中文摘要：

当前，我国高校管理信息系统涉及教务、人事、科研等一系列管理模块，规模相对庞杂，系统安全性、机密性受到挑战，也因此相应地对高校管理信息系统的审计及其风险防范提出了更高的要求。在阐述WSR方法论与COBIT理论的基础上，首先，基于WSR方法论有效设计高校管理信息系统审计的思路与策略；其次，将WSR与COBIT理念融合于一体，构架高校管理信息系统审计风险控制模型；最后，结合前两步，提出高校在管理信息系统审计及其风险控制中应该注意的问题，力求促进高校管理信息系统在功能实施中更为安全和高效。

英文摘要：

Currently, the management information systems of university involve a series of management modules such as the senate, personnel, and research. Due to its relative complexity, the security and confidentiality are being challenged, accord- ingly, higher requirements are also put forwarded towards the management information system of university for audit and risk prevention. Based on the elaboration of WSR Methodology and COBIT theory, firstly, ideas and strategies of university man- agement information systems based on WSR are effectively designed, secondly, under the combination of WSR and COBIT concept, audit risk control model of the university management information system is framed, issues on audit and risk control that need to be paid attention in universities management information systems are also put forwarded, in order to promote the u- niversity management information systems to be more secure and more efficient in the functional implementation.