本文選題：農(nóng)村商業(yè)銀行 + IT審計(jì)��； 參考：《西南財(cái)經(jīng)大學(xué)》2010年碩士論文

【摘要】：一直以來我國商業(yè)銀行的內(nèi)部審計(jì)基本上是賬目基礎(chǔ)審計(jì),隨著計(jì)算機(jī)技術(shù)發(fā)展,幾乎所有商業(yè)銀行包括農(nóng)村商業(yè)銀行業(yè)務(wù)都要通過計(jì)算機(jī)系統(tǒng)來完成。但信息技術(shù)在高速發(fā)展的同時(shí),也給農(nóng)村商業(yè)銀行帶來了不安全因素。目前,銀行業(yè)監(jiān)管部門已明確指示各金融機(jī)構(gòu)要做好信息科技風(fēng)險(xiǎn)和評(píng)價(jià)審計(jì)工作,對(duì)照國際信息科技風(fēng)險(xiǎn)監(jiān)管體系進(jìn)行差距分析、構(gòu)建信息科技風(fēng)險(xiǎn)監(jiān)測(cè)和評(píng)價(jià)體系。農(nóng)村商業(yè)銀行作為第二批實(shí)施金融機(jī)構(gòu),著手在農(nóng)村商業(yè)銀行內(nèi)部開展IT審計(jì)的相關(guān)課題的研究就顯得迫在眉睫了。 本文從研究背景出發(fā),分析了IT審計(jì)的內(nèi)涵,比較了IT審計(jì)與其他國際通行標(biāo)準(zhǔn)體系而進(jìn)一步提出了我國金融機(jī)構(gòu)引入IT審計(jì)的現(xiàn)實(shí)必要性,重點(diǎn)介紹了IT審計(jì)國際參考標(biāo)準(zhǔn)的COBIT模型及在我國金融機(jī)構(gòu)運(yùn)用現(xiàn)狀,進(jìn)而分析了在農(nóng)村商業(yè)銀行運(yùn)用IT審計(jì)必要性和現(xiàn)實(shí)困難,最后探討了農(nóng)村商業(yè)銀行實(shí)施IT審計(jì)的架構(gòu)并給出了一個(gè)詳細(xì)的操作案例。其主要內(nèi)容如下： 第一章介紹了IT審計(jì)理論基礎(chǔ)。首先對(duì)IT審計(jì)的發(fā)展進(jìn)行了簡單梳理,對(duì)與IT審計(jì)相近的幾個(gè)概念進(jìn)行了比較,歸納出IT審計(jì)概念。 第二章分析了我國引入IT審計(jì)的必要性。介紹了IT審計(jì)的內(nèi)容和制度,比較了IT審計(jì)與ISO9000標(biāo)準(zhǔn)、CMM模型,給出了IT審計(jì)這一新生事物存在的較合理的定位,在與信息系統(tǒng)項(xiàng)目管理的比較中得出了IT審計(jì)的存在意義和特點(diǎn)；然后淺析了銀行信息化風(fēng)險(xiǎn)的特點(diǎn)及我國銀行在信息化管理中存在的問題,探討了開展IT審計(jì)的現(xiàn)實(shí)必要性與可行性及IT審計(jì)在防范銀行風(fēng)險(xiǎn)中的作用。在對(duì)COBIT標(biāo)準(zhǔn)進(jìn)行介紹的基礎(chǔ)上,通過學(xué)習(xí)和借鑒已經(jīng)成形的程序、指南和標(biāo)準(zhǔn),為現(xiàn)行運(yùn)用提供幫助,同時(shí)結(jié)合實(shí)際、探討我國商業(yè)銀行運(yùn)用該模型的具體過程中應(yīng)注意的幾個(gè)問題。 第三章探討了在農(nóng)村商業(yè)銀行實(shí)施IT審計(jì)的可操作性。通過實(shí)施IT審計(jì),即通過對(duì)農(nóng)村商業(yè)銀行所有IT規(guī)劃、建設(shè)、應(yīng)用、服務(wù)、安全等全方位的審計(jì),充分識(shí)別、評(píng)估IT風(fēng)險(xiǎn)和完善控制措施,以實(shí)現(xiàn)農(nóng)村商業(yè)銀行IT系統(tǒng)的可用性、安全性、完整性、有效性,從而強(qiáng)化農(nóng)村商業(yè)銀行內(nèi)部控制。 第四章重點(diǎn)架構(gòu)了信息技術(shù)基礎(chǔ)審計(jì),并從信息系統(tǒng)建設(shè)審計(jì)、應(yīng)用系統(tǒng)審計(jì)、項(xiàng)目管理審計(jì)及計(jì)算機(jī)輔助審計(jì)技術(shù)等專項(xiàng)角度闡述了IT審計(jì)的實(shí)施內(nèi)容。本章力求使得IT審計(jì)在農(nóng)村商業(yè)銀行中開展具有較強(qiáng)的可操作性,以滿足農(nóng)村商業(yè)銀行在現(xiàn)行改革的過程中IT治理與經(jīng)營戰(zhàn)略目標(biāo)的一致性。 本文探討了IT審計(jì)的發(fā)展及內(nèi)涵,通過對(duì)現(xiàn)行國際上IT審計(jì)標(biāo)準(zhǔn)模型的學(xué)習(xí),結(jié)合農(nóng)村商業(yè)銀行信息化發(fā)展現(xiàn)狀及改革需要,為農(nóng)村商業(yè)銀行IT審計(jì)的具體過程提出了一個(gè)可供操作的流程,為IT審計(jì)在我國金融機(jī)構(gòu)的全面開展積累經(jīng)驗(yàn)。
[Abstract]:The internal audit of commercial banks in our country has been basically the basic audit of accounts. With the development of computer technology, almost all commercial banks, including rural commercial banks, have to complete their business through computer system. However, the rapid development of information technology has also brought insecurity to rural commercial banks. At present, the banking supervision department has clearly instructed the financial institutions to do a good job in the information technology risk and evaluation audit, compare with the international information technology risk supervision system to analyze the gap, and construct the information technology risk monitoring and evaluation system. Rural commercial banks as the second group of financial institutions, it is urgent to start the research of IT audit in rural commercial banks. Based on the research background, this paper analyzes the connotation of IT audit, compares IT audit with other international standard systems, and further points out the practical necessity of introducing IT audit into Chinese financial institutions. This paper mainly introduces the COBIT model of the international reference standard of IT audit and the present situation of its application in China's financial institutions, and then analyzes the necessity and practical difficulties of using IT audit in rural commercial banks. Finally, the paper discusses the framework of IT audit in rural commercial banks and gives a detailed operation case. Its main contents are as follows: The first chapter introduces the theoretical basis of IT audit. Firstly, the development of IT audit is simply combed, and several concepts similar to IT audit are compared, and the concept of IT audit is summed up. The second chapter analyzes the necessity of introducing IT audit into our country. This paper introduces the content and system of IT audit, compares IT audit with ISO9000 standard, and gives the reasonable orientation of IT audit, which is a new thing. In the comparison with the information system project management, the existence significance and characteristics of IT audit are obtained, and then the characteristics of the bank informatization risk and the problems existing in the information management of our country's banks are analyzed. This paper discusses the necessity and feasibility of IT audit and the role of IT audit in preventing bank risk. On the basis of the introduction of COBIT standards, through learning and learning from the already formed procedures, guidelines and standards, to provide assistance for the current application, while combining the actual, This paper discusses some problems that should be paid attention to in the application of this model by commercial banks in China. The third chapter discusses the feasibility of IT audit in rural commercial banks. Through the implementation of IT audit, that is, through the comprehensive audit of all IT planning, construction, application, service, security and other aspects of rural commercial banks, the full identification and evaluation of IT risks and the improvement of control measures are carried out. In order to realize the usability, security, integrality and validity of IT system of rural commercial bank, so as to strengthen the internal control of rural commercial bank. The fourth chapter focuses on the basic information technology audit, and expounds the implementation content of IT audit from the aspects of information system construction audit, application system audit, project management audit and computer-aided audit technology. This chapter tries to make IT audit in rural commercial banks have a strong operability, in order to meet the current reform of rural commercial banks in the process of IT governance and management strategy objectives consistency. This paper discusses the development and connotation of IT audit, through the study of the current international IT auditing standard model, combined with the development of information technology in rural commercial banks and the needs of reform. This paper puts forward an operable process for IT audit of rural commercial banks, and accumulates experience for IT audit in our financial institutions.
【學(xué)位授予單位】：西南財(cái)經(jīng)大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2010
【分類號(hào)】：F239.1;F832.3

【參考文獻(xiàn)】

相關(guān)期刊論文 前3條

1 鄧少靈;企業(yè)IT審計(jì)的框架[J];中國審計(jì);2002年01期

2 周新玲;我國IT審計(jì)的發(fā)展對(duì)策[J];科技進(jìn)步與對(duì)策;2004年03期

3 郝曉玲;信息系統(tǒng)審計(jì)與控制框架初探[J];上海管理科學(xué);2003年04期

，

本文編號(hào)：1812585