A Study On The Application Of Risk-oriented Internal Audit Model In Grassroots Central Banks

In 2013,the People’s Bank of China pointed out that on the transformation of internal audit work that: risk orientation is the logical starting point of internal audit,and risk guidance and risk concern are the requirements of the nature and rules of audit work.With the extensive application of information technology,the operation mode of the people’s bank is also undergoing profound changes,and its dependence on information system is becoming higher and higher.Information security management is a long-term problem brought by the People’s Bank of China’s adoption of cutting-edge information technology.At present,the risk-oriented internal audit model of the People’s Bank of China has been basically established,but the application of information security management as an audit topic is not deep enough.Therefore,to discover potential risk points of information security and carry out information security management audit by adopting risk-oriented audit mode can,on the one hand,prevent information security risks of grassroots central Banks to the greatest extent and ensure the safe,stable and efficient operation of various businesses.On the other hand,it can save audit cost,improve audit efficiency and quality,and increase the organizational value of internal audit.In accordance with the research paradigm of "theoretical analysis-status analysis-case study-path improvement",this paper combines the relevant theories of information security management and risk-oriented internal audit,and takes risk-oriented as the entry point to study the information security risk management system of grassroots central Banks.On the analysis of the evaluation of grassroots central bank information security management,on the basis of present situation and the main problems of internal audit,combined with the city branch of the people’s bank of information security management at the grass-roots level of risk-oriented internal audit case,analysis its risk assessment system,the static and dynamic data supervision and evaluation method,analysis method,qualitative and quantitative information of the city,branch of information security risk assessment aims to comprehensively identify major risks and improve auditing efficiency and effectiveness.At the same time,it analyzes the weak links and security risks in the audit process and methods,and summarizes its audit experience.Finally,this paper based on audit experience,in the case from the consciousness of risk control,internal control culture construction,risk assessment model,information database construction and the responsibilities of the internal audit and internal audit talents construction these six aspects improve grassroots central bank information security management the path of the risk-oriented audit mode,we hope can give other branches some useful advice.