Abstract
Information systems; It has been an important factor in reducing costs, facilitating operations and saving time for businesses in the constantly developing and changing information age. Information systems, which provide convenience to businesses in many areas, are also seen to be an important risk factor. Many standards have been published for information security, which is of vital importance for some sectors such as banking, and it is clear that it is an important and important issue for all businesses. In this context, the aim of the study is to reveal the importance of cyber security risks in the control of information systems in enterprises. In this study, which was carried out using document analysis, one of the qualitative research methods, the concepts of information and information systems were explained first. Afterwards, cyber security risks in information systems auditing were explained and some suggestions were made regarding the need to avoid related risks for businesses and those performing business audits. According to the results obtained; In the researches, it is seen that "cyber security and data security" risks come first among the five most important risks faced by organizations. According to another result of the study, it has been revealed that in recent years, more than 60,000 incidents related to cyber crimes have taken place in Turkey, and measures and seizures worth millions of lira have been made. In March 2022, it is seen that 16 billion TL from a bank's mobile investment application was transferred to personal accounts due to the vulnerability in their information systems. For this reason, it has been revealed that other businesses such as banks that actively use information technologies should also give importance to cyber risks that they may encounter in daily life. At the same time, some suggestions were made to internal and external independent auditors and business managers against cyber risks that may be encountered in the future, by taking examples from real cases.