Currently, the management information systems of university involve a series of management modules such as the senate, personnel, and research. Due to its relative complexity, the security and confidentiality are being challenged, accordingly, higher requirements are also put forwarded towards the management information system of university for audit and risk prevention. Based on the elaboration of WSR Methodology and COBIT theory, firstly, ideas and strategies of university management information systems based on WSR are effectively designed, secondly, under the combination of WSR and COBIT concept, audit risk control model of the university management information system is framed, issues on audit and risk control that need to be paid attention in universities management information systems are also put forwarded, in order to promote the university management information systems to be more secure and more efficient in the functional implementation.