With the development of computer-aided audit, network office automation and other information construction, security and secrecy have become the key and guarantee of information construction, which is related to the healthy operation of social, political and economic life, as well as the stability and development of audit work. On the basis of conscientiously implementing the main points of the work of the Central Security Committee, combined with the actual situation, a number of effective measures have been taken to strengthen information security and confidentiality, and good results have been achieved.

First, actively adopt technical means to improve safety protection capabilities. Strictly physically isolate the audit information network system from the Internet, and take the forms of identification, encryption, monitoring and alarm for classified computers to prevent data leakage; Install anti-virus software in an all-round way and upgrade it in time, and use online anti-virus software on the LAN to ensure the security of the system and data; Use firewall technology to prevent unauthorized use or intrusion of illegal visitors. In the aspect of file management, establish effective technical detection means, detection methods and standardized management procedures; Strictly regulate the access rights of network files in the operation of related software, and prohibit unauthorized downloading of network files. The second is to strengthen the construction of confidentiality system and improve the ability of confidentiality management. Technical prevention is only a part of safety work, and the establishment of the system is very important. According to the requirements of the new situation, relevant laws and regulations have been established and improved, such as the Measures for the Administration of Confidential Personnel, the Provisions on the Safety Management of Computer Information Systems, the Provisions on the Safety Management of Confidential Mobile Storage Media, and the Safety System of Computer Remote Communication, which have formed a scientific and reasonable system and improved the legal level of safety management. In daily work, strictly implement confidentiality rules and regulations; For confidential documents, it is necessary to designate a special person to handle them, and it is not allowed to reprint or copy them without the consent of the leaders; The classified paper is sent to the security bureau for centralized destruction, and the remote encryption card is strictly separated from the machine card.

The third is to carry out safety inspections and improve supervision and management capabilities. Regularly carry out safety inspections within the scope of the whole office, put forward rectification requirements for problems found in the inspection, urge the rectification to be in place, and promote the steady development of computer information system security work.

The fourth is to strengthen publicity and education on confidentiality and raise awareness of confidentiality. The auditor's sense of confidentiality is the first line of defense in confidentiality work. To do a good job in security and confidentiality, we must plug the leak from the source. The office carries out secrecy training and education activities in various forms, such as listening to lectures on secrecy laws, watching warning films, setting up publicity columns on secrecy laws, and making computer security web pages. Through these publicity forms that everyone can understand and remember, the penetration and appeal of confidentiality publicity and education have been enhanced, and the sense of confidentiality responsibility of personnel has been improved.