摘要
当前,信息系统风险为商业银行的稳定带来巨大威胁,由此,商业银行如何正确开展信息系统安全风险估计,并有效构建自身的安全审计免疫机制,将变得无比重要。以"审计免疫"为理论指导,以"信息熵"为关键技术,结合商业银行信息系统运营风险的递阶层次结构,建立安全风险估计的"信息熵"模型,分析该模型对信息系统安全审计免疫的贡献,并基于"免疫监视""免疫自稳"与"免疫防御"视角,提出构建商业银行信息系统安全审计免疫体系的建设性思路。
At present,the information system risk represents a serious threat to financial stability,it would become very important as to how to carry on an effective risk assessment and audit management for financial information system.This paper takes the theory of "audit immunity"as the theoretical guidance,and the "information entropy"as a key technology,and combines the hierarchical structure of financial risk information system.Then,the paper constructs an entropy model of risk assessment of financial information system on which the construction strategies of audit immune mechanism for financial information system are based and explored from the perspectives of "immune surveillance","immune homeostasis"and "immune defense".
作者
刘国城
LIU Guocheng(School of Accounting, Nanjing Audit University, Nanjing 211815, China)
出处
《审计与经济研究》
CSSCI
北大核心
2017年第5期42-51,共10页
Journal of Audit & Economics
基金
国家社会科学基金一般项目(16BJY022)
关键词
商业银行
信息系统审计
安全审计
免疫体系
安全风险
信息熵
审计免疫
commercial bank
information system audit
security audit
immune system
security risks
information entropy
audit immunity
