论计算机审计风险及其防范.docVIP

论计算机审计风睑及其防范 ［ ］开展计算机审计是更好地应用企业信息网，促进企业发展的需要，企业信息网, 钮拈电子商务系统的推广应用，将给企业带来巨大的收益。做好计算机审计将保证网上 新的业务合法合规、健康发展，尽管这将给审计人员提出更高的要求。由于企业信息网、 电子商务等系统采用多种计算机和通信技术，拥宥多重设备资源，开展多种业务，系统 较为复杂，因此，数据资源共享和数据安全成为一个非常重要的新M题，在这种情况下, 审计工作表现出Y很多网络环境下的新特点。一是责任的分散。在非网络情况下，包括 数据文件整理、数据组织、数据存取、数据编辑与验证，以及数据庳的建立与维护在内 的控制责任，通常集中在小部分拥冇权限的具体操作人员身上。而在网络环境下，数据 的使用面向整个网络用户，即这种控制责任除原具体操作人员外，将向众多部门及人员 转移，甚至涉及到网络的所有用户；二是重点的转移。在非网络环境下，审计人员关注 的重点在于内部控制的符合性测试和实质性测试方面，整个电算系统运转的核心也是系 统程序对内部控制的落实上。而在网络情况下，数据高度集中在网络系统中，数据可能 被非法拷W、非法篡改，从而引发新型的网络审计风险。因此，审计的重点也应放在网 络系统上。 ［关键词］计算机审计风险审计人员磁性介质防范措施 On the audit risk of computer and its prevention [Abstract] To carry out computer auditing is the application of enterprise information network better, to promote enterprise development, enterprise information network, including the extension and application of electronic commerce system, will bring great profits to the enterprises. Good computer audit will ensure a new online business legal compliance, healthy development, although this will give the audit staff put forward higher requirements. Because the enterprise information network, electronic commerce system using a variety of computer and communication technology, has multiple equipment resources，to carry out a variety of business，the system is very complex, therefore，data sharing and data security has become a new problem is very important，in this case，the audit work to demonstrate the new features many under the network environment. One is the dispersion of responsibility. In the non network conditions, including data file，data organization, data access, data editing and validation, control responsibility and maintenance database establishment, usually focus on the specific operation personnel small part has permissions on the body. In the network environment, the use of data for the whole network users, namely the control responsibilities in addition to the original concrete operation personnel, to the transfer of many departments and personnel，even relates to al