Article 21
|
The purpose of self-assessment by a company of its internal control systems is to implement the company’s self-monitoring mechanisms and adapt to changes in the environment in a timely manner, so as to adjust the design and operation of the internal control systems and to enhance the internal audit department's audit quality and efficiency. The self-assessment scope shall include the design and operation of all of the company's internal control systems.
Before carrying out the assessment under the preceding paragraph, a public company shall set out in its internal control systems the procedures and methods for self-assessment operations.
A public company shall pay close attention to matters relating to compliance with applicable laws, regulations, and bylaws, and shall decide procedures and methods for self-assessment operations based on the results of the risk assessment, and the following items, at least, shall be included:
- Determination of the control activities that shall be tested.
- Determination of the business units that shall be included in the self-assessment.
- Assessment of the design effectiveness of each control activity.
- Assessment of the operating effectiveness of each control activity.
|