中文摘要：

中国企业在制定内部控制制度的时候，缺少清晰的内部控制框架。美国COSO委员会2004年结合萨班斯法案提出了ERM框架，在内部控制的战略目标和风险管理等方面有较大突破。中国企业的内控模式可以在ERM框架的基础上结合COSO框架进行构建。中国企业在构建内控体系时。要重点关注战略目标、法人治理结构、商业伦理和风险管理四个方面。在此基础上，中国企业的内控框架应分为内控目标和控制要素两个维度：目标维度包括战略目标、经营目标、报告目标和合规目标，要素维度包括控制环境、风险管理、控制活动、信息和交流、监控。这四个目标和五个要素有机结合构成了内部控制框架。

英文摘要：

The precise internal control framework is often absent when Chinese companies make their internal control rules. In 2004, COSO sponsored the Enterprise Risk Management （ ERM ） framework because of the Sarbanes Oxley Law, as has achieved a better internal control strategy and risk management. Therefore, Chinese companies need build their own internal control rides on the basis of ERM framework and the COSO framework. Internal control objectives includ strategy, operation, reporting and compliance; internal control components include control environment, risk assessment , information and communication and monitoring. These four objectives and five elements work together to form the framework of internal control.