信息系統(tǒng)審計的理論架構(gòu)—論其學(xué)科歸屬與基于風(fēng)險審計理論的操作流程
發(fā)布時間:2018-10-05 21:08
【摘要】:信息系統(tǒng)審計(ISA)是專業(yè)審計人員根據(jù)審計標(biāo)準(zhǔn),針對信息系統(tǒng)的安全性、可靠性和有效性實施獨立審計并發(fā)表意見,向IS對象的最高領(lǐng)導(dǎo)層提出一系列建議的管理活動。 在信息技術(shù)高速發(fā)展,人們廣泛依賴于信息系統(tǒng)的今天,開展信息系統(tǒng)審計顯得尤為重要。 國外對ISA的研究起源于20世紀(jì)60年代,從最初的電子數(shù)據(jù)處理審計發(fā)展為計算機(jī)審計,,再發(fā)展為現(xiàn)在的ISA,經(jīng)歷了幾十年的發(fā)展歷史,已經(jīng)取得了相當(dāng)?shù)某晒�。國際信息系統(tǒng)審計與控制協(xié)會(ISACA)的成立推動了對這一領(lǐng)域的研究,該協(xié)會不但制定了全球范圍內(nèi)適用的ISA標(biāo)準(zhǔn)、執(zhí)業(yè)指南,其IT管理機(jī)構(gòu)制定了全球范圍通用的IT控制標(biāo)準(zhǔn)(COBIT,Control Objectives for Information and Related Technology),該協(xié)會還在全球100多個國家成立了180多個分會,推行注冊信息系統(tǒng)審計師(CISA)資格考試,為ISA的發(fā)展作出了巨大貢獻(xiàn)。目前美國、印度、日本、加拿大、英國等國的ISA都發(fā)展相當(dāng)迅速。 我國對ISA的研究剛剛起步,目前還處于推介階段,對ISA的研究相當(dāng)淺簿。特別是國內(nèi)存在著將ISA同計算機(jī)輔助審計(CAA,Computer Asisted Audit)混為一談的現(xiàn)象;也有人認(rèn)為ISA應(yīng)是純技術(shù)性的東西,不應(yīng)歸為審計范疇;還有人認(rèn)為ISA可由信息工程監(jiān)理IPS(Information Projects Supervisal)代替。在這樣的背景下,作者欲在ISA這一新興事物在國內(nèi)的發(fā)展初期,對其概念、特征、對象、內(nèi)容、方法等諸方面作一分析,肅清其性質(zhì),以利于其發(fā)展。通過對ISA與傳統(tǒng)審計、CAA、IPS等的比較分析,得出ISA是審計發(fā)展的新階段,它擴(kuò)大了審計的對象內(nèi)涵,ISA的出現(xiàn)將推動審計學(xué)科同會計學(xué)科的分離,ISA不能由信息系統(tǒng)監(jiān)理代替。同時,IS環(huán)境也促進(jìn)了風(fēng)險理論的發(fā)展,IS風(fēng)險同經(jīng)營風(fēng)險、財務(wù)風(fēng)險和控制風(fēng)險一樣屬于企業(yè)的非系統(tǒng)風(fēng)險,IS風(fēng)險還會影響審計風(fēng)險與ISA風(fēng)險。論文通過對風(fēng)險理論的分析,在審計框架的基礎(chǔ)上提出了基于風(fēng)險理論的ISA流程。
[Abstract]:Information system Audit (ISA) is a kind of management activity that professional auditors carry out independent audit and express opinions on the security, reliability and effectiveness of information system according to auditing standards, and put forward a series of suggestions to the top leadership of IS objects. With the rapid development of information technology and the extensive reliance on information system, it is very important to carry out information system audit. The research on ISA in foreign countries originated in the 1960s, from the initial electronic data processing audit to the computer audit, and then to the current ISA, has experienced decades of development history, has achieved considerable results. The establishment of the International Information Systems Audit and Control Association (ISACA) has promoted research in this field. The Association has not only developed the ISA standards and practice guidelines applicable worldwide, Its IT governing body has developed universal IT control standards worldwide (COBIT,Control Objectives for Information and Related Technology), which also has more than 180 chapters in more than 100 countries around the world, runs the (CISA) qualification Test for Certified Information Systems auditors, It has made great contribution to the development of ISA. At present, the ISA of the United States, India, Japan, Canada, Britain and other countries are developing quite rapidly. The research on ISA in our country is just beginning, and it is still in the stage of introduction. The research on ISA is quite shallow. In particular, there is a phenomenon that ISA is confused with computer-aided audit (CAA,Computer Asisted Audit) in China; some people think that ISA should be purely technical and should not be classified as audit; others think that ISA can be replaced by information engineering supervision IPS (Information Projects Supervisal). Under this background, the author intends to analyze the concept, characteristics, objects, contents and methods of ISA in the early stage of its development in China, so as to eliminate its properties and facilitate its development. Based on the comparative analysis of ISA and CAA IPS, it is concluded that ISA is a new stage of audit development, and the appearance of ISA will promote the separation of audit discipline from accounting discipline. It can not be replaced by information system supervision. At the same time, the environment of is has also promoted the development of risk theory. Financial risk and control risk belong to the non-system risk of the enterprise as well as the non-system risk. It will also affect the audit risk and the ISA risk. Based on the analysis of risk theory, the ISA process based on risk theory is proposed in this paper.
【學(xué)位授予單位】:重慶大學(xué)
【學(xué)位級別】:碩士
【學(xué)位授予年份】:2004
【分類號】:F239
本文編號:2254873
[Abstract]:Information system Audit (ISA) is a kind of management activity that professional auditors carry out independent audit and express opinions on the security, reliability and effectiveness of information system according to auditing standards, and put forward a series of suggestions to the top leadership of IS objects. With the rapid development of information technology and the extensive reliance on information system, it is very important to carry out information system audit. The research on ISA in foreign countries originated in the 1960s, from the initial electronic data processing audit to the computer audit, and then to the current ISA, has experienced decades of development history, has achieved considerable results. The establishment of the International Information Systems Audit and Control Association (ISACA) has promoted research in this field. The Association has not only developed the ISA standards and practice guidelines applicable worldwide, Its IT governing body has developed universal IT control standards worldwide (COBIT,Control Objectives for Information and Related Technology), which also has more than 180 chapters in more than 100 countries around the world, runs the (CISA) qualification Test for Certified Information Systems auditors, It has made great contribution to the development of ISA. At present, the ISA of the United States, India, Japan, Canada, Britain and other countries are developing quite rapidly. The research on ISA in our country is just beginning, and it is still in the stage of introduction. The research on ISA is quite shallow. In particular, there is a phenomenon that ISA is confused with computer-aided audit (CAA,Computer Asisted Audit) in China; some people think that ISA should be purely technical and should not be classified as audit; others think that ISA can be replaced by information engineering supervision IPS (Information Projects Supervisal). Under this background, the author intends to analyze the concept, characteristics, objects, contents and methods of ISA in the early stage of its development in China, so as to eliminate its properties and facilitate its development. Based on the comparative analysis of ISA and CAA IPS, it is concluded that ISA is a new stage of audit development, and the appearance of ISA will promote the separation of audit discipline from accounting discipline. It can not be replaced by information system supervision. At the same time, the environment of is has also promoted the development of risk theory. Financial risk and control risk belong to the non-system risk of the enterprise as well as the non-system risk. It will also affect the audit risk and the ISA risk. Based on the analysis of risk theory, the ISA process based on risk theory is proposed in this paper.
【學(xué)位授予單位】:重慶大學(xué)
【學(xué)位級別】:碩士
【學(xué)位授予年份】:2004
【分類號】:F239
【引證文獻(xiàn)】
相關(guān)期刊論文 前1條
1 周小又;;信息系統(tǒng)審計初探[J];科技情報開發(fā)與經(jīng)濟(jì);2008年16期
相關(guān)碩士學(xué)位論文 前3條
1 羅強(qiáng);基于EOS和J2EE平臺的中國聯(lián)通審計系統(tǒng)的設(shè)計與實現(xiàn)[D];電子科技大學(xué);2011年
2 周岳婷;審計系統(tǒng)的演進(jìn)及其優(yōu)化策略研究[D];湖南大學(xué);2006年
3 余靜;基于多Agent技術(shù)的審計系統(tǒng)設(shè)計與實現(xiàn)[D];解放軍信息工程大學(xué);2007年
本文編號:2254873
本文鏈接:http://sikaile.net/guanlilunwen/shenjigli/2254873.html
最近更新
教材專著
