Research On Risk-control In The Process Of The Informatization Construction Of Internal Audit In XISC

As the enterprise informatization continues, many enterprises completed the informatization construction of internal audit, and the results achieved. However, practice shows that this construction is risky, the larger scale and more complete function equals higher risk. The risks from quality, efficiency, capital, security and other aspects constantly exposed during the process of the construction. It can hinder the informatization of internal audit. The knowledge of the risk exposed during the informatization construction of internal audit and effective risk control measures are insufficient, research on risk-control in the process of informatization construction of internal audit is needed. This article takes the case of Hunan Valin Xiangtan Iron and Steel Co., Ltd.(XISC) as an example, to study the risk-control in the process of informatization construction of internal audit. It has important theoretical significance for the development of the enterprise internal audit, to improve the efficiency, to protect the quality, to enhance the core competitiveness of enterprises.Based on the research at home and abroad on the informatization construction of enterprise internal audit and also on risk control of enterprise informatization, this article give a summary of IT Audit, risk-control and the informatization construction of internal audit. Take the case of XISC: present its model and application of risk control in the process of informatization construction of internal audit. Analyse the risk existing in the process of informatization construction of internal audit and the causes of the risk.The study shows that due to the lack of standard guidance, the lack of effective risk control system and audit personnel, with software non-advanced and some other reasons, five kinds of risk exposed in the process of informatization construction of internal audit in XISC: the risk caused by the changes of macro economic environment and the audit environment; the risk due to the rapid development of information technology and privacy enhancing; the audit risk under the condition of informatzation; the risk of improper use of data during acquisition and transmission; the openness and upgrade of information carry risks. The article study on optimize of risk control and protection measures. In order to ensure the optimization measures can be implemented, put forward the safeguard measures of risk control in the process of informatization construction of internal audit in XISC from four aspects.