ICS03.060 CCSJ66.50 T/CCUA 中国计算机用户协会团体标准 T/CCUA015-2021 金融信息科技审计基本框架与通则 Financialinformationtechnologyaudit-Basicframeworkandgeneral rule 2021–9–15发布 2021–10–15实施 中国计算机用户协会发布 全国团体标准信息平台 全国团体标准信息平台 T/CCUA015—2021 I目次 前言.......................................................................................................................................................................II 1范围.....................................................................................................................................................................1 2规范性引用文件.................................................................................................................................................1 3术语和定义.........................................................................................................................................................1 4金融信息科技审计框架.....................................................................................................................................1 4.1金融信息科技审计体系框架......................................................................................................................2 4.2金融信息科技审计标准框架......................................................................................................................2 5金融信息科技审计基本原则.............................................................................................................................3 5.1合法合规......................................................................................................................................................3 5.2独立客观......................................................................................................................................................3 5.3安全保密......................................................................................................................................................3 5.4专业有效......................................................................................................................................................3 5.5风险导向......................................................................................................................................................3 5.6持续关注......................................................................................................................................................4 6审计目标与规划.................................................................................................................................................4 6.1目标..............................................................................................................................................................4 6.2规划..............................................................................................................................................................4 6.3审计结果有效期..........................................................................................................................................4 7金融信息科技风险分析方法.............................................................................................................................4 7.1风险分析......................................................................................................................................................4 7.2风险分类......................................................................................................................................................4 7.3分析方法......................................................................................................................................................4 附录A（资料性）信息科技风险分析矩阵....................................................................................................5 参考文献.................................................................................................................................................................6 全国团体标准信息平台 T/CCUA015—2021 II前  言 本文件按照GB/T1.1—2020《标准化工作导则第1部分：标准化文件的结构和起草规则》