FIG. 36, the person in charge indicates that the business name 521 is “Internal Control Risk List”, the screen name 522 is “Matter Risk List”, and “Matter Risk List” / “Operation Risk List”. By checking the label 523 and confirming that the display is “Item risk list”, and then setting the registration period (From-To) 524 and executing the search 525, the registered period of risk is the search key. Thus, the risk can be displayed on the risk information label 526. In the risk information label 526, items such as WPI-ID (corresponding to the case number), format name, processing type, processing person, processing date can be expanded, and text can be entered in the text entry field 529. The text can be used as a search key. Furthermore, the screen can be changed by pressing a detail item detail button 527 and an application item application button 528, respectively. Note that “application” is the beginning of a workflow for determining a serious risk, and corresponds to “draft” of a normal workflow.

  FIG. 37 is a diagram showing an application screen in the risk management workflow of the person in charge according to the embodiment of the present invention. The person in charge creates a “risk report” 531 on the screen 530 shown in FIG. The contents 532 for identifying the case upon creation are reprinted from the risk list table 405 and the log table 420 shown in FIG. 33, and the comment entry field 534 of the charge entry field 533, and the importance entry field 535 and the priority entry field 536 Fill in each. Click the submit button 537 to submit an application to the senior manager of the risk management workflow after completing the items. This will report the details of the application to the superior.

  FIG. 38 is a diagram showing a submission transition screen in the risk management workflow of the person in charge according to the embodiment of the present invention. In the screen 540 shown in FIG. 38, the person in charge can know how the superior has processed the application by browsing the items in the history label 543. The attached file label 541 holds attached file information at the time of approval. The attached file reference button 542 is activated by a pop-up, and when the button is pressed, the contents of the attached file at the time of approval are displayed. In this case, the item log file table T17 shown in FIG. 20 is referred to. The case information label 544 refers to the case information at the time of approval. The matter processing information label 545 displays processing details at the time of approval (whether there is a change, a comment, etc.). If there is change information, [○] is displayed for the changed part, and if there is no change, a blank is displayed and a comment can be attached.

  FIG. 39 is a diagram showing a detailed transition screen in the risk management workflow of the person in charge according to the embodiment of the present invention. The screen 550 shown in FIG. 39 transitions when the person in charge presses the detail item detail button 527 on the screen 520 shown in FIG. 36, and what kind of processing is performed by the person in charge on the screen 550 shown in FIG. It can be known from the history label 551. Further, by pressing the detail button 552 of the detail item of the history label 551, the screen can be changed to the screen shown in FIG. Since the screen of FIG. 38 has already been described, description thereof is omitted here.

40 to 46 are diagrams showing screen transitions of the management layer (upper manager to management layer) in the risk management workflow shown in FIG. First, FIG. 40 is a diagram showing a login screen for transitioning to the monitor screen in the management layer of the risk management workflow according to the embodiment of the present invention. That is, on the screen 600 shown in FIG. 40, the person in charge performs the initial screen selection 603 (here, the approval screen) that can be selected by the user ID 601, password 602, and pull-down menu, and clicks the login button 604. Thereby, it is possible to transit to the initial screen 610 shown in FIG.

  FIG. 41 is a diagram showing an initial screen in the risk management workflow of the management layer according to the embodiment of the present invention. In the screen 610 shown in FIG. 41, for example, the manager of the management layer confirms that the screen name 611 is “approval: case list”, and then double-clicks the “risk report” 612 in the list display label. By doing so, a transition can be made to the screen 620 shown in FIG.

  FIG. 42 is a diagram showing a risk report item list screen in the risk management workflow of the management layer according to the embodiment of the present invention. In the screen 620 shown in FIG. 42, for example, the manager of the management layer indicates that the format name 621 is “risk report”, the screen name 622 is “approval: case list”, and the “risk” in the case list item 623. Confirm that the display screen is “Approval: Project List” by patterning (coloring) of the “Report” and then viewing the breakdown of the four “Risk Report” items in the Project List Item 623 it can. If text is entered in the text entry field 624, the text can be used as a search key. Further, by pressing the item item detail button 625, the screen shown in FIG.

  FIG. 43 is a diagram showing a detailed screen in the risk management workflow of the management layer according to the embodiment of the present invention. In the screen 630 shown in FIG. 43, for example, the manager of the management layer confirms that the format name 631 is “risk report” and the screen name 632 is “approval: case details”, and then the application is filed by the person in charge. Determine approval of risk reports. That is, if approval is made, the approval button 633 is pressed to report the approval to the superior, or if correction is made, the correction button 634 is pressed to shift to the risk report correction screen (see FIG. 44). The history can be known by browsing the items of the history label 635. In addition, by browsing the item of the current owner label 636, it is possible to know the waiting state for approval. Further, by viewing the item of the case information label 637, it is possible to know the risk judgment result of the person in charge related to the case.

  FIG. 44 is a diagram showing a correction approval screen in the risk management workflow of the management layer according to the embodiment of the present invention. In the screen 640 shown in FIG. 44, for example, the manager of the management layer confirms that the format name 641 is “risk report” and the screen name 642 is “correction approval”. The comment entry in the comment entry field 646, the entry of the importance in the importance entry 644 (selected from the pull-down menu), and the entry of the priority in the priority entry 645 (selected from the pull-down menu) are executed. After that, when an approval button 643 is pressed, the screen transits to a forwarding confirmation screen for correction approval to the superior (audit department) (see FIG. 45).

  FIG. 45 is a diagram showing a forwarding confirmation screen for correction approval in the risk management workflow of the management layer according to the embodiment of the present invention. In the screen 650 shown in FIG. 45, for example, the manager of the management layer confirms that the format name 651 is “Risk Report” and the screen name 652 is “Correction Approval: Forwarding Confirm”, and then forwards it. Browse the items on the destination label 654 to confirm the name of the forwarding destination, and if necessary, enter a comment in the comment entry field 655, and then press the execute button 653 to forward the correction approval to the superior (audit department). To do.

FIG. 46 is a diagram showing an example of a screen for displaying the risk determination result collected in the risk management unit according to the embodiment of the present invention. As described with reference to FIG. 33, in the risk management unit 400 of the risk control apparatus for internal control according to the embodiment of the present invention, the risk judgment result obtained through the risk management workflow 500 is obtained for each case in the table management unit 410. Stored in each item of the risk list 412 and the operation risk list 414. The risk determination results stored in each detail of the table management unit 410 are displayed on the risk determination result display screen 480 for each item. This will be described in detail with reference to FIG. 46. In the risk determination result display screen shown in FIG. 46, the screen name 661 is “Matter Risk List” and the “Matter Risk List” / “Operation Risk List” label 662 is seen. Confirm that the display is “Item risk list”, and then, in accordance with the order of the risk management workflow 500, the importance 664, priority 665, comment 666, supervisor importance,・ ・ List of audit comments, executive importance 667, executive priority 668, and executive comments 669. In this way, it is possible to immediately determine who has made what kind of risk judgment by looking at the risk judgment result display in the order in which the risk management workflow 500 is forwarded. In the risk judgment result display screen shown in FIG. 46, the importance and priority values in each layer can be selected from pull-down menus in the importance and priority entry items as defined in the table not shown. The importance and priority values shown in FIG. 46 are merely examples, and finer values can be set.

  In the risk control device in internal control according to the embodiment of the present invention described with reference to FIG. 1 and FIGS. 33 to 46, the hardware configuration has not been described in detail, but the above-described internal premise of the present invention It is realized by inheriting the configuration of the control monitoring system. However, the risk management unit 400 and the risk management workflow 500 will be described just in case. This is because these are the main components of the risk control device in the internal control according to the embodiment of the present invention. The risk management unit 400 includes a risk list table 405, a table management unit 410, and a risk determination result display screen 480. As described above, the risk list table 405 is stored in the database 1 shown in FIG. The table management unit 410 is realized by the database access module 2 in the Web server / IIS server 3 shown in FIG. 3, and the risk determination result display screen 480 is an input / output device in the Web server / IIS server 3 ( (Not shown). The risk management workflow 500 includes a user terminal 4, a Web server / IIS server 3 including the database access module 2, and a database 1. In particular, in the risk management workflow 500 shown in FIGS. 34 to 45, the user terminal 4 is configured to display a series of screens by selecting the user ID, password, and initial screen on the initial screen in the client / server system, and further logging in Then, the screen of the risk control apparatus is changed, and the subsequent screen transitions for the user terminal 4 are as described in FIGS. 35 to 39 and FIGS. 41 to 45. The risk management workflow 500 includes the user terminal 4 and the database. This is realized by using each resource of the computer system including the Web server / IIS server 3 including the access module 2 and the database 1.

It is a conceptual diagram which shows the whole structure of the risk control apparatus in the internal control which concerns on embodiment of this invention. It is a conceptual diagram which shows the whole structure of the internal control monitoring system used as the premise of this invention. It is a block diagram which shows the hardware constitutions of the internal control monitoring system used as the premise of this invention. It is a figure which shows the data structure of the monitor definition table T1 used as the premise of this invention. It is a figure which shows the data structure of selection category master T2 used as the premise of this invention. It is a figure which shows the data structure of the object case log definition table T3 used as the premise of this invention. It is a figure which shows the data structure of the object operation log definition table T4 used as the premise of this invention. It is a figure which shows the data structure of item log table T5 used as the premise of this invention. It is a figure which shows the data structure of item log table T5 used as the premise of this invention. It is a figure which shows the data structure of item log table T5 used as the premise of this invention. It is a figure which shows the data structure of item log table T5 used as the premise of this invention. It is a figure which shows the data structure of operation log table T6 used as the premise of this invention. It is a figure which shows the data structure of screen I / FDB control data (log) T7 used as the premise of this invention. It is a figure which shows the data structure of the screen I / FDB control data (destination log) T8 used as the premise of this invention. It is a figure which shows the data structure of item log table item T9 used as the premise of this invention. It is a figure which shows the data structure of matter log route master T10 used as the premise of this invention. It is a figure which shows the data structure of item log route detail master T11 used as the premise of this invention. It is a figure which shows the data structure of item log route detail master T11 used as the premise of this invention. It is a figure which shows the data structure of item log route condition master T12 used as the premise of this invention. It is a figure which shows the data structure of the matter log route transmission destination master T13 used as the premise of this invention. It is a figure which shows the data structure of matter log route | root conversion master T14 used as the premise of this invention. It is a figure which shows the data structure of matter log route | root conversion master T14 used as the premise of this invention. It is a figure which shows the data structure of the matter log root prescribed value T15 used as the premise of this invention. It is a figure which shows the data structure of case log copy conversion master T16 used as the premise of this invention. It is a figure which shows the data structure of the matter log file table T17 used as the premise of this invention. It is a figure which shows the data structure of the matter log table (memo) T18 used as the premise of this invention. It is a figure which shows the data structure of operation log file table T19 used as the premise of this invention. It is a figure which shows the data structure of the operation log parameter table T20 used as the premise of this invention. It is a figure which shows the data structure of the monitor display field definition master T21 used as the premise of this invention. It is a figure which shows the data structure of item log table specification (destination log table) T22 which is a premise of the present invention. It is a figure which shows the data structure of the matter log root coordinate master T23 used as the premise of this invention. It is a figure which shows the data structure of the format file master T24 used as the premise of this invention. It is a figure which shows the data structure of the format file entity T25 used as the premise of this invention. It is a figure which shows the item monitor screen in the internal control monitoring system used as the premise of this invention. It is a figure which shows the item monitor detail screen in the internal control monitoring system used as the premise of this invention. It is a figure which shows the operation monitor screen in the internal control monitoring system used as the premise of this invention. It is a figure which shows the operation monitor detailed screen in the internal control monitoring system used as the premise of this invention. It is an operation | movement flowchart explaining operation | movement of the risk control apparatus in the internal control which concerns on embodiment of this invention. It is a figure which shows the login screen for changing to the monitor screen in the person in charge of the risk management workflow which concerns on embodiment of this invention. It is a figure which shows the initial screen in the risk management workflow of the person in charge which concerns on embodiment of this invention. It is a figure which shows the risk monitor screen in the risk management workflow of the person in charge which concerns on embodiment of this invention. It is a figure which shows the application screen in the risk management workflow of the person in charge which concerns on embodiment of this invention. It is a figure which shows the submission transition screen in the risk management workflow of the person in charge which concerns on embodiment of this invention. It is a figure which shows the detailed transition screen in the risk management workflow of the person in charge which concerns on embodiment of this invention. It is a figure which shows the login screen for changing to the monitor screen in the management layer of the risk management workflow which concerns on embodiment of this invention. It is a figure which shows the initial screen in the risk management workflow of the management layer which concerns on embodiment of this invention. It is a figure which shows the risk report item list screen in the risk management workflow of the management layer which concerns on embodiment of this invention. It is a figure which shows the detailed screen in the risk management workflow of the management layer which concerns on embodiment of this invention. It is a figure which shows the correction approval screen in the risk management workflow of the management layer which concerns on embodiment of this invention. It is a figure which shows the forwarding destination confirmation screen of the correction approval in the risk management workflow of the management layer which concerns on embodiment of this invention. It is a figure which shows the example of a screen which displays the risk determination result improved in the risk management part which concerns on embodiment of this invention.

Explanation of symbols

1 Database 2 Database Access Module 3 Web Server / IIS Server 4 User Terminal
40 log files
50 Opportunity monitor
60 Operation monitor
110 Risk monitoring department with internal control monitoring system
120 Risk Management Department
130 Risk management workflow
140 Risk report function
400 Risk Management Department
405 Risk list table
410 Table management department
420 log table
480 Risk judgment result display screen
500 Risk management workflow

Claims (5)

The logged information is monitored for risk by the internal control monitoring system, and if the result identifies risks related to fraud / error in internal control and the person in charge, the identified risks are output from the internal control monitoring system to identify the risks. Risk management means to store in the risk list table as a matter to be
The case stored in the risk list table is read out and displayed on the person-in-charge screen, a record with a request number and type added to each displayed case is created to create a risk list, and the created on the screen to transition by selecting the projects to be processed from the risk list, and risk determination request means for activating the request of risk judgment by instructing the forwarding to the personnel side Kufuro means,
The risk of the individual case requested to be judged by the risk judgment request means is displayed on the screen, the content is judged from the person in charge, the result is forwarded to the next terminal as a risk including the risk judgment result, and the forwarding Workflow means for transmitting to the risk management means together with the risk judgment result of each person in charge who has been forwarded the risk judgment result of the person in charge at the end of the judgment of the viewpoint of the person in charge located at the end;
An internal control risk control device comprising: The workflow means displays the risk case requested to be judged by the risk judgment request means on the terminal screen of each person in charge of the workflow, and each person in charge adds importance, priority, and comment to the risk case. 2. The internal control according to claim 1, wherein the report is prepared and included in the risk determination result, the risk case is forwarded from a submitter to a submitter , and finally transmitted to the risk management means. Risk control device.   The importance level and the priority level can be referred to on each person-in-charge terminal screen by referring to values defined in a table in advance, and are assigned when each person in charge selects on the screen. The internal control risk control apparatus according to claim 2. 3. The internal control risk control apparatus according to claim 2 , wherein the risk management means includes display means for displaying the risk determination results transmitted from the workflow means in a list.   The display means includes a display form that allows the contents of importance, priority, and comments to be browsed in the order of submission of risk determination results including the report created at each person-in-charge terminal of the workflow. The internal control risk control apparatus according to claim 4.