It Environment, Internal Audit In Enterprise Risk Management Study

In order to improve management efficiency and pursuit self-development, enterprise's internal audit should be involved in the risk management. With the development of information technology, enterprises are facing many new problems and new risks in IT environments ,which has lead to the internal audit using traditional methods has been far from adequate to meet the requirements of modern audit when it involving in the risk management. It has been a urgent problem both in theory and in practice now that how internal audit involved in the risk management to improve validity of it and promote value of organization.The research of this article is by the newest theory of risk management framework—COSO -ERMF issued by the USA, and considers the IT environment fully and applies IT technology, carries on the conformity and the optimization to the traditional enterprise internal audit theory and the method, establishes a internal audit's new theoretical method system to adapt the IT environment.The full text is divided into six parts, the main structure is as follows: In chapter one, the author introduces the background and significance of the dissertation and the literature review at home and abroad, contents and the methodology , and the contributions and limitations in the dissertation; In Chapter Two, 'Internal Audit and ERM Theory', the author introduces the connotation of internal audit from the perspective of its development ,the ERMF and the internal audit's role in the ERMF; Chapter three is the consideration of internal audit involved in risk management under IT environment. In IT environment, internal audit involved in the risk management mainly have to be considerate with the following areas: the first is how the IT environment changes the businesses's environment and the risks associated with them; the second is how the IT environment can influence the internal audit ,and how the internal audit effectively use IT to participate in the risk management activities; Chapter four is the way of internal audit involved in risk management under IT environment. On the base of COSO--ERMF, the paper discusses deeply the way in which internal audit involved in the risk management. Chapter five is about the suggestion on improving internal audit involved in risk management under IT environment; In chapter four , the author sum up to the whole article and then illustrate the limitations and prospect of the research on the thesis.