Research On Information System Audit Of Securities Companies Based On COBIT Perspective

As the information technology matures day by day,its application in various industries continues to increase,especially in the securities industry.Information system has become the most important foundation for securities companies to achieve strategic objectives and daily business operation,and has also developed into a core competitiveness in customer service and business management.However,while information systems bring various competitive advantages and economic benefits to securities companies,they also bring various risks related to information systems.If we cannot make good use of information systems or control loopholes,we will bring very serious losses to enterprises.However,the information system audit can accurately reflect whether the information system operation of securities companies can operate safely and efficiently,and comprehensively and systematically sort out the outstanding problems in the information system governance and management.It can be seen from this that the information system audit of the securities industry is worthy of in-depth research and exploration.This paper adopts the method of case study,based on the COBIT2019 framework,and through the audit analysis of T Securities Company's information system,it mainly answers two questions:(1)What are the problems of securities company's information system?(2)How can securities companies improve on these issues?This paper first analyzes the current situation of information system security problems in China's securities industry according to the penalty announcements of relevant information system security issues issued by the CSRC from 2013 to 2019.Then,it analyzes the information system audit of T securities company.Based on the COBIT framework,it summarizes the current problems in the information system of T securities company through the analysis of 40 processes in the core control domain.Finally,it provides corresponding countermeasures to the existing problems in the information system of T securities company according to the governance components of COBIT system.The aim is to improve the level of information system governance in the securities industry and safeguard the legitimate rights and interests of relevant parties.The research conclusions of this paper are as follows:(1)The main problems of information system governance of T Securities Company include weak IT governance,imperfect IT management system process,imperfect risk assessment tools,and inadequate IT supervision,which endanger the safe and efficient operation of information system of T Securities Company.(2)Securities companies should improve corporate IT governance structure,optimize existing control processes and strengthen IT supervision.Only in this way can the safe and reliable operation of the information system be effectively guaranteed.The research value of this paper lies in summarizing the main problems of T securities company's information system through case analysis and COBIT2019 framework,and then providing some countermeasures to solve these problems,thus providing some reference for information system auditors to audit securities companies.At the same time,it is also conducive to improving securities company's information system governance ability,avoiding losses to the interests of enterprises,government and investors,optimizing the information construction of securities companies,and strongly supporting the sustained and healthy development of capital market.