Based on the COSO & COBIT Enterprise Informationization Risk Management Research
|School||Chongqing University of Technology|
|Keywords||Enterprise information COBIT ERMF Risk control|
The construction of enterprise information for the improvement of the quality of enterprise management , operational efficiency brought about a qualitative leap. Comparative competitive advantage through information technology , more and more corporate identity . However , in the process of information construction , along with a huge risk , if ignored or laissez-faire attendant risks , is bound to bring huge losses . Therefore , people need a rational rather than empirical enterprise information in the face of high risk and high failure rate . Enterprise information technology as one of the sustainable development strategy of the enterprise information risk management must be raised to the height of the corporate risk governance . Author after reading a lot of literature , not many studies on the theory of the enterprise information governance from the perspective of risk . In practice, the majority of China 's enterprise information is project - driven , rather than goal-driven , the lack of long-term strategic planning . Enterprise information risk control theoretical research and practical exploration in China is still in its infancy . 2004 U.S. opposition to false financial reporting Commission ( COSO ) officially released \On the other hand , information control objectives and related technology ( COBIT ) is currently widely used in the international IT governance framework , enterprise information provides an authoritative and globally accepted standards , its purpose is to regulate and improve IT governance and effective prevention and control of the risks and increase the value of information technology . Home and abroad, enterprise risk on the basis of the current study of financial risk perspective , theoretical platform COSO Enterprise Risk Management - Integrated Framework and COBIT COBIT divided into four domains corresponding 34 IT process and its corresponding control objectives and enterprise risk management ERMF mentioned eight interrelated elements established on the basis of enterprise information risk control model to analyze the financial risk of the enterprise information . Secondly, on the basis of theoretical studies , the risk of ERMF and COBIT control model applied based on ERMF COBIT risk analysis of the auxiliary system . Finally, the theoretical study and practical findings summarized .