【摘要】：IT審計(jì)是對(duì)信息系統(tǒng)進(jìn)行的審計(jì),IT審計(jì)風(fēng)險(xiǎn)就是對(duì)信息系統(tǒng)審計(jì)而產(chǎn)生的風(fēng)險(xiǎn)。隨著計(jì)算機(jī)技術(shù)飛速發(fā)展和信息化進(jìn)程進(jìn)一步加快,IT審計(jì)在IT治理、IT安全和合規(guī)性等方面發(fā)揮著越來越重要的作用,有力促進(jìn)了信息系統(tǒng)的規(guī)范化建設(shè)。然而,由于IT審計(jì)涉及面廣泛、內(nèi)容復(fù)雜、技術(shù)要求高,審計(jì)風(fēng)險(xiǎn)也隨之越來越大,這是需要引起高度重視,亟待研究解決的一個(gè)重要問題。 當(dāng)前,我國(guó)信息系統(tǒng)的應(yīng)用發(fā)展勢(shì)頭良好,企業(yè)管理信息化范圍逐步擴(kuò)大、信息化程度逐步提高,與此同時(shí),對(duì)IT審計(jì)需求也越來越多、對(duì)IT審計(jì)質(zhì)量要求也越來越高。全面推進(jìn)IT審計(jì),確保IT審計(jì)質(zhì)量,首先必須采取有力措施加強(qiáng)對(duì)IT審計(jì)風(fēng)險(xiǎn)的控制�；诖�,本文選題IT審計(jì)風(fēng)險(xiǎn)評(píng)價(jià)與控制研究,以期為發(fā)展我國(guó)IT審計(jì)事業(yè)做出自己力所能及的微薄貢獻(xiàn)。 本文采取規(guī)范研究與實(shí)證研究相結(jié)合的方法,比較系統(tǒng)地梳理了國(guó)內(nèi)外有關(guān)IT審計(jì)及其風(fēng)險(xiǎn)控制方面的文獻(xiàn),實(shí)地走訪了有關(guān)單位的IT審計(jì)工作,明確了研究方向,確定了研究基本思路,選取了研究的具體方法,在此基礎(chǔ)上,首先,分析了風(fēng)險(xiǎn)及其風(fēng)險(xiǎn)管理的最新研究成果和規(guī)范標(biāo)準(zhǔn),作為研究IT審計(jì)風(fēng)險(xiǎn)評(píng)價(jià)與控制的理論基礎(chǔ)和規(guī)范借鑒；其次,厘清了IT審計(jì)及IT審計(jì)風(fēng)險(xiǎn)的相關(guān)概念,探討了IT審計(jì)風(fēng)險(xiǎn)產(chǎn)生的諸多因素,并導(dǎo)出加強(qiáng)IT審計(jì)風(fēng)險(xiǎn)管理的重要意義,為IT審計(jì)風(fēng)險(xiǎn)評(píng)價(jià)與控制以及IT審計(jì)風(fēng)險(xiǎn)評(píng)價(jià)指標(biāo)體系構(gòu)建奠定了基礎(chǔ)；第三,考量了我國(guó)IT審計(jì)風(fēng)險(xiǎn)評(píng)價(jià)現(xiàn)狀,提出了IT審計(jì)風(fēng)險(xiǎn)評(píng)價(jià)程序與評(píng)價(jià)方法,接著從IT審計(jì)風(fēng)險(xiǎn)產(chǎn)生的原因與表現(xiàn)形式入手,運(yùn)用層次分析法構(gòu)建了效用感知的IT審計(jì)風(fēng)險(xiǎn)評(píng)價(jià)指標(biāo)體系,并通過案例進(jìn)行了評(píng)價(jià)測(cè)算演示,以證明所構(gòu)建的評(píng)價(jià)體系的可操作性；第四,在進(jìn)行IT審計(jì)風(fēng)險(xiǎn)分析評(píng)價(jià)的基礎(chǔ)上,提出樹立全面IT審計(jì)風(fēng)險(xiǎn)應(yīng)對(duì)觀,分別從審計(jì)師層面、.企業(yè)微觀層面和國(guó)家宏觀層面,提出了對(duì)IT審計(jì)風(fēng)險(xiǎn)控制的若干對(duì)策建議；最后,對(duì)整個(gè)研究成果進(jìn)行總結(jié),并展望了IT審計(jì)風(fēng)險(xiǎn)評(píng)價(jià)與控制研究的未來努力方向。
[Abstract]:IT audit is the audit of information system, and IT audit risk is the risk of information system audit. With the rapid development of computer technology and the further acceleration of information process, IT audit is playing an increasingly important role in IT governance, IT security and compliance, and has promoted the standardization of information system construction. However, as IT audit involves a wide range of areas, complex content, high technical requirements, audit risk is also increasing, which needs to be paid attention to, an important problem to be solved urgently. At present, the application of information system in our country is developing well, the scope of enterprise management informatization is gradually expanding and the degree of informatization is gradually improving. At the same time, the demand for IT audit is increasing, and the quality of IT audit is becoming more and more high. In order to promote IT audit and ensure the quality of IT audit, it is necessary to take effective measures to strengthen the control of IT audit risk. Based on this, this paper selected IT audit risk evaluation and control research, in order to develop our country's IT audit cause to make their own meager contribution. By combining normative research with empirical research, this paper systematically combs the literature on IT audit and its risk control at home and abroad, visits the IT audit work of relevant units on the spot, and clarifies the research direction. The basic idea of the study is determined, and the specific research methods are selected. On this basis, first of all, the latest research results and standardized standards of risk and risk management are analyzed. As a theoretical basis and normative reference for the study of IT audit risk evaluation and control; Secondly, it clarifies the related concepts of IT audit and IT audit risk, probes into many factors of IT audit risk, and deduces the significance of strengthening IT audit risk management. It lays a foundation for the evaluation and control of IT audit risk and the construction of IT audit risk evaluation index system. Thirdly, considering the present situation of IT audit risk evaluation in China, putting forward the procedure and method of IT audit risk evaluation, then starting with the causes and manifestations of IT audit risk. The IT audit risk evaluation index system based on utility perception is constructed by AHP, and a case study is performed to demonstrate the maneuverability of the evaluation system. Fourthly, on the basis of IT audit risk analysis and evaluation, the author puts forward a comprehensive view of IT audit risk response, respectively from the auditor level. At the micro level of enterprise and national macro level, this paper puts forward some countermeasures and suggestions on IT audit risk control. Finally, it summarizes the whole research results and looks forward to the future direction of the research on IT audit risk evaluation and control.
【學(xué)位授予單位】：安徽財(cái)經(jīng)大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2013
【分類號(hào)】：F239.4

【參考文獻(xiàn)】

相關(guān)期刊論文 前6條

1 馮義秀,高亮英;國(guó)際審計(jì)準(zhǔn)則審計(jì)風(fēng)險(xiǎn)模型的變更及我們的借鑒[J];北京工商大學(xué)學(xué)報(bào)(社會(huì)科學(xué)版);2005年01期

2 顧曉安;;基于業(yè)務(wù)循環(huán)的審計(jì)風(fēng)險(xiǎn)評(píng)估專家系統(tǒng)研究[J];會(huì)計(jì)研究;2006年04期

3 秦海青,吳洪波,馬科;審計(jì)風(fēng)險(xiǎn)的計(jì)量[J];科技與管理;2005年01期

4 薛東輝，朱耀庭，朱光喜，熊艷;有限樣本條件下分形維數(shù)的估計(jì)[J];系統(tǒng)工程與電子技術(shù);1996年12期

5 胡尚可;;風(fēng)險(xiǎn)導(dǎo)向IT審計(jì)在通信企業(yè)中的應(yīng)用[J];中國(guó)內(nèi)部審計(jì);2010年11期

6 葉鵬飛 ,胡友良;《審計(jì)機(jī)關(guān)審計(jì)重要性與審計(jì)風(fēng)險(xiǎn)評(píng)價(jià)準(zhǔn)則》探析[J];中州審計(jì);2004年06期

，

本文編號(hào)：2404812