| Economy and information technology develop rapidly today , information systems becomes new power of enterprise . In order to upgrade efficiency and benefit, information systems has been set up in enterprise . While information systems bring benefit for production , operation and management , it increases risk enterprise face to . Information system auditing is needed to keep enterprise from riskes.Information system auditing have developed overseas many years .EDP auditing association was set up in America more than sixty years . now information system auditing and control association (ISACA) had promulgate auditing standard . Information system auditing develop rapidly in America, Japan , Canada and Britain . Information system auditing is developing in our country . The problem how to evaluate risk of Information system auditing ,and how to control risk of Information system auditing in a reasonable level become a focus .This paper includes seven chapters. Chapter one includes the way of thinking and contents of the problem, the research method and the research frame. In chapter two,we definite the risk of Information system auditing. In chapter three we analysis the factors and characteristics of the risk . In Chapter four we research how to analysis and evaluate risk. In chapter five according to how to contol risk of Information system auditing in a reasonable level. In chapter six we give a example to explain our conclusion. In chapter seven we draw the research conclusions.The thought of this paper is through combining the analyse and example, auditing and information technology to study how to evaluate risk of Information system auditing ,and how to control risk of Information system auditing in a reasonable level.According the research, we can draw some conclusions. They are as follows:Firstly , the definition of the risk of Information system auditing is the base of studying the risk of Information system auditing . it decides the range , research method , evaluation method of risk . In this paper ,we definite the risk of Information system auditing as that there is some important objection in Information system, auditor give a impertinent report and suffer losing.Secondly, we think: the auditing behavior under exterior environment and internal mechanisms as a social activity. when we study auditing, analysising exterior environment is beneficial.Thirdly, the factor of the risk of information system can be analysis in the angle of information system itself and process of auditing . The risk of information system itself includes the risk of exploitation and design, the risk of environment, the risk of system. The risk of process of auditing includes the risk of operation, the risk of interior control measures., the risk of capacity of auditor and the risk of morality.Fourthly, analysising the risk of information system auditing should under the cost-and-benefit principle, important principle, arrangement principle, system principle. All these principles are the precondition.Fifthly, set up a model of the risk of Information system auditing. This model includes four factores. And give a point that matrix mode is a reasonable mode to analysis the risk of Information system auditing.Finally, in this paper, some advices are given to control risk of Information system auditing in a reasonable level. |
PDF Full Text Request