Question

帮忙翻译，给分多。

信息系统审计是信息化发展到一定程度的必然结果。它既有传统审计条件下的审计内容，又有与信息技术紧密联系的审计内容。从计算机审计发展来看，初期是电子数据处理，逐步发展到数据式审计，现在又发展到信息系统审计。
1. IT审计与内部控制
信息技术（IT）审计侧重于企业信息系统的计算机应用方面，它包括对适当的实施、操作过程和计算机资源控制的评估。由于金融机构信息系统高度集成化，因此IT审计构成了外部与内部审计的一个重要组成部分。IT审计的对象涵盖信息系统从规划、分析、设计、编程、测试、运行维护到系统停运为止的生命周期各个阶段和业务。IT审计一般分为三个阶段：审计计划阶段、控制测试阶段以及实质性测试阶段，控制测试中常见的计算机辅助审计工具和技术有：测试数据、基本案例系统评估、追踪、综合测试工具和平行模拟等。
内部控制作为一个防护屏障用以保护金融机构资产防范操作风险。这些风险包括未经授权接触金融机构资产（包括信息）；机构内部或外部人员实施的舞弊；由于员工不称职造成的失误，有瑕疵的计算机程序和输入数据被篡改，如计算机黑客的非法访问，那些破坏程序和数据库的计算机病毒的威胁等。COSO委员会认为:“全面风险管理是一个受到该实体的董事会、管理层和其他个人的影响，并应用在整个机构战略设定的过程。它被设计用于识别整个实体的潜在重大风险。它能根据组织的具体情况提供一个风险管理框架，并为组织目标的实现提供合理的保证。”在所有的金融风险防范和金融监管中，金融机构的内部控制是整个市场健康运行的基础和前提。世界监管经验证明：如果没有金融机构的内部控制配合，即使是细致周密的监管其效果也会大打折扣，单个金融机构的内部控制和内部管理对其自身业务乃至整个金融体系的影响越来越大（巴曙松，2004）。
2. 常规审计与专项审计
信息系统审计也可分为常规审计和专项审计。常规审计为例行的全面审计，对信息系统进行全面的审计，包括管理流程、技术平台、项目开发和运行、维护等工作的审计，对信息系统做出全面的评估、鉴证，提出管理建议。专项审计可以针对信息系统管理的某一方面进行专门的审计，可以视实际情况选择进行。如人民银行的专项审计《局域网运行管理专项审计方案（2006）》，既是“通过实施局域网运行管理专项审计，对局域网运行、维护和管理等情况进行检查和评价，针对发现的问题和风险隐患提出意见和建议，促进局域网安全、有效运行”。《信息系统应急管理专项审计方案（2008）》则指出，审计的目的为“通过实施信息系统（包括IT系统和业务系统）应急预案管理专项审计，对人民银行信息系统应急管理情况进行检查和评价，针对发现的问题提出意见和建议，促进人民银行信息系统应急管理工作规范、有效开展。”

不要在线翻译的。要人工翻译的。翻译的好的话有加分

Answer 1

Information system audit of information are developed to a certain extent the inevitable result. It not only under the conditions of the traditional audit audit content as well as close contact with the information technology audit of the content. Auditors from the computer development, the early electronic data processing, the progressive development of data audits, and now the development of information system audit.
1. IT Audit and Internal Control
Information technology (IT) audit focused on the enterprise information system computer applications, which includes the appropriate implementation, operation and computer control of resources assessment. Financial institutions because of highly integrated information system, IT audit, therefore constitute the external and internal audit as an important component. IT audit covered the subject of information systems planning, analysis, design, programming, testing, operation and maintenance to the system outage until the life cycle of the various stages and operations. IT audit will generally be divided into three phases: the audit planning stage, to control the testing phase, as well as substantive testing phase, control tests common computer-assisted auditing tools and techniques include: test data, the basic case of system evaluation, tracking, integrated testing tools and parallel simulation.
Internal control as a protective barrier to protect the assets of financial institutions to guard against operational risk. These risks include unauthorized access to financial institutions, assets (including information); agencies internal or external personnel corrupt; because of incompetent staff caused by mistakes, have flaws in computer programs and input data are altered, such as unauthorized access to computer hackers, those who violate the procedures and databases, such as the threat of computer viruses. COSO Committee is of the opinion: "a comprehensive risk management is a subject of the entity's board of directors, management and other personal effects and applications in the whole process of setting corporate strategy. It was designed to identify potential entities throughout the major risk. It According to the specific circumstances of the Organization to provide a risk management framework and goals for the organization to provide reasonable assurance. "Of all the financial risk prevention and financial supervision, internal control of financial institutions are healthy operation of the market and the basic premise. World experience shows that regulation: If there are no internal control of financial institutions with, even meticulous careful monitoring of its effects will be greatly discounted, individual financial institutions, internal control and internal management of their own business and even the entire financial system are increasingly affected by (Ba, 2004).
2. Conventional audit and special audit
Information Systems Audit and also can be divided into conventional audit and special audit. Orders for routine audit of a comprehensive audit of information systems to conduct a comprehensive audit, including management processes, technology platforms, project development and operation, maintenance work, such as auditing, information systems to make a comprehensive assessment, forensics, the management recommendations . Special audit of information systems management can conduct a special audit, can select to carry out the actual situation. Such as the People's Bank of the special audit "local area network operation and management of the special audit program (2006)", is both a "local area network operation and management through the implementation of the special audit, of the LAN operation, maintenance and management of inspection and evaluation, in view of the problems identified and potential risks to comments and suggestions to promote the local area network safe and effective operation. " "Special emergency management information systems audit program (2008)," pointed out that the purpose of the audit as "through the implementation of information systems (including IT systems and business systems) contingency plans for the management of the special audit, of the People's Bank of emergency management information system to conduct inspection and evaluation , in view of the problems identified to make suggestions and recommendations to promote the People's Bank of emergency management information system job specifications effectively. "

Answer 2

Information system audit of information are developed to a certain extent the inevitable result. It not only under the conditions of the traditional audit audit content as well as close contact with the information technology audit of the content. Auditors from the computer development, the early electronic data processing, the progressive development of data audits, and now the development of information system audit.
1. IT Audit and Internal Control
Information technology (IT) audit focused on the enterprise information system computer applications, which includes the appropriate implementation, operation and computer control of resources assessment. Financial institutions because of highly integrated information system, IT audit, therefore constitute the external and internal audit as an important component. IT audit covered the subject of information systems planning, analysis, design, programming, testing, operation and maintenance to the system outage until the life cycle of the various stages and operations. IT audit will generally be divided into three phases: the audit planning stage, to control the testing phase, as well as substantive testing phase, control tests common computer-assisted auditing tools and techniques include: test data, the basic case of system evaluation, tracking, integrated testing tools and parallel simulation.
Internal control as a protective barrier to protect the assets of financial institutions to guard against operational risk. These risks include unauthorized access to financial institutions, assets (including information); agencies internal or external personnel corrupt; because of incompetent staff caused by mistakes, have flaws in computer programs and input data are altered, such as unauthorized access to computer hackers, those who violate the procedures and databases, such as the threat of computer viruses. COSO Committee is of the opinion: "a comprehensive risk management is a subject of the entity's board of directors, management and other personal effects and applications in the whole process of setting corporate strategy. It was designed to identify potential entities throughout the major risk. It According to the specific circumstances of the Organization to provide a risk management framework and goals for the organization to provide reasonable assurance. "Of all the financial risk prevention and financial supervision, internal control of financial institutions are healthy operation of the market and the basic premise. World experience shows that regulation: If there are no internal control of financial institutions with, even meticulous careful monitoring of its effects will be greatly discounted, individual financial institutions, internal control and internal management of their own business and even the entire financial system are increasingly affected by (Ba, 2004).
2. Conventional audit and special audit
Information Systems Audit and also can be divided into conventional audit and special audit. Orders for routine audit of a comprehensive audit of information systems to conduct a comprehensive audit, including management processes, technology platforms, project development and operation, maintenance work, such as auditing, information systems to make a comprehensive assessment, forensics, the management recommendations . Special audit of information systems management can conduct a special audit, can select to carry out the actual situation. Such as the People's Bank of the special audit "local area network operation and management of the special audit program (2006)", is both a "local area network operation and management through the implementation of the special audit, of the LAN operation, maintenance and management of inspection and evaluation, in view of the problems identified and potential risks to comments and suggestions to promote the local area network safe and effective operation. " "Special emergency management information systems audit program (2008)," pointed out that the purpose of the audit as "through the implementation of information systems (including IT systems and business systems) contingency plans for the management of the special audit, of the People's Bank of emergency management information system to conduct inspection and evaluation , in view of the problems identified to make suggestions and recommendations to promote the People's Bank of emergency management information system job specifications effectively. "

Answer 3

Information system audit of information are developed to a certain extent the inevitable result. It not only under the conditions of the traditional audit audit content as well as close contact with the information technology audit of the content. Auditors from the computer development, the early electronic data processing, the progressive development of data audits, and now the development of information system audit.
1. IT Audit and Internal Control
Information technology (IT) audit focused on the enterprise information system computer applications, which includes the appropriate implementation, operation and computer control of resources assessment. Financial institutions because of highly integrated information system, IT audit, therefore constitute the external and internal audit as an important component. IT audit covered the subject of information systems planning, analysis, design, programming, testing, operation and maintenance to the system outage until the life cycle of the various stages and operations. IT audit will generally be divided into three phases: the audit planning stage, to control the testing phase, as well as substantive testing phase, control tests common computer-assisted auditing tools and techniques include: test data, the basic case of system evaluation, tracking, integrated testing tools and parallel simulation.
Internal control as a protective barrier to protect the assets of financial institutions to guard against operational risk. These risks include unauthorized access to financial institutions, assets (including information); agencies internal or external personnel corrupt; because of incompetent staff caused by mistakes, have flaws in computer programs and input data are altered, such as unauthorized access to computer hackers, those who violate the procedures and databases, such as the threat of computer viruses. COSO Committee is of the opinion: "a comprehensive risk management is a subject of the entity's board of directors, management and other personal effects and applications in the whole process of setting corporate strategy. It was designed to identify potential entities throughout the major risk. It According to the specific circumstances of the Organization to provide a risk management framework and goals for the organization to provide reasonable assurance. "Of all the financial risk prevention and financial supervision, internal control of financial institutions are healthy operation of the market and the basic premise. World experience shows that regulation: If there are no internal control of financial institutions with, even meticulous careful monitoring of its effects will be greatly discounted, individual financial institutions, internal control and internal management of their own business and even the entire financial system are increasingly affected by (Ba, 2004).
2. Conventional audit and special audit
Information Systems Audit and also can be divided into conventional audit and special audit. Orders for routine audit of a comprehensive audit of information systems to conduct a comprehensive audit, including management processes, technology platforms, project development and operation, maintenance work, such as auditing, information systems to make a comprehensive assessment, forensics, the management recommendations . Special audit of information systems management can conduct a special audit, can select to carry out the actual situation. Such as the People's Bank of the special audit "local area network operation and management of the special audit program (2006)", is both a "local area network operation and management through the implementation of the special audit, of the LAN operation, maintenance and management of inspection and evaluation, in view of the problems identified and potential risks to comments and suggestions to promote the local area network safe and effective operation. " "Special emergency management information systems audit program (2008)," pointed out that the purpose of the audit as "through the implementation of information systems (including IT systems and business systems) contingency plans for the management of the special audit, of the People's Bank of emergency management information system to conduct inspection and evaluation , in view of the problems identified to make suggestions and recommendations to promote the People's Bank of emergency management information system job specifications effectively. "
你看一下啦~~我不知道对不对