Research On Performance Evaluation Of Enterprise Internal Information System Audit

In the "13th five-year plan",the China Audit Office proposed to "increase the audit intensity of informatization construction projects and information systems of government departments,enterprises and institutions".In recent years,with the deepening of enterprise information construction,the sustainable development of the integrating of informatization and industrialization,as well as the "Industry 4.0","Made in China 2025","Internet plus manufacturing","Artificial Intelligence",and many other concepts are deeply intergrated into the Chinese traditional enterprises,such as manufacturing enterprises,the enterprises are more depend on the information system,and at the same time also more and more vulnerable to the threat from the information space.In order to effectively deal with information risks,enterprises must attach great importance to IT governance,Information system audit plays an important role in improving IT governance.Therefore,Information system audit becomes more and more important in corporate governance.In order to improve the quality of information system audit,it is necessary to evaluate and check the performance of information system audit.In the internal audit practice,the performance evaluation system of internal audit is relatively mature,but because of the particularity of the information system audit,it is difficult to fully reflect the effectiveness and efficiency of information system audit when using the general evaluation system,and most domestic enterprises also have not been formed the performance evaluation system of information system audit.Concerning the objectivity,the result of performance evaluation of information system audit will be far from other audit projects,such as financial audit.It is difficult to reflect the contribution of information system audit,affect the enthusiasm of the auditors,is not conducive to the development of the information system audit,increase the enterprise IT management and information management risks.According to the current situation of the enterprise,this research encircles the performance evaluation of enterprise internal information system audit,firstly,by exploring the value of information system audit in enterprise strategy,and by using strategic map,the strategic implementation path to achieve the audit performance of information system is analyzed,and based on the balanced scorecard model,further design the specific content of performance evaluation.Then,according to the diffurent methods and dimensions,the index is translated to the score.At the same time,the capability maturity model is introduced to analyze and measure the indicators of the audit business process dimension,so as to realize the evaluation of business process standardization.By means of questionnaire,the importance of indicators is evaluated by different experts,and decide the weight distribution of each index on the basis of the analytic hierarchy process,and the index weight coefficient is obtained.Finally,based on the above research content,the performance evaluation system is applied to a gas group enterprise,The internal audit manager will analyze,evaluate and provide feedback on the performance evaluation system.The usage of performance evaluation system of information system audit,is conducive to improve the balance between the internal audit project,elevate the status of the information system audit,at the same time reduce the risk of information security,so as to improve the level of IT governance,at last,promote the sustainable development of the enterprise.