管理信息化风险控制程序的应用程度评价——基于集团公司的样本数据

Evaluation on Application Degree of Risk Control Procedures in Management Informatization for Group Companies—— Based on Chinese Croup Companies' Sample Data

本研究运用描述性统计、因子分析法对109家样本集团公司管理信息化风险控制各程序的应用程度进行了评价,对影响风险控制程序应用程度因素间的因果关系模型进行了假设检验,结果表明,样本集团公司在管理信息化风险发生后的事后应对上都有较好的具体措施与办法,但在具体如何识别、收集、评估、主动控制管理信息化风险方面尚缺乏系统的知识和专业化的方法。当前提高我国集团公司在管理信息化风险控制程序应用程度的关键在于执行和监督,IT监管部门是推动集团公司采用信息化角度规范的重要力量,管理信息化的风险控制不是孤立的,集团公司如果不重视一般风险控制,很难指望在管理信息化风险控制领域有好的表现。

In this study, the application degree of risk control procedures and methods for management informatization in 109 sampled group companies has been evaluated through descriptive statistics and factor analysis, models of causalities that influence the application degree of risk control procedures are hypothesized and then examined. The results show that the sample group companies have good measures and methods to deal with the information management risk after the risk happened, but they still lack of knowledge and professional in the specific how to identify, collect, evaluate, active control the risk. The improvement of the application degree of risk control procedures and methods for management informatization in today＆#39;s group companies of China depends on implementation and monitoring. IT regulators are important force in promoting group companies to use the standards of management informatization. Risk control of management informatization is not isolated, if group companies don＆#39;t pay more attention to control the general risk, it is difficult to expect good performance in the field of management informatization risk control.