银行开展信息技术审计的现状、难点及策略思考

Current Situation,Difficulties and Strategies of Information Technology Audit in Banks

银行信息技术审计是由其相对独立的内审部门,通过对信息系统及信息科技内部控制和流程的审查,揭示信息科技管理和操作中存在的问题,并评价信息科技管理目标实现情况,从而判断信息系统能否保证组织的资产安全、数据完整、支撑业务发展且风险可控,进而采取措施促进信息科技符合组织战略目标。从目前已开展的信息技术审计项目实施情况看,其中存在一系列制约信息技术审计有效实施的难点和问题,因此,需要在实践中不断提升应对策略以对其进行改进和完善。本文在分析银行信息技术审计实践的现状和难点的基础上,对有助于提升审计质量的信息技术审计策略做了较为深入细致的探讨。

Information technology audit of banks is a relatively independent internal audit department.Through reviewing the internal control and process of information system and information technology,it reveals the problems existing in the management and operation of information technology,and evaluates the achievement of information technology management objectives,so as to judge whether information system can guarantee the safety and number of assets of an organization.According to the integrity,support business development and risk control,and then take measures to promote information technology in line with organizational strategic objectives.From the current implementation of information technology audit projects,there are a series of difficulties and problems that restrict the effective implementation of information technology audit.Therefore,we need to constantly improve the response strategies in practice to improve and perfect them.Based on the analysis of the current situation and difficulties of bank information technology audit practice,this paper makes a thorough and detailed discussion on the information technology audit strategy which can help to improve the audit quality.