A Study On Information System Audit Standards In China

With the application of information technology in the enterprise more and more extensive and in-depth, enterprises have to face not only the traditional financial risk and operational risk, but also the information technology fraud and information system risk. Therefore, only on auditing the development of information system, software and hardware resources, data, and the information system’s internal control, and setting the operation and management of information system in a safe and effective control, can it reduces information system and the internal control system risk faced by the enterprise.Compared with the United States, Japan and Britain, the audit research and application have a late start in the field of information system of our country. Research mainly focuses on the computer and the application of information technology in the traditional accounting and auditing field the information system of domestic scholars, and hardly research on information system audit standards. The importance of standards is obviously: it is the principle and basis of information system audit, and help to improve the quality of the audit work guidance. Therefore, researching content of information system audit standards, analysis of information system audit criteria hierarchy, discussing the development method of information system audit criteria, has important significance to enrich and perfect the audit information system and the construction of our country’s information system audit standards system.About this paper, I firstly reviewed the concepts of the information systems audit and its relevant standards. Then, I combed the information system audit standards released by China and foreign countries. By the comparison with the information system audit standards released by ISACA, I pointed out that shortcomings and inadequacies of that of China, further, expounded the necessity and feasibility of constructing the information system auditing standards in our country. On the basis of the above, I put forward the principle that should follow about the construction of C hinese information system audit standards, and give my own opinion on the standards’ framework, model, content and release mode. Finally I put forward some recommendations for building and developing our country’s information system audit standards.