| With the rapid development of IT technology and business increasingly wide range of applications, IT Audit is playing an important role in IT governance, IT security and regulatory compliance. In order to ensure independent, objective, prudent, fair of audit's results, it is necessary to the effective management of IT audit risk. In this paper, the theory of project risk management and IT audit methodology in bank based on theoretical research, focusing on the IT audit project risk management process and methodology of an in-depth research.First of all, introduce the concept of IT-related audit and the IT audit process. IT Audit is usually divided into four phases: audit preparation, on-site audit, the audit report and follow-up, one of each phase also includes a number of activities.Secondly, Based on the project risk management theory and combined with specific IT audit processes and activities, put forward the new theory of processes and methods for the management of T audit project risk management. The theory defines the control objectives, principal risks, the proper response to risk, as well as testing methods for the IT audit project processes. The theory lays the foundation for assessment of the IT audit project risk management.Again, the papers also give an quantitative evaluation model of the IT audit project risk management. The evaluation model combines the IT audit process (audit preparation, on-site audit, the audit report and follow-up) with the IT audit results (quality, schedule and costs).Finally, this paper through case studies of IT audit project risk management evaluation process, methods and evaluation model of scientific and practical empirically. |
PDF Full Text Request