| In recent years,with the continuous evolution of ICT development and application,China’s software industry relies on the east wind of the deep coupling of the Internet,the development space is rapidly increasing.The "14th Five-Year Plan" period will prompt the development of China’s software industry from large to strong,becoming a very competitive and important industry in the era of digital China.According to the Ministry of Industry and Information Technology published the "2020 Software and Information Technology Service Industry Statistics Bulletin" shows that the current national software companies above the scale has exceeded 40,000.The software industry is an industry highly dependent on market and technological changes,and is subject to fierce industrial competition,complex and changing business models and highly virtualised product services,making it increasingly difficult to control business risks and imperfect information disclosure systems.Therefore,with the effective application of internal audit in corporate governance,software companies are paying more and more attention to the important role of internal audit as the "first line of defence" in business management.The study of internal audit in China started late and is still in a period of exploration and improvement,and the focus is only on the business activities and internal control of enterprises,neglecting its value-added and business improvement functions.In addition,due to the wide range of industries involved in Chinese enterprises,there are currently no industry-specific internal audit implementation guidelines,and in the absence of regulatory guidance,internal auditing in software companies faces greater challenges than in traditional enterprises.Therefore,internal audit departments should develop countermeasures for industry characteristics and business complexity when carrying out audits,and apply corresponding methods scientifically and systematically to address possible problems in internal auditing,which is of great importance for the standardised implementation of internal audit practices and the expansion of internal audit theory in the software industry.This thesis analyzes the problems and their causes in the internal audit business of SA software companies from the perspective of the internal audit organization of SA software companies,through a systematic review of relevant literature at home and abroad,and organically combines theory and case studies,and finally puts forward targeted suggestions for improvement.It is hoped that this will provide a reference for improving the internal audit business in China’s software industry,helping to standardise the internal audit business in the software industry and achieve an overall improvement in its internal audit quality.The full thesis consists of six main parts,except for the introduction in Part I and the conclusion in Part VI,Parts II to V are the focus of this research thesis.Part II introduces the concepts and principles of internal audit,the internal audit function and audit difficulties of software companies,and elaborates the theoretical basis of this thesis by relying on corporate governance theory,principal-agent theory and risk management theory.The third part presents the case overview,concerns and problems of internal audit in SA Software,a financial software product and service provider established in 2003,which is dedicated to the application of new technologies in the financial industry.The company’s internal audit department is located under the Audit Committee and is under the direct supervision of the Audit Committee.The daily audit work is mainly based on the internal audit system to formulate the annual internal audit plan,perform internal audit procedures to obtain audit evidence,and finally submit the internal audit report to the Audit Committee,and continuously follow up on the application of audit results in the follow-up stage.In performing on-site audits,SA Software’s main focus is on information system data privacy and security,operational risks such as talent,technology and knowledge,the composition and attribution of costs for software development operations,the flow and expenditure of funds for software development projects,and the implementation of internal control systems.At present,the problems in SA Software’s internal audit operations are mainly the lack of attention to risk identification and evaluation of software R&D audits,audit scope limited to the financial area,audit methods not integrated with software characteristics,lack of integration of audit performance assessment with business functions and lack of implementation of audit recommendations for rectification and improvement.Part IV analyses the causes of the problems of internal audit,including the weak independence and authority of internal audit institutions,the mismatch between the professionalism of internal auditors and the development of software business in software companies,the single mode and limited scope of internal audit,the difficulty in quantifying and untimely performance assessment indicators,and the neglect of rectification and supervision of audit results.The fifth part puts forward countermeasures and suggestions for improving the quality of internal audits of software companies from five aspects respectively.First,improve the independence and authority of internal audit of software companies,including improving the independence of internal auditors,scientifically setting up internal audit organisation and expanding the scope of internal audit rights.Second,strengthen the professional competence of internal auditors to match the software business,including regular diversified training and skills assessment for internal auditors and organising internal audit departments to conduct defect simulations for new business and risks.Third,broaden the breadth and depth of the internal audit scope,including extending the audit scope to high-risk areas such as software development and maintenance and strengthening the audit of the whole process of software development projects.Fourth,optimise the internal audit performance evaluation system,including increasing the weight of internal audit on the achievement of value-added objectives and building a "six-dimensional" internal audit performance evaluation system based on BSC logic.Fifth,improve the application and supervision of internal audit results,including strengthening the understanding of internal audit results in risk prevention,enhancing the accountability mechanism for internal audit rectification and handling penalties,and establishing a disclosure system for internal audit results.It is hoped that the case studies in this thesis can make a small contribution to the implementation of internal audit in software companies located in the information and technology services industry to deal with the relevant audit difficulties,add to the promotion of the standardisation of internal audit practice in the software industry,and help the healthy development of internal audit in China. |
PDF Full Text Request