ä¼ä¸é£é©ç®¡çï¼ERSï¼ï¼é¡¾åæä¹ï¼supposeæææå
³ä¼ä¸é£é©ç项ç®é½å¯ä»¥åï¼ä½ä¸»è¦è¿æ¯éä¸å¨è¿è¥å±é¢ãæç¥å±é¢æ´å¯è½æ¯å¾·å¤å¨è¯¢æ¥åã
ERSå两大åå¿ï¼ä¸åå¿æ¯Business Riskï¼ä¸åå¿æ¯IT Risk.
Business Riskè¿è¾¹ä¸»è¦æ¯åå
é¨æµç¨æ§å¶ç审计ï¼å¾å¤æ¶åæ¯one-offç项ç®ï¼å¸®ä¼ä¸assessä¸ä¸å
æ§ä½ç³»ï¼æ¯å¦ä¼ä¸è¦IPOçæ¶åå°±è§å®è¦åè¿æ ·çassessmentã
IT Risk主è¦æ¯åIT auditåä¼ä¸ä¿¡æ¯ç³»ç»æ¹é¢çå¨è¯¢é¡¹ç®ï¼æ¯å¦ä¿¡æ¯å®å
¨ï¼éç§ä¿æ¤ï¼æ°æ®åæååè§çï¼åå°äºå¡æçservice lineå¯è½æä¸åï¼å 为ä¸ä¸å®ææäºå¡æé½æé½å¤ç人ææ¥åè¿ä¹å¹¿çserviceã
IT Auditæ¯åå©è´¢å¡å®¡è®¡çä¸é¡¹ä¸å¡ï¼å 为ç°å¨å ä¹ææä¼ä¸çè´¢å¡æ°æ®é½çµæ¶ä¿¡æ¯ç³»ç»ï¼æ以å¦æä¿¡æ¯ç³»ç»ä¸å®å
¨ï¼ä¿¡æ¯å¯ä»¥å¾è½»æå°è¢«ç¯¡æ¹ï¼é£è´¢å¡å®¡è®¡æ¿å°çæ°æ®å°±ä¸å¯é ï¼æ¿æ¥å审计ä¹æ²¡ä»ä¹æä¹äºãæ以ä¸è¬é½ä¼è®©ERSçåæ¶å»å®¢æ·é£å¿å
åä¸æ¬¡IT审计ï¼çé®é¢å¤§ä¸å¤§ã审计çå
容æåºæ¬æ两åå¿ï¼ä¸æ¯GCï¼general control)ï¼æä¿¡æ¯ç³»ç»æ®éçé®é¢ï¼å¦æ°æ®å®å
¨ä¿å¯æ§ï¼æ°æ®ä¸å¿çä¿æ¤æ
åµï¼ç¸å
³äººåçæéçï¼äºæ¯AC (automated control)ï¼æä¼ä¸å¨æ¥å¸¸è¿è¥ä¸ä¿¡æ¯ç³»ç»çå®å
¨æ§å¶ï¼æ¯å¦è¾éå¯ç ä¼å¼¹åºç¸åºçwarningæè
æ´æ¹ä¿¡æ¯éè¦æ´é«ç级çæéçãææ¶è¿ä¼çå
¶å®ä¸äºä¸è¥¿ï¼æ¯å¦èæå离æµè¯ï¼SODï¼æè
ç¨ACLåä¸äºç®åæ°æ®åæï¼ç§°ä¸ºCAATsï¼ã
é¤ä»¥ä¸ä¸¤å¤§åå¿ï¼è¿æä¸äºcomplianceç项ç®ï¼æ¯å¦SOX, IT å business é½ä¼æ¶åã
å·¥ä½æ¶å¸¸è¯å®æ¯è´¢å¡å®¡è®¡çäºï¼ååä¹æ²¡æè¿ä¹å¤§ï¼ä½ç¬ç«æ§æ´å¼ºï¼å¦ç¥è¯åå项ç®é½éè¦èªå·±ä¸»å¨ä¸äºãå 为åæ¶æ¶åauditåconsultingçä¸è¥¿ï¼æ以ä¹æ¯è¾æï¼ç¼ºç¹æ¯ä¸ä¸ï¼ä½ å¯è½ä¼æ¯è¾è¿·è«åå®è¿ä¸ªä»¥åå¯ä»¥æ¢ä»ä¹å·¥ä½ï¼ä½ä¼å¿æ¯ææºä¼å¦å°æ´å¤æè½ï¼å¦æä½ è¯å¦ï¼è¿æ¯ä¸éçã
åå±åæ¯çè¯ï¼å¦ææ¯åbusiness riskè¿åå¿ï¼ä»¥åå¯ä»¥å»ä¼ä¸åå
æ§äººåï¼åITçè¯ï¼å¯ä»¥æ³IT å¨è¯¢è½¬æè
å»ä¼ä¸åå
æ§ååè§officerï¼è¿æä¸ä¸ªæ¯è¾çé¨çæ¹åæ¯å»æè¡åbusiness analystï¼è¿ä¸ªèä½æ¯ä¸ä¸ªåè°çè§è²ï¼å°front officeçä¸å¡éæ±è½¬æ¢ä¸ºITé¨é¨å¬å¾æçä¿¡æ¯ï¼æ以æ¢å¾æç¹ITï¼ä¹å¾ç¥éä¸å¡ãå½ç¶å 人èå¼çï¼å大æ¬æ¥å°±æ¯èµ·æ¥çå°æ¹ï¼å¤æ°äººä¸ä¼åä¸ä¸ï¼åºæ¥å»æè¡ï¼å»å¨è¯¢ï¼å»å¤§ä¼ä¸å
¶å®é½æå¯è½ãå¾·å¤ä¹ç®æ¯å½é
大ä¼ä¸ï¼æå¾å¼ºçèµæºï¼å¯ä»¥å¥½å¥½å©ç¨ã
温馨提示:答案为网友推荐,仅供参考