中文摘要：

本文在对相关文献进行分析的基础上，提出了商业银行信息科技风险评价指标体系，利用李克特“七点量表”设计了调查问卷，通过变异系数法及灰色关联分析法，修正了初始评价指标体系，最终形成了目标层、准则层、一级评价指标、二级评价指标的四级评价指标体系。目标层为信息科技综合风险水平，准则层由固有风险及控制有效性组成，固有风险下设外生因素等4个一级评价指标，控制有效性准则层下设信息科技治理、信息科技风险管理等8个一级评价指标，二级指标由自然灾害、系统故障、制度不健全、信息科技治理岗位划分及职责等85个指标组成。

英文摘要：

On the basis of the analysis of related literature, this paper proposes an index system for the evaluation of commer- cial bank＇s information technology risks, and designs a questionnaire with Likert Seven Scale. By the variation coefficient method and gray correlation analysis, the initial evaluation index system is revised and finally a four-layer evaluation index system is formed, which consists of target layer, criterion layer, first-level evaluation index, and second-level evaluation index. The target layer consists of indexes representing the level of comprehensive risks of information technology. The criterion layer consists of in- dexes representing inherent risks and control effectiveness. The inherent risks are evaluated by 4 first-level evaluation indexes, such as exogenous factor, etc. The control effectiveness are evaluated by 8 first-level evaluation indexes, including the manage- ment and risk control of information technology, etc. The second-level evaluation index consists of 85 indexes, such as natural disaster, system failure, imperfect rules, post classification and responsibilities of the management of information technology, etc.