| In the communication company, information technology applied earlier and more deeply, the consequent audit wind is what we are focused on IT. From the perspective of certified public accountants, professional auditors against the risks of IT, set up the IT audit team, specifically for the company’s department of information and information systems audit and related users.At home and abroad on IT audit and IT audit risk research is mainly theoretical and empirical analysis guidelines IT audit and IT audit risk aspect, but in practice, based on pure research papers less IT audit risk in an industry or a company Therefore, in order to present papers on the core XX communications company as a case study audit risk iT environment. After defining the IT audit, IT audit risk and audit risk concept and characteristics in the information environment, raise the general practice of audit procedures under the circumstances the use of Certified Public Accountants, an overview and classification of the IT audit risk IT environment-technology risk, organizational risk, IT process risk, system risk, case XX communications IT audit risk studies do theoretical groundwork; proposed mechanism of IT audit risk and generate source XX communications IT audit risk arising-that the communication of information system, using GITC test, AC test, audit risk CAAT tests and SOD test analysis audits; at the same time, the risk by test and analysis can be found, for the control of risk can not be ignored research, body angle and auditing activities from IT audit phase angle control proposed five measures to reduce audit risk.Thesis through the "literature research" found that domestic and foreign scholars and practitioners in early stage information technology and audit were studied; the "investigation" for the XX company’s internal communications, the auditors perform audits and other means of way; through "case analysis" Contact XX communications actual situation, an external audit perspective IT auditors, the application of automatic control, computer-aided testing means audit, risk analysis organization, IT process risk, such as may be found in the IT audit and so on.This paper is to study and draw conclusions from the following perspectives:first, a clear IT audit and IT audit risk connotation, the status quo XX communications company and introduced internal control, IT audit risk for the follow-up found that pave the way; second is to the communications company IT audit risk analysis, case studies, and proposed universal discovery and risk control; Finally, to conclude this study:IT audit is needed is a comprehensive audit of computer background and expertise in the familiar under the premise of a computer system, the audit found that IT audit risk; This article is intended for future or want to learn IT auditors audit to provide a reference value and IT audit risk scholar. |
PDF Full Text Request